Dauernde Computerabstürze

endi20 · 06.06.2011, 06:49

Vielleicht mache ich was falsch, aber ich wurde nich nach einem Neustart gefragt.
Combofix Logfile:

Code:

ATTFilter

ComboFix 11-06-05.06 - Computer 06.06.2011   7:36.3.2 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.3263.1944 [GMT 2:00]
ausgeführt von:: c:\users\Computer\Desktop\cofi.exe
Benutzte Befehlsschalter :: c:\users\Computer\Desktop\CFScript.txt
AV: AntiVir Desktop *Disabled/Outdated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
FW: Avira FireWall *Disabled* {31341D0C-2EA1-6D37-1CC3-F0344A49C2CC}
SP: AntiVir Desktop *Disabled/Outdated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((   Dateien erstellt von 2011-05-06 bis 2011-06-06  ))))))))))))))))))))))))))))))
.
.
2011-06-06 05:40 . 2011-06-06 05:40	--------	d-----w-	c:\users\Gast\AppData\Local\temp
2011-06-06 05:40 . 2011-06-06 05:40	--------	d-----w-	c:\users\Default\AppData\Local\temp
2011-06-06 05:09 . 2011-06-06 05:10	--------	dc----w-	C:\cofi
2011-06-06 05:06 . 2011-06-06 05:06	404640	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-06-06 05:00 . 2011-06-06 05:00	8646	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TILEBOX.JS
2011-06-06 05:00 . 2011-06-06 05:00	6429	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\UICORE.JS
2011-06-06 05:00 . 2011-06-06 05:00	63115	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\USERTILE.JS
2011-06-06 05:00 . 2011-06-06 05:00	4599	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\UIRESOURCE.JS
2011-06-06 05:00 . 2011-06-06 05:00	9310	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TEXTBOX.JS
2011-06-06 05:00 . 2011-06-06 05:00	8613	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\SAVEDUSER.JS
2011-06-06 05:00 . 2011-06-06 05:00	8288	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\IMAGE.JS
2011-06-06 05:00 . 2011-06-06 05:00	6910	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\NEWUSERCOMM.JS
2011-06-06 05:00 . 2011-06-06 05:00	6208	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\LINK.JS
2011-06-06 05:00 . 2011-06-06 05:00	5927	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TEXT.JS
2011-06-06 05:00 . 2011-06-06 05:00	18541	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\LOCALIZATION.JS
2011-06-06 05:00 . 2011-06-06 05:00	1651	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\QUERYSTRING.JS
2011-06-06 04:59 . 2011-06-06 04:59	8782	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\BUTTON.JS
2011-06-06 04:59 . 2011-06-06 04:59	7271	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\CHECKBOX.JS
2011-06-06 04:59 . 2011-06-06 04:59	51852	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\EXTERNALWRAPPER.JS
2011-06-06 04:59 . 2011-06-06 04:59	23327	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\COMBOBOX.JS
2011-06-06 04:59 . 2011-06-06 04:59	20719	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\DIVWRAPPER.JS
2011-06-03 23:07 . 2011-06-03 23:07	--------	d-----w-	c:\programdata\NVIDIA
2011-06-03 23:06 . 2011-06-03 23:06	--------	d-----w-	c:\programdata\NVIDIA Corporation
2011-06-03 23:06 . 2011-06-03 23:07	--------	dc----w-	c:\program files\NVIDIA Corporation
2011-06-03 22:59 . 2011-01-17 11:09	197120	----a-w-	c:\windows\system32\d3d10_1.dll
2011-06-03 22:59 . 2011-01-17 05:47	161792	----a-w-	c:\windows\SysWow64\d3d10_1.dll
2011-06-03 22:01 . 2011-06-03 22:01	--------	dc----w-	C:\_OTL
2011-06-03 13:16 . 2011-06-03 13:16	--------	d-----w-	c:\users\Computer\AppData\Local\Adobe
2011-06-03 13:11 . 2011-06-03 13:11	--------	d-----w-	c:\users\Computer\AppData\Roaming\Malwarebytes
2011-06-03 13:11 . 2011-05-29 07:11	39984	----a-w-	c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-06-03 13:11 . 2011-06-03 13:11	--------	d-----w-	c:\programdata\Malwarebytes
2011-06-03 13:11 . 2011-06-03 13:11	--------	dc----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2011-06-03 13:11 . 2011-05-29 07:11	25912	----a-w-	c:\windows\system32\drivers\mbam.sys
2011-06-03 12:09 . 2011-05-09 22:00	8718160	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{3C7035F0-7435-411F-A402-EBB3161B254C}\mpengine.dll
2011-06-02 21:51 . 2011-06-02 21:51	--------	d-----w-	c:\windows\system32\SPReview
2011-06-02 21:51 . 2011-06-02 21:51	--------	d-----w-	c:\windows\system32\EventProviders
2011-06-02 19:33 . 2011-06-03 13:11	--------	dc----w-	c:\program files (x86)\Common Files\Adobe
2011-06-02 12:07 . 2011-06-02 12:07	388096	----a-r-	c:\users\Computer\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-06-02 12:07 . 2011-06-02 12:07	--------	dc----w-	c:\program files (x86)\Trend Micro
2011-05-31 21:44 . 2011-05-31 21:44	--------	d-----w-	c:\users\Computer\AppData\Local\DDMSettings
2011-05-29 17:48 . 2011-05-29 17:48	0	---ha-w-	c:\users\Computer\AppData\Local\BIT9C58.tmp
2011-05-25 21:51 . 2010-11-20 13:27	263168	----a-w-	c:\windows\system32\spwizui.dll
2011-05-25 21:50 . 2010-11-20 13:33	140672	----a-w-	c:\windows\system32\drivers\msdsm.sys
2011-05-25 21:49 . 2010-11-20 13:27	98304	----a-w-	c:\windows\system32\wudriver.dll
2011-05-25 21:48 . 2010-11-20 12:18	323072	----a-w-	c:\windows\SysWow64\drvstore.dll
2011-05-25 21:48 . 2010-11-20 12:18	257024	----a-w-	c:\windows\SysWow64\dpx.dll
2011-05-25 21:48 . 2010-11-20 12:21	363008	----a-w-	c:\windows\SysWow64\wbemcomn.dll
2011-05-25 21:48 . 2010-11-20 12:19	606208	----a-w-	c:\windows\SysWow64\wbem\fastprox.dll
2011-05-25 21:46 . 2010-11-20 13:27	524288	----a-w-	c:\windows\system32\wmicmiplugin.dll
2011-05-25 21:46 . 2010-11-20 13:27	529408	----a-w-	c:\windows\system32\wbemcomn.dll
2011-05-25 21:46 . 2010-11-20 13:27	1225216	----a-w-	c:\windows\system32\wbem\wbemcore.dll
2011-05-25 21:46 . 2010-11-20 13:27	933376	----a-w-	c:\windows\system32\SmiEngine.dll
2011-05-25 21:46 . 2010-11-20 13:25	199168	----a-w-	c:\windows\system32\PkgMgr.exe
2011-05-25 21:45 . 2010-11-20 13:26	422912	----a-w-	c:\windows\system32\drvstore.dll
2011-05-25 21:45 . 2010-11-20 13:26	399872	----a-w-	c:\windows\system32\dpx.dll
2011-05-24 22:18 . 2011-05-24 22:18	0	---ha-w-	c:\users\Computer\AppData\Local\BIT1CD0.tmp
2011-05-24 19:35 . 2011-04-22 22:15	27520	----a-w-	c:\windows\system32\drivers\Diskdump.sys
2011-05-19 11:56 . 2011-04-09 06:58	142336	----a-w-	c:\windows\system32\poqexec.exe
2011-05-19 11:56 . 2011-04-09 05:56	123904	----a-w-	c:\windows\SysWow64\poqexec.exe
2011-05-18 11:11 . 2011-05-18 11:11	--------	dc----w-	C:\LHWUEKT
2011-05-11 10:11 . 2011-04-09 07:02	5562240	----a-w-	c:\windows\system32\ntoskrnl.exe
2011-05-11 10:11 . 2011-04-09 06:02	3967872	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2011-05-11 10:11 . 2011-04-09 06:02	3912576	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2011-05-11 10:11 . 2011-03-25 03:29	343040	----a-w-	c:\windows\system32\drivers\usbhub.sys
2011-05-11 10:11 . 2011-03-25 03:29	98816	----a-w-	c:\windows\system32\drivers\usbccgp.sys
2011-05-11 10:11 . 2011-03-25 03:29	325120	----a-w-	c:\windows\system32\drivers\usbport.sys
2011-05-11 10:11 . 2011-03-25 03:29	52736	----a-w-	c:\windows\system32\drivers\usbehci.sys
2011-05-11 10:11 . 2011-03-25 03:29	25600	----a-w-	c:\windows\system32\drivers\usbohci.sys
2011-05-11 10:11 . 2011-03-25 03:29	30720	----a-w-	c:\windows\system32\drivers\usbuhci.sys
2011-05-11 10:11 . 2011-03-25 03:28	7936	----a-w-	c:\windows\system32\drivers\usbd.sys
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-02 21:59 . 2009-07-14 02:36	152576	----a-w-	c:\windows\SysWow64\msclmd.dll
2011-06-02 21:59 . 2009-07-14 02:36	175616	----a-w-	c:\windows\system32\msclmd.dll
2011-04-30 19:14 . 2011-04-30 19:14	86528	----a-w-	c:\windows\SysWow64\iesysprep.dll
2011-04-30 19:14 . 2011-04-30 19:14	76800	----a-w-	c:\windows\SysWow64\SetIEInstalledDate.exe
2011-04-30 19:14 . 2011-04-30 19:14	74752	----a-w-	c:\windows\SysWow64\RegisterIEPKEYs.exe
2011-04-30 19:14 . 2011-04-30 19:14	74752	----a-w-	c:\windows\SysWow64\iesetup.dll
2011-04-30 19:14 . 2011-04-30 19:14	63488	----a-w-	c:\windows\SysWow64\tdc.ocx
2011-04-30 19:14 . 2011-04-30 19:14	48640	----a-w-	c:\windows\SysWow64\mshtmler.dll
2011-04-30 19:14 . 2011-04-30 19:14	420864	----a-w-	c:\windows\SysWow64\vbscript.dll
2011-04-30 19:14 . 2011-04-30 19:14	367104	----a-w-	c:\windows\SysWow64\html.iec
2011-04-30 19:14 . 2011-04-30 19:14	35840	----a-w-	c:\windows\SysWow64\imgutil.dll
2011-04-30 19:14 . 2011-04-30 19:14	2382848	----a-w-	c:\windows\SysWow64\mshtml.tlb
2011-04-30 19:14 . 2011-04-30 19:14	23552	----a-w-	c:\windows\SysWow64\licmgr10.dll
2011-04-30 19:14 . 2011-04-30 19:14	1797632	----a-w-	c:\windows\SysWow64\jscript9.dll
2011-04-30 19:14 . 2011-04-30 19:14	161792	----a-w-	c:\windows\SysWow64\msls31.dll
2011-04-30 19:14 . 2011-04-30 19:14	152064	----a-w-	c:\windows\SysWow64\wextract.exe
2011-04-30 19:14 . 2011-04-30 19:14	150528	----a-w-	c:\windows\SysWow64\iexpress.exe
2011-04-30 19:14 . 2011-04-30 19:14	142848	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2011-04-30 19:14 . 2011-04-30 19:14	1427456	----a-w-	c:\windows\SysWow64\inetcpl.cpl
2011-04-30 19:14 . 2011-04-30 19:14	11776	----a-w-	c:\windows\SysWow64\mshta.exe
2011-04-30 19:14 . 2011-04-30 19:14	1126912	----a-w-	c:\windows\SysWow64\wininet.dll
2011-04-30 19:14 . 2011-04-30 19:14	110592	----a-w-	c:\windows\SysWow64\IEAdvpack.dll
2011-04-30 19:14 . 2011-04-30 19:14	101888	----a-w-	c:\windows\SysWow64\admparse.dll
2011-04-30 19:14 . 2011-04-30 19:14	91648	----a-w-	c:\windows\system32\SetIEInstalledDate.exe
2011-04-30 19:14 . 2011-04-30 19:14	89088	----a-w-	c:\windows\system32\RegisterIEPKEYs.exe
2011-04-30 19:14 . 2011-04-30 19:14	85504	----a-w-	c:\windows\system32\iesetup.dll
2011-04-30 19:14 . 2011-04-30 19:14	76800	----a-w-	c:\windows\system32\tdc.ocx
2011-04-30 19:14 . 2011-04-30 19:14	603648	----a-w-	c:\windows\system32\vbscript.dll
2011-04-30 19:14 . 2011-04-30 19:14	49664	----a-w-	c:\windows\system32\imgutil.dll
2011-04-30 19:14 . 2011-04-30 19:14	48640	----a-w-	c:\windows\system32\mshtmler.dll
2011-04-30 19:14 . 2011-04-30 19:14	448512	----a-w-	c:\windows\system32\html.iec
2011-04-30 19:14 . 2011-04-30 19:14	30720	----a-w-	c:\windows\system32\licmgr10.dll
2011-04-30 19:14 . 2011-04-30 19:14	2382848	----a-w-	c:\windows\system32\mshtml.tlb
2011-04-30 19:14 . 2011-04-30 19:14	2303488	----a-w-	c:\windows\system32\jscript9.dll
2011-04-30 19:14 . 2011-04-30 19:14	222208	----a-w-	c:\windows\system32\msls31.dll
2011-04-30 19:14 . 2011-04-30 19:14	173056	----a-w-	c:\windows\system32\ieUnatt.exe
2011-04-30 19:14 . 2011-04-30 19:14	165888	----a-w-	c:\windows\system32\iexpress.exe
2011-04-30 19:14 . 2011-04-30 19:14	160256	----a-w-	c:\windows\system32\wextract.exe
2011-04-30 19:14 . 2011-04-30 19:14	1492992	----a-w-	c:\windows\system32\inetcpl.cpl
2011-04-30 19:14 . 2011-04-30 19:14	1389056	----a-w-	c:\windows\system32\wininet.dll
2011-04-30 19:14 . 2011-04-30 19:14	135168	----a-w-	c:\windows\system32\IEAdvpack.dll
2011-04-30 19:14 . 2011-04-30 19:14	12288	----a-w-	c:\windows\system32\mshta.exe
2011-04-30 19:14 . 2011-04-30 19:14	114176	----a-w-	c:\windows\system32\admparse.dll
2011-04-30 19:14 . 2011-04-30 19:14	111616	----a-w-	c:\windows\system32\iesysprep.dll
2011-03-12 12:08 . 2011-04-27 16:47	1465344	----a-w-	c:\windows\system32\XpsPrint.dll
2011-03-12 11:23 . 2011-04-27 16:47	870912	----a-w-	c:\windows\SysWow64\XpsPrint.dll
2011-03-11 06:41 . 2011-04-27 16:47	189824	----a-w-	c:\windows\system32\drivers\storport.sys
2011-03-11 06:41 . 2011-04-27 16:47	1659776	----a-w-	c:\windows\system32\drivers\ntfs.sys
2011-03-11 06:41 . 2011-04-27 16:47	166272	----a-w-	c:\windows\system32\drivers\nvstor.sys
2011-03-11 06:41 . 2011-04-27 16:47	148352	----a-w-	c:\windows\system32\drivers\nvraid.sys
2011-03-11 06:41 . 2011-04-27 16:47	410496	----a-w-	c:\windows\system32\drivers\iaStorV.sys
2011-03-11 06:41 . 2011-04-27 16:47	27008	----a-w-	c:\windows\system32\drivers\amdxata.sys
2011-03-11 06:41 . 2011-04-27 16:47	107904	----a-w-	c:\windows\system32\drivers\amdsata.sys
2011-03-11 06:34 . 2011-04-15 10:09	1359872	----a-w-	c:\windows\system32\mfc42u.dll
2011-03-11 06:34 . 2011-04-15 10:09	1395712	----a-w-	c:\windows\system32\mfc42.dll
2011-03-11 06:33 . 2011-04-27 16:47	2565632	----a-w-	c:\windows\system32\esent.dll
2011-03-11 06:30 . 2011-04-27 16:47	96768	----a-w-	c:\windows\system32\fsutil.exe
2011-03-11 05:33 . 2011-04-15 10:09	1164288	----a-w-	c:\windows\SysWow64\mfc42u.dll
2011-03-11 05:33 . 2011-04-15 10:09	1137664	----a-w-	c:\windows\SysWow64\mfc42.dll
2011-03-11 05:33 . 2011-04-27 16:47	1699328	----a-w-	c:\windows\SysWow64\esent.dll
2011-03-11 05:31 . 2011-04-27 16:47	74240	----a-w-	c:\windows\SysWow64\fsutil.exe
2011-03-08 17:31 . 2011-03-08 17:35	174400	----a-w-	c:\windows\system32\BGLsp.dll
2011-03-08 17:31 . 2011-03-08 17:35	127912	----a-w-	c:\windows\system32\BdInstHk.dll
2011-03-08 17:31 . 2011-03-08 17:35	150848	----a-w-	c:\windows\SysWow64\BGLsp.dll
2011-03-08 06:29 . 2011-04-15 10:08	976896	----a-w-	c:\windows\system32\inetcomm.dll
.
.
(((((((((((((((((((((((((((((   SnapShot@2011-06-05_17.17.19   )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-05-31 02:09 . 2011-06-06 05:01	58348              c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2011-06-06 05:01	39624              c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
- 2009-07-14 05:10 . 2011-06-05 13:50	39624              c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-05-31 02:09 . 2011-06-06 05:01	17276              c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2298931926-628637236-2833013683-1000_UserData.bin
- 2010-05-31 02:09 . 2011-06-05 13:50	17276              c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2298931926-628637236-2833013683-1000_UserData.bin
+ 2009-07-14 04:46 . 2011-06-06 05:07	91904              c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
- 2011-06-05 13:48 . 2011-06-05 13:48	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-06-06 04:59 . 2011-06-06 04:59	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-06-05 13:48 . 2011-06-05 13:48	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-06-06 04:59 . 2011-06-06 04:59	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-06-06 05:06 . 2011-06-06 05:06	238040              c:\windows\SysWOW64\Macromed\Flash\FlashUtil10s_Plugin.exe
- 2009-07-14 02:36 . 2011-06-05 13:55	652096              c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2011-06-06 05:06	652096              c:\windows\system32\perfh009.dat
- 2009-07-14 17:58 . 2011-06-05 13:55	696778              c:\windows\system32\perfh007.dat
+ 2009-07-14 17:58 . 2011-06-06 05:06	696778              c:\windows\system32\perfh007.dat
- 2009-07-14 02:36 . 2011-06-05 13:55	121028              c:\windows\system32\perfc009.dat
+ 2009-07-14 02:36 . 2011-06-06 05:06	121028              c:\windows\system32\perfc009.dat
- 2009-07-14 17:58 . 2011-06-05 13:55	148074              c:\windows\system32\perfc007.dat
+ 2009-07-14 17:58 . 2011-06-06 05:06	148074              c:\windows\system32\perfc007.dat
- 2009-07-14 05:01 . 2011-06-05 13:47	467980              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2011-06-06 03:27	467980              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2010-01-27 01:07 . 2011-06-06 05:06	6271136              c:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll
+ 2010-09-12 03:33 . 2011-06-06 03:27	9615744              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2298931926-628637236-2833013683-1000-8192.dat
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080]
"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2011-04-17 1242448]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"tsnpstd3"="c:\windows\tsnpstd3.exe" [2005-11-04 90112]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2011-02-14 281768]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-03-21 1230704]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-08-20 150016]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-05-29 449584]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2010-6-1 1196048]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages	REG_MULTI_SZ   	kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"HP Software Update"=c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
"hpqSRMon"=c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
"Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-05-31 136176]
R3 avmeject;AVM Eject;c:\windows\system32\drivers\avmeject.sys [x]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [x]
R3 fwlanusbn;FRITZ!WLAN N;c:\windows\system32\DRIVERS\fwlanusbn.sys [x]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-05-31 136176]
R3 rsvcdwdr;rsvcdwdr;c:\windows\system32\DRIVERS\rsvcdwdr.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
S1 avfwot;avfwot;c:\windows\system32\DRIVERS\avfwot.sys [x]
S2 AntiVirFirewallService;Avira FireWall;c:\program files (x86)\Avira\AntiVir Desktop\avfwsvc.exe [2011-02-14 539304]
S2 AntiVirMailService;Avira AntiVir MailGuard;c:\program files (x86)\Avira\AntiVir Desktop\avmailc.exe [2011-02-14 339624]
S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-05-01 136360]
S2 AntiVirWebService;Avira AntiVir WebGuard;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [2011-02-18 421032]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-05-29 366640]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S3 avfwim;AvFw Packet Filter Miniport;c:\windows\system32\DRIVERS\avfwim.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
.
Inhalt des "geplante Tasks" Ordners
.
2011-06-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-05-31 21:51]
.
2011-06-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-05-31 21:51]
.
2011-06-06 c:\windows\Tasks\HP Photo Creations Messager.job
- c:\programdata\HP Photo Creations\MessageCheck.exe [2011-02-15 10:11]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-02-29 242192]
"snpstd3"="c:\windows\vsnpstd3.exe" [2006-09-19 827392]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-07-28 11101800]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [BU]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.de/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: An OneNote s&enden - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~4\Office12\EXCEL.EXE/3000
IE: {{FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - c:\program files (x86)\PokerStars.NET\PokerStarsUpdate.exe
LSP: c:\program files (x86)\Avira\AntiVir Desktop\avsda.dll
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\s4hug1ii.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
FF - prefs.js: keyword.URL - hxxp://www.google.de/search?ie=UTF-8&q=
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10e.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10e.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2011-06-06  07:43:38
ComboFix-quarantined-files.txt  2011-06-06 05:43
ComboFix2.txt  2011-06-06 05:32
ComboFix3.txt  2011-06-05 17:20
.
Vor Suchlauf: 16 Verzeichnis(se), 418.195.070.976 Bytes frei
Nach Suchlauf: 17 Verzeichnis(se), 418.172.698.624 Bytes frei
.
- - End Of File - - 6C6FE22B341D8192E7432B30FE5C605C

--- --- ---

Dauernde Computerabstürze

Log-Analyse und Auswertung: Dauernde Computerabstürze

Dauernde Computerabstürze

Ähnliche Themen: Dauernde Computerabstürze