WTR Loader funktioniert nicht und Host capplication funktioniert nicht (Catalyst Control Center)
 

Hallo Zusammen,

mich hat es wohl auch mit irgendetwas erwischt. Ich bekomme immer wieder die Meldungen, die ich im Thema benannt habe angezeigt.

Zudem sind etliche Icons vom Desktop verschwunden und alle meine Dateien, wie z.B. Bilder, verschwunden.

Kann mir da geholfen werden? Lasse gerade von Malewarebytes mein System überprüfen.

Gruß
Dirk

Systemscan mit OTL
download otl:
http://filepony.de/download-otl/

Doppelklick auf die OTL.exe
(user von Windows 7 und Vista: Rechtsklick als Administrator ausführen)
1. Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
2. Hake an "scan all users"
3. Unter "Extra Registry wähle:
"Use Safelist" "LOP Check" "Purity Check"
4. Kopiere in die Textbox:
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
5. Klicke "Scan"
6. 2 reporte werden erstellt:
OTL.Txt
Extras.Txt
beide posten

OTL.TXTOTL Logfile:
--- --- ---

OTL.TXTOTL Logfile:
--- --- ---

Extras.txtOTL EXTRAS Logfile:
--- --- ---

öffne malwarebytes logdateien, poste alle scan logs

Malwarebytes ist noch schwer am Arbeiten. Die scan logs kommen...

Malwarebytes' Anti-Malware 1.50.1.1100
Malwarebytes : Free anti-malware, anti-virus and spyware removal download

Datenbank Version: 6463

Windows 6.0.6002 Service Pack 2
Internet Explorer 9.0.8112.16421

28.04.2011 18:54:29
mbam-log-2011-04-28 (18-54-29).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 545623
Laufzeit: 2 Stunde(n), 49 Minute(n), 33 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

bitte erstelle und poste ein combofix log.
Ein Leitfaden und Tutorium zur Nutzung von ComboFix

Wurde irgendwie fehlgeleitet und sollte zahlen. Nun läuft aber Combofix und in Kürze kommt auch dieser log.

boaaaaaaah...

ComboFix 11-04-27.04 - Dirk Jäger 28.04.2011 19:47:19.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.49.1031.18.3325.1497 [GMT 2:00]
ausgeführt von:: C:\Users\Dirk Jäger\Downloads\ComboFix.exe
AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
FW: ZoneAlarm Firewall *Enabled* {D17DF357-CFF5-F001-D1C1-FCD21DFE3D5E}
SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {61CDFD9D-3CAC-9270-C6FC-52325ACB795B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}


((((((((((((((((((((((( Dateien erstellt von 2011-03-28 bis 2011-04-28 ))))))))))))))))))))))))))))))


2011-04-28 18:04:23 . 2011-04-28 18:04:23 -------- d-----w- C:\Users\Default\AppData\Local\temp
2011-04-28 17:36:01 . 2011-04-28 17:36:01 1852 ----a-w- C:\Windows\system32\ASOROSet.bin
2011-04-28 17:21:49 . 2011-04-28 17:21:49 -------- d-----w- C:\Users\Dirk Jäger\AppData\Roaming\Reviversoft
2011-04-28 17:21:12 . 2011-04-28 17:21:12 -------- d-----w- C:\Program Files\Reviversoft
2011-04-28 17:21:12 . 2011-03-16 11:28:20 16704 ----a-w- C:\Windows\system32\roboot.exe
2011-04-28 13:36:18 . 2011-04-28 13:36:18 -------- d-----w- C:\Users\Dirk Jäger\AppData\Roaming\Malwarebytes
2011-04-28 13:35:45 . 2010-12-20 16:09:00 38224 ----a-w- C:\Windows\system32\drivers\mbamswissarmy.sys
2011-04-28 13:35:38 . 2011-04-28 13:35:57 -------- d-----w- C:\Program Files\Malwarebytes' Anti-Malware
2011-04-28 13:35:38 . 2010-12-20 16:08:40 20952 ----a-w- C:\Windows\system32\drivers\mbam.sys
2011-04-27 15:12:01 . 2011-04-27 15:12:01 -------- d-----w- C:\Users\Dirk Jäger\AppData\Roaming\Avira
2011-04-27 11:55:14 . 2011-03-03 15:40:13 28672 ----a-w- C:\Windows\system32\Apphlpdm.dll
2011-04-27 11:55:14 . 2011-03-03 13:35:36 4240384 ----a-w- C:\Windows\system32\GameUXLegacyGDFs.dll
2011-04-27 11:55:06 . 2011-03-12 21:55:52 876032 ----a-w- C:\Windows\system32\XpsPrint.dll
2011-04-14 17:03:07 . 2011-02-16 14:02:23 292864 ----a-w- C:\Windows\system32\atmfd.dll
2011-04-14 17:03:06 . 2011-02-16 16:16:37 34304 ----a-w- C:\Windows\system32\atmlib.dll
2011-04-11 20:42:03 . 2011-04-11 20:42:13 -------- d--h--w- C:\Users\Dirk Jäger\AppData\Local\{BE8B85F4-083C-4E03-AA1C-E0457BD3929D}
2011-04-11 20:41:10 . 2011-04-11 20:41:10 -------- d-----w- C:\Windows\de
2011-04-11 20:35:28 . 2011-04-11 20:35:28 -------- d--h--w- C:\Users\Dirk Jäger\AppData\Local\{EFE10B00-2D0F-439D-9FAF-E7F75D10A000}
2011-04-11 17:45:58 . 2011-04-11 17:45:59 -------- d-----w- C:\Program Files\DVDVideoSoftTB
.


(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))

2011-03-17 13:37:47 . 2009-06-12 14:04:15 137656 ----a-w- C:\Windows\system32\drivers\avipbb.sys
2011-03-03 15:40:07 . 2011-04-27 11:55:15 173056 ----a-w- C:\Windows\apppatch\AcXtrnal.dll
2011-03-03 15:40:05 . 2011-04-27 11:55:15 542720 ----a-w- C:\Windows\apppatch\AcLayers.dll
2011-03-03 15:40:05 . 2011-04-27 11:55:15 458752 ----a-w- C:\Windows\apppatch\AcSpecfc.dll
2011-03-03 15:40:04 . 2011-04-27 11:55:15 2159616 ----a-w- C:\Windows\apppatch\AcGenral.dll
2011-02-22 14:13:01 . 2011-03-23 15:51:20 288768 ----a-w- C:\Windows\system32\XpsGdiConverter.dll
2011-02-22 13:33:12 . 2011-03-23 15:51:20 1068544 ----a-w- C:\Windows\system32\DWrite.dll
2011-02-22 13:33:09 . 2011-03-23 15:51:20 797696 ----a-w- C:\Windows\system32\FntCache.dll
2011-02-18 16:28:58 . 2010-08-08 07:32:07 46592 ----a-w- C:\Windows\system32\vsutil_loc0407.dll
2011-02-18 16:28:28 . 2010-08-08 07:30:52 1238528 ----a-w- C:\Windows\system32\zpeng25.dll
2011-02-18 16:28:24 . 2011-03-17 18:36:22 69120 ----a-w- C:\Windows\system32\zlcomm.dll
2011-02-18 16:28:24 . 2011-03-17 18:36:22 104448 ----a-w- C:\Windows\system32\zlcommdb.dll
2011-02-02 17:43:44 . 2011-02-02 17:43:44 69632 ----a-w- C:\Windows\system32\PXTTool80VC8.dll
2011-02-02 17:43:44 . 2011-02-02 17:43:44 4648960 ----a-w- C:\Windows\system32\LxXtreme70VC8.dll
2011-02-02 17:43:44 . 2011-02-02 17:43:44 27648 ----a-w- C:\Windows\system32\LXTPSW20VC8.dll
2011-02-02 17:43:44 . 2011-02-02 17:43:44 196608 ----a-w- C:\Windows\system32\LxBasics91VC8.dll
2011-02-02 17:43:44 . 2011-02-02 17:43:44 135168 ----a-w- C:\Windows\system32\LxMail30VC8.dll
2011-02-02 17:43:44 . 2011-02-02 17:43:44 1335296 ----a-w- C:\Windows\system32\LXTool91VC8.dll
2011-02-02 17:43:44 . 2011-02-02 17:43:44 110592 ----a-w- C:\Windows\system32\LxUISettings20Native.dll
2011-02-02 16:11:20 . 2009-10-04 13:46:51 222080 ------w- C:\Windows\system32\MpSigStub.exe
2003-03-21 11:45:22 . 2009-09-18 14:28:21 250544 ----a-w- C:\Program Files\Common Files\keyhelp.ocx
2011-03-18 17:56:37 . 2011-03-28 13:46:10 142296 ----a-w- C:\Program Files\mozilla firefox\components\browsercomps.dll
2010-07-29 14:40:24 . 2009-12-16 17:09:40 119808 ----a-w- C:\Program Files\mozilla firefox\components\GoogleDesktopMozilla.dll


(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))


*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{fc2b76fc-2132-4d80-a9a3-1f5c6e49066b}"= "C:\Program Files\ZoneAlarm-Sicherheit\tbZone.dll" [2010-05-09 10:50:18 2517088]
"{872b5b88-9db5-4310-bdd0-ac189557e5f5}"= "C:\Program Files\DVDVideoSoftTB\tbDVDV.dll" [2010-04-27 08:08:38 2393184]

[HKEY_CLASSES_ROOT\clsid\{fc2b76fc-2132-4d80-a9a3-1f5c6e49066b}]

[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
2010-04-27 08:08:38 2393184 ----a-w- C:\Program Files\DVDVideoSoftTB\tbDVDV.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-09-28 21:44:28 1400712 ----a-w- C:\Program Files\Ask.com\GenericAskToolbar.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{fc2b76fc-2132-4d80-a9a3-1f5c6e49066b}]
2010-05-09 10:50:18 2517088 ----a-w- C:\Program Files\ZoneAlarm-Sicherheit\tbZone.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "C:\Program Files\Ask.com\GenericAskToolbar.dll" [2010-09-28 21:44:28 1400712]
"{fc2b76fc-2132-4d80-a9a3-1f5c6e49066b}"= "C:\Program Files\ZoneAlarm-Sicherheit\tbZone.dll" [2010-05-09 10:50:18 2517088]
"{872b5b88-9db5-4310-bdd0-ac189557e5f5}"= "C:\Program Files\DVDVideoSoftTB\tbDVDV.dll" [2010-04-27 08:08:38 2393184]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CLASSES_ROOT\clsid\{fc2b76fc-2132-4d80-a9a3-1f5c6e49066b}]

[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "C:\Program Files\Ask.com\GenericAskToolbar.dll" [2010-09-28 21:44:28 1400712]
"{FC2B76FC-2132-4D80-A9A3-1F5C6E49066B}"= "C:\Program Files\ZoneAlarm-Sicherheit\tbZone.dll" [2010-05-09 10:50:18 2517088]
"{872B5B88-9DB5-4310-BDD0-AC189557E5F5}"= "C:\Program Files\DVDVideoSoftTB\tbDVDV.dll" [2010-04-27 08:08:38 2393184]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CLASSES_ROOT\clsid\{fc2b76fc-2132-4d80-a9a3-1f5c6e49066b}]

[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-02-05 16:40:18 39408]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2008-02-28 17:07:58 1828136]
"LightScribe Control Panel"="C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe" [2009-06-17 10:13:36 2363392]
"AROReminder"="C:\Program Files\Advanced Registry Optimizer\ARO.exe" [2010-07-27 12:19:46 2216968]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2008-01-21 02:25:11 125952]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 02:25:33 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-29 16:11:14 61440]
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe" [2008-12-02 16:04:46 6695456]
"Skytel"="C:\Program Files\Realtek\Audio\HDA\Skytel.exe" [2008-12-02 16:05:22 1833504]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-07-29 14:40:24 30192]
"Google EULA Launcher"="C:\Program Files\Google\Google EULA\GoogleEULALauncher.exe" [2008-10-14 09:57:32 20480]
"Ad-Watch"="C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe" [2010-03-29 15:57:24 524632]
"avgnt"="C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" [2010-12-13 11:46:47 281768]
"AppleSyncNotifier"="C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-10-08 16:04:56 47904]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 15:10:28 35696]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-10 20:52:38 49152]
"IntelliPoint"="c:\Program Files\Microsoft IntelliPoint\ipoint.exe" [2010-07-21 15:51:42 1797008]
"LexwareInfoService"="C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe" [2010-09-15 09:11:22 339312]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2010-11-29 16:38:18 421888]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2011-03-07 14:33:40 421160]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2011-02-18 16:28:38 1043968]
"ISW"="C:\Program Files\CheckPoint\ZAForceField\ForceField.exe" [2011-02-15 15:25:42 738808]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2008-08-21 01:18:00 443968]

C:\Users\Dirk J„ger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
OneNote Inhaltsverzeichnis.onetoc2 [2009-4-1 3656]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2007-1-2 210520]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
Scanner Finder.lnk - C:\Program Files\ScanWizard 5\ScannerFinder.exe [2009-4-6 344064]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0lsdelete\0ROBoot \??\C:\Windows\system32\ASOROSet.bin

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 11:16:28 130384]
R2 gupdate1c9e14b41b4445d;Google Update Service (gupdate1c9e14b41b4445d);C:\Program Files\Google\Update\GoogleUpdate.exe [2009-05-30 17:22:43 133104]
R2 VBoxDRV;PortableVBoxDRV;J:\VirtualBox\Portable-VirtualBox\app32\drivers\VBoxDrv\VBoxDrv.sys [x]
R2 VBoxNetAdp;PortableVBoxNetAdp;J:\VirtualBox\Portable-VirtualBox\app32\drivers\network\netadp\VBoxNetAdp.sys [x]
R2 VBoxUSB;PortableVBoxUSB;J:\VirtualBox\Portable-VirtualBox\app32\drivers\USB\device\VBoxUSB.sys [x]
R2 VBoxUSBMon;PortableVBoxUSBMon;J:\VirtualBox\Portable-VirtualBox\app32\drivers\USB\filter\VBoxUSBMon.sys [x]
R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2010-07-29 14:40:24 30192]
R3 gupdatem;Google Update-Dienst (gupdatem);C:\Program Files\Google\Update\GoogleUpdate.exe [2009-05-30 17:22:43 133104]
R3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2010-03-29 15:57:23 1029456]
R3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;C:\Windows\system32\Drivers\nx6000.sys [2009-07-24 18:28:50 30560]
R3 netr28u;RT2870 USB Wireless LAN Card Driver for Vista;C:\Windows\system32\DRIVERS\netr28u.sys [2007-09-21 08:38:22 554496]
R3 nosGetPlusHelper;getPlus(R) Helper 3004;C:\Windows\System32\svchost.exe [2008-01-21 02:23:43 21504]
R3 RRNetCap;RRNetCap Service;C:\Windows\system32\DRIVERS\rrnetcap.sys [2009-11-26 13:28:30 27168]
R3 vsdatant7;vsdatant7;C:\Windows\system32\drivers\vsdatant.win7.sys [x]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 11:16:28 753504]
S0 Lbd;Lbd;C:\Windows\system32\DRIVERS\Lbd.sys [2009-02-09 16:57:29 64160]
S2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-09-16 10:03:18 169312]
S2 AntiVirSchedulerService;Avira AntiVir Planer;C:\Program Files\Avira\AntiVir Desktop\sched.exe [2011-04-27 15:13:22 136360]
S2 ISWKL;ZoneAlarm Toolbar ISWKL;C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys [2011-02-15 15:25:36 26872]
S2 IswSvc;ZoneAlarm Toolbar IswSvc;C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe [2011-02-15 15:25:48 488952]
S3 dc3d;MS Hardware Device Detection Driver (USB);C:\Windows\system32\DRIVERS\dc3d.sys [2010-07-21 15:51:42 44432]
S3 RRNetCapMP;RRNetCapMP;C:\Windows\system32\DRIVERS\rrnetcap.sys [2009-11-26 13:28:30 27168]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-06-17 10:11:44 451872 ----a-w- C:\Program Files\Common Files\LightScribe\LSRunOnce.exe

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{9C450606-ED24-4958-92BA-B8940C99D441}]
2009-03-04 15:32:50 8192 ---ha-w- C:\Program Files\PixiePack Codec Pack\InstallerHelper.exe

Inhalt des "geplante Tasks" Ordners

2011-04-04 C:\Windows\Tasks\Ad-Aware Update (Weekly).job
- C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-01-18 21:34:46 . 2010-03-29 15:57:25]

2011-04-28 C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
- C:\Program Files\Google\Update\GoogleUpdate.exe [2009-05-30 17:22:49 . 2009-05-30 17:22:43]

2011-04-28 C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
- C:\Program Files\Google\Update\GoogleUpdate.exe [2009-05-30 17:22:49 . 2009-05-30 17:22:43]

2011-04-28 C:\Windows\Tasks\User_Feed_Synchronization-{103B65BD-4798-4CA0-9487-EB211B637804}.job
- C:\Windows\system32\msfeedssync.exe [2011-04-28 06:21:31 . 2011-04-28 06:21:31]


------- Zusätzlicher Suchlauf -------

uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2269050
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
IE: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
IE: Nach Microsoft E&xel exportieren - C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: {{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay - eine der größten deutschen Shopping-Websites
FF - ProfilePath - C:\Users\Dirk Jäger\AppData\Roaming\Mozilla\Firefox\Profiles\lm4mjpb8.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2613550&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - ZoneAlarm-Sicherheit Customized Web Search
FF - prefs.js: browser.startup.homepage - Google
FF - prefs.js: keyword.URL - chrome://browser-region/locale/region.properties
FF - prefs.js: network.proxy.type - 4

- - - - Entfernte verwaiste Registrierungseinträge - - - -

HKCU-Run-msnmsgr - C:\PROGRA~1\WI1F86~1\MESSEN~1\msnmsgr.exe
HKCU-Run-sFGtypQnwU - C:\ProgramData\sFGtypQnwU.exe
AddRemove-_{ADDBE07D-95B8-4789-9C76-187FFF9624B4} - C:\Program Files\Corel\CorelDRAW Essential Edition 3\Programs\MSILauncher {ADDBE07D-95B8-4789-9C76-187FFF9624B4}

da fehlt der rest

Ok, nächster Versuch.

omboFix 11-04-27.04 - Dirk Jäger 28.04.2011 19:47:19.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.49.1031.18.3325.1497 [GMT 2:00]
ausgeführt von:: c:\users\Dirk Jäger\Downloads\ComboFix.exe
AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
FW: ZoneAlarm Firewall *Enabled* {D17DF357-CFF5-F001-D1C1-FCD21DFE3D5E}
SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {61CDFD9D-3CAC-9270-C6FC-52325ACB795B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((( Dateien erstellt von 2011-03-28 bis 2011-04-28 ))))))))))))))))))))))))))))))
.
.
2011-04-28 18:04 . 2011-04-28 18:04 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-04-28 17:36 . 2011-04-28 17:36 1852 ----a-w- c:\windows\system32\ASOROSet.bin
2011-04-28 17:21 . 2011-04-28 17:21 -------- d-----w- c:\users\Dirk Jäger\AppData\Roaming\Reviversoft
2011-04-28 17:21 . 2011-04-28 17:21 -------- d-----w- c:\program files\Reviversoft
2011-04-28 17:21 . 2011-03-16 11:28 16704 ----a-w- c:\windows\system32\roboot.exe
2011-04-28 13:36 . 2011-04-28 13:36 -------- d-----w- c:\users\Dirk Jäger\AppData\Roaming\Malwarebytes
2011-04-28 13:35 . 2010-12-20 16:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-04-28 13:35 . 2011-04-28 13:35 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-04-28 13:35 . 2010-12-20 16:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-04-27 15:12 . 2011-04-27 15:12 -------- d-----w- c:\users\Dirk Jäger\AppData\Roaming\Avira
2011-04-27 11:55 . 2011-03-03 15:40 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2011-04-27 11:55 . 2011-03-03 13:35 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2011-04-27 11:55 . 2011-03-12 21:55 876032 ----a-w- c:\windows\system32\XpsPrint.dll
2011-04-14 17:03 . 2011-02-16 14:02 292864 ----a-w- c:\windows\system32\atmfd.dll
2011-04-14 17:03 . 2011-02-16 16:16 34304 ----a-w- c:\windows\system32\atmlib.dll
2011-04-11 20:42 . 2011-04-11 20:42 -------- d--h--w- c:\users\Dirk Jäger\AppData\Local\{BE8B85F4-083C-4E03-AA1C-E0457BD3929D}
2011-04-11 20:41 . 2011-04-11 20:41 -------- d-----w- c:\windows\de
2011-04-11 20:35 . 2011-04-11 20:35 -------- d--h--w- c:\users\Dirk Jäger\AppData\Local\{EFE10B00-2D0F-439D-9FAF-E7F75D10A000}
2011-04-11 17:45 . 2011-04-11 17:45 -------- d-----w- c:\program files\DVDVideoSoftTB
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-17 13:37 . 2009-06-12 14:04 137656 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-03-03 15:40 . 2011-04-27 11:55 173056 ----a-w- c:\windows\apppatch\AcXtrnal.dll
2011-03-03 15:40 . 2011-04-27 11:55 542720 ----a-w- c:\windows\apppatch\AcLayers.dll
2011-03-03 15:40 . 2011-04-27 11:55 458752 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2011-03-03 15:40 . 2011-04-27 11:55 2159616 ----a-w- c:\windows\apppatch\AcGenral.dll
2011-02-22 14:13 . 2011-03-23 15:51 288768 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-02-22 13:33 . 2011-03-23 15:51 1068544 ----a-w- c:\windows\system32\DWrite.dll
2011-02-22 13:33 . 2011-03-23 15:51 797696 ----a-w- c:\windows\system32\FntCache.dll
2011-02-18 16:28 . 2010-08-08 07:32 46592 ----a-w- c:\windows\system32\vsutil_loc0407.dll
2011-02-18 16:28 . 2010-08-08 07:30 1238528 ----a-w- c:\windows\system32\zpeng25.dll
2011-02-18 16:28 . 2011-03-17 18:36 69120 ----a-w- c:\windows\system32\zlcomm.dll
2011-02-18 16:28 . 2011-03-17 18:36 104448 ----a-w- c:\windows\system32\zlcommdb.dll
2011-02-02 17:43 . 2011-02-02 17:43 69632 ----a-w- c:\windows\system32\PXTTool80VC8.dll
2011-02-02 17:43 . 2011-02-02 17:43 4648960 ----a-w- c:\windows\system32\LxXtreme70VC8.dll
2011-02-02 17:43 . 2011-02-02 17:43 27648 ----a-w- c:\windows\system32\LXTPSW20VC8.dll
2011-02-02 17:43 . 2011-02-02 17:43 196608 ----a-w- c:\windows\system32\LxBasics91VC8.dll
2011-02-02 17:43 . 2011-02-02 17:43 135168 ----a-w- c:\windows\system32\LxMail30VC8.dll
2011-02-02 17:43 . 2011-02-02 17:43 1335296 ----a-w- c:\windows\system32\LXTool91VC8.dll
2011-02-02 17:43 . 2011-02-02 17:43 110592 ----a-w- c:\windows\system32\LxUISettings20Native.dll
2011-02-02 16:11 . 2009-10-04 13:46 222080 ------w- c:\windows\system32\MpSigStub.exe
2003-03-21 11:45 . 2009-09-18 14:28 250544 ----a-w- c:\program files\Common Files\keyhelp.ocx
2011-03-18 17:56 . 2011-03-28 13:46 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2010-07-29 14:40 . 2009-12-16 17:09 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{fc2b76fc-2132-4d80-a9a3-1f5c6e49066b}"= "c:\program files\ZoneAlarm-Sicherheit\tbZone.dll" [2010-05-09 2517088]
"{872b5b88-9db5-4310-bdd0-ac189557e5f5}"= "c:\program files\DVDVideoSoftTB\tbDVDV.dll" [2010-04-27 2393184]
.
[HKEY_CLASSES_ROOT\clsid\{fc2b76fc-2132-4d80-a9a3-1f5c6e49066b}]
.
[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
2010-04-27 08:08 2393184 ----a-w- c:\program files\DVDVideoSoftTB\tbDVDV.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-09-28 21:44 1400712 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{fc2b76fc-2132-4d80-a9a3-1f5c6e49066b}]
2010-05-09 10:50 2517088 ----a-w- c:\program files\ZoneAlarm-Sicherheit\tbZone.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-09-28 1400712]
"{fc2b76fc-2132-4d80-a9a3-1f5c6e49066b}"= "c:\program files\ZoneAlarm-Sicherheit\tbZone.dll" [2010-05-09 2517088]
"{872b5b88-9db5-4310-bdd0-ac189557e5f5}"= "c:\program files\DVDVideoSoftTB\tbDVDV.dll" [2010-04-27 2393184]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CLASSES_ROOT\clsid\{fc2b76fc-2132-4d80-a9a3-1f5c6e49066b}]
.
[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-09-28 1400712]
"{FC2B76FC-2132-4D80-A9A3-1F5C6E49066B}"= "c:\program files\ZoneAlarm-Sicherheit\tbZone.dll" [2010-05-09 2517088]
"{872B5B88-9DB5-4310-BDD0-AC189557E5F5}"= "c:\program files\DVDVideoSoftTB\tbDVDV.dll" [2010-04-27 2393184]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CLASSES_ROOT\clsid\{fc2b76fc-2132-4d80-a9a3-1f5c6e49066b}]
.
[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-02-05 39408]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2008-02-28 1828136]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2009-06-17 2363392]
"AROReminder"="c:\program files\Advanced Registry Optimizer\ARO.exe" [2010-07-27 2216968]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-29 61440]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2008-12-02 6695456]
"Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2008-12-02 1833504]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-07-29 30192]
"Google EULA Launcher"="c:\program files\Google\Google EULA\GoogleEULALauncher.exe" [2008-10-14 20480]
"Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2010-03-29 524632]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-12-13 281768]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-10-08 47904]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-10 49152]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2010-07-21 1797008]
"LexwareInfoService"="c:\program files\Common Files\Lexware\Update Manager\LxUpdateManager.exe" [2010-09-15 339312]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-03-07 421160]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2011-02-18 1043968]
"ISW"="c:\program files\CheckPoint\ZAForceField\ForceField.exe" [2011-02-15 738808]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2008-08-21 443968]
.
c:\users\Dirk J„ger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
OneNote Inhaltsverzeichnis.onetoc2 [2009-4-1 3656]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-1-2 210520]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
Scanner Finder.lnk - c:\program files\ScanWizard 5\ScannerFinder.exe [2009-4-6 344064]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0lsdelete\0ROBoot \??\c:\windows\system32\ASOROSet.bin
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate1c9e14b41b4445d;Google Update Service (gupdate1c9e14b41b4445d);c:\program files\Google\Update\GoogleUpdate.exe [2009-05-30 133104]
R2 VBoxDRV;PortableVBoxDRV;j:\virtualbox\Portable-VirtualBox\app32\drivers\VBoxDrv\VBoxDrv.sys [x]
R2 VBoxNetAdp;PortableVBoxNetAdp;j:\virtualbox\Portable-VirtualBox\app32\drivers\network\netadp\VBoxNetAdp.sys [x]
R2 VBoxUSB;PortableVBoxUSB;j:\virtualbox\Portable-VirtualBox\app32\drivers\USB\device\VBoxUSB.sys [x]
R2 VBoxUSBMon;PortableVBoxUSBMon;j:\virtualbox\Portable-VirtualBox\app32\drivers\USB\filter\VBoxUSBMon.sys [x]
R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2010-07-29 30192]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2009-05-30 133104]
R3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2010-03-29 1029456]
R3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;c:\windows\system32\Drivers\nx6000.sys [2009-07-24 30560]
R3 netr28u;RT2870 USB Wireless LAN Card Driver for Vista;c:\windows\system32\DRIVERS\netr28u.sys [2007-09-21 554496]
R3 nosGetPlusHelper;getPlus(R) Helper 3004;c:\windows\System32\svchost.exe [2008-01-21 21504]
R3 RRNetCap;RRNetCap Service;c:\windows\system32\DRIVERS\rrnetcap.sys [2009-11-26 27168]
R3 vsdatant7;vsdatant7;c:\windows\system32\drivers\vsdatant.win7.sys [x]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2009-02-09 64160]
S2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-09-16 169312]
S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [2011-04-27 136360]
S2 ISWKL;ZoneAlarm Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [2011-02-15 26872]
S2 IswSvc;ZoneAlarm Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\IswSvc.exe [2011-02-15 488952]
S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [2010-07-21 44432]
S3 RRNetCapMP;RRNetCapMP;c:\windows\system32\DRIVERS\rrnetcap.sys [2009-11-26 27168]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-06-17 10:11 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{9C450606-ED24-4958-92BA-B8940C99D441}]
2009-03-04 15:32 8192 ---ha-w- c:\program files\PixiePack Codec Pack\InstallerHelper.exe
.
Inhalt des "geplante Tasks" Ordners
.
2011-04-04 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-01-18 15:57]
.
2011-04-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-05-30 17:22]
.
2011-04-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-05-30 17:22]
.
2011-04-28 c:\windows\Tasks\User_Feed_Synchronization-{103B65BD-4798-4CA0-9487-EB211B637804}.job
- c:\windows\system32\msfeedssync.exe [2011-04-28 06:21]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2269050
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: {{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay - eine der größten deutschen Shopping-Websites
FF - ProfilePath - c:\users\Dirk Jäger\AppData\Roaming\Mozilla\Firefox\Profiles\lm4mjpb8.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2613550&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - ZoneAlarm-Sicherheit Customized Web Search
FF - prefs.js: browser.startup.homepage - Google
FF - prefs.js: keyword.URL - chrome://browser-region/locale/region.properties
FF - prefs.js: network.proxy.type - 4
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKCU-Run-msnmsgr - c:\progra~1\WI1F86~1\MESSEN~1\msnmsgr.exe
HKCU-Run-sFGtypQnwU - c:\programdata\sFGtypQnwU.exe
AddRemove-_{ADDBE07D-95B8-4789-9C76-187FFF9624B4} - c:\program files\Corel\CorelDRAW Essential Edition 3\Programs\MSILauncher {ADDBE07D-95B8-4789-9C76-187FFF9624B4}
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2011-04-28 20:04
Windows 6.0.6002 Service Pack 2 NTFS
.
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{056125f1-7085-4201-a0fc-94b35d09dda2}]
@DACL=(02 0000)
"Dhcpv6Iaid"=dword:0e002421
"Dhcpv6State"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{103b181b-049e-499d-97d8-1d123cf441c3}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{2d66f1fc-ae3d-4910-8ef8-ee5ccb8ca629}]
@DACL=(02 0000)
"Dhcpv6Iaid"=dword:0e002421
"Dhcpv6State"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{8a7cc561-7faa-4cf7-ab40-81d30683d4e3}]
@DACL=(02 0000)
"Dhcpv6Iaid"=dword:0f002421
"Dhcpv6State"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{9c642153-bfe0-4511-a0b6-e778ddd5ea9e}]
@DACL=(02 0000)
"Dhcpv6Iaid"=dword:07001422
"Dhcpv6State"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{a26d0de2-3c12-4392-8fd9-dd3738dbb133}]
@DACL=(02 0000)
"Dhcpv6Iaid"=dword:10000000
"Dhcpv6State"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{b118ad0a-db64-469f-a70c-ce2853eeb614}]
@DACL=(02 0000)
"Dhcpv6Iaid"=dword:10020054
"Dhcpv6State"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{ba32a50a-3d27-4fae-8591-5916311409be}]
@DACL=(02 0000)
"Dhcpv6Iaid"=dword:0c001422
"Dhcpv6State"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{f4cf21ee-3468-402d-9492-9f4631f4c15f}]
@DACL=(02 0000)
"Dhcpv6Iaid"=dword:0a002421
"Dhcpv6State"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{f50c0996-5b4a-4c6a-a322-6e991d4caa0e}]
@DACL=(02 0000)
"Dhcpv6Iaid"=dword:06001422
"Dhcpv6State"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{f70a361f-6437-4fcc-91a4-cd88d468d91b}]
@DACL=(02 0000)
"Dhcpv6Iaid"=dword:0e001422
"Dhcpv6State"=dword:00000000
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'lsass.exe'(732)
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
.
- - - - - - - > 'Explorer.exe'(3408)
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
c:\program files\Ashampoo\Ashampoo WinOptimizer 4\ContextHandler.dll
c:\program files\Nero\Nero8\Nero BackItUp\NBShell.dll
c:\program files\Avira\AntiVir Desktop\shlext.dll
c:\program files\7-Zip\7-zip.dll
c:\program files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
.
Zeit der Fertigstellung: 2011-04-28 20:14:36
ComboFix-quarantined-files.txt 2011-04-28 18:14
.
Vor Suchlauf: 4 Verzeichnis(se), 452.745.760.768 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 453.369.139.200 Bytes frei
.
- - End Of File - - CDA29DDDE63C7AB4B5D329DB6224E7B1

wie läuft das system

Es scheint im Moment alles beim Alten zu sein. Vielen herzlichen Dank!!!!!!!!!!!!

Was war das Problem?