Oke ich habe deine Anweisungen ausgeführt. Aber Google Update helper konnte ich nicht deinstallieren da es mit systemsteuerung --> Programme deinstallieren nicht aufzufinden war.
Als ich dann Combi Fix ausführen wollte, kam eine Meldung, dass Avira Antivir Scanner noch aktiv sei und dass ich diesen deaktivieren soll. Aber das habe ich schon gemacht, bevor ich ComboFix ausgeführt habe. :confused: Ich habe sogar mit dem Taskmanager den Prozess von Antivir deaktiviert.
Habe dann ComboFix trotzdem ausgeführt. Oder hätte ich AviraAntivir etwa deinstallieren sollen? Ich dachte deaktivieren sollte genügen.
Denkst du denn dass mein PC infiziert ist oder geht es dir mehr darum, dass ich Sicherheitslüken schliesse? Naja jedenfalls danke für die Hilfe! Code:
ComboFix 09-05-26.02 - Anonym 28.05.2009 5:08.2 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.41.1031.18.3070.2266 [GMT 2:00]
ausgeführt von:: c:\users\Standardbenutzer\Desktop\ComboFix.exe
AV: Avira AntiVir PersonalEdition *On-access scanning enabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
SP: Windows-Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
((((((((((((((((((((((( Dateien erstellt von 2009-04-28 bis 2009-05-28 ))))))))))))))))))))))))))))))
.
2009-05-28 03:10 . 2009-05-28 03:10 -------- d-----w c:\users\Anonym\AppData\Local\temp
2009-05-27 04:48 . 2009-05-28 03:10 -------- d-----w c:\users\Standardbenutzer\AppData\Local\temp
2009-05-25 16:04 . 2009-05-06 18:06 4784464 ----a-w c:\programdata\Microsoft\Windows Defender\Definition Updates\{1D229B26-5E94-4AF6-99EF-E783C0938103}\mpengine.dll
2009-05-23 10:39 . 2009-05-23 10:39 -------- d-----w c:\users\Anonym\AppData\Local\Ubisoft
2009-05-23 03:26 . 2009-05-23 03:26 -------- d-----w c:\users\Standardbenutzer\AppData\Local\Ubisoft
2009-05-22 21:06 . 2009-05-22 21:06 -------- d-----w c:\programdata\Ubisoft
2009-05-22 20:27 . 2009-05-22 20:27 -------- d-----w c:\program files\Ubisoft
2009-05-22 08:27 . 2008-04-12 03:32 784896 ----a-w c:\windows\system32\rpcrt4.dll
2009-05-22 08:27 . 2008-04-26 08:26 891448 ----a-w c:\windows\system32\drivers\tcpip.sys
2009-05-22 08:27 . 2008-04-05 03:34 15360 ----a-w c:\windows\system32\pacerprf.dll
2009-05-22 08:27 . 2008-04-05 01:21 72192 ----a-w c:\windows\system32\drivers\pacer.sys
2009-05-22 08:27 . 2008-09-18 04:56 125952 ----a-w c:\windows\system32\wersvc.dll
2009-05-22 08:27 . 2008-09-18 04:56 147456 ----a-w c:\windows\system32\Faultrep.dll
2009-05-22 08:27 . 2008-08-02 03:26 36864 ----a-w c:\windows\system32\cdd.dll
2009-05-22 08:27 . 2008-08-02 01:01 625152 ----a-w c:\windows\system32\drivers\dxgkrnl.sys
2009-05-22 08:27 . 2008-06-26 03:29 565248 ----a-w c:\windows\system32\emdmgmt.dll
2009-05-22 08:27 . 2008-06-26 03:29 45056 ----a-w c:\windows\system32\dataclen.dll
2009-05-22 08:27 . 2008-05-20 02:07 148480 ----a-w c:\windows\system32\drivers\nwifi.sys
2009-05-22 08:26 . 2008-05-08 21:59 90112 ----a-w c:\windows\system32\wshext.dll
2009-05-22 08:26 . 2008-05-08 21:59 430080 ----a-w c:\windows\system32\vbscript.dll
2009-05-22 08:26 . 2008-05-08 21:59 180224 ----a-w c:\windows\system32\scrobj.dll
2009-05-22 08:26 . 2008-05-08 21:59 172032 ----a-w c:\windows\system32\scrrun.dll
2009-05-22 08:26 . 2008-05-08 21:59 155648 ----a-w c:\windows\system32\wscript.exe
2009-05-22 08:26 . 2008-05-08 21:58 135168 ----a-w c:\windows\system32\cscript.exe
2009-05-21 22:13 . 2009-05-21 22:13 -------- d-----w C:\rsit
2009-05-21 18:18 . 2009-05-21 18:18 -------- d-----w C:\PerfLogs
2009-05-21 15:59 . 2009-05-21 15:43 47560 ----a-w c:\windows\system32\SPReview.exe
2009-05-21 15:59 . 2009-05-21 15:43 152576 ----a-w c:\windows\system32\SPWizUI.dll
2009-05-21 15:46 . 2008-01-18 21:35 450560 ----a-w c:\windows\system32\msxbde40.dll
2009-05-21 15:45 . 2008-01-18 21:37 95232 ----a-w c:\windows\system32\xactsrv.dll
2009-05-21 15:44 . 2008-01-18 21:33 44032 ----a-w c:\windows\system32\cbsra.exe
2009-05-21 15:04 . 2009-05-21 15:04 -------- d-----w c:\users\Anonym\AppData\Roaming\Foxit
2009-05-21 15:04 . 2009-05-21 15:04 -------- d-----w c:\program files\Foxit Software
2009-05-21 14:24 . 2009-05-21 14:24 -------- d-----w c:\users\Standardbenutzer\AppData\Local\Apple
2009-05-21 10:47 . 2009-05-21 10:48 -------- d-----w c:\program files\Hjackthis
2009-05-20 20:49 . 2009-05-20 20:49 -------- d-----w c:\users\Standardbenutzer\AppData\Local\PunkBuster
2009-05-20 20:31 . 2009-05-28 02:32 138920 ----a-w c:\windows\system32\drivers\PnkBstrK.sys
2009-05-20 20:31 . 2009-05-22 15:11 22328 ----a-w c:\users\Anonym\AppData\Roaming\PnkBstrK.sys
2009-05-20 20:31 . 2009-05-28 03:04 189072 ----a-w c:\windows\system32\PnkBstrB.exe
2009-05-20 20:31 . 2009-05-22 15:23 75064 ----a-w c:\windows\system32\PnkBstrA.exe
2009-05-20 20:11 . 2009-05-22 15:13 -------- d-----w c:\program files\Activision
2009-05-20 11:34 . 2009-05-20 11:34 -------- d-----w c:\program files\LucasArts
2009-05-20 07:25 . 2002-12-18 16:23 505104 ----a-r c:\windows\system32\msxml.dll
2009-05-20 07:25 . 2002-12-18 16:23 69632 ----a-r c:\windows\system32\xmltok.dll
2009-05-20 07:25 . 2002-12-18 16:23 36864 ----a-r c:\windows\system32\xmlparse.dll
2009-05-20 07:25 . 2002-12-19 05:20 26096 ----a-r c:\windows\system32\xmlinst.exe
2009-05-20 07:25 . 2002-12-18 16:23 89360 ----a-r c:\windows\system32\VB5DB.DLL
2009-05-20 07:25 . 2002-12-18 16:23 28432 ----a-r c:\windows\system32\msxmlr.dll
2009-05-20 07:25 . 2002-12-18 16:23 24576 ----a-r c:\windows\system32\msxml3a.dll
2009-05-20 07:15 . 2009-05-20 07:25 -------- d-----w c:\program files\Ubi Soft
2009-05-20 05:38 . 2009-05-20 05:38 269312 ----a-w c:\windows\system32\es.dll
2009-05-19 14:06 . 2009-05-21 14:23 -------- d-----w c:\users\Standardbenutzer\AppData\Local\Adobe
2009-05-19 13:54 . 2007-04-09 11:23 28040 ----a-w c:\windows\system32\mdimon.dll
2009-05-19 13:52 . 2009-05-19 13:52 -------- d-----w c:\program files\Microsoft.NET
2009-05-19 11:12 . 2009-05-21 14:44 -------- d-----w c:\users\Standardbenutzer\AppData\Roaming\SUPERAntiSpyware.com
2009-05-19 09:16 . 2009-05-19 09:16 -------- d-----w c:\users\Standardbenutzer\AppData\Roaming\Malwarebytes
2009-05-18 21:20 . 2002-01-05 13:37 344064 ----a-w c:\windows\system32\msvcr70.dll
2009-05-18 21:20 . 2009-05-21 14:50 -------- d-----w c:\program files\Common Files\DVDVideoSoft
2009-05-18 21:20 . 2009-05-18 21:20 -------- d-----w c:\program files\DVDVideoSoft
2009-05-18 20:48 . 2009-05-28 00:21 -------- d-----w c:\users\Standardbenutzer\Tracing
2009-05-18 20:47 . 2009-05-18 20:47 -------- d-----w c:\program files\Microsoft
2009-05-18 20:47 . 2009-05-18 20:47 -------- d-----w c:\program files\Windows Live SkyDrive
2009-05-18 20:47 . 2009-05-18 20:47 -------- d-----w c:\program files\Windows Live
2009-05-18 20:46 . 2009-05-18 20:46 -------- d-----w c:\windows\PCHEALTH
2009-05-18 20:44 . 2009-05-18 20:44 -------- d-----w c:\program files\Common Files\Windows Live
2009-05-18 20:30 . 2009-05-19 08:54 117760 ----a-w c:\users\Anonym\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2009-05-18 20:29 . 2009-05-18 20:29 -------- d-----w c:\programdata\SUPERAntiSpyware.com
2009-05-18 20:29 . 2009-05-21 14:43 -------- d-----w c:\program files\SUPERAntiSpyware
2009-05-18 20:29 . 2009-05-18 20:29 -------- d-----w c:\users\Anonym\AppData\Roaming\SUPERAntiSpyware.com
2009-05-18 20:28 . 2009-05-21 18:06 -------- d-----w c:\program files\Spybot - Search & Destroy
2009-05-18 20:28 . 2009-05-21 14:35 -------- d-----w c:\programdata\Spybot - Search & Destroy
2009-05-18 20:27 . 2009-05-18 20:27 -------- d-----w c:\users\Anonym\AppData\Roaming\Malwarebytes
2009-05-18 20:27 . 2009-04-06 13:32 15504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-05-18 20:27 . 2009-04-06 13:32 38496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-05-18 20:27 . 2009-05-18 20:27 -------- d-----w c:\program files\Malwarebytes' Anti-Malware
2009-05-18 20:27 . 2009-05-18 20:27 -------- d-----w c:\programdata\Malwarebytes
2009-05-18 20:23 . 2009-05-20 12:48 -------- d-----w c:\users\Standardbenutzer\AppData\Local\Apple Computer
2009-05-18 20:23 . 2009-05-18 20:23 -------- d-----w c:\users\Standardbenutzer\AppData\Roaming\Apple Computer
2009-05-18 20:22 . 2009-03-19 14:32 23400 ----a-w c:\windows\system32\drivers\GEARAspiWDM.sys
2009-05-18 20:22 . 2008-04-17 10:12 107368 ----a-w c:\windows\system32\GEARAspi.dll
2009-05-18 20:22 . 2009-05-18 20:22 -------- d-----w c:\program files\iPod
2009-05-18 20:22 . 2009-05-18 20:22 -------- d-----w c:\programdata\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-05-18 20:22 . 2009-05-18 20:22 -------- d-----w c:\program files\iTunes
2009-05-18 20:21 . 2009-05-18 20:22 -------- d-----w c:\programdata\Apple Computer
2009-05-18 20:21 . 2009-05-18 20:21 -------- d-----w c:\program files\QuickTime
2009-05-18 20:21 . 2009-05-18 20:21 -------- d-----w c:\users\Anonym\AppData\Local\Apple
2009-05-18 20:20 . 2009-05-18 20:22 -------- d-----w c:\program files\Common Files\Apple
2009-05-18 20:20 . 2009-05-18 20:20 -------- d-----w c:\programdata\Apple
2009-05-18 20:19 . 2009-05-18 20:19 -------- d-----w c:\program files\Trend Micro
2009-05-18 20:18 . 2009-05-18 20:18 -------- d-----w c:\program files\CCleaner
2009-05-18 20:16 . 2009-05-21 14:21 -------- dc----w c:\windows\system32\DRVSTORE
2009-05-18 20:09 . 2009-05-21 14:21 -------- d-----w c:\programdata\Lavasoft
2009-05-18 20:09 . 2009-05-21 14:21 -------- d-----w c:\program files\Lavasoft
2009-05-18 19:59 . 2009-05-18 19:59 -------- d-----w c:\users\Standardbenutzer\AppData\Roaming\EssentialPIM
2009-05-18 17:24 . 2009-05-21 18:15 -------- d-----w c:\windows\system32\RTCOM
2009-05-18 17:23 . 2009-05-18 17:23 319456 ----a-w c:\windows\DIFxAPI.dll
2009-05-18 17:23 . 2006-12-13 02:30 339968 ----a-w c:\windows\system32\SRSTSXT.dll
2009-05-18 17:23 . 2006-11-29 10:47 135168 ----a-w c:\windows\system32\SRSWOW.dll
2009-05-18 17:23 . 2006-12-28 23:59 489472 ----a-w c:\windows\system32\RtkPgExt.dll
2009-05-18 17:23 . 2006-12-27 12:01 17408 ----a-w c:\windows\system32\RtkCoInst.dll
2009-05-18 17:23 . 2006-12-16 05:10 1191936 ----a-w c:\windows\RtlUpd.exe
2009-05-18 17:23 . 2006-12-29 00:03 1814016 ----a-w c:\windows\system32\RtkAPO.dll
2009-05-18 17:23 . 2006-12-29 03:11 4317184 ----a-w c:\windows\RtHDVCpl.exe
2009-05-18 17:23 . 2007-01-02 05:41 1668456 ----a-w c:\windows\system32\drivers\RTKVHDA.sys
2009-05-18 17:23 . 2009-05-18 17:23 -------- d-----w c:\program files\Realtek
2009-05-18 17:23 . 2009-05-22 20:27 -------- d--h--w c:\program files\InstallShield Installation Information
2009-05-18 17:22 . 2006-12-16 03:29 499712 ------r c:\windows\RtlExUpd.dll
2009-05-18 17:22 . 2009-05-20 19:27 -------- d-----w c:\program files\Common Files\InstallShield
2009-05-18 17:22 . 2006-10-18 05:44 7680 ----a-w c:\windows\system32\drivers\ASACPI.sys
2009-05-18 17:21 . 2006-10-11 03:33 10288 ----a-w c:\windows\system32\drivers\ASUSHWIO.SYS
2009-05-18 16:46 . 2009-05-18 16:46 -------- d-----w c:\program files\AGEIA Technologies
2009-05-18 16:46 . 2009-05-18 16:46 -------- d-----w c:\windows\system32\AGEIA
2009-05-18 16:46 . 2009-05-21 14:43 -------- d-----w c:\program files\Common Files\Wise Installation Wizard
2009-05-18 16:45 . 2009-05-18 16:45 -------- d-----w C:\NVIDIA
2009-05-18 16:44 . 2009-05-18 16:44 -------- d-----w c:\users\Standardbenutzer\AppData\Roaming\OnlineArmor
2009-05-18 16:43 . 2009-05-18 16:52 -------- d-----w c:\programdata\NVIDIA
2009-05-18 16:04 . 2009-05-18 16:04 28672 ----a-w c:\windows\system32\FwRemoteSvr.dll
2009-05-18 16:04 . 2009-05-18 16:04 61440 ----a-w c:\windows\system32\winipsec.dll
2009-05-18 16:04 . 2009-05-18 16:04 361984 ----a-w c:\windows\system32\IPSECSVC.DLL
2009-05-18 16:04 . 2009-05-18 16:04 272896 ----a-w c:\windows\system32\polstore.dll
2009-05-18 16:01 . 2009-05-18 16:01 241152 ----a-w c:\windows\system32\PortableDeviceApi.dll
2009-05-18 16:01 . 2009-05-18 16:01 94720 ----a-w c:\windows\system32\PortableDeviceClassExtension.dll
2009-05-18 16:01 . 2009-05-18 16:01 160768 ----a-w c:\windows\system32\PortableDeviceTypes.dll
2009-05-18 15:51 . 2009-05-18 15:51 376832 ----a-w c:\windows\system32\winhttp.dll
2009-05-18 15:49 . 2009-05-18 15:49 296960 ----a-w c:\windows\system32\gdi32.dll
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-28 02:42 . 2009-05-20 20:32 -------- d-----w c:\users\Standardbenutzer\AppData\Roaming\Skype
2009-05-28 00:26 . 2006-11-02 15:33 618204 ----a-w c:\windows\system32\perfh007.dat
2009-05-28 00:26 . 2006-11-02 15:33 122442 ----a-w c:\windows\system32\perfc007.dat
2009-05-28 00:21 . 2009-05-18 16:52 49428 ----a-w c:\programdata\nvModes.dat
2009-05-24 08:56 . 2009-05-24 08:56 0 ---ha-w c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2009-05-22 21:31 . 2009-05-18 13:52 54128 ----a-w c:\users\Anonym\AppData\Local\GDIPFONTCACHEV1.DAT
2009-05-21 18:20 . 2006-11-02 12:37 -------- d-----w c:\program files\Windows Sidebar
2009-05-21 18:20 . 2006-11-02 12:37 -------- d-----w c:\program files\Windows Calendar
2009-05-21 18:20 . 2006-11-02 11:18 -------- d-----w c:\program files\Windows Mail
2009-05-21 18:20 . 2006-11-02 12:37 -------- d-----w c:\program files\Windows Collaboration
2009-05-21 18:20 . 2006-11-02 12:37 -------- d-----w c:\program files\Windows Journal
2009-05-21 18:20 . 2006-11-02 12:37 -------- d-----w c:\program files\Windows Photo Gallery
2009-05-21 18:20 . 2006-11-02 12:37 -------- d-----w c:\program files\Windows Defender
2009-05-21 18:18 . 2006-11-02 10:25 665600 ----a-w c:\windows\inf\drvindex.dat
2009-05-21 18:10 . 2006-11-02 10:32 101888 ----a-w c:\windows\system32\ifxcardm.dll
2009-05-21 18:10 . 2006-11-02 10:32 82432 ----a-w c:\windows\system32\axaltocm.dll
2009-05-21 06:10 . 2009-05-18 13:54 54128 ----a-w c:\users\Standardbenutzer\AppData\Local\GDIPFONTCACHEV1.DAT
2009-05-20 11:47 . 2009-05-18 13:54 680 ----a-w c:\users\Standardbenutzer\AppData\Local\d3d9caps.dat
2009-05-18 14:28 . 2009-05-18 14:28 827392 ----a-w c:\windows\system32\wininet.dll
2009-05-18 14:28 . 2009-05-18 14:28 72704 ----a-w c:\windows\system32\admparse.dll
2009-05-18 14:28 . 2009-05-18 14:28 78336 ----a-w c:\windows\system32\ieencode.dll
2009-05-18 14:28 . 2009-05-18 14:28 48128 ----a-w c:\windows\system32\mshtmler.dll
2009-05-18 14:28 . 2009-05-18 14:28 26624 ----a-w c:\windows\system32\ieUnatt.exe
2009-05-18 13:52 . 2009-05-18 13:52 680 ----a-w c:\users\Anonym\AppData\Local\d3d9caps.dat
2009-05-18 13:49 . 2009-05-18 13:49 -------- d-sh--w c:\programdata\Vorlagen
2009-05-18 13:49 . 2009-05-18 13:49 -------- d-sh--w c:\programdata\Startmenü
2009-05-18 13:49 . 2009-05-18 13:49 -------- d-sh--w c:\programdata\Favoriten
2009-05-18 13:49 . 2009-05-18 13:49 -------- d-sh--w c:\programdata\Dokumente
2009-05-18 13:49 . 2009-05-18 13:49 -------- d-sh--w c:\programdata\Anwendungsdaten
2009-05-18 13:49 . 2009-05-18 13:49 -------- d-sh--w c:\program files\Gemeinsame Dateien
2009-04-30 20:02 . 2009-04-30 20:02 4224 ----a-w c:\windows\system32\drivers\nvBridge.kmd
2009-04-30 20:02 . 2009-03-27 22:03 983552 ----a-w c:\windows\system32\nvapi.dll
2009-04-30 20:02 . 2009-03-27 22:03 7593472 ----a-w c:\windows\system32\nvd3dum.dll
2009-04-08 21:25 . 2009-04-08 21:25 3366912 ----a-w c:\windows\system32\GPhotos.scr
2009-04-03 10:39 . 2009-04-03 10:39 70936 ----a-w c:\windows\system32\PhysXLoader.dll
2009-04-02 14:29 . 2009-04-02 14:29 75048 ----a-w c:\programdata\Apple Computer\Installer Cache\iTunes 8.1.1.10\SetupAdmin.exe
2009-03-27 22:03 . 2009-03-27 22:03 795104 ----a-w c:\windows\system32\dpinst.exe
2009-03-27 22:03 . 2009-03-27 22:03 45056 ----a-w c:\windows\system32\nvmccsrs.dll
2009-03-27 22:03 . 2009-03-27 22:03 236064 ----a-w c:\windows\system32\nvmccs.dll
2009-03-27 22:03 . 2009-03-27 22:03 139264 ----a-w c:\windows\system32\nvcod141.dll
2009-03-19 14:32 . 2009-03-19 14:32 23400 ----a-w c:\programdata\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}\x86\x86\GEARAspiWDM.sys
.
((((((((((((((((((((((((((((( SnapShot@2009-05-27_04.47.08 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-05-22 11:03 . 2009-05-27 07:42 97088 c:\windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_FastS4.bin
+ 2009-05-18 16:44 . 2009-05-28 00:22 28092 c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2006-11-02 13:05 . 2009-05-28 00:22 49824 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2006-11-02 13:02 . 2009-05-27 07:42 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2006-11-02 13:02 . 2009-05-25 04:42 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2006-11-02 13:02 . 2009-05-27 07:42 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2006-11-02 13:02 . 2009-05-25 04:42 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2006-11-02 13:02 . 2009-05-27 07:42 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2006-11-02 13:02 . 2009-05-25 04:42 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-05-18 16:44 . 2009-05-28 00:22 4646 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3130351530-3242594421-458393459-1001_UserData.bin
- 2009-05-27 03:04 . 2009-05-27 03:04 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2009-05-28 00:21 . 2009-05-28 00:21 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2009-05-28 00:21 . 2009-05-28 00:21 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-05-27 03:04 . 2009-05-27 03:04 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-05-21 10:08 . 2009-05-27 10:18 163306 c:\windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_S4.bin
+ 2006-11-02 10:33 . 2009-05-28 00:26 586980 c:\windows\System32\perfh009.dat
- 2006-11-02 10:33 . 2009-05-27 03:10 586980 c:\windows\System32\perfh009.dat
+ 2006-11-02 10:33 . 2009-05-28 00:26 101052 c:\windows\System32\perfc009.dat
- 2006-11-02 10:33 . 2009-05-27 03:10 101052 c:\windows\System32\perfc009.dat
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-18 1233920]
"WindowsWelcomeCenter"="oobefldr.dll" - c:\windows\System32\oobefldr.dll [2008-01-18 2153472]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-04-30 13781536]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2006-12-29 4317184]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{95034131-9708-47C6-8BBB-0C159BEB1614}"= c:\program files\Skype\Phone\Skype.exe:Skype
"{5500CF97-7563-44E8-BD9F-F273DF4730E4}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{8A003923-4FDB-4C6E-B56F-00152D6AE4A5}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
"{8AAEDEE2-6D1C-4336-A520-0C7DB8BAEBC7}"= UDP:c:\windows\System32\PnkBstrA.exe:PnkBstrA
"{92C6E575-3012-41AA-858C-089D4C46A484}"= TCP:c:\windows\System32\PnkBstrA.exe:PnkBstrA
"{9ED6BB6D-A87D-44D0-951E-150E56875328}"= UDP:c:\windows\System32\PnkBstrB.exe:PnkBstrB
"{A16B6266-0489-41ED-BC49-08A9E5DA790C}"= TCP:c:\windows\System32\PnkBstrB.exe:PnkBstrB
"{F5895B68-C87D-42AB-818B-C81D835E44B8}"= UDP:c:\program files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
"{82AF9EB1-09F0-4F19-BDB3-FC26EA201512}"= TCP:c:\program files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
"TCP Query User{CF8CB351-051D-4257-A804-6E68A954974C}c:\\program files\\ubisoft\\tom clancy's splinter cell chaos theory\\system\\splintercell3.exe"= UDP:c:\program files\ubisoft\tom clancy's splinter cell chaos theory\system\splintercell3.exe:SPLINTERCELL3
"UDP Query User{AC7081AA-36F0-4DF2-9E63-9DC47EF97AF8}c:\\program files\\ubisoft\\tom clancy's splinter cell chaos theory\\system\\splintercell3.exe"= TCP:c:\program files\ubisoft\tom clancy's splinter cell chaos theory\system\splintercell3.exe:SPLINTERCELL3
S2 gupdate1c9d7c7abec8b87;Google Update Service (gupdate1c9d7c7abec8b87);c:\program files\Google\Update\GoogleUpdate.exe [18.05.2009 16:48 133104]
.
Inhalt des "geplante Tasks" Ordners
2009-05-28 c:\windows\Tasks\GoogleUpdateTaskMachine.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-05-18 14:48]
.
.
------- Zusätzlicher Suchlauf -------
.
uInternet Settings,ProxyOverride = *.local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\users\Anonym\AppData\Roaming\Mozilla\Firefox\Profiles\rwc26ze2.default\
FF - prefs.js: browser.startup.homepage - www.20min.ch
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-28 05:10
Windows 6.0.6001 Service Pack 1 NTFS
Scanne versteckte Prozesse...
Scanne versteckte Autostarteinträge...
Scanne versteckte Dateien...
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
**************************************************************************
.
Zeit der Fertigstellung: 2009-05-28 5:12
ComboFix-quarantined-files.txt 2009-05-28 03:12
ComboFix2.txt 2009-05-27 04:48
Vor Suchlauf: 14 Verzeichnis(se), 137'592'381'440 Bytes frei
Nach Suchlauf: 14 Verzeichnis(se), 137'558'970'368 Bytes frei
259 --- E O F --- 2009-05-25 16:04
| 