Combofix Logfile: Code:
ComboFix 11-11-01.04 - björn 02.11.2011 23:57:40.2.2 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.3327.2276 [GMT 1:00]
ausgeführt von:: c:\users\björn\Downloads\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\björn\AppData\Local\Temp\3dcf2df1-2a83-477c-a7dd-858967792357\CliSecureRT.dll
c:\users\BJRN~1\AppData\Local\Temp\3dcf2df1-2a83-477c-a7dd-858967792357\CliSecureRT.dll
.
---- Vorheriger Suchlauf -------
.
c:\program files\facemoods.com\facemoods\1.4.17.3\bh\facemoods.dll
c:\program files\facemoods.com\facemoods\1.4.17.3\facemoods.crx
c:\program files\facemoods.com\facemoods\1.4.17.3\facemoods.png
c:\program files\facemoods.com\facemoods\1.4.17.3\facemoodsApp.dll
c:\program files\facemoods.com\facemoods\1.4.17.3\facemoodsEng.dll
c:\program files\facemoods.com\facemoods\1.4.17.3\facemoodssrv.exe
c:\program files\facemoods.com\facemoods\1.4.17.3\faCEmoodstlbr.dll
c:\program files\facemoods.com\facemoods\1.4.17.3\uninstall.exe
c:\users\björn\AppData\Local\Temp\3dcf2df1-2a83-477c-a7dd-858967792357\CliSecureRT.dll
c:\users\björn\AppData\Roaming\5F50.tmp
c:\users\BJRN~1\AppData\Local\Temp\3dcf2df1-2a83-477c-a7dd-858967792357\CliSecureRT.dll
c:\windows\system32\muzapp.exe
c:\windows\system32\system32\3DAudio.ax
c:\windows\system32\system32\avrt.dll
c:\windows\system32\system32\cis-2.4.dll
c:\windows\system32\system32\issacapi_bs-2.3.dll
c:\windows\system32\system32\issacapi_pe-2.3.dll
c:\windows\system32\system32\issacapi_se-2.3.dll
c:\windows\system32\system32\MACXMLProto.dll
c:\windows\system32\system32\MaDRM.dll
c:\windows\system32\system32\MaJGUILib.dll
c:\windows\system32\system32\MAMACExtract.dll
c:\windows\system32\system32\MASetupCleaner.exe
c:\windows\system32\system32\MaXMLProto.dll
c:\windows\system32\system32\mfplat.dll
c:\windows\system32\system32\MK_Lyric.dll
c:\windows\system32\system32\MSCLib.dll
c:\windows\system32\system32\MSFLib.dll
c:\windows\system32\system32\MSLUR71.dll
c:\windows\system32\system32\msvcp60.dll
c:\windows\system32\system32\MTTELECHIP.dll
c:\windows\system32\system32\MTXSYNCICON.dll
c:\windows\system32\system32\muzaf1.dll
c:\windows\system32\system32\muzapp.dll
c:\windows\system32\system32\muzapp.exe
c:\windows\system32\system32\muzdecode.ax
c:\windows\system32\system32\muzeffect.ax
c:\windows\system32\system32\muzmp4sp.ax
c:\windows\system32\system32\muzmpgsp.ax
c:\windows\system32\system32\muzoggsp.ax
c:\windows\system32\system32\muzwmts.dll
c:\windows\system32\system32\psapi.dll
.
.
((((((((((((((((((((((( Dateien erstellt von 2011-10-02 bis 2011-11-02 ))))))))))))))))))))))))))))))
.
.
2011-11-02 23:12 . 2011-11-02 23:12 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-11-01 23:41 . 2011-11-01 23:41 -------- d-----w- c:\users\björn\AppData\Roaming\Leadertech
2011-11-01 22:44 . 2011-11-01 23:21 -------- d-----w- c:\program files\Trojan Remover
2011-11-01 22:36 . 2011-11-01 22:36 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2011-11-01 22:27 . 2006-06-19 11:01 69632 ----a-w- c:\windows\system32\ztvcabinet.dll
2011-11-01 22:27 . 2006-05-25 13:52 162304 ----a-w- c:\windows\system32\ztvunrar36.dll
2011-11-01 22:27 . 2005-08-25 23:50 77312 ----a-w- c:\windows\system32\ztvunace26.dll
2011-11-01 22:27 . 2003-02-02 18:06 153088 ----a-w- c:\windows\system32\unrar3.dll
2011-11-01 22:27 . 2002-03-05 23:00 75264 ----a-w- c:\windows\system32\unacev2.dll
2011-11-01 22:27 . 2011-11-01 22:44 -------- d-----w- c:\users\björn\AppData\Roaming\Simply Super Software
2011-11-01 22:27 . 2011-11-01 22:27 -------- d-----w- c:\programdata\Simply Super Software
2011-10-30 12:39 . 2011-10-30 12:39 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-10-30 12:39 . 2011-08-31 16:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-10-29 19:20 . 2011-10-29 19:20 -------- d-----w- c:\users\björn\AppData\Local\ESN Sonar
2011-10-29 09:26 . 2011-10-29 09:26 -------- d-----w- c:\users\björn\Start Menu
2011-10-28 18:56 . 2011-10-28 18:56 -------- d-----w- c:\users\björn\AppData\Local\eSupport.com
2011-10-28 18:56 . 2011-10-28 18:56 23456 ----a-w- c:\windows\system32\drivers\DrvAgent32.sys
2011-10-28 16:01 . 2011-11-02 08:12 -------- d-----w- c:\users\UpdatusUser
2011-10-28 16:00 . 2011-10-15 08:53 7041856 ----a-w- c:\windows\system32\nvwgf2um.dll
2011-10-28 16:00 . 2011-10-15 08:53 61248 ----a-w- c:\windows\system32\OpenCL.dll
2011-10-28 16:00 . 2011-10-15 08:53 5578560 ----a-w- c:\windows\system32\nvcuda.dll
2011-10-28 16:00 . 2011-10-15 08:53 2458432 ----a-w- c:\windows\system32\nvapi.dll
2011-10-28 16:00 . 2011-10-15 08:53 2401088 ----a-w- c:\windows\system32\nvcuvid.dll
2011-10-28 16:00 . 2011-10-15 08:53 2099520 ----a-w- c:\windows\system32\nvcuvenc.dll
2011-10-28 16:00 . 2011-10-15 08:53 18871616 ----a-w- c:\windows\system32\nvoglv32.dll
2011-10-28 16:00 . 2011-10-15 08:53 17248576 ----a-w- c:\windows\system32\nvcompiler.dll
2011-10-28 16:00 . 2011-10-15 08:53 10327360 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2011-10-28 15:57 . 2011-11-02 23:13 -------- d-----w- c:\programdata\NVIDIA
2011-10-28 15:56 . 2011-10-15 08:53 6350144 ----a-w- c:\windows\system32\nvcpl.dll
2011-10-28 15:56 . 2011-10-15 08:53 3840320 ----a-w- c:\windows\system32\nvsvc.dll
2011-10-28 15:56 . 2011-10-15 08:53 3074368 ----a-w- c:\windows\system32\nvsvcr.dll
2011-10-28 15:56 . 2011-10-15 08:53 203072 ----a-w- c:\windows\system32\nvmctray.dll
2011-10-28 15:56 . 2011-10-15 08:53 123712 ----a-w- c:\windows\system32\nvshext.dll
2011-10-28 15:56 . 2011-10-15 08:53 1136448 ----a-w- c:\windows\system32\nvvsvc.exe
2011-10-28 15:56 . 2011-10-15 08:53 602432 ----a-w- c:\windows\system32\easyupdatusapiu.dll
2011-10-28 15:56 . 2011-10-28 15:56 -------- d-----w- c:\programdata\NVIDIA Corporation
2011-10-28 14:52 . 2008-11-12 14:10 846336 ----a-w- c:\users\björn\pbsetup.exe
2011-10-28 14:12 . 2011-10-28 14:12 -------- d-----w- c:\program files\Battlelog Web Plugins
2011-10-28 14:02 . 2011-10-28 14:02 -------- d-----w- c:\programdata\EA Core
2011-10-28 12:09 . 2011-10-28 12:11 -------- d-----w- c:\users\björn\AppData\Roaming\Origin
2011-10-28 12:09 . 2011-10-28 12:09 -------- d-----w- c:\users\björn\AppData\Local\Origin
2011-10-28 12:09 . 2011-10-28 13:02 -------- d-----w- c:\programdata\Origin
2011-10-28 12:09 . 2011-10-28 14:02 -------- d-----w- c:\programdata\Electronic Arts
2011-10-28 12:09 . 2011-10-28 12:12 -------- d-----w- c:\program files\Origin Games
2011-10-28 12:09 . 2011-10-28 12:11 -------- d-----w- c:\program files\Origin
2011-10-27 14:00 . 2011-10-28 12:40 -------- d--h--w- c:\program files\Common Files\EAInstaller
2011-10-26 20:51 . 2011-10-26 20:51 -------- d-----w- c:\program files\Microsoft Silverlight
2011-10-26 20:51 . 2011-10-26 20:51 -------- d-----w- c:\program files\24h Fotoservice Weckbrodt SilverX
2011-10-26 20:48 . 2011-10-26 20:48 -------- d-----w- c:\program files\24h-Fotoservice
2011-10-26 12:08 . 2011-08-13 04:18 6144 ----a-w- c:\program files\Internet Explorer\iecompat.dll
2011-10-23 18:47 . 2011-05-30 21:15 -------- d-----w- c:\users\björn\WinRAR v.4.01 Final
2011-10-23 18:44 . 2011-10-22 19:06 11870208 ----a-w- c:\users\björn\4-pack-d01.exe
2011-10-22 20:34 . 2011-10-22 20:34 -------- d-----w- c:\program files\Common Files\Java
2011-10-15 15:27 . 2011-10-15 15:27 -------- d-----w- c:\users\björn\AppData\Roaming\Avira
2011-10-15 15:27 . 2011-10-11 13:00 74640 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-10-15 15:27 . 2011-10-11 13:00 36000 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2011-10-15 15:27 . 2011-10-11 13:00 134344 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-10-15 15:26 . 2011-10-15 15:26 -------- d-----w- c:\programdata\Avira
2011-10-15 15:26 . 2011-10-15 15:26 -------- d-----w- c:\program files\Avira
2011-10-14 22:54 . 2011-10-14 22:54 321856 ----a-w- c:\windows\system32\nvStreaming.exe
2011-10-10 19:35 . 2011-10-10 19:39 -------- d-----w- c:\program files\Datacolor
2011-10-10 10:09 . 2011-10-10 10:09 4550304 ----a-w- c:\program files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
2011-10-07 20:31 . 2011-10-07 20:31 -------- d--h--w- c:\windows\AxInstSV
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-02 23:14 . 2011-11-02 21:32 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{91A6534F-2FCD-4FB1-AB6F-0FD9B5E0E9ED}\offreg.dll
2011-10-31 23:21 . 2009-10-18 18:29 140072 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2011-10-31 23:21 . 2009-10-18 18:34 280904 ----a-w- c:\windows\system32\PnkBstrB.xtr
2011-10-31 23:21 . 2009-10-18 18:29 280904 ----a-w- c:\windows\system32\PnkBstrB.exe
2011-10-31 23:21 . 2009-10-18 18:29 280904 ----a-w- c:\windows\system32\PnkBstrB.ex0
2011-10-28 17:29 . 2009-10-18 18:29 138056 ----a-w- c:\users\björn\AppData\Roaming\PnkBstrK.sys
2011-10-28 17:29 . 2009-10-18 18:29 138056 ----a-w- c:\users\björn\AppData\Roaming\PnkBstrK.sys
2011-10-28 17:29 . 2009-10-18 18:29 75136 ----a-w- c:\windows\system32\PnkBstrA.exe
2011-10-28 14:57 . 2011-05-17 07:33 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-10-22 19:06 . 2011-10-23 18:44 11870208 ----a-w- c:\users\björn\4-pack-d01.exe
2011-10-22 19:06 . 2011-10-23 18:44 11870208 ----a-w- c:\users\björn\4-pack-d01.exe
2011-10-15 08:53 . 2011-08-14 17:27 919872 ----a-w- c:\windows\system32\nvdispco32.dll
2011-10-15 08:53 . 2011-08-14 17:27 877376 ----a-w- c:\windows\system32\nvgenco32.dll
2011-10-15 08:53 . 2011-08-14 17:27 13205312 ----a-w- c:\windows\system32\nvd3dum.dll
2011-10-07 03:48 . 2011-11-01 09:54 6668624 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{91A6534F-2FCD-4FB1-AB6F-0FD9B5E0E9ED}\mpengine.dll
2011-10-03 03:06 . 2010-12-30 12:47 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-09-30 16:25 . 2011-06-19 01:52 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"KiesHelper"="c:\program files\Samsung\Kies\KiesHelper.exe" [2011-08-01 958352]
"KiesTrayAgent"="c:\program files\Samsung\Kies\KiesTrayAgent.exe" [2011-08-01 3507088]
"KiesPDLR"="c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2011-08-01 20880]
"EADM"="c:\program files\Origin\Origin.exe" [2011-10-20 28651144]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"="c:\program files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-04-27 113288]
"LGODDFU"="c:\program files\lg_fwupdate\fwupdate.exe" [2011-03-28 557056]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2010-03-24 2516296]
"CanonSolutionMenuEx"="c:\program files\Canon\Solution Menu EX\CNSEMAIN.EXE" [2010-04-02 1185112]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2011-10-11 258512]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2011-08-31 1047208]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]
"TrojanScanner"="c:\program files\Trojan Remover\Trjscan.exe" [2010-07-05 1167296]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Spyder3Utility.lnk - c:\program files\Datacolor\Spyder3Pro\Utility\Spyder3Utility.exe [2010-7-26 7667970]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
DSL-Manager.lnk - c:\program files\DSL-Manager\DslMgr.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKLM\~\startupfolder\C:^Users^björn^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.1.lnk]
path=c:\users\björn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk
backup=c:\windows\pss\OpenOffice.org 3.1.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2011-06-06 10:55 937920 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-09-05 17:04 35736 ----a-w- c:\program files\Adobe\Reader 10.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
2010-07-29 00:25 497648 ----a-w- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS SmartDoctor]
2008-07-09 09:17 1150976 ----a-w- c:\program files\ASUS\SmartDoctor\SmartDoctor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSGamerOSD]
2008-07-29 15:20 380928 ----a-w- c:\program files\ASUS\GamerOSD\GamerOSD.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\bluebirds]
2009-04-29 09:02 270336 ----a-r- c:\users\björn\Bluebirds\BlueBirds.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
2011-08-01 08:28 124480 ----a-w- c:\program files\ICQ7.5\ICQ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesHelper]
2011-08-01 03:32 958352 ----a-w- c:\program files\Samsung\Kies\KiesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2011-10-13 08:27 17351304 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2011-09-12 15:31 1242448 ----a-w- c:\program files\Steam\Steam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2011-06-09 11:06 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Steam"="c:\program files\Steam\Steam.exe" -silent
"bluebirds"=c:\users\björn\Bluebirds\BlueBirds.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"CloneCDTray"="c:\program files\SlySoft\CloneCD\CloneCDTray.exe" /s
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2009-10-17 133104]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [x]
R3 DrvAgent32;DrvAgent32;c:\windows\system32\Drivers\DrvAgent32.sys [2011-10-28 23456]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2009-10-17 133104]
R3 Spyder3;Datacolor Spyder3;c:\windows\system32\DRIVERS\Spyder3.sys [2007-12-12 12288]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-06-02 121064]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-06-02 12776]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-06-02 136808]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R4 TeamViewer5;TeamViewer 5;c:\program files\TeamViewer\Version5\TeamViewer_Service.exe [2010-03-18 172328]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2011-10-11 36000]
S2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;c:\program files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [2010-09-30 169408]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 AntiVirSchedulerService;Avira Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [2011-10-11 86224]
S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2010-05-28 233472]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-10-15 2253120]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-10-14 381248]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2010-05-28 36608]
S3 KoneFltr;ROCCAT Kone;c:\windows\system32\drivers\Kone.sys [2008-12-11 13056]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-08-31 22216]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-04-27 64904]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-04-27 146568]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [2011-03-12 47360]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [2009-09-28 315392]
.
.
Inhalt des "geplante Tasks" Ordners
.
2011-11-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-17 16:49]
.
2011-11-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-17 16:49]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2736476
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\björn\AppData\Roaming\Mozilla\Firefox\Profiles\1pj1n8n3.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2736476&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - yahoo.de
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.3.3&q=
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: yahoo.homepage.dontask - true
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{40c3cc16-7269-4b32-9531-17f2950fb06f} - (no file)
URLSearchHooks-{7e111a5c-3d11-4f56-9463-5310c3c69025} - (no file)
WebBrowser-{40C3CC16-7269-4B32-9531-17F2950FB06F} - (no file)
WebBrowser-{7E111A5C-3D11-4F56-9463-5310C3C69025} - (no file)
MSConfigStartUp-facemoods - c:\program files\facemoods.com\facemoods\1.4.17.3\facemoodssrv.exe
MSConfigStartUp-VirtualCloneDrive - c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
AddRemove-facemoods - c:\program files\facemoods.com\facemoods\1.4.17.3\uninstall.exe
AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-05_Sloan - c:\program files\Samsung\USB Drivers\05_Sloan\Uninstall.exe
AddRemove-06_Spencer - c:\program files\Samsung\USB Drivers\06_Spencer\Uninstall.exe
AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-08_EMPChipset - c:\program files\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe
AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-12_Symbian_USB_Download_Driver - c:\program files\Samsung\USB Drivers\12_Symbian_USB_Download_Driver\Uninstall.exe
AddRemove-15_Symbian_Samsung_PC_DLC_Driver - c:\program files\Samsung\USB Drivers\15_Symbian_Samsung_PC_DLC_Driver\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-17_EMP_Chipset2 - c:\program files\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe
AddRemove-18_Zinia_Serial_Driver - c:\program files\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe
AddRemove-19_VIA_driver - c:\program files\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe
AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-21_Searsburg - c:\program files\Samsung\USB Drivers\21_Searsburg\Uninstall.exe
AddRemove-22_WiBro_WiMAX - c:\program files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe
AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe
AddRemove-26_VIA_driver2 - c:\program files\Samsung\USB Drivers\26_VIA_driver2\Uninstall.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-182684489-472188733-1611161045-1001\Software\SecuROM\License information*]
"datasecu"=hex:fb,ae,47,52,20,19,15,d1,72,71,52,9c,4a,0a,0b,58,3a,f7,6d,7b,37,
ba,37,30,fc,34,db,ef,07,3e,6c,5c,8f,59,8b,ff,0e,f8,cf,27,37,cf,df,c5,31,a2,\
"rkeysecu"=hex:a5,de,f3,e4,31,dc,50,07,5b,e3,f0,49,70,5a,ac,f0
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\NVIDIA Corporation\Display\nvxdsync.exe
c:\windows\system32\nvvsvc.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\CDBurnerXP\NMSAccessU.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\taskhost.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\windows\system32\conhost.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\WUDFHost.exe
c:\windows\system32\conhost.exe
c:\program files\NVIDIA Corporation\Display\nvtray.exe
c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2011-11-03 00:19:43 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2011-11-02 23:19
.
Vor Suchlauf: 18 Verzeichnis(se), 12.604.231.680 Bytes frei
Nach Suchlauf: 20 Verzeichnis(se), 12.514.828.288 Bytes frei
.
- - End Of File - - D21A352316019B5B360A0EB789BB4CD7
--- --- --- |
