Betroffener | 08.12.2009 15:01 | Auch Combofix findet etwas merkwürdig an der iaStor.sys
Kann die Datei hier nicht uploaden, sie ist gepackt 170 kB groß.
Combofix-Log: Code:
ComboFix 09-12-07.07 - gogoli 08.12.2009 11:45.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.49.1031.18.2047.1591 [GMT 1:00]
ausgeführt von:: c:\dokumente und einstellungen\gogoli\Desktop\ComboFix.exe
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {8587ADDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {8596FBFC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {8598185C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {859F9DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {85A2E9CC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {85B16054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Outdated) {00000000-0000-0000-0000-000000000000}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {00000246-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {846DFC84-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {84BFA3E4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {84C2A1AC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {84C72BFC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {84C8BDDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {84DB8054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {84E31DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {84F065CC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {84F58054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {84F5FBFC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {84F7C054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {84FF8054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85012054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85022BFC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {850232F4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {850584C4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8505FC44-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8507BDDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85082054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8509B054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8509CC44-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8509D054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {850AA83C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {850B4DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {850C5BFC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {850C762C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {850E9DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {850FF054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85105054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {851305CC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85149054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85158054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85167054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8516D054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {851B8054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {855E5BFC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85611DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8562FBFC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85644BFC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85655A1C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8565B984-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8565CA1C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8566CDDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85680054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85688BFC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8568F054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {856A26DC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {856AACA4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {856D3A1C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {856DB984-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {856DBDDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {856F3054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {856F4054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {856F54B4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {856FBBFC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {856FDBFC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {856FEBFC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8570DDDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8570F60C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85712BFC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8571F054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8572FBFC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8573CBFC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85743DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85745A64-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85756054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85761054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8576931C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8576E054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8577493C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85775054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85778054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8577B054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8577C054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85785DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8578D4F4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85796A1C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {857B0054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {857C3054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {857CAC04-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {857D0054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {857D4054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {857D6054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {857DF054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {857E283C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {857EE054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {857F04B4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {857F9054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8581A054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8581F8CC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85827054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85833054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85833A44-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8585D054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8585F054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85867DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8587145C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85877C44-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8587C054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85883A64-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85887DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8588F054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8588FDDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8589B42C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {858A3054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {858A7DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {858BD39C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {858BEC0C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {858BFB64-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {858C5054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {858CBDDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {858DC054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {858DC9B4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {858E042C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {858E3054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {858E65DC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {858E7054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {858EA6C4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {858EE5DC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {858FDBFC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8590EA34-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8590F4E4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8591BDDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8591F5CC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85924054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85926C44-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85929DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8592CDDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8592DB64-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8592E054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {859304E4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85938DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85939DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8593ABB4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8593BDDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85954054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8595A85C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8595CDDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85963054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85967BFC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8596D054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85973A1C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85981054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {859826C4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85982B54-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85983054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85989BFC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8599F85C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {859A44E4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {859A5054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {859A6054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {859A72D4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {859AEDDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {859B2DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {859B4A3C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {859B75F4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {859B7A1C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {859C6054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {859C757C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {859C9054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {859CA054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {859D1054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {859D4054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {859D749C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {859DB054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {859DE244-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {859E35CC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {859EBDDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {859F2DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {859F7DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85A015F4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85A0C5E4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85A0D054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85A0E5CC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85A14054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85A21494-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85A2D054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85A3B054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85A51054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85A5ADDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85A65054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85ADA054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85AF86F4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85AFFDDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B00054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B2CBFC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B2F694-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B33054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B3DBFC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B3E85C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B50BD4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B51C24-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B5ADDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B5C41C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B6997C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B76B64-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B78C6C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B7DBFC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B89624-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B8A2CC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B8B054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B8D2E4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85B95DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85BAEA1C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85BD4A1C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85BEA3CC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85BF9984-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85C063D4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85C1484C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85C50BFC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85C59054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85C7E9BC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D063EC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D16864-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D1DC04-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D38DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D48BFC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D4B85C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D554F4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85DAEBD4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {BADB0D00-FFA4-00DE-0D24-347CA8A3377C}
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\programme\ATI Technologies\ATI.ACE\atIAcmxx.dll
c:\recycler\S-1-5-21-1669474771-150296836-539975905-500
c:\recycler\S-1-5-21-842925246-515967899-839522115-500
c:\windows\system32\Drivers\wfpliz.sys
c:\windows\system32\O2CPlayer.OCX
c:\windows\system32\twain_32.dll
E:\Autorun.inf
c:\windows\system32\DRIVERS\iaStor.sys . . . ist infiziert!!
.
((((((((((((((((((((((((((((((((((((((( Treiber/Dienste )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_SYSREST.SYS
-------\Legacy_TDSSSERV
((((((((((((((((((((((( Dateien erstellt von 2009-11-08 bis 2009-12-08 ))))))))))))))))))))))))))))))
.
2009-12-07 19:03 . 2009-12-07 19:03 -------- d-----w- c:\windows\system32\wbem\Repository
2009-12-07 19:03 . 2009-12-07 19:03 -------- d-----w- c:\programme\Zattoo
2009-12-07 13:53 . 2009-12-07 18:46 -------- d-----w- C:\rsit
2009-12-06 14:10 . 2009-12-06 14:17 -------- d-----w- c:\programme\Windows Live Safety Center
2009-12-04 10:20 . 2009-12-04 10:20 -------- d-----w- c:\programme\CCleaner
2009-12-02 18:40 . 2009-12-03 21:10 -------- d-----w- c:\programme\Navilog1
2009-12-02 15:15 . 2009-12-02 15:15 -------- d-----w- c:\programme\Panda Security
2009-12-02 12:51 . 2009-12-03 21:10 -------- d-----w- c:\programme\Spybot - Search & Destroy
2009-12-02 12:51 . 2009-12-03 21:10 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy
2009-12-01 19:57 . 2009-12-01 19:57 -------- d-----w- C:\~$PVRTmp0$(2)
2009-12-01 17:59 . 2009-12-01 17:59 -------- d-----w- c:\dokumente und einstellungen\NetworkService\IETldCache
2009-11-10 18:42 . 2009-12-03 21:12 -------- d-----w- C:\NexusFont
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-08 09:05 . 2009-03-20 08:58 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-12-08 07:56 . 2006-12-15 21:47 -------- d-----w- c:\programme\Mozilla Thunderbird
2009-12-04 14:16 . 2006-12-13 18:39 -------- d-----w- c:\programme\Yahoo!
2009-12-04 13:37 . 2006-12-13 13:13 -------- d-----w- c:\programme\Google
2009-12-04 00:20 . 2007-08-08 11:03 -------- d-----w- c:\programme\Opera
2009-12-04 00:11 . 2006-12-27 09:29 62000 ----a-w- c:\dokumente und einstellungen\gogoli\Lokale Einstellungen\Anwendungsdaten\GDIPFONTCACHEV1.DAT
2009-12-02 19:27 . 2006-12-13 21:58 -------- d-----w- c:\programme\Java
2009-11-05 15:27 . 2006-12-21 09:37 -------- d-----w- c:\dokumente und einstellungen\gogoli\Anwendungsdaten\WordToPDF
2009-11-04 08:29 . 2009-11-04 08:29 -------- d-----w- c:\dokumente und einstellungen\gogoli\Anwendungsdaten\SmarThru4
2009-11-04 08:29 . 2009-11-04 08:27 -------- d-----w- c:\programme\SmarThru 4
2009-11-04 08:28 . 2009-11-04 08:28 -------- d-----w- c:\programme\Gemeinsame Dateien\SRC Shared
2009-11-04 08:28 . 2009-11-02 19:02 -------- d-----w- c:\programme\Readiris10
2009-11-04 08:24 . 2009-11-04 08:24 -------- d-----w- c:\programme\Samsung
2009-11-02 19:03 . 2006-12-13 21:58 -------- d--h--w- c:\programme\InstallShield Installation Information
2009-10-28 10:34 . 2006-12-27 00:43 -------- d-----w- c:\programme\DivX
2009-10-28 10:33 . 2009-10-28 10:33 -------- d-----w- c:\programme\Gemeinsame Dateien\DivX Shared
2009-10-27 00:09 . 2004-08-07 06:04 87898 ----a-w- c:\windows\system32\perfc007.dat
2009-10-27 00:09 . 2004-08-07 06:04 471824 ----a-w- c:\windows\system32\perfh007.dat
2009-10-26 23:47 . 2008-08-26 14:10 -------- d-----w- c:\programme\Malwarebytes' Anti-Malware
2009-10-22 14:01 . 2009-10-22 14:01 -------- d-----w- c:\programme\WMVJoiner
2009-10-20 13:45 . 2007-10-15 19:05 1734 --sha-w- c:\windows\system32\KGyGaAvL.sys
2009-09-29 07:29 . 2009-09-06 06:58 177024 ----a-w- c:\dokumente und einstellungen\gogoli\Anwendungsdaten\Mozilla\Firefox\Profiles\vdihw474.default\FlashGot.exe
2009-09-25 16:41 . 2009-09-25 16:41 90112 ----a-w- c:\windows\system32\dpl100.dll
2009-09-25 16:41 . 2009-09-25 16:41 856064 ----a-w- c:\windows\system32\divx_xx0c.dll
2009-09-25 16:41 . 2009-09-25 16:41 856064 ----a-w- c:\windows\system32\divx_xx07.dll
2009-09-25 16:41 . 2009-09-25 16:41 847872 ----a-w- c:\windows\system32\divx_xx0a.dll
2009-09-25 16:41 . 2009-09-25 16:41 843776 ----a-w- c:\windows\system32\divx_xx16.dll
2009-09-25 16:41 . 2009-09-25 16:41 839680 ----a-w- c:\windows\system32\divx_xx11.dll
2009-09-25 16:41 . 2009-09-25 16:41 696320 ----a-w- c:\windows\system32\DivX.dll
2009-09-11 14:17 . 2004-08-04 08:00 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-10 13:54 . 2008-08-26 14:10 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-09-10 13:53 . 2008-08-26 14:10 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-02-16 10:53 . 2009-02-15 09:27 620 ----a-w- c:\programme\tmcalls.log
2007-11-15 12:10 . 2007-11-15 12:10 703 ----a-w- c:\programme\Password-Finder.lnk
2009-09-25 16:41 . 2009-09-25 16:41 1044480 ----a-w- c:\programme\mozilla firefox\plugins\libdivx.dll
2009-09-25 16:41 . 2009-09-25 16:41 200704 ----a-w- c:\programme\mozilla firefox\plugins\ssldivx.dll
2009-09-25 16:41 . 2009-09-25 16:41 1044480 ----a-w- c:\programme\opera\program\plugins\libdivx.dll
2009-09-25 16:41 . 2009-09-25 16:41 200704 ----a-w- c:\programme\opera\program\plugins\ssldivx.dll
2006-12-15 19:54 . 2006-12-15 19:54 56 --sha-w- c:\windows\SMINST\hpboot.sys
2007-10-15 22:39 . 2007-10-15 19:05 88 --sh--r- c:\windows\system32\678FB86488.sys
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"="c:\programme\Windows Media Player\WMPNSCFG.exe" [2006-11-03 204288]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsmqIntCert"="mqrt.dll" [2008-04-14 177152]
"SoundMAXPnP"="c:\programme\Analog Devices\Core\smax4pnp.exe" [2005-05-20 925696]
"AccelerometerSysTrayApplet"="c:\windows\system32\AccelerometerSt.exe" [2006-01-16 53248]
"PTHOSTTR"="c:\programme\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE" [2006-02-14 122880]
"DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2005-08-31 122940]
"SynTPEnh"="c:\programme\Synaptics\SynTP\SynTPEnh.exe" [2006-03-03 761948]
"hpWirelessAssistant"="c:\programme\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [2006-02-14 454656]
"CognizanceTS"="c:\progra~1\HPQ\IAM\Bin\AsTsVcc.dll" [2003-12-22 17920]
"QlbCtrl"="c:\programme\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2006-03-07 131072]
"Cpqset"="c:\programme\HPQ\Default Settings\cpqset.exe" [2006-02-22 40960]
"Recguard"="c:\windows\Sminst\Recguard.exe" [2005-12-20 1187840]
"Reminder"="c:\windows\Creator\Remind_XP.exe" [2006-03-09 806912]
"Scheduler"="c:\windows\SMINST\Scheduler.exe" [2006-02-15 892928]
"WatchDog"="c:\programme\InterVideo\DVD Check\DVDCheck.exe" [2005-11-08 184320]
"HP Software Update"="c:\programme\Hp\HP Software Update\HPWuSchd2.exe" [2005-02-16 49152]
"QuickTime Task"="c:\programme\QuickTime\QTTask.exe" [2008-11-04 413696]
"avgnt"="c:\programme\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"SunJavaUpdateSched"="c:\programme\Java\jre6\bin\jusched.exe" [2009-07-25 149280]
"TkBellExe"="c:\programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" [2009-09-10 198160]
"Malwarebytes Anti-Malware (reboot)"="c:\programme\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]
"Samsung PanelMgr"="c:\windows\Samsung\PanelMgr\SSMMgr.exe" [2008-08-21 536576]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\dokumente und einstellungen\All Users\Startmen\Programme\Autostart\
Adobe Reader - Schnellstart.lnk - c:\programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-4-23 29696]
BTTray.lnk - c:\programme\WIDCOMM\Bluetooth Software\BTTray.exe [2006-2-15 581693]
DVD Check.lnk - c:\programme\InterVideo\DVD Check\DVDCheck.exe [2006-12-13 184320]
Microsoft Office.lnk - c:\programme\Microsoft Office\Office\OSA9.EXE [1999-4-29 65588]
PTV339 Remote Controller Service.lnk - c:\windows\PTV339\IRMONITOR.EXE [2008-1-17 245760]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\IfxWlxEN]
2005-08-19 13:52 389120 ----a-w- c:\windows\system32\IfxWlxEN.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\OneCard]
2005-07-25 18:41 40960 ----a-w- c:\programme\HPQ\IAM\Bin\AsWlnPkg.dll
[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Lexware Info Service.lnk]
path=c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\Lexware Info Service.lnk
backup=c:\windows\pss\Lexware Info Service.lnkCommon Startup
[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^MediaTV Monitor.lnk]
path=c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\MediaTV Monitor.lnk
backup=c:\windows\pss\MediaTV Monitor.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\4500w Scan2PC]
2008-01-08 02:07 491520 ----a-r- c:\windows\twain_32\Samsung\SCX4500W\Scan2Pc.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
2008-04-01 11:21 61440 ----a-r- c:\programme\Adobe\Adobe Photoshop Lightroom 1.4\apdproxy.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
2008-08-14 06:58 611712 ----a-w- c:\programme\Gemeinsame Dateien\Adobe\CS4ServiceManager\CS4ServiceManager.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICCC]
2005-08-12 12:43 45056 ----a-w- c:\programme\ATI Technologies\ATI.ACE\CLI.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2008-11-20 12:20 290088 ----a-w- c:\programme\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2008-12-03 11:47 1205760 ----a-w- c:\programme\Nokia\Nokia PC Suite 7\PCSuite.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"LightScribeService"=2 (0x2)
"iPod Service"=3 (0x3)
"ICQ Service"=2 (0x2)
"HRService"=3 (0x3)
"Apple Mobile Device"=2 (0x2)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\mqsvc.exe"=
"c:\\WINDOWS\\SMINST\\Scheduler.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programme\\Messenger\\msmsgs.exe"=
"c:\\Programme\\Corel\\Graphics10\\Register\\NAVBrowser.exe"=
"c:\\Programme\\Bonjour\\mDNSResponder.exe"=
"c:\\Programme\\Haufe\\iDesk\\iDeskService\\pythonw.exe"=
"c:\\Programme\\MSN Messenger\\msnmsgr.exe"=
"c:\\Programme\\MSN Messenger\\livecall.exe"=
"c:\\Programme\\iTunes\\iTunes.exe"=
"c:\\Programme\\Gemeinsame Dateien\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Programme\\ICQ6.5\\ICQ.exe"=
"c:\\Programme\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Programme\\Java\\jre6\\bin\\java.exe"=
"c:\\WINDOWS\\twain_32\\Samsung\\SCX4500W\\Sscan2io.exe"=
"c:\\WINDOWS\\twain_32\\Samsung\\SCX4500W\\Scan2Pc.exe"=
"c:\\Programme\\Opera\\opera.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5353:TCP"= 5353:TCP:Adobe CSI CS4
R1 PersonalSecureDrive;PersonalSecureDrive;c:\windows\system32\drivers\psd.sys [25.10.2005 19:10 35488]
R2 AntiVirSchedulerService;Avira AntiVir Planer;c:\programme\Avira\AntiVir Desktop\sched.exe [20.03.2009 09:58 108289]
R2 ASChannel;Lokaler Verbindungskanal;c:\windows\System32\svchost.exe -k Cognizance [04.08.2004 09:00 14336]
R3 GTIPCI21;GTIPCI21;c:\windows\system32\drivers\gtipci21.sys [23.05.2006 22:56 87936]
R3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [10.06.2005 14:26 35968]
S2 Ca533av;Icatch(IV) Video Camera Device;c:\windows\system32\drivers\Ca533av.sys [24.09.2007 10:44 515803]
S2 gupdate1c986cbe524f0ba;Google Update Service (gupdate1c986cbe524f0ba);c:\programme\Google\Update\GoogleUpdate.exe [04.02.2009 14:24 133104]
S2 SSPORT;SSPORT;\??\c:\windows\system32\Drivers\SSPORT.sys --> c:\windows\system32\Drivers\SSPORT.sys [?]
S3 camvid20;Philips ToUcam Camera; Video;c:\windows\system32\drivers\camdrv21.sys [16.12.2006 09:10 223232]
S3 PTV339;Mini DualTV USB;c:\windows\system32\drivers\PTV339.SYS [20.07.2007 14:54 289664]
S4 HRService;Haufe iDesk-Service in c:\programme\Haufe\iDesk\iDeskService\Zope;c:\programme\Haufe\iDesk\iDeskService\ideskservice.exe [23.10.2006 02:39 71072]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Cognizance REG_MULTI_SZ ASChannel
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = about:blank
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Connection Wizard,ShellNext = hxxp://www.hp.com/
uInternet Settings,ProxyServer = 165.228.128.11:80
uInternet Settings,ProxyOverride = *.local
IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: SmarThru4 Capture Selection - c:\programme\SmarThru 4\WebCapture.dll2.htm
IE: SmarThru4 Save as HTML - c:\programme\SmarThru 4\WebCapture.dll1.htm
IE: SmarThru4 Save Selected Text - c:\programme\SmarThru 4\WebCapture.dll.htm
IE: SmarThru4 Web Capture - c:\programme\SmarThru 4\WebCapture.dll
DPF: {B1953AD6-C50E-11D3-B020-00A0C9251384} - hxxp://www.o2c.de/download/O2CPlayer.CAB
FF - ProfilePath - c:\dokumente und einstellungen\gogoli\Anwendungsdaten\Mozilla\Firefox\Profiles\vdihw474.default\
FF - prefs.js: browser.search.selectedEngine - DasÖrtliche
FF - prefs.js: browser.startup.homepage - hxxp://www.psd-tutorials.de/ | http://digitalesdresden.de/web/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q=
FF - component: c:\dokumente und einstellungen\gogoli\Anwendungsdaten\Mozilla\Firefox\Profiles\vdihw474.default\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}\platform\WINNT\components\ColorZilla.dll
FF - component: c:\programme\real\realplayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
FF - plugin: c:\programme\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\programme\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\programme\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\programme\Mozilla Firefox\plugins\npdevalvr_.dll
FF - plugin: c:\programme\Opera\program\plugins\npdivx32.dll
FF - plugin: c:\programme\Virtual Earth 3D\npVE3D.dll
---- FIREFOX Richtlinien ----
FF - user.js: yahoo.homepage.dontask - truec:\programme\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
HKCU-Run-AdobeBridge - (no file)
HKLM-Run-Corel Reminder - (no file)
AddRemove-Adobe SVG Viewer - c:\programme\Gemeinsame Dateien\Adobe\SVG Viewer 3.0\Uninstall\Winstall.exe -u -fc:\programme\Gemeinsame Dateien\Adobe\SVG Viewer 3.0\Uninstall\Install.log
AddRemove-HaufeReader - c:\windows\IsUn0407.exe -fc:\programme\Haufe\HaufeReader\HaufeReader.isu
AddRemove-Microsoft Interactive Training - c:\windows\IsUn0407.exe -fc:\windows\orun32.isu
AddRemove-TAX_06 - c:\windows\IsUn0407.exe -fc:\programme\LEXWARE\TAXMAN2006\TAX_06\TAX_06.isu
AddRemove-Xaldon WebSpider 2 - c:\windows\unin0407.exe -fc:\programme\Xaldon\WebSpider 2\DeIsL1.isu -cc:\programme\Xaldon\WebSpider 2\_ISREG32.DLL
AddRemove-_{05D60953-9012-44DF-A1A6-9DD97AD6580A} - c:\programme\Corel\Corel Painter X\MSILauncher {05D60953-9012-44DF-A1A6-9DD97AD6580A}
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-08 12:36
Windows 5.1.2600 Service Pack 3 NTFS
Scanne versteckte Prozesse...
Scanne versteckte Autostarteinträge...
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Cpqset = c:\programme\HPQ\Default Settings\cpqset.exe?????????? ???@???????????????@??????|??????(?@???????@
Scanne versteckte Dateien...
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
**************************************************************************
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys hpdskflt.sys hal.dll ACPI.sys >>UNKNOWN [0x8A8C0E07]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xf74ebf28
\Driver\ACPI -> ACPI.sys @ 0xf735dcb8
\Driver\atapi -> atapi.sys @ 0xf72d1852
\Driver\iaStor -> iaStor.sys @ 0xf7207b58
IoDeviceObjectType -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
NDIS: Intel(R) PRO/Wireless 3945ABG Network Connection -> SendCompleteHandler -> NDIS.sys @ 0xf70debb0
PacketIndicateHandler -> NDIS.sys @ 0xf70eba21
SendHandler -> NDIS.sys @ 0xf70c987b
user & kernel MBR OK
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{90C9B227-00E9-ED2B-D8335C00663422E2}\{BA143829-6513-6AB3-17B76E63BBBF825B}\{B7811D8F-B091-6828-D848878685722533}*]
"LBML3FZBDBDV3BUIEQZJ1CU1HB1"=hex:01,00,01,00,00,00,00,00,46,4e,90,ef,91,22,f2,
65,35,81,92,71,e8,29,5a,84,14,35,16,70,d8,6e,ff,61
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{AB53ABC9-60C7-8B2C-A2AB126EB1F03A59}\{6511FF0A-0202-CA71-9BBA47A5377501DE}\{CE12CB05-B8C7-0E6B-6DC342F04A20B600}*]
"LBML3FZBDBDV3BUIEQZJ1CU1HB1"=hex:01,00,01,00,00,00,00,00,46,4e,90,ef,91,22,f2,
65,35,81,92,71,e8,29,5a,84,14,35,16,70,d8,6e,ff,61
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
- - - - - - - > 'winlogon.exe'(912)
c:\windows\system32\Ati2evxx.dll
c:\programme\HPQ\IAM\Bin\AsWlnPkg.dll
c:\programme\HPQ\IAM\Bin\ASChnl.dll
c:\programme\HPQ\IAM\Bin\ItMsg.dll
c:\windows\system32\IfxWlxEN.dll
- - - - - - - > 'explorer.exe'(2532)
c:\programme\HPQ\IAM\Bin\SFSShell.dll
c:\programme\HPQ\IAM\bin\ItMsg.dll
c:\programme\HPQ\IAM\bin\1031\SFSShell.dll
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\btncopy.dll
c:\programme\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\programme\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\programme\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_ger.nlr
c:\programme\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\programme\Gemeinsame Dateien\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\IFXTCS.exe
c:\windows\system32\DllHost.exe
c:\windows\System32\SCardSvr.exe
c:\windows\system32\msdtc.exe
c:\programme\Avira\AntiVir Desktop\avguard.exe
c:\programme\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\windows\system32\IFXSPMGT.exe
c:\programme\Java\jre6\bin\jqs.exe
c:\programme\ProtectTools\Embedded Security Software\PSDsrvc.EXE
c:\programme\Hewlett-Packard\Shared\hpqwmiex.exe
c:\windows\system32\mqsvc.exe
c:\programme\Windows Media Player\WMPNetwk.exe
c:\windows\system32\mqtgsvc.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\wscntfy.exe
c:\programme\HPQ\IAM\bin\asghost.exe
c:\programme\ProtectTools\Embedded Security Software\PSDrt.exe
c:\programme\ProtectTools\Embedded Security Software\SpTna.exe
c:\progra~1\HPQ\Shared\HPQTOA~1.EXE
.
**************************************************************************
.
Zeit der Fertigstellung: 2009-12-08 12:49 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2009-12-08 11:49
Vor Suchlauf: 17 Verzeichnis(se), 18.367.807.488 Bytes frei
Nach Suchlauf: 20 Verzeichnis(se), 18.723.643.392 Bytes frei
WindowsXP-KB310994-SP2-Pro-BootDisk-DEU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
Current=3 Default=3 Failed=1 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - CE86AC4ED9C6436B56C2B48CD9688FAE |