Trojaner-Board - Alle Antiviren öffnen sich nicht (Gomeo?)

Vielen Dank :) Hat nun doch geklappt :)
Code:
ComboFix 11-07-11.02 - Lizzy 12.07.2011   1:40.1.2 - x86 MINIMAL

Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.49.1031.18.3070.2597 [GMT 2:00]

ausgeführt von:: c:\users\Lizzy\56789.com

AV: AntiVir Desktop *Enabled/Outdated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}

SP: AntiVir Desktop *Enabled/Outdated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

  ((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\program files\facemoods.com

c:\program files\facemoods.com\facemoods\1.4.17.6\bh\facemoods.dll

c:\program files\facemoods.com\facemoods\1.4.17.6\facemoods.crx

c:\program files\facemoods.com\facemoods\1.4.17.6\facemoods.png

c:\program files\facemoods.com\facemoods\1.4.17.6\facemoodsApp.dll

c:\program files\facemoods.com\facemoods\1.4.17.6\facemoodsEng.dll

c:\program files\facemoods.com\facemoods\1.4.17.6\facemoodssrv.exe

c:\program files\facemoods.com\facemoods\1.4.17.6\facemoodsTlbr.dll

c:\program files\facemoods.com\facemoods\1.4.17.6\uninstall.exe

c:\users\Lizzy\56789.com

c:\users\Lizzy\AppData\Roaming\Local

c:\users\Lizzy\AppData\Roaming\Local\Temp\DDM\Settings\0.ddi

c:\users\Lizzy\AppData\Roaming\Local\Temp\DDM\Settings\00.avi.ddr

c:\users\Lizzy\AppData\Roaming\Local\Temp\DDM\Settings\1.ddi

c:\users\Lizzy\AppData\Roaming\Local\Temp\DDM\Settings\3.ddi

c:\users\Lizzy\AppData\Roaming\Local\Temp\DDM\Settings\settings.ddi

c:\users\Lizzy\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\00.avi.ddp

c:\users\Lizzy\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\cfd_koqdxvidp_s04e22.avi.ddp

c:\users\Lizzy\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\TheKingofQueensS05E09CarrieFrankenstein.avi

c:\users\Lizzy\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\TheKingofQueensS05E17DerGigolo.avi.ddp

c:\users\Lizzy\AppData\Roaming\Local\Temp\DDM\Settings\TheKingofQueensS05E09CarrieFrankenstein.avi.ddr

c:\users\Lizzy\AppData\Roaming\Local\Temp\DDM\Settings\TheKingofQueensS05E17DerGigolo.avi.ddr

c:\windows\assembly\GAC_MSIL\desktop.ini

c:\windows\system32\drivers\1216213096.sys

c:\windows\system32\msvcsv60.dll

c:\windows\system32\muzapp.exe

c:\windows\system32\system32

c:\windows\system32\system32\3DAudio.ax

c:\windows\system32\system32\cis-2.4.dll

c:\windows\system32\system32\issacapi_bs-2.3.dll

c:\windows\system32\system32\issacapi_pe-2.3.dll

c:\windows\system32\system32\issacapi_se-2.3.dll

c:\windows\system32\system32\MACXMLProto.dll

c:\windows\system32\system32\MaDRM.dll

c:\windows\system32\system32\MaJGUILib.dll

c:\windows\system32\system32\MAMACExtract.dll

c:\windows\system32\system32\MASetupCleaner.exe

c:\windows\system32\system32\MaXMLProto.dll

c:\windows\system32\system32\MK_Lyric.dll

c:\windows\system32\system32\MSCLib.dll

c:\windows\system32\system32\MSFLib.dll

c:\windows\system32\system32\MSLUR71.dll

c:\windows\system32\system32\msvcp60.dll

c:\windows\system32\system32\MTTELECHIP.dll

c:\windows\system32\system32\MTXSYNCICON.dll

c:\windows\system32\system32\muzaf1.dll

c:\windows\system32\system32\muzapp.dll

c:\windows\system32\system32\muzapp.exe

c:\windows\system32\system32\muzdecode.ax

c:\windows\system32\system32\muzeffect.ax

c:\windows\system32\system32\muzmp4sp.ax

c:\windows\system32\system32\muzmpgsp.ax

c:\windows\system32\system32\muzoggsp.ax

c:\windows\system32\system32\muzwmts.dll

c:\windows\system32\system32\psapi.dll

.

.

(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

-------\Service_1216213096

.

.

(((((((((((((((((((((((   Dateien erstellt von 2011-06-11 bis 2011-07-11  ))))))))))))))))))))))))))))))

.

.

2011-07-11 23:48 . 2011-07-11 23:50        --------        d-----w-        c:\users\Lizzy\AppData\Local\temp

2011-07-11 23:48 . 2011-07-11 23:48        --------        d-----w-        c:\users\Default\AppData\Local\temp

2011-07-11 22:39 . 2011-07-11 22:40        --------        d-----w-        c:\users\Lizzy\AppData\Local\Spoon

2011-07-11 22:39 . 2011-07-11 22:39        --------        d-----w-        c:\users\Lizzy\AppData\Local\Xenocode

2011-07-07 20:53 . 2011-07-07 20:53        --------        d-----w-        c:\users\Lizzy\AppData\Roaming\Avira

2011-07-07 20:52 . 2011-07-11 17:34        66616        ----a-w-        c:\windows\system32\drivers\avgntflt.sys

2011-07-07 20:52 . 2011-07-11 17:34        138192        ----a-w-        c:\windows\system32\drivers\avipbb.sys

2011-07-07 20:52 . 2011-07-07 20:52        --------        d-----w-        c:\programdata\Avira

2011-07-02 17:04 . 2011-07-06 17:29        --------        d-----w-        c:\program files\Spybot - Search & Destroy

2011-07-02 16:45 . 2011-07-02 16:45        97859        ----a-w-        c:\windows\system32\drivers\klick.dat

2011-07-02 16:45 . 2011-07-02 16:45        115267        ----a-w-        c:\windows\system32\drivers\klin.dat

2011-07-02 16:45 . 2011-04-24 21:13        110992        ----a-w-        c:\program files\Mozilla Firefox\extensions\KavAntiBanner@Kaspersky.ru\components\abhelperxpcom.dll

2011-07-02 16:44 . 2011-04-24 21:13        147856        ----a-w-        c:\program files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru\components\kavlinkfilter.dll

2011-07-02 16:44 . 2011-07-02 16:44        --------        d-----w-        c:\program files\Kaspersky Lab

2011-07-02 16:44 . 2011-07-07 21:00        --------        d-----w-        c:\programdata\Kaspersky Lab

2011-07-02 16:20 . 2011-07-02 16:20        --------        d-----w-        c:\users\UpdatusUser

2011-07-02 16:20 . 2011-05-21 04:01        543336        ----a-w-        c:\windows\system32\easyupdatusapiu.dll

2011-07-02 16:05 . 2011-07-11 22:40        --------        d-----w-        c:\users\Lizzy\AppData\Local\CrashDumps

2011-07-02 16:03 . 2011-04-29 15:59        276992        ----a-w-        c:\windows\system32\schannel.dll

2011-06-29 00:25 . 2011-06-29 00:25        --------        d-----w-        c:\users\Lizzy\{7d7b2e69-8a5d-49c8-a472-e53e0d9131bb}

2011-06-28 22:04 . 2011-06-28 22:04        --------        d-----w-        c:\users\Lizzy\AppData\Roaming\Tific

2011-06-28 22:04 . 2011-06-28 22:04        --------        d-----w-        c:\users\Lizzy\AppData\Local\Symantec

2011-06-28 21:02 . 2011-06-29 00:12        --------        d-----w-        c:\programdata\Norton

2011-06-28 15:09 . 2011-06-28 15:09        --------        d-----w-        c:\program files\Spectrasonics

2011-06-27 00:15 . 2011-06-27 00:15        --------        d-----w-        c:\users\Lizzy\AppData\Roaming\LolClient

2011-06-26 23:38 . 2008-07-31 08:41        68616        ----a-w-        c:\windows\system32\XAPOFX1_1.dll

2011-06-26 23:38 . 2008-07-31 08:40        509448        ----a-w-        c:\windows\system32\XAudio2_2.dll

2011-06-26 23:38 . 2008-07-12 06:18        467984        ----a-w-        c:\windows\system32\d3dx10_39.dll

2011-06-26 23:38 . 2008-07-12 06:18        3851784        ----a-w-        c:\windows\system32\D3DX9_39.dll

2011-06-26 23:38 . 2008-07-12 06:18        1493528        ----a-w-        c:\windows\system32\D3DCompiler_39.dll

2011-06-26 23:37 . 2009-08-24 20:08        28160        ----a-w-        c:\windows\system32\DfSdkBt.exe

2011-06-26 23:35 . 2011-06-26 23:35        --------        d-----w-        c:\program files\League of Legends

2011-06-26 22:54 . 2011-06-26 23:33        --------        d-----w-        c:\program files\LeagueOfLegends

2011-06-16 18:09 . 2011-06-16 18:09        --------        d-----w-        c:\users\Lizzy\AppData\Roaming\FastStone

2011-06-16 18:09 . 2011-06-16 18:09        --------        d-----w-        c:\users\Lizzy\AppData\Local\FastStone

2011-06-16 18:09 . 2011-06-16 18:09        --------        d-----w-        c:\program files\FastStone Capture

2011-06-16 14:41 . 2011-04-14 14:59        75264        ----a-w-        c:\windows\system32\drivers\dfsc.sys

2011-06-16 14:41 . 2011-04-21 13:58        273408        ----a-w-        c:\windows\system32\drivers\afd.sys

2011-06-16 14:41 . 2011-04-29 13:25        146432        ----a-w-        c:\windows\system32\drivers\srv2.sys

2011-06-16 14:41 . 2011-04-29 13:25        102400        ----a-w-        c:\windows\system32\drivers\srvnet.sys

2011-06-16 14:41 . 2010-12-20 16:35        563712        ----a-w-        c:\windows\system32\oleaut32.dll

2011-06-16 14:40 . 2011-05-02 17:16        739328        ----a-w-        c:\windows\system32\inetcomm.dll

2011-06-16 14:40 . 2011-04-29 13:24        214016        ----a-w-        c:\windows\system32\drivers\mrxsmb10.sys

2011-06-16 14:40 . 2011-04-29 13:24        79872        ----a-w-        c:\windows\system32\drivers\mrxsmb20.sys

2011-06-16 14:40 . 2011-04-29 13:24        106496        ----a-w-        c:\windows\system32\drivers\mrxsmb.sys

2011-06-16 14:40 . 2011-05-02 12:02        2409784        ----a-w-        c:\program files\Windows Mail\OESpamFilter.dat

.

.

.

((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-05-21 04:01 . 2011-05-21 04:01        899688        ----a-w-        c:\windows\system32\nvdispco3220150.dll

2011-05-21 04:01 . 2011-05-21 04:01        865896        ----a-w-        c:\windows\system32\nvgenco322090.dll

2011-05-21 04:01 . 2011-05-21 04:01        6555240        ----a-w-        c:\windows\system32\nvwgf2um.dll

2011-05-21 04:01 . 2011-05-21 04:01        57960        ----a-w-        c:\windows\system32\OpenCL.dll

2011-05-21 04:01 . 2011-05-21 04:01        5301352        ----a-w-        c:\windows\system32\nvcuda.dll

2011-05-21 04:01 . 2011-05-21 04:01        2804328        ----a-w-        c:\windows\system32\nvcuvid.dll

2011-05-21 04:01 . 2011-05-21 04:01        2082408        ----a-w-        c:\windows\system32\nvcuvenc.dll

2011-05-21 04:01 . 2011-05-21 04:01        16456296        ----a-w-        c:\windows\system32\nvoglv32.dll

2011-05-21 04:01 . 2011-05-21 04:01        13011560        ----a-w-        c:\windows\system32\nvcompiler.dll

2011-05-21 04:01 . 2011-05-21 04:01        12392        ----a-w-        c:\windows\system32\drivers\nvBridge.kmd

2011-05-21 04:01 . 2011-05-21 04:01        10589800        ----a-w-        c:\windows\system32\drivers\nvlddmkm.sys

2011-05-21 04:01 . 2010-10-16 11:42        615528        ----a-w-        c:\windows\system32\nvvsvc.exe

2011-05-21 04:01 . 2010-10-16 11:42        2560616        ----a-w-        c:\windows\system32\nvsvcr.dll

2011-05-21 04:01 . 2010-10-16 11:42        111208        ----a-w-        c:\windows\system32\nvmctray.dll

2011-05-21 04:01 . 2010-10-16 11:42        3693672        ----a-w-        c:\windows\system32\nvcpl.dll

2011-05-21 04:01 . 2010-10-16 11:42        2557544        ----a-w-        c:\windows\system32\nvsvc.dll

2011-05-21 04:01 . 2010-07-09 15:37        66664        ----a-w-        c:\windows\system32\nvshext.dll

2011-05-21 04:01 . 2008-07-16 22:18        2335848        ----a-w-        c:\windows\system32\nvapi.dll

2011-05-21 04:01 . 2008-07-16 22:18        11992680        ----a-w-        c:\windows\system32\nvd3dum.dll

2011-05-13 15:36 . 2011-05-13 15:36        404640        ----a-w-        c:\windows\system32\FlashPlayerCPLApp.cpl

2011-04-24 21:13 . 2011-04-24 21:13        229776        ----a-w-        c:\windows\system32\klogon.dll

.

.

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))

.

.

*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2010-10-06 23:36        94208        ----a-w-        c:\users\Lizzy\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2010-10-06 23:36        94208        ----a-w-        c:\users\Lizzy\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2010-10-06 23:36        94208        ----a-w-        c:\users\Lizzy\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

2010-10-06 23:36        94208        ----a-w-        c:\users\Lizzy\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-05-23 7514656]

"OODefragTray"="c:\program files\OO Software\Defrag\oodtray.exe" [2011-01-12 2729800]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-04-26 421160]

"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2011-04-21 281768]

.

c:\users\Lizzy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Dropbox.lnk - c:\users\Lizzy\AppData\Roaming\Dropbox\bin\Dropbox.exe [2011-5-25 24176560]

Spoon Sandbox Manager 3.26.lnk - c:\users\Lizzy\AppData\Local\Spoon\3.26.0.6\Spoon-Sandbox-Native.exe [2011-7-12 310008]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

"EnableLinkedConnections"= 1 (0x1)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]

"NoResolveTrack"= 1 (0x1)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"midi1"=wdmaud.drv

.

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]

path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk

backup=c:\windows\pss\McAfee Security Scan Plus.lnk.CommonStartup

backupExtension=.CommonStartup

.

[HKLM\~\startupfolder\C:^Users^Lizzy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^EvernoteClipper.lnk]

path=c:\users\Lizzy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk

backup=c:\windows\pss\EvernoteClipper.lnk.Startup

backupExtension=.Startup

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

2011-03-30 17:29        937920        ----a-w-        c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

2011-01-30 15:45        35736        ----a-w-        c:\program files\Adobe\Reader 10.0\Reader\reader_sl.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]

2010-04-01 09:16        357696        ----a-w-        c:\program files\DAEMON Tools Lite\DTLite.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivX Download Manager]

2010-12-08 21:15        63360        ----a-w-        c:\program files\DivX\DivX Plus Web Player\DDMService.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]

2011-03-07 23:14        136176        ----atw-        c:\users\Lizzy\AppData\Local\Google\Update\GoogleUpdate.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

2011-04-26 23:22        421160        ----a-w-        c:\program files\iTunes\iTunesHelper.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesHelper]

2011-04-28 16:24        934800        ----a-w-        c:\program files\Samsung\Kies\KiesHelper.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR]

2011-04-28 16:24        19856        ----a-w-        c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]

2011-04-28 16:24        3373968        ----a-w-        c:\program files\Samsung\Kies\KiesTrayAgent.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent]

2010-04-03 00:27        1234216        ----a-w-        c:\program files\Nero\Nero 10\Nero BackItUp\NBAgent.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2010-11-29 16:38        421888        ----a-w-        c:\program files\QuickTime\QTTask.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-1192020517-1760288132-817415177-1000]

"EnableNotificationsRef"=dword:00000001

.

R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-12-28 691696]

R1 kl2;kl2;c:\windows\system32\DRIVERS\kl2.sys [2011-03-04 11352]

R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [2011-03-10 23856]

R2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [2011-04-21 136360]

R2 Apache2.2;Apache2.2;c:\xampp\apache\bin\httpd.exe [2010-10-18 24576]

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [2010-03-25 490280]

R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-05-21 2214504]

R2 OODefragAgent;O&O Defrag;c:\program files\OO Software\Defrag\oodag.exe [2011-01-12 2335560]

R2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]

R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-10-16 369256]

R3 1216213096;Virtual Bus for Microsoft ACPI-Compliant System; [x]

R3 DfSdkS;Defragmentation-Service;c:\program files\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe [2009-08-24 406016]

R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [2011-01-29 20032]

R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [2009-11-02 19984]

R3 MIDITECH_01;MIDITECH01 MIDI driver service;c:\windows\system32\drivers\mt01drv.sys [2007-03-19 19456]

R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-01-03 121192]

R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-01-03 12776]

R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-01-03 136680]

R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]

S3 CLEDX;Team H2O CLEDX service;c:\windows\system32\DRIVERS\cledx.sys [2005-05-09 33792]

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

LocalServiceAndNoImpersonation        REG_MULTI_SZ           FontCache

.

Inhalt des "geplante Tasks" Ordners

.

2011-07-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1192020517-1760288132-817415177-1000Core.job

- c:\users\Lizzy\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-07 23:14]

.

2011-07-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1192020517-1760288132-817415177-1000UA.job

- c:\users\Lizzy\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-07 23:14]

.

.

------- Zusätzlicher Suchlauf -------

.

uStart Page = hxxp://start.facemoods.com/?a=mtz

IE: Add to Evernote 4.0 - c:\program files\Evernote\Evernote\EvernoteIE.dll/204

IE: Free YouTube to MP3 Converter - c:\users\Lizzy\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

IE: {{A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://c:\program files\Evernote\Evernote\EvernoteIE.dll/204

FF - ProfilePath - c:\users\Lizzy\AppData\Roaming\Mozilla\Firefox\Profiles\ff73feso.default\

FF - prefs.js: browser.search.selectedEngine - Facemoods Search

FF - prefs.js: browser.startup.homepage - hxxp://start.facemoods.com/?a=mtz

FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

FF - Ext: Anti-Banner: KavAntiBanner@Kaspersky.ru - c:\program files\Mozilla Firefox\extensions\KavAntiBanner@Kaspersky.ru

FF - Ext: Modul zur Link-Untersuchung: linkfilter@kaspersky.ru - c:\program files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru

FF - Ext: Facemoods: ffxtlbr@Facemoods.com - %profile%\extensions\ffxtlbr@Facemoods.com

FF - Ext: Firebug: firebug@software.joehewitt.com - %profile%\extensions\firebug@software.joehewitt.com

FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}

FF - Ext: DVDVideoSoft Menu: {ACAA314B-EEBA-48e4-AD47-84E31C44796C} - %profile%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}

FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension

FF - Ext: DivX Plus Web Player HTML5 &lt;video&gt;: {23fcfd51-4958-4f00-80a3-ae97e717ed8b} - c:\program files\DivX\DivX Plus Web Player\firefox\html5video

FF - Ext: Virtuelle Tastatur: virtualKeyboard@kaspersky.ru - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru

.

- - - - Entfernte verwaiste Registrierungseinträge - - - -

.

BHO-{64182481-4F71-486b-A045-B233BD0DA8FC} - c:\program files\facemoods.com\facemoods\1.4.17.6\bh\facemoods.dll

Toolbar-{DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - c:\program files\facemoods.com\facemoods\1.4.17.6\facemoodsTlbr.dll

HKCU-Run-AdobeBridge - (no file)

MSConfigStartUp-facemoods - c:\program files\facemoods.com\facemoods\1.4.17.6\facemoodssrv.exe

AddRemove-facemoods - c:\program files\facemoods.com\facemoods\1.4.17.6\uninstall.exe

AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe

AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe

AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe

AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe

AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe

AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe

AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe

AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe

AddRemove-21_Searsburg - c:\program files\Samsung\USB Drivers\21_Searsburg\Uninstall.exe

AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe

AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe

.

.

.

**************************************************************************

Scanne versteckte Prozesse... 

.

Scanne versteckte Autostarteinträge... 

.

Scanne versteckte Dateien... 

.

.

**************************************************************************

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\1216213096]

.

.

--------------------- Gesperrte Registrierungsschluessel ---------------------

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\*PNP47ea\0000]

@DACL=(02 0000)

"Service"="1216213096"

"ClassGUID"="{4D36E97D-E325-11CE-BFC1-08002BE10318}"

"Class"="System"

"DeviceDesc"="PCI bus"

"Mfg"="Technologies Inc"

"LocationInformation"="on Microsoft ACPI-Compliant System"

"ConfigFlags"=dword:00000000

"Capabilities"=dword:00000000

.

------------------------ Weitere laufende Prozesse ------------------------

.

c:\windows\System32\rundll32.exe

c:\\?\c:\windows\system32\wbem\WMIADAP.EXE

.

**************************************************************************

.

Zeit der Fertigstellung: 2011-07-12  01:54:27 - PC wurde neu gestartet

ComboFix-quarantined-files.txt  2011-07-11 23:54

.

Vor Suchlauf: 15 Verzeichnis(se), 381.486.284.800 Bytes frei

Nach Suchlauf: 20 Verzeichnis(se), 380.822.953.984 Bytes frei

.

- - End Of File - - 3B4D5FA66369CBCDCEEBC8CE1B616894