Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Log Datei nach Scan

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 13.05.2012, 12:16   #1
olifaar
 
Log Datei nach Scan - Standard

Log Datei nach Scan



Hallo!

Ich bin froh auf Eure Seite gestoßen zu sein.
Ich hoffe es wieder alles clean nach dem Combofix

Vielliecht kann noch mal jemand reinschauen.

Grüsse

olli

Hallo Boarder!

Könnte ich noch mal jemand reinschauen?

OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 13.05.2012 12:39:04 - Run 1
OTL by OldTimer - Version 3.2.42.3     Folder = C:\Users\olli\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
5,98 Gb Total Physical Memory | 4,46 Gb Available Physical Memory | 74,55% Memory free
11,96 Gb Paging File | 10,08 Gb Available in Paging File | 84,23% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 906,34 Gb Total Space | 836,59 Gb Free Space | 92,30% Space Free | Partition Type: NTFS
 
Computer Name: OLLI-PC | User Name: olli | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\olli\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrv.exe (Advanced Micro Devices, Inc.)
PRC - C:\Windows\jmesoft\JME_LOAD.exe ()
PRC - C:\Windows\jmesoft\hotkey.exe (Lenovo)
PRC - C:\Windows\jmesoft\Service.exe ()
PRC - C:\Programme\Lenovo\Lenovo Brightness System\Lenovo Dynamic Brightness System.exe (Lenovo)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Programme\Lenovo\Lenovo Eye Distance System\Lenovo Eye Distance System.exe (Lenovo)
PRC - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
PRC - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
PRC - C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe (CyberLink)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\dab0ad2d0f5da372a4947d3a1c7c07a9\Microsoft.VisualBasic.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\9b2f17fb61b7197f2a04108f5d1a1cc6\System.Management.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8e56489276063ededde74e597a121df3\PresentationFramework.Aero.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\07f019692c382d588d3c6cb2da2a9ec5\PresentationFramework.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\90555968565afd59bce4b0974e9903bd\System.Windows.Forms.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\69f6e582cb79f107c61308b468c1a215\System.Drawing.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\2d1fd350e9bc62ce659e5cbcfd555796\PresentationCore.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
MOD - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\fsk.dll ()
MOD - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\readerAppHelper.dll ()
MOD - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\USBDetector.dll ()
MOD - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskNetInterface.dll ()
MOD - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskPower.dll ()
MOD - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskinLocalize.dll ()
MOD - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskTimeHardware.dll ()
MOD - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ticket.dll ()
MOD - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ebookDeviceNotifier.dll ()
MOD - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskDocumentViewer.dll ()
MOD - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\Fskin.dll ()
MOD - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskMobileMediaDevice.dll ()
MOD - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskMediaPlayers.dll ()
MOD - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskSecurity.dll ()
MOD - C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ebookUsb.dll ()
MOD - C:\windows\assembly\GAC_MSIL\PresentationCore.resources\3.0.0.0_de_31bf3856ad364e35\PresentationCore.resources.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Programme\Lenovo\Lenovo Brightness System\ddcHelperWraper.dll ()
MOD - C:\Programme\Lenovo\Lenovo Brightness System\KeyStoneAdapter.dll ()
MOD - C:\Programme\Lenovo\Lenovo Eye Distance System\KeyStoneAdapter.dll ()
MOD - C:\Programme\Lenovo\Lenovo Eye Distance System\VideoPlayer.dll ()
MOD - C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvcPS.dll ()
MOD - C:\Program Files (x86)\Lenovo\Power2Go\CLMediaLibrary.dll ()
MOD - C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll ()
MOD - C:\Windows\jmesoft\VistaVolume.dll ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (Sony SCSI Helper Service) -- C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe (Sony Corporation)
SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (JME Keyboard) -- C:\Windows\jmesoft\Service.exe ()
SRV - (UNS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (wlcrasvc) -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (PSI_SVC_2) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (psadd) -- C:\Windows\SysNative\drivers\psadd.sys (Lenovo (United States) Inc.)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (Fs_Rec) -- C:\windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (fbfmon) -- C:\Windows\SysNative\drivers\fbfmon.sys (Lenovo)
DRV:64bit: - (BPntDrv) -- C:\Windows\SysNative\drivers\BPntDrv.sys (Lenovo)
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH)
DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation)
DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation)
DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation)
DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (MEIx64) Intel(R) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (nusb3xhc) -- C:\Windows\SysNative\drivers\nusb3xhc.sys (Renesas Electronics Corporation)
DRV:64bit: - (nusb3hub) -- C:\Windows\SysNative\drivers\nusb3hub.sys (Renesas Electronics Corporation)
DRV:64bit: - (e1cexpress) Intel(R) -- C:\Windows\SysNative\drivers\e1c62x64.sys (Intel Corporation)
DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (wsvd) -- C:\Windows\SysNative\drivers\wsvd.sys (CyberLink)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (WinI2C-DDC) -- C:\Windows\SysNative\drivers\ddcdrv.sys (Nicomsoft Ltd.)
DRV:64bit: - (S3XXx64) -- C:\Windows\SysNative\drivers\S3XXx64.sys (SCM Microsystems Inc.)
DRV - (WinI2C-DDC) -- C:\Windows\SysWOW64\drivers\ddcdrv.sys (Nicomsoft Ltd.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&appid=101&systemid=406&sr=0&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&appid=101&systemid=406&sr=0&q={searchTerms}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.searchnu.com/406
IE - HKCU\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7LEND_deDE460
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&appid=101&systemid=406&sr=0&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Search Results"
FF - prefs.js..browser.search.order.1: "Search Results"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "yahoo.de"
FF - prefs.js..keyword.URL: "hxxp://dts.search-results.com/sr?src=ffb&appid=101&systemid=406&sr=0&q="
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.0.198: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.0.198: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.0.198: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.0.198: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.0.198: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@sony.com/ReaderDesktop: C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll (Sony Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011.12.03 11:33:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.05.02 19:23:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.04.13 18:03:16 | 000,000,000 | ---D | M]
 
[2012.05.13 08:02:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\olli\AppData\Roaming\Mozilla\Extensions
[2012.05.13 08:05:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\olli\AppData\Roaming\Mozilla\Firefox\Profiles\jmqx4822.default\extensions
[2012.02.11 09:08:52 | 000,000,000 | ---D | M] (DDBAC Plug-In) -- C:\Users\olli\AppData\Roaming\Mozilla\Firefox\Profiles\jmqx4822.default\extensions\{271A3CF5-5A54-447B-A08F-BE805F0DA60A}
[2011.12.31 19:08:17 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\olli\AppData\Roaming\Mozilla\Firefox\Profiles\jmqx4822.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.05.13 07:08:59 | 000,002,519 | ---- | M] () -- C:\Users\olli\AppData\Roaming\Mozilla\Firefox\Profiles\jmqx4822.default\searchplugins\Search_Results.xml
[2012.05.13 08:02:41 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.05.02 19:23:08 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.10.24 00:49:22 | 001,826,192 | ---- | M] (Caminova, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdjvu.dll
[2011.12.31 10:21:52 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.12.31 10:21:52 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011.12.31 10:21:52 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.12.31 10:21:52 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.05.13 07:08:59 | 000,002,519 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Search_Results.xml
[2011.12.31 10:21:52 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.12.31 10:21:52 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2012.05.13 11:43:16 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Lenovo EE Boot Optimizer] C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe (Lenovo)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [jmekey] C:\Windows\jmesoft\hotkey.exe (Lenovo)
O4 - HKLM..\Run: [jmesoft] C:\Windows\jmesoft\ServiceLoader.exe ()
O4 - HKLM..\Run: [Lenovo Dynamic Brightness System] C:\Program Files\Lenovo\Lenovo Brightness System\Lenovo Dynamic Brightness System.exe (Lenovo)
O4 - HKLM..\Run: [Lenovo Eye Distance System] C:\Program Files\Lenovo\Lenovo Eye Distance System\Lenovo Eye Distance System.exe (Lenovo)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [Reader Application Helper] C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe (Sony Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\olli\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\olli\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {271A3CF5-5A54-447B-A08F-BE805F0DA60B} https://finanzcenter.sparkasse-bremen.de/_plugin/AXFOAM.cab (B+S Banksysteme AG DDBAC Plug-In)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A6C4D16B-8948-4A00-A762-3FFA43E6CAB7}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20:64bit: - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.05.13 12:34:21 | 000,000,000 | ---D | C] -- C:\windows\temp
[2012.05.13 12:32:06 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2012.05.13 11:39:09 | 000,518,144 | ---- | C] (SteelWerX) -- C:\windows\SWREG.exe
[2012.05.13 11:39:09 | 000,406,528 | ---- | C] (SteelWerX) -- C:\windows\SWSC.exe
[2012.05.13 11:39:09 | 000,060,416 | ---- | C] (NirSoft) -- C:\windows\NIRCMD.exe
[2012.05.13 11:39:06 | 000,000,000 | ---D | C] -- C:\windows\ERDNT
[2012.05.13 11:38:42 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012.05.13 11:30:44 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2012.05.13 07:48:59 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2012.05.13 07:18:03 | 000,000,000 | ---D | C] -- C:\Users\olli\AppData\Roaming\vlc
[2012.05.13 07:11:00 | 000,000,000 | ---D | C] -- C:\Users\olli\AppData\Local\Ilivid Player
[2012.05.10 20:39:25 | 000,000,000 | ---D | C] -- C:\SWTOOLS
[2012.05.10 19:34:21 | 000,000,000 | ---D | C] -- C:\ProgramData\IBUpdaterService
[2012.05.02 19:57:20 | 000,000,000 | ---D | C] -- C:\Users\olli\Documents\Meine Paletten
[2012.05.02 19:57:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Protexis
[2012.05.02 19:57:13 | 000,000,000 | ---D | C] -- C:\Users\olli\AppData\Roaming\Corel
[2012.05.02 19:52:31 | 000,000,000 | ---D | C] -- C:\Users\olli\Documents\Corel
[2012.05.02 19:52:26 | 000,000,000 | ---D | C] -- C:\Users\olli\Documents\Visual Studio 2008
[2012.05.02 19:52:25 | 000,000,000 | ---D | C] -- C:\Users\olli\AppData\Local\Microsoft Help
[2012.05.02 19:51:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SDKs
[2012.05.02 19:51:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 9.0
[2012.05.02 19:51:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2012.05.02 19:51:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Corel
[2012.05.02 19:50:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Protexis
[2012.05.02 19:50:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Corel
[2012.05.02 19:48:46 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Corel
[2012.05.02 19:47:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X6
[2012.05.02 19:47:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Corel
[2012.05.02 19:46:48 | 000,000,000 | ---D | C] -- C:\ProgramData\CorelDRAW Graphics Suite X6
[2012.05.02 19:23:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2012.05.02 19:23:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012.05.02 19:14:38 | 000,000,000 | ---D | C] -- C:\Users\olli\AppData\Local\{7D43C440-9409-41D9-8E93-7C0EE81C17D2}
[2012.04.29 14:10:07 | 000,000,000 | ---D | C] -- C:\Users\olli\AppData\Roaming\U3
[2012.04.15 07:51:18 | 000,000,000 | ---D | C] -- C:\Users\olli\AppData\Local\{72B06D0E-69F5-4CDF-A9FF-16DD2FB00465}
[2011.10.20 21:38:31 | 001,914,000 | ---- | C] (Adobe Systems Incorporated) -- C:\ProgramData\flashax10.exe
 
========== Files - Modified Within 30 Days ==========
 
[2012.05.13 12:41:17 | 001,500,254 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2012.05.13 12:41:17 | 000,654,594 | ---- | M] () -- C:\windows\SysNative\perfh007.dat
[2012.05.13 12:41:17 | 000,616,476 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2012.05.13 12:41:17 | 000,130,208 | ---- | M] () -- C:\windows\SysNative\perfc007.dat
[2012.05.13 12:41:17 | 000,106,598 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2012.05.13 12:36:23 | 000,117,815 | ---- | M] () -- C:\windows\SysNative\fastboot.set
[2012.05.13 12:35:42 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012.05.13 12:35:38 | 523,018,239 | -HS- | M] () -- C:\hiberfil.sys
[2012.05.13 12:35:04 | 000,020,480 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.05.13 12:35:04 | 000,020,480 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.05.13 11:43:16 | 000,000,027 | ---- | M] () -- C:\windows\SysNative\drivers\etc\hosts
[2012.05.12 14:08:56 | 000,366,808 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2012.05.10 18:02:10 | 000,132,832 | ---- | M] (Avira GmbH) -- C:\windows\SysNative\drivers\avipbb.sys
[2012.05.10 18:02:10 | 000,098,848 | ---- | M] (Avira GmbH) -- C:\windows\SysNative\drivers\avgntflt.sys
[2012.05.02 19:55:53 | 000,001,361 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
[2012.04.26 19:39:55 | 410,675,189 | ---- | M] () -- C:\windows\MEMORY.DMP
[2012.04.23 08:41:20 | 000,000,432 | ---- | M] () -- C:\windows\BRWMARK.INI
 
========== Files Created - No Company Name ==========
 
[2012.05.13 11:39:09 | 000,256,000 | ---- | C] () -- C:\windows\PEV.exe
[2012.05.13 11:39:09 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe
[2012.05.13 11:39:09 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe
[2012.05.13 11:39:09 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe
[2012.05.13 11:39:09 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe
[2012.05.02 19:55:53 | 000,001,361 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
[2012.05.02 19:55:52 | 000,001,172 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ImageReady 7.0.lnk
[2012.05.02 19:55:52 | 000,001,167 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 7.0.lnk
[2011.12.20 07:49:19 | 001,526,060 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2011.12.09 19:18:00 | 000,000,254 | ---- | C] () -- C:\windows\Brpfx04a.ini
[2011.12.09 19:18:00 | 000,000,093 | ---- | C] () -- C:\windows\brpcfx.ini
[2011.12.09 19:17:03 | 000,000,432 | ---- | C] () -- C:\windows\BRWMARK.INI
[2011.12.09 19:17:03 | 000,000,034 | ---- | C] () -- C:\windows\SysWow64\BD7820N.DAT
[2011.12.09 19:16:32 | 000,106,496 | ---- | C] () -- C:\windows\SysWow64\BrMuSNMP.dll
[2011.12.09 19:16:31 | 000,000,066 | ---- | C] () -- C:\windows\Brfaxrx.ini
[2011.12.09 19:16:31 | 000,000,000 | ---- | C] () -- C:\windows\brdfxspd.dat
[2011.12.03 18:30:48 | 000,000,880 | ---- | C] () -- C:\windows\HBCIKRNL.INI
[2011.10.20 22:11:36 | 000,201,728 | ---- | C] () -- C:\windows\SetDrive.exe
[2011.10.20 22:11:35 | 000,036,864 | ---- | C] () -- C:\windows\WinWait.exe
[2011.10.20 21:18:04 | 000,008,192 | ---- | C] () -- C:\windows\SysWow64\drivers\IntelMEFWVer.dll
[2011.07.15 04:44:54 | 000,003,929 | ---- | C] () -- C:\windows\SysWow64\atipblag.dat
[2011.06.11 08:45:16 | 000,059,904 | ---- | C] () -- C:\windows\SysWow64\OVDecode.dll
[2011.02.12 21:35:47 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin
 
========== LOP Check ==========
 
[2011.12.09 07:51:40 | 000,000,000 | ---D | M] -- C:\Users\olli\AppData\Roaming\DataDesign
[2011.12.31 19:08:20 | 000,000,000 | ---D | M] -- C:\Users\olli\AppData\Roaming\DVDVideoSoft
[2011.12.31 19:08:17 | 000,000,000 | ---D | M] -- C:\Users\olli\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.05.06 19:41:33 | 000,000,000 | ---D | M] -- C:\Users\olli\AppData\Roaming\SoftGrid Client
[2011.12.20 07:49:49 | 000,000,000 | ---D | M] -- C:\Users\olli\AppData\Roaming\TP
[2011.12.09 19:25:18 | 000,000,000 | ---D | M] -- C:\Users\olli\AppData\Roaming\Windows Live Writer
[2012.05.02 19:10:03 | 000,032,632 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
< End of report >
         
--- --- ---


Anbei die Log von Combofix:

Code:
ATTFilter
ComboFix 12-05-13.02 - olli 13.05.2012  11:39:47.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.6126.4465 [GMT 2:00]
ausgeführt von:: c:\users\olli\Downloads\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\IsUn0407.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-04-13 bis 2012-05-13  ))))))))))))))))))))))))))))))
.
.
2012-05-13 09:43 . 2012-05-13 09:43    --------    d-----w-    c:\users\Default\AppData\Local\temp
2012-05-13 09:30 . 2012-05-13 09:30    --------    d-----w-    c:\programdata\boost_interprocess
2012-05-13 05:48 . 2012-05-13 05:48    --------    d-----w-    c:\programdata\PC Tools
2012-05-13 05:18 . 2012-05-13 05:18    --------    d-----w-    c:\users\olli\AppData\Roaming\vlc
2012-05-13 05:11 . 2012-05-13 05:11    --------    d-----w-    c:\users\olli\AppData\Local\Ilivid Player
2012-05-12 09:06 . 2012-03-31 06:05    5559664    ----a-w-    c:\windows\system32\ntoskrnl.exe
2012-05-12 09:06 . 2012-03-03 06:35    1544704    ----a-w-    c:\windows\system32\DWrite.dll
2012-05-12 09:06 . 2012-03-03 05:31    1077248    ----a-w-    c:\windows\SysWow64\DWrite.dll
2012-05-12 09:06 . 2012-03-31 04:39    3968368    ----a-w-    c:\windows\SysWow64\ntkrnlpa.exe
2012-05-12 09:06 . 2012-03-31 04:39    3913072    ----a-w-    c:\windows\SysWow64\ntoskrnl.exe
2012-05-12 09:06 . 2012-03-31 03:10    3146240    ----a-w-    c:\windows\system32\win32k.sys
2012-05-12 09:05 . 2012-03-17 07:58    75120    ----a-w-    c:\windows\system32\drivers\partmgr.sys
2012-05-12 09:05 . 2012-03-30 11:35    1918320    ----a-w-    c:\windows\system32\drivers\tcpip.sys
2012-05-12 09:05 . 2012-03-31 05:42    1732096    ----a-w-    c:\program files\Windows Journal\NBDoc.DLL
2012-05-12 09:05 . 2012-03-31 05:40    1402880    ----a-w-    c:\program files\Windows Journal\JNWDRV.dll
2012-05-12 09:05 . 2012-03-31 05:40    1367552    ----a-w-    c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2012-05-12 09:05 . 2012-03-31 05:40    1393664    ----a-w-    c:\program files\Windows Journal\JNTFiltr.dll
2012-05-12 09:05 . 2012-03-31 04:29    936960    ----a-w-    c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2012-05-12 09:04 . 2012-04-13 08:46    8917360    ----a-w-    c:\programdata\Microsoft\Windows Defender\Definition Updates\{C7DE25A3-0E05-421F-9AD7-F7F6706006FD}\mpengine.dll
2012-05-10 18:40 . 2012-05-10 18:40    35904    ----a-w-    c:\windows\system32\drivers\psadd.sys
2012-05-10 18:39 . 2012-05-10 18:39    --------    d-----w-    C:\SWTOOLS
2012-05-10 17:34 . 2012-05-10 17:34    --------    d-----w-    c:\programdata\IBUpdaterService
2012-05-03 06:03 . 2012-05-03 06:03    --------    d-----w-    c:\users\Default\AppData\Local\Microsoft Help
2012-05-02 17:57 . 2012-05-02 17:57    --------    d-----w-    c:\users\olli\AppData\Roaming\Corel
2012-05-02 17:57 . 2012-05-02 17:57    --------    d-----w-    c:\programdata\Protexis
2012-05-02 17:52 . 2012-05-02 17:52    --------    d-----w-    c:\users\olli\AppData\Local\Microsoft Help
2012-05-02 17:51 . 2012-05-02 17:51    --------    d-----w-    c:\program files (x86)\Microsoft SDKs
2012-05-02 17:51 . 2012-05-03 06:03    --------    d-----w-    c:\programdata\Microsoft Help
2012-05-02 17:51 . 2012-05-02 17:53    --------    d-----w-    c:\program files (x86)\Microsoft Visual Studio 9.0
2012-05-02 17:51 . 2012-05-02 17:51    --------    d-----w-    c:\program files (x86)\Common Files\Corel
2012-05-02 17:50 . 2012-05-02 17:50    --------    d-----w-    c:\program files (x86)\Common Files\Protexis
2012-05-02 17:50 . 2012-05-02 17:50    --------    d-----w-    c:\programdata\Corel
2012-05-02 17:47 . 2012-05-02 17:47    --------    d-----w-    c:\program files (x86)\Corel
2012-05-02 17:23 . 2012-05-02 17:23    --------    d-----w-    c:\program files (x86)\Mozilla Maintenance Service
2012-05-02 17:23 . 2012-05-02 17:23    157352    ----a-w-    c:\program files (x86)\Mozilla Firefox\maintenanceservice_installer.exe
2012-05-02 17:23 . 2012-05-02 17:23    129976    ----a-w-    c:\program files (x86)\Mozilla Firefox\maintenanceservice.exe
2012-04-29 12:10 . 2012-04-29 12:10    --------    d-----w-    c:\users\olli\AppData\Roaming\U3
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-10 16:02 . 2011-12-03 07:52    98848    ----a-w-    c:\windows\system32\drivers\avgntflt.sys
2012-05-10 16:02 . 2011-12-03 07:52    132832    ----a-w-    c:\windows\system32\drivers\avipbb.sys
2012-03-25 06:37 . 2011-12-03 16:01    414368    ----a-w-    c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-03-01 06:46 . 2012-04-13 06:34    23408    ----a-w-    c:\windows\system32\drivers\fs_rec.sys
2012-03-01 06:38 . 2012-04-13 06:34    220672    ----a-w-    c:\windows\system32\wintrust.dll
2012-03-01 06:33 . 2012-04-13 06:34    81408    ----a-w-    c:\windows\system32\imagehlp.dll
2012-03-01 06:28 . 2012-04-13 06:34    5120    ----a-w-    c:\windows\system32\wmi.dll
2012-03-01 05:37 . 2012-04-13 06:34    172544    ----a-w-    c:\windows\SysWow64\wintrust.dll
2012-03-01 05:33 . 2012-04-13 06:34    159232    ----a-w-    c:\windows\SysWow64\imagehlp.dll
2012-03-01 05:29 . 2012-04-13 06:34    5120    ----a-w-    c:\windows\SysWow64\wmi.dll
2012-02-28 06:56 . 2012-04-13 06:35    2311168    ----a-w-    c:\windows\system32\jscript9.dll
2012-02-28 06:49 . 2012-04-13 06:35    1390080    ----a-w-    c:\windows\system32\wininet.dll
2012-02-28 06:48 . 2012-04-13 06:35    1493504    ----a-w-    c:\windows\system32\inetcpl.cpl
2012-02-28 06:42 . 2012-04-13 06:35    2382848    ----a-w-    c:\windows\system32\mshtml.tlb
2012-02-28 01:18 . 2012-04-13 06:35    1799168    ----a-w-    c:\windows\SysWow64\jscript9.dll
2012-02-28 01:11 . 2012-04-13 06:35    1427456    ----a-w-    c:\windows\SysWow64\inetcpl.cpl
2012-02-28 01:11 . 2012-04-13 06:35    1127424    ----a-w-    c:\windows\SysWow64\wininet.dll
2012-02-28 01:03 . 2012-04-13 06:35    2382848    ----a-w-    c:\windows\SysWow64\mshtml.tlb
2012-02-23 08:18 . 2010-11-21 03:27    279656    ------w-    c:\windows\system32\MpSigStub.exe
2012-02-17 06:38 . 2012-03-15 17:19    1031680    ----a-w-    c:\windows\system32\rdpcore.dll
2012-02-17 05:34 . 2012-03-15 17:19    826880    ----a-w-    c:\windows\SysWow64\rdpcore.dll
2012-02-17 04:58 . 2012-03-15 17:19    210944    ----a-w-    c:\windows\system32\drivers\rdpwd.sys
2012-02-17 04:57 . 2012-03-15 17:19    23552    ----a-w-    c:\windows\system32\drivers\tdtcp.sys
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-06-11 336384]
"jmekey"="c:\windows\jmesoft\hotkey.exe" [2011-03-21 118784]
"jmesoft"="c:\windows\jmesoft\ServiceLoader.exe" [2011-03-16 28672]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-04-27 113288]
"Lenovo Eye Distance System"="c:\program files\Lenovo\Lenovo Eye Distance System\Lenovo Eye Distance System.exe" [2010-09-09 265216]
"Lenovo Dynamic Brightness System"="c:\program files\Lenovo\Lenovo Brightness System\Lenovo Dynamic Brightness System.exe" [2010-10-08 285696]
"CLMLServer"="c:\program files (x86)\Lenovo\Power2Go\CLMLSvc.exe" [2009-12-04 103720]
"UpdateP2GoShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdatePRCShortCut"="c:\program files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe" [2009-05-13 222504]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-05-10 348624]
"TkBellExe"="c:\program files (x86)\Real\RealPlayer\Update\realsched.exe" [2011-12-03 296056]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]
"BrMfcWnd"="c:\program files (x86)\Brother\Brmfcmon\BrMfcWnd.exe" [2009-05-26 1159168]
"ControlCenter3"="c:\program files (x86)\Brother\ControlCenter3\brctrcen.exe" [2008-12-24 114688]
"Reader Application Helper"="c:\program files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe" [2012-01-31 892928]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-01-16 421736]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2012-5-2 110592]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages    REG_MULTI_SZ       kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-10-05 2655768]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-05-02 129976]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 S3XXx64;SCR3xx USB SmartCardReader64;c:\windows\system32\DRIVERS\S3XXx64.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 fbfmon;fbfmon;c:\windows\system32\drivers\fbfmon.sys [x]
S0 WinI2C-DDC;WinI2C-DDC Kernel Mode Driver;c:\windows\system32\drivers\DDCDrv.sys [2008-04-08 20832]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [x]
S1 BPntDrv;BPntDrv;c:\windows\system32\drivers\BPntDrv.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-05-10 86224]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 JME Keyboard;JME Keyboard Driver;c:\windows\jmesoft\Service.exe [2011-03-16 32768]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
S3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C;c:\windows\system32\DRIVERS\e1c62x64.sys [x]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-10-26 11543656]
"Lenovo EE Boot Optimizer"="c:\program files (x86)\Lenovo\Boot Optimizer\PopWnd.exe" [2011-10-20 114688]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.searchnu.com/406
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Free YouTube to MP3 Converter - c:\users\olli\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
TCP: DhcpNameServer = 192.168.178.1
DPF: {271A3CF5-5A54-447B-A08F-BE805F0DA60B} - hxxps://finanzcenter.sparkasse-bremen.de/_plugin/AXFOAM.cab
FF - ProfilePath - c:\users\olli\AppData\Roaming\Mozilla\Firefox\Profiles\jmqx4822.default\
FF - prefs.js: browser.search.selectedEngine - Search Results
FF - prefs.js: browser.startup.homepage - hxxp://www.searchnu.com/406
FF - prefs.js: keyword.URL - hxxp://dts.search-results.com/sr?src=ffb&appid=101&systemid=406&sr=0&q=
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
Wow6432Node-HKCU-Run-Spyware Doctor with AntiVirus - c:\users\olli\Desktop\fasterpc.exe
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
AddRemove-Adobe Photoshop 7.0 - c:\windows\ISUN0407.EXE
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil10b.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWow64\\Macromed\\Flash\\FlashUtil10b.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}]
@Denied: (A 2) (Everyone)
@="IFlashBroker2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-05-13  11:46:50 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2012-05-13 09:46
.
Vor Suchlauf: 10 Verzeichnis(se), 898.418.204.672 Bytes frei
Nach Suchlauf: 15 Verzeichnis(se), 898.132.967.424 Bytes frei
.
- - End Of File - - 450862B1010BD3237A72030AA68D1C5F
         
Angehängte Dateien
Dateityp: txt Log Datei.txt (18,4 KB, 162x aufgerufen)

Alt 21.05.2012, 16:11   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Log Datei nach Scan - Standard

Log Datei nach Scan



Zitat:
Ich hoffe es wieder alles clean nach dem Combofix
Einen ganz klaren Hinweis gibt es auch zu http://www.trojaner-board.de/95175-combofix.html
Zitat:

Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.
__________________

__________________

Antwort

Themen zu Log Datei nach Scan
acrobat update, clean, datei, hoffe, lenovo, log, log datei, nodrives, notification, scan, searchscopes, seite, usb 3.0, version=1.0, visual studio, windows 7 home



Ähnliche Themen: Log Datei nach Scan


  1. Windows Vista: 17 infizierte Dateien nach Eset Scan + schwarzer Desktop nach GMER-Scan
    Log-Analyse und Auswertung - 18.10.2015 (23)
  2. Win 8.1: Nach löschen von Virus mit Avira erscheint jedes Mal nach dem starten ein Fenster mit Auswahl, wie Datei geöffnet werden soll.
    Plagegeister aller Art und deren Bekämpfung - 30.04.2015 (30)
  3. Deaktivierter Echtzeitscanner Avira Antivir + Fehlermeldung beim Datei-Scan, Win 7
    Log-Analyse und Auswertung - 16.12.2014 (9)
  4. BKA Trojaner - OTLPE Fix scan - kann mir jemand diese Datei erstellen?Hilfe!
    Plagegeister aller Art und deren Bekämpfung - 13.02.2014 (5)
  5. avast erkennt eine datei im scan ordner von windows defender als trojaner. mbam nicht. fehlmeldung?
    Plagegeister aller Art und deren Bekämpfung - 17.11.2013 (5)
  6. Win7 - Startseite Firefox auf QV06 umgeleitet - Scan u. Desinfektion mit MbAM, nun weitere Funde nach online-Scan mit ESET
    Log-Analyse und Auswertung - 24.08.2013 (9)
  7. Virenprogamme stürzen beim Scan ab(bei datei: recycle.bin s-1-5-21-20....rhodoqf2
    Plagegeister aller Art und deren Bekämpfung - 11.10.2012 (59)
  8. Glaube Verschlüsslungstrojaner(vor Datei locked nach datei pffp und andere änderungen)
    Plagegeister aller Art und deren Bekämpfung - 10.06.2012 (1)
  9. Verschlüsselungstrojaner - OTLPE Scan erfolgreich und OTL-Datei, weiteres Vorgehen?
    Log-Analyse und Auswertung - 08.06.2012 (5)
  10. BKA Trojaner - OTLPE Fix scan - wie kann ich diese Datei erstellen
    Log-Analyse und Auswertung - 16.11.2011 (33)
  11. Virus "Antivirus Scan" legt PC lahm - kein Programm, keine Datei und Internetseite ist zu öffnen
    Plagegeister aller Art und deren Bekämpfung - 22.01.2011 (34)
  12. Malwarebytes-Scan-Ergebnisse LOG-Datei......wer kann helfen? Wie soll ich fortfahren?
    Plagegeister aller Art und deren Bekämpfung - 15.09.2010 (14)
  13. Malwarebytes Scan findet 1 Infizierte Datei
    Antiviren-, Firewall- und andere Schutzprogramme - 26.03.2010 (0)
  14. Nach Scan was nun tun?
    Plagegeister aller Art und deren Bekämpfung - 04.01.2010 (8)
  15. Virus Meldung durch nProtect bei online datei scan
    Log-Analyse und Auswertung - 17.04.2009 (1)
  16. Antivir erkennt e-scan Datei(RP.exe) als Virus
    Plagegeister aller Art und deren Bekämpfung - 06.02.2008 (1)
  17. Fragen zum Anhängen der Scan Log Datei
    Log-Analyse und Auswertung - 23.02.2005 (1)

Zum Thema Log Datei nach Scan - Hallo! Ich bin froh auf Eure Seite gestoßen zu sein. Ich hoffe es wieder alles clean nach dem Combofix Vielliecht kann noch mal jemand reinschauen. Grüsse olli Hallo Boarder! Könnte - Log Datei nach Scan...
Archiv
Du betrachtest: Log Datei nach Scan auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.