@ernest: vielen dank für die info, wußte ich nicht, dachte da wolle jemnand passwort auspionieren oder sowas, da bin ich ja beruhigt....trojaner wurden allerdings trotzdem von antivirusprogramm gefunden... gruß

@cosinus: in arbeit....

So, combofix fertig, hier die Logfile:

ComboFix 10-03-14.03 - *** 14.03.2010 22:28:53.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.49.1031.18.2525.1461 [GMT 1:00]
ausgeführt von:: c:\users\***\Desktop\cofi.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\$recycle.bin\S-1-5-21-3780219677-2372552860-3853913448-500
c:\users\***\AppData\Roaming\.#
c:\users\***\AppData\Roaming\inst.exe
c:\windows\Suyin.reg

.
((((((((((((((((((((((( Dateien erstellt von 2010-02-14 bis 2010-03-14 ))))))))))))))))))))))))))))))
.

2010-03-14 19:51 . 2010-03-14 19:52 -------- d-----w- c:\programdata\WinZip
2010-03-14 11:35 . 2010-02-12 10:32 293376 ----a-w- c:\windows\system32\browserchoice.exe
2010-03-13 18:44 . 2010-03-13 18:45 -------- d-----w- C:\rsit
2010-03-13 15:56 . 2010-03-13 15:56 -------- d-----w- c:\users\***\AppData\Roaming\Malwarebytes
2010-03-13 15:55 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-03-13 15:55 . 2010-03-13 15:55 -------- d-----w- c:\programdata\Malwarebytes
2010-03-13 15:55 . 2010-03-13 15:56 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-03-13 15:55 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-03-12 12:39 . 2010-03-12 12:39 -------- d-----w- c:\program files\Trend Micro
2010-03-11 02:01 . 2010-02-20 23:06 24064 ----a-w- c:\windows\system32\nshhttp.dll
2010-03-11 02:01 . 2010-02-20 20:53 411648 ----a-w- c:\windows\system32\drivers\http.sys
2010-03-11 02:01 . 2010-02-20 23:05 30720 ----a-w- c:\windows\system32\httpapi.dll
2010-03-05 14:15 . 2010-03-05 14:15 -------- d-----w- c:\users\***\AppData\Roaming\FlashGet
2010-03-05 14:15 . 2010-03-06 14:54 -------- d-----w- c:\program files\FlashGet
2010-03-05 13:10 . 2010-03-05 13:56 -------- d-----w- c:\program files\Free Download Manager
2010-02-24 12:30 . 2010-02-24 12:30 -------- d-----w- c:\program files\Free PDF to Word Converter
2010-02-24 12:30 . 2010-02-24 12:30 -------- d-----w- c:\programdata\Smart Soft
2010-02-24 08:50 . 2010-01-23 09:26 2048 ----a-w- c:\windows\system32\tzres.dll
2010-02-24 08:49 . 2010-01-25 12:00 471552 ----a-w- c:\windows\system32\secproc_isv.dll
2010-02-24 08:49 . 2010-01-25 12:00 471552 ----a-w- c:\windows\system32\secproc.dll
2010-02-24 08:49 . 2010-01-25 08:21 526336 ----a-w- c:\windows\system32\RMActivate_isv.exe
2010-02-24 08:49 . 2010-01-25 08:21 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2010-02-24 08:49 . 2010-01-25 08:21 518144 ----a-w- c:\windows\system32\RMActivate.exe
2010-02-24 08:49 . 2010-01-25 08:21 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2010-02-24 08:49 . 2010-01-25 12:00 152576 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2010-02-24 08:49 . 2010-01-25 12:00 152064 ----a-w- c:\windows\system32\secproc_ssp.dll
2010-02-24 08:49 . 2010-01-25 11:58 332288 ----a-w- c:\windows\system32\msdrm.dll
2010-02-24 08:49 . 2010-01-06 15:39 1696256 ----a-w- c:\windows\system32\gameux.dll
2010-02-24 08:49 . 2010-01-06 15:38 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2010-02-24 08:49 . 2010-01-06 13:30 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2010-02-18 21:37 . 2010-02-18 21:44 -------- d-----w- c:\users\***\AppData\Local\Babylon
2010-02-18 21:36 . 2010-02-18 21:36 -------- d-----w- c:\program files\Babylon
2010-02-18 21:35 . 2010-02-24 09:17 -------- d-----w- c:\programdata\Babylon
2010-02-18 21:35 . 2010-02-19 17:12 -------- d-----w- c:\users\***\AppData\Roaming\Babylon
2010-02-18 21:35 . 2007-12-24 12:47 7680 ----a-w- c:\windows\system32\ff_vfw.dll
2010-02-18 21:35 . 2007-11-29 11:52 60273 ----a-w- c:\windows\system32\pthreadGC2.dll
2010-02-18 21:35 . 2010-02-18 21:35 -------- d-----w- c:\program files\ffdshow
2010-02-18 21:34 . 2010-02-18 21:35 -------- d-----w- c:\program files\TVersity Codec Pack
2010-02-18 21:34 . 2010-02-18 21:34 -------- d-----w- c:\users\***\AppData\Local\TVersity
2010-02-16 18:57 . 2010-02-16 18:57 -------- d-----w- c:\programdata\HP Product Assistant
2010-02-16 17:09 . 2010-02-16 17:13 95005 ----a-w- c:\windows\hpqins05.dat
2010-02-16 13:24 . 2010-02-16 13:24 -------- d-----w- c:\program files\Lavalys
2010-02-16 13:13 . 2010-02-19 17:39 -------- d-----w- c:\program files\SpeedFan
2010-02-15 11:50 . 2008-11-19 18:22 25216 ----a-w- c:\windows\system32\drivers\tap0901.sys
2010-02-15 11:50 . 2010-02-15 11:50 -------- d-----w- c:\program files\S.A.D

.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-14 20:42 . 2008-01-21 07:15 618442 ----a-w- c:\windows\system32\perfh007.dat
2010-03-14 20:42 . 2008-01-21 07:15 122842 ----a-w- c:\windows\system32\perfc007.dat
2010-03-11 02:26 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-03-04 19:07 . 2008-11-03 19:33 -------- d-----w- c:\programdata\DVD Shrink
2010-02-24 09:27 . 2008-09-28 23:42 72248 ----a-w- c:\windows\system32\GDIPFONTCACHEV1.DAT
2010-02-24 08:16 . 2009-10-25 00:10 181632 ------w- c:\windows\system32\MpSigStub.exe
2010-02-19 20:13 . 2008-11-05 19:38 -------- d-----w- c:\users\***\AppData\Roaming\dvdcss
2010-02-19 17:39 . 2008-11-08 11:16 -------- d-----w- c:\program files\HP
2010-02-19 17:13 . 2010-02-19 17:13 1233160 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2010-02-16 19:06 . 2008-11-08 11:15 187258 ----a-w- c:\windows\hpoins30.dat
2010-02-16 18:58 . 2008-11-08 11:15 -------- d-----w- c:\programdata\HP
2010-02-16 12:55 . 2010-02-01 16:33 -------- d-----w- c:\program files\BatteryCare
2010-02-06 17:00 . 2008-11-01 13:34 680 ----a-w- c:\users\***\AppData\Local\d3d9caps.dat
2010-02-06 11:12 . 2010-02-01 16:33 -------- d-----w- c:\users\***\AppData\Roaming\BatteryCare
2010-02-05 12:21 . 2010-02-05 12:21 -------- d-----w- c:\users\***\AppData\Roaming\kiosk__
2010-02-05 12:17 . 2010-02-05 12:17 -------- d-----w- c:\program files\RTL_Ratgeber
2010-02-01 10:43 . 2010-01-31 22:12 -------- d-----w- c:\users\***\AppData\Roaming\Nokia
2010-02-01 10:33 . 2010-01-31 22:03 -------- d-----w- c:\program files\Nokia
2010-02-01 10:32 . 2010-02-01 10:32 36864 ----a-w- c:\programdata\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\Installer\CommonCustomActions\Sleep.exe
2010-02-01 10:32 . 2010-02-01 10:32 3351812 ----a-w- c:\programdata\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\Installer\CommonCustomActions\msxml6Exec.exe
2010-02-01 10:32 . 2010-02-01 10:32 3203453 ----a-w- c:\programdata\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\Installer\CommonCustomActions\vcredistExec.exe
2010-02-01 10:31 . 2010-01-31 22:02 -------- d-----w- c:\programdata\Installations
2010-01-31 22:26 . 2010-01-31 22:26 -------- d-----w- c:\users\***\AppData\Roaming\Nokia Ovi Suite
2010-01-31 22:26 . 2010-01-31 22:26 -------- d-----w- c:\programdata\Nokia
2010-01-31 22:23 . 2010-01-31 22:11 -------- d-----w- c:\program files\Common Files\Nokia
2010-01-31 22:21 . 2010-01-31 22:21 -------- d-----w- c:\program files\PC Connectivity Solution
2010-01-31 22:20 . 2010-01-31 22:20 12212040 ----a-w- c:\programdata\OviInstallerCache\{B6164ADA-55DA-4FA9-B78B-A7EB741742A1}\Installer\CommonCustomActions\WMFDist11-WindowsXP-X86-ENU.exe
2010-01-31 22:20 . 2010-01-31 22:20 13930312 ----a-w- c:\programdata\OviInstallerCache\{B6164ADA-55DA-4FA9-B78B-A7EB741742A1}\Installer\CommonCustomActions\WMFDist11-WindowsXP-X64-ENU.exe
2010-01-31 22:20 . 2010-01-31 22:20 77824 ----a-w- c:\programdata\OviInstallerCache\{B6164ADA-55DA-4FA9-B78B-A7EB741742A1}\Installer\CommonCustomActions\Run_XML6_SP1.exe
2010-01-31 22:20 . 2010-01-31 22:20 61440 ----a-w- c:\programdata\OviInstallerCache\{B6164ADA-55DA-4FA9-B78B-A7EB741742A1}\Installer\CommonCustomActions\WMF11Runx86.exe
2010-01-31 22:20 . 2010-01-31 22:20 58880 ----a-w- c:\programdata\OviInstallerCache\{B6164ADA-55DA-4FA9-B78B-A7EB741742A1}\Installer\CommonCustomActions\WMF11Runx64.exe
2010-01-31 22:20 . 2010-01-31 22:20 50000 ----a-w- c:\programdata\OviInstallerCache\{B6164ADA-55DA-4FA9-B78B-A7EB741742A1}\Installer\CommonCustomActions\pcswpc.exe
2010-01-31 22:17 . 2010-01-31 22:17 -------- d-----w- c:\programdata\OviInstallerCache
2010-01-31 22:17 . 2010-01-31 22:18 95992424 ----a-w- c:\programdata\OviInstallerCache\{B6164ADA-55DA-4FA9-B78B-A7EB741742A1}\Nokia_Ovi_Suite_PCS_Update.exe
2010-01-31 22:14 . 2010-01-31 22:14 0 ---ha-w- c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf
2010-01-31 22:14 . 2010-01-31 22:12 -------- d-----w- c:\users\***\AppData\Roaming\PC Suite
2010-01-31 22:14 . 2010-01-31 22:12 -------- d-----w- c:\programdata\PC Suite
2010-01-31 22:14 . 2010-01-31 22:14 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2010-01-31 22:13 . 2010-01-31 22:10 -------- d-----w- c:\program files\DIFX
2010-01-31 22:11 . 2010-01-31 22:11 -------- d-----w- c:\program files\Common Files\PCSuite
2010-01-31 22:03 . 2010-01-31 22:03 95232 ----a-w- c:\programdata\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Installer\CommonCustomActions\pcswpcsi.exe
2010-01-31 22:03 . 2010-01-31 22:03 61440 ----a-w- c:\programdata\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2010-01-31 22:03 . 2010-01-31 22:03 10240 ----a-w- c:\programdata\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Installer\CommonCustomActions\UninstPCS.exe
2010-01-31 22:03 . 2010-01-31 22:03 8192 ----a-w- c:\programdata\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Installer\CommonCustomActions\UninstCCD.exe
2010-01-31 22:00 . 2010-01-31 22:03 34503088 ----a-w- c:\programdata\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Nokia_PC_Suite_ger_web.exe
2010-01-31 21:38 . 2010-02-01 10:32 24437624 ----a-w- c:\programdata\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\NokiaSoftwareUpdaterSetup_de.exe
2010-01-28 12:29 . 2010-01-23 15:31 -------- d-----w- c:\users\***\AppData\Roaming\Nero
2010-01-26 11:30 . 2010-01-23 14:29 -------- d-----w- c:\program files\Nero
2010-01-26 11:14 . 2010-01-26 11:14 -------- d-----w- c:\program files\AskTBar
2010-01-26 10:17 . 2010-01-26 10:17 -------- d-----w- c:\program files\Microsoft.NET
2010-01-24 14:53 . 2010-01-23 14:28 -------- d-----w- c:\programdata\Nero
2010-01-24 14:48 . 2010-01-24 14:48 -------- d-----w- c:\users\***\AppData\Roaming\NeroDigital(TM)
2010-01-23 15:23 . 2010-01-23 14:28 -------- d-----w- c:\program files\Common Files\Nero
2010-01-23 14:27 . 2010-01-23 14:27 -------- d-----w- c:\program files\Ask.com
2010-01-23 09:52 . 2009-04-19 13:02 94944 ---ha-w- c:\windows\system32\mlfcache.dat
2010-01-20 11:13 . 2010-02-18 21:36 101376 ----a-w- c:\users\***\AppData\Roaming\Mozilla\Firefox\Profiles\83nnnyg1.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\components\RadioWMPCore.dll
2010-01-20 11:13 . 2010-02-18 21:36 52224 ----a-w- c:\users\***\AppData\Roaming\Mozilla\Firefox\Profiles\83nnnyg1.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\components\FFExternalAlert.dll
2010-01-18 11:18 . 2008-11-18 18:59 -------- d-----w- c:\program files\CDBurnerXP
2010-01-17 20:36 . 2010-01-17 20:36 -------- d-----w- c:\program files\Windows Portable Devices
2010-01-17 20:35 . 2010-01-17 20:35 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
2010-01-15 13:12 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar
2010-01-15 13:12 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Sidebar
2010-01-15 13:12 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Journal
2010-01-15 13:12 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Collaboration
2010-01-15 13:12 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Photo Gallery
2010-01-15 13:12 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Defender
2010-01-15 12:01 . 2008-11-02 18:56 -------- d-----w- c:\program files\Acer GameZone
2010-01-15 12:00 . 2008-12-18 12:48 -------- d-----w- c:\program files\Vodafone
2010-01-15 11:59 . 2008-12-02 20:32 -------- d-----w- c:\program files\CAPCOM
2010-01-05 21:15 . 2008-12-19 20:22 36864 ----a-w- c:\programdata\Temp\{AAF84FAD-5236-4A83-BA62-7D098FE1B8FA}\PostBuild.exe
2010-01-05 21:13 . 2008-09-29 00:02 53319 ----a-w- c:\programdata\Temp\{5DB1DF0C-AABC-4362-8A6D-CEFDFB036E41}\PostBuild.exe
2009-12-18 13:01 . 2010-01-22 17:26 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-12-16 11:44 . 2010-01-22 17:27 834048 ----a-w- c:\windows\system32\wininet.dll
.

(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-09-30 1182088]

[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2009-09-30 09:40 1182088 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-09-30 1182088]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-09-30 1182088]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-07-29 16:52 121392 ----a-w- c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"ISUSPM"="c:\programdata\Macrovision\FLEXnet Connect\6\ISUSPM.exe" [2007-03-29 222128]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"ccleaner"="c:\program files\CCleaner\CCleaner.exe" [2008-09-29 1279216]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"PLFSetI"="c:\windows\PLFSetI.exe" [2008-06-30 200704]
"RtHDVCpl"="RtHDVCpl.exe" [2008-08-19 6265376]
"WarReg_PopUp"="c:\program files\Acer\WR_PopUp\WarReg_PopUp.exe" [2008-01-29 303104]
"mcagent_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2009-10-29 1218008]
"McENUI"="c:\progra~1\McAfee\MHN\McENUI.exe" [2009-07-07 1176808]
"ZPdtWzdVitaKey MC3000"="c:\program files\Acer\Acer Bio Protection\PdtWzd.exe" [2008-09-29 3673600]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-04-25 1049896]
"LManager"="c:\progra~1\LAUNCH~1\QtZgAcer.EXE" [2008-06-17 817672]
"PlayMovie"="c:\program files\Acer Arcade Deluxe\PlayMovie\PMVService.exe" [2009-05-21 173288]
"ePower_DMC"="c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2008-08-01 405504]
"eDataSecurity Loader"="c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-07-29 526896]
"eAudio"="c:\program files\Acer\Empowering Technology\eAudio\eAudio.exe" [2008-05-30 544768]
"BkupTray"="c:\program files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" [2008-04-25 28672]
"ArcadeDeluxeAgent"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" [2009-09-07 152872]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"CLMLServer"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe" [2009-07-01 206120]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-07-16 61440]
"NBAgent"="c:\program files\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe" [2009-10-07 1086760]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2008-03-25 49152]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-03-13 81920]
"Babylon Client"="c:\program files\Babylon\Babylon-Pro\Babylon.exe" [2010-01-19 3723152]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360]
McAfee Security Scan.lnk - c:\program files\McAfee Security Scan\1.0.150\SSScheduler.exe [2009-7-28 199184]
WinZip Quick Pick.lnk - c:\program files\WinZip\WZQKPICK.EXE [2009-12-15 495432]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"DisableCAD"= 1 (0x1)
"EnableLinkedConnections"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\AWinNotifyVitaKey MC3000]
2008-09-29 00:01 3116032 ----a-w- c:\program files\Acer\Acer Bio Protection\WinNotify.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\spba]
2008-03-25 13:24 567560 ----a-w- c:\program files\Common Files\SPBA\homefus2.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AVer HID Receiver.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\AVer HID Receiver.lnk
backup=c:\windows\pss\AVer HID Receiver.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AVerQuick.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\AVerQuick.lnk
backup=c:\windows\pss\AVerQuick.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnk.CommonStartup
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-10-15 00:04 39792 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
2009-07-01 23:56 206120 ------w- c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2008-03-25 20:27 49152 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon]
2008-03-13 08:34 81920 ----a-w- c:\program files\HP\Digital Imaging\bin\HpqSRmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2009-06-05 11:39 292136 ----a-w- c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MobileConnect]
2008-07-04 10:52 2072576 ----a-w- c:\program files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-05-26 15:18 413696 ----a-w- c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2008-08-03 23:02 36352 ----a-w- c:\program files\Winamp\winampa.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):ec,1a,5c,c0,e5,95,ca,01

R3 netr28;Ralink 802.11n Wireless Driver for Windows Vista;c:\windows\system32\DRIVERS\netr28.sys [2008-08-08 419328]
R3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2009-10-06 136704]
R3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2009-10-06 8320]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files\BatteryCare\WinRing0.sys [x]
R3 WSDPrintDevice;WSD-Druckunterstützung durch UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2008-01-21 16896]
S0 AlfaFF;AlfaFF File System mini-filter;c:\windows\system32\Drivers\AlfaFF.sys [2008-09-29 43184]
S1 SSHDRV86;SSHDRV86;c:\windows\system32\drivers\SSHDRV86.sys [2008-11-08 81408]
S2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};Power Control [2009/10/18 00:11];c:\program files\Acer Arcade Deluxe\PlayMovie\000.fcl [2009-09-11 15:43 87536]
S2 AVerRemote;AVerRemote;c:\program files\Common Files\AVerMedia\Service\AVerRemote.exe [2008-04-08 348160]
S2 AVerScheduleService;AVerScheduleService;c:\program files\Common Files\AVerMedia\Service\AVerScheduleService.exe [2008-04-08 393216]
S2 BUNAgentSvc;NTI Backup Now 5 Agent Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-03-03 16384]
S2 CGVPNCliSrvc;CyberGhost VPN Client;c:\program files\S.A.D\CyberGhost VPN\CGVPNCliService.exe [2009-10-28 2211328]
S2 CLHNService;CLHNService;c:\program files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [2009-04-16 75048]
S2 ETService;Empowering Technology Service;c:\program files\Acer\Empowering Technology\Service\ETService.exe [2008-06-02 24576]
S2 IGBASVC;iGroupTec Service;c:\program files\Acer\Acer Bio Protection\BASVC.exe [2008-09-29 3521024]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\McAfee\SiteAdvisor\McSACore.exe [2008-07-23 206112]
S2 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-04-25 45056]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-04-25 131072]
S2 VMCService;Vodafone Mobile Connect Service;c:\program files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [2008-07-04 14336]
S3 AVerBDA6x;AVerBDA6x service;c:\windows\system32\DRIVERS\AVerBDA716x.sys [2009-03-02 1150464]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2008-05-28 22072]
S3 winbondcir;Winbond IR Transceiver;c:\windows\system32\DRIVERS\winbondcir.sys [2007-03-28 43008]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
HPService REG_MULTI_SZ HPSLPSVC
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Inhalt des "geplante Tasks" Ordners

2010-02-15 c:\windows\Tasks\McDefragTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2009-10-21 10:22]

2010-03-01 c:\windows\Tasks\McQcTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2009-10-21 10:22]

2010-03-14 c:\windows\Tasks\User_Feed_Synchronization-{CA70D8C3-984F-42ED-A748-F3108CB0B3EB}.job
- c:\windows\system32\msfeedssync.exe [2008-01-21 02:24]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.lokalisten.de/
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0908&m=aspire_6530g
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Translate this web page with Babylon - c:\program files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
IE: Translate with Babylon - c:\program files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
IE: {{F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - res://c:\program files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
FF - ProfilePath - c:\users\***\AppData\Roaming\Mozilla\Firefox\Profiles\83nnnyg1.default\
FF - component: c:\program files\McAfee\SiteAdvisor\components\McFFPlg.dll
FF - component: c:\users\***\AppData\Roaming\Mozilla\Firefox\Profiles\83nnnyg1.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\components\WinampTBPlayer.dll
FF - component: c:\users\***\AppData\Roaming\Mozilla\Firefox\Profiles\83nnnyg1.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\components\FFExternalAlert.dll
FF - component: c:\users\***\AppData\Roaming\Mozilla\Firefox\Profiles\83nnnyg1.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\components\RadioWMPCore.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\users\***\AppData\Roaming\Mozilla\Firefox\Profiles\83nnnyg1.default\extensions\moveplayer@movenetworks.com\platform\WINNT_x86-msvc\plugins\npmnqmp071303000004.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX Richtlinien ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -

HKLM-Run-eRecoveryService - (no file)
HKLM-Run-NWEReboot - (no file)



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-14 22:44
Windows 6.0.6002 Service Pack 2 NTFS

Scanne versteckte Prozesse...

Scanne versteckte Autostarteinträge...

Scanne versteckte Dateien...

Scan erfolgreich abgeschlossen
versteckte Dateien: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}]
"ImagePath"="\??\c:\program files\Acer Arcade Deluxe\PlayMovie\000.fcl"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------

[HKEY_USERS\S-1-5-21-3780219677-2372552860-3853913448-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:14,c0,9d,ed,fd,cd,1f,59,d2,fe,ae,f4,fb,08,06,49,d5,c4,2f,f0,7d,77,0d,
ba,bd,f4,26,73,d3,f7,45,0b,01,96,1e,d5,06,72,ff,9e,ac,c4,a0,0f,b2,59,17,34,\
"??"=hex:13,4f,73,eb,8b,81,4d,4f,ca,c0,de,f5,0b,a8,5e,09

[HKEY_USERS\S-1-5-21-3780219677-2372552860-3853913448-1000\Software\SecuROM\License information*]
"datasecu"=hex:31,84,04,16,57,04,84,65,2c,4c,de,43,59,54,33,e2,db,95,a6,b2,31,
cb,02,e0,c8,93,fc,d2,bb,b7,c1,ff,5b,14,da,65,ef,53,eb,0d,97,62,48,cd,0a,c0,\
"rkeysecu"=hex:25,6e,26,75,92,ce,4f,64,cb,53,79,fc,02,ed,22,d1

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------

- - - - - - - > 'Explorer.exe'(4728)
c:\program files\McAfee\SiteAdvisor\saHook.dll
c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
c:\program files\Acer\Empowering Technology\eDataSecurity\x86\sysenv.dll
c:\windows\System32\SysHook.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_ger.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Common Files\SPBA\upeksvr.exe
c:\program files\Acer\Acer Bio Protection\CompPtcVUI.exe
c:\windows\system32\conime.exe
c:\windows\system32\agrsmsvc.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
c:\progra~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
c:\windows\system32\rundll32.exe
c:\progra~1\McAfee\VIRUSS~1\mcshield.exe
c:\program files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
c:\acer\Mobility Center\MobilityService.exe
c:\program files\McAfee\MPF\MPFSrv.exe
c:\program files\McAfee\MSK\MskSrver.exe
c:\program files\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\windows\system32\IoctlSvc.exe
c:\program files\Cyberlink\Shared files\RichVideo.exe
c:\users\***\AppData\Local\TVersity\Media Server\MediaServer.exe
c:\windows\RtHDVCpl.exe
c:\program files\Launch Manager\QtZgAcer.EXE
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\ehome\ehmsas.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
c:\progra~1\McAfee\MSC\mcmscsvc.exe
c:\windows\ehome\ehsched.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
c:\program files\HP\Digital Imaging\bin\hpqbam08.exe
c:\windows\ehome\ehRecvr.exe
c:\program files\HP\Digital Imaging\bin\hpqgpc01.exe
c:\progra~1\COMMON~1\mcafee\mna\mcnasvc.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2010-03-14 22:50:46 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2010-03-14 21:50

Vor Suchlauf: 11 Verzeichnis(se), 61.476.753.408 Bytes frei
Nach Suchlauf: 15 Verzeichnis(se), 61.112.602.624 Bytes frei

- - End Of File - - 6DCED44C48C8792F28A643218345A22B

Und noch was aufalliges dabei?

gruß nino

Zitat:

Zitat von burge1706

@ernest: vielen dank für die info, wußte ich nicht, dachte da wolle jemnand passwort auspionieren oder sowas, da bin ich ja beruhigt....trojaner wurden allerdings trotzdem von antivirusprogramm gefunden... gruß

Hallo nino,

vergiss' bitte Deinen Schädlings-Verdacht umgehend!
Der "Komplett-Scan" meiner Anti-Schädlings-SW hat aktuell auch erstmals 2 Treffer gelistet:
in Files, die seit etwa 18 Jahren unverändert auf meinen Festplatten liegen!

Habe heute dann von ca. 2 Dutzend PC's (unverdächtig, da im Firmen-Netz und daher mit garantiert besserer Anti-Schädlings-SW als wir uns beide je leisten können!) genau die gleichen Resultate erzielt: T5-Board ist einfach TOT!

Sorry für die Wahrheit
ernest

Zitat:

Zitat von ernest

in Files, die seit etwa 18 Jahren unverändert auf meinen Festplatten liegen!

18 Jahre unverändert? Du hast seit 1992 den selben Computer mit der selben Festplatte?

Zitat:

im Firmen-Netz und daher mit garantiert besserer Anti-Schädlings-SW als wir uns beide je leisten können!)

Kommerzielle Virenscanner sind nicht unbedingt besser und unterliegen den gleichen prinzipiellen Schwächen wie zB die Virenscanner, die für privaten Einsatz kostenlos sind.

nun, heutzutage kann man ja nie wissen... will ja nicht behaupten, dass ich paranoid bin, aber ein bisschen sicherer fühlt man sich dann doch, wenn mal ein experte drüber schaut und man selbst keine ahnung hat arne
hab das update von malware vergessen, also nochmal... dann is gut!

@ernest: das t5-board ist endlich wieder online

So hier die finale Anti-Malware Log:

Malwarebytes' Anti-Malware 1.44
Datenbank Version: 3872
Windows 6.0.6002 Service Pack 2
Internet Explorer 7.0.6002.18005

16.03.2010 20:48:04
mbam-log-2010-03-16 (20-48-04).txt

Scan-Methode: Vollständiger Scan (C:\|D:\|)
Durchsuchte Objekte: 283600
Laufzeit: 2 hour(s), 6 minute(s), 1 second(s)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

Somit müßte alles sauber sein, oder, arne?

gruß nino