Danke für die Antwort.
So habe alles gemacht wie beschrieben nur das bei mir keine Anfrage auf einen Neustart oder so kam.
Hier ist der Log:
Code:
Alles auswählen Aufklappen ATTFilter
ComboFix 10-04-05.06 - Alex 06.04.2010 20:03:32.2.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.49.1031.18.2047.1220 [GMT 2:00]
ausgeführt von:: c:\users\Alex\Desktop\cofi.exe
Benutzte Befehlsschalter :: c:\users\Alex\Desktop\CFScript.txt
* Neuer Wiederherstellungspunkt wurde erstellt
.
((((((((((((((((((((((( Dateien erstellt von 2010-03-06 bis 2010-04-06 ))))))))))))))))))))))))))))))
.
2010-04-06 18:08 . 2010-04-06 18:08 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-04-06 18:08 . 2010-04-06 18:08 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-04-06 18:08 . 2010-04-06 18:08 -------- d-----w- c:\users\Alexander\AppData\Local\temp
2010-04-06 17:43 . 2010-04-06 18:08 -------- d-----w- c:\users\Alex\AppData\Local\temp
2010-04-06 17:37 . 2010-04-06 17:37 -------- d-sh--w- c:\windows\system32\%APPDATA%
2010-04-06 16:46 . 2010-04-06 17:26 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-04-06 16:46 . 2010-04-06 17:25 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2010-04-06 12:28 . 2010-04-06 12:29 -------- d-----w- C:\rsit
2010-04-06 00:10 . 2010-04-06 00:10 -------- d-----w- c:\program files\a-squared HiJackFree
2010-04-06 00:08 . 2010-04-06 00:09 -------- d-----w- C:\programm_download
2010-04-05 22:44 . 2010-04-05 22:44 -------- d-----w- c:\users\Alex\AppData\Roaming\Malwarebytes
2010-04-05 22:44 . 2010-03-29 13:24 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-04-05 22:44 . 2010-04-05 22:44 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-04-05 22:44 . 2010-04-05 22:44 -------- d-----w- c:\programdata\Malwarebytes
2010-04-05 22:44 . 2010-03-29 13:24 20824 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-04-05 22:32 . 2010-04-05 22:35 -------- d-----w- c:\programdata\SecTaskMan
2010-04-05 22:32 . 2010-04-05 22:32 -------- d-----w- c:\program files\Security Task Manager
2010-04-05 20:48 . 2010-04-05 20:52 -------- dc----w- c:\users\Alex\AppData\Local\MigWiz
2010-04-05 20:34 . 2010-04-05 20:34 -------- d-----w- c:\program files\Trend Micro
2010-04-03 21:49 . 2010-04-03 21:49 -------- d-----w- c:\program files\Outspark
2010-04-03 18:36 . 2010-04-03 18:36 -------- d-----w- c:\programdata\PMB Files
2010-04-03 18:36 . 2010-04-03 18:36 -------- d-----w- c:\program files\Pando Networks
2010-04-02 16:21 . 2010-04-02 16:21 -------- d-----w- c:\program files\Common Files\Skype
2010-04-02 16:21 . 2010-04-02 16:21 -------- d-----r- c:\program files\Skype
2010-04-02 02:57 . 2010-04-02 02:57 -------- d-----w- C:\inetpub
2010-04-01 18:15 . 2010-04-01 18:15 -------- d-----w- c:\users\Alex\AppData\Local\Sidhe
2010-03-31 20:42 . 2010-03-31 21:05 -------- d-----w- c:\users\Alex\AppData\Roaming\Mount&Blade Warband
2010-03-31 20:37 . 2009-09-04 15:29 1974616 ----a-w- c:\windows\system32\D3DCompiler_42.dll
2010-03-31 20:37 . 2009-09-04 15:29 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2010-03-31 20:37 . 2009-03-09 13:27 4178264 ----a-w- c:\windows\system32\D3DX9_41.dll
2010-03-31 20:36 . 2010-03-31 22:44 -------- d-----w- c:\program files\Mount&Blade Warband
2010-03-31 17:30 . 2010-03-31 17:30 -------- d-----w- c:\program files\ImgBurn
2010-03-31 12:23 . 2010-02-23 07:56 977920 ----a-w- c:\windows\system32\wininet.dll
2010-03-31 00:05 . 2010-03-31 00:06 -------- d-----w- c:\programdata\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2010-03-31 00:05 . 2010-03-31 00:06 -------- d-----w- c:\program files\iTunes
2010-03-31 00:05 . 2010-03-31 00:05 -------- d-----w- c:\program files\iPod
2010-03-31 00:04 . 2010-03-31 00:04 -------- d-----w- c:\program files\QuickTime
2010-03-31 00:03 . 2010-03-31 00:03 -------- d-----w- c:\program files\Bonjour
2010-03-30 22:32 . 2010-03-30 22:32 -------- d-----w- c:\programdata\Nokia
2010-03-30 22:30 . 2010-03-30 22:30 -------- d-----w- c:\programdata\Installations
2010-03-30 21:20 . 2010-03-30 21:29 -------- d-----w- c:\users\Alex\AppData\Local\Nokia
2010-03-30 21:20 . 2010-03-30 21:20 -------- d-----w- c:\programdata\PC Suite
2010-03-30 21:20 . 2010-03-30 21:27 -------- d-----w- c:\users\Alex\AppData\Local\NokiaAccount
2010-03-30 21:18 . 2010-03-30 21:18 -------- d-----w- c:\program files\DIFX
2010-03-30 21:18 . 2008-08-26 07:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2010-03-30 21:18 . 2010-03-30 21:18 -------- d-----w- c:\program files\PC Connectivity Solution
2010-03-30 21:18 . 2009-12-30 09:30 91136 ----a-w- c:\windows\system32\nmwcdcls.dll
2010-03-30 21:18 . 2010-03-30 21:18 -------- d-----w- c:\programdata\OviInstallerCache
2010-03-30 21:18 . 2010-03-30 22:44 -------- d-----w- c:\program files\Nokia
2010-03-30 12:37 . 2010-03-30 12:37 -------- d-----w- c:\program files\MSXML 4.0
2010-03-30 02:16 . 2010-03-30 02:16 -------- d-----w- c:\program files\DAMN NFO Viewer
2010-03-29 18:26 . 2010-03-29 18:26 -------- d-----r- c:\users\Alex\AppData\Roaming\Brother
2010-03-29 18:21 . 2010-03-29 18:21 -------- d-----w- c:\users\Alex\AppData\Local\Scansoft
2010-03-29 18:15 . 2010-03-29 18:15 -------- d-----w- c:\program files\Nuance
2010-03-29 18:14 . 2010-03-29 18:14 -------- d-----w- c:\programdata\InstallShield
2010-03-29 18:13 . 2010-03-29 18:13 -------- d-----w- c:\program files\Common Files\ScanSoft Shared
2010-03-29 18:13 . 2010-03-29 18:14 -------- d-----w- c:\programdata\ScanSoft
2010-03-29 18:13 . 2010-03-29 18:13 -------- d-----w- c:\program files\ScanSoft
2010-03-29 18:12 . 2010-03-29 18:12 -------- d-----w- c:\programdata\Brother
2010-03-26 13:26 . 2010-02-11 07:10 293376 ----a-w- c:\windows\system32\browserchoice.exe
2010-03-25 01:48 . 2010-04-01 15:26 -------- d-----w- c:\users\Alex\AppData\Roaming\vlc
2010-03-25 01:48 . 2010-03-25 01:48 -------- d-----w- c:\program files\VideoLAN
2010-03-21 13:17 . 2010-03-21 13:17 -------- d-----w- c:\users\Alex\AppData\Roaming\Ashampoo
2010-03-21 13:17 . 2010-03-21 13:17 -------- d-----w- c:\users\Alex\AppData\Local\ashampoo
2010-03-21 13:17 . 2010-03-21 13:17 -------- d-----w- c:\programdata\ashampoo
2010-03-21 13:17 . 2010-03-21 13:17 -------- d-----w- c:\program files\Ashampoo
2010-03-21 03:34 . 2010-03-21 03:36 -------- d-----w- c:\program files\SpeedProject
2010-03-19 11:33 . 2010-03-19 11:33 -------- d-----w- c:\program files\Common Files\Adobe
2010-03-16 22:01 . 2010-03-16 22:01 -------- d-----w- c:\programdata\Nifflas
2010-03-16 22:01 . 2010-03-16 22:01 -------- d-----w- c:\users\Alex\AppData\Roaming\Nifflas
2010-03-15 16:45 . 2010-03-16 15:25 -------- d-----w- c:\program files\Website to Pdf Converter 3000
2010-03-09 17:44 . 2010-03-09 17:44 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment
2010-03-09 12:50 . 2009-12-08 11:40 3955288 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-03-09 12:50 . 2009-12-08 11:40 3899464 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-03-09 12:50 . 2009-12-08 11:32 292864 ----a-w- c:\windows\system32\apphelp.dll
2010-03-08 20:53 . 2008-05-30 13:11 3850760 ----a-w- c:\windows\system32\D3DX9_38.dll
2010-03-08 20:53 . 2007-07-19 17:14 444776 ----a-w- c:\windows\system32\d3dx10_35.dll
2010-03-08 20:53 . 2007-07-19 17:14 1358192 ----a-w- c:\windows\system32\D3DCompiler_35.dll
2010-03-08 20:53 . 2006-07-28 08:30 62744 ----a-w- c:\windows\system32\xinput1_2.dll
2010-03-08 20:52 . 2010-03-08 20:53 -------- d-----w- c:\program files\Tag
2010-03-08 18:03 . 2010-03-08 18:03 -------- d-----w- c:\users\Alex\AppData\Local\HandBrake
2010-03-08 18:03 . 2010-03-08 18:03 -------- d-----w- c:\users\Alex\AppData\Roaming\HandBrake
2010-03-08 18:03 . 2010-03-08 18:03 -------- d-----w- c:\program files\Handbrake
2010-03-08 14:22 . 2010-03-08 14:22 -------- d-----w- c:\program files\SystemRequirementsLab
2010-03-08 14:22 . 2010-03-08 14:22 -------- d-----w- c:\windows\Sun
2010-03-08 13:03 . 2010-03-08 13:03 -------- d-----w- c:\program files\Audacity 1.3 Beta (Unicode)
2010-03-07 22:14 . 2010-03-07 22:14 2560 ----a-w- c:\windows\_MSRSTRT.EXE
2010-03-07 22:12 . 2010-03-07 22:12 -------- d-----w- c:\users\Alex\AppData\Local\Stardock
2010-03-07 22:11 . 2010-03-08 12:52 -------- d-----w- c:\program files\Common Files\stardock
2010-03-07 22:11 . 2000-10-20 00:05 25088 ----a-w- c:\windows\system32\msxml3a.dll
2010-03-07 22:11 . 2010-03-07 22:11 -------- d-----w- c:\program files\Stardock
2010-03-07 21:50 . 2010-03-07 21:52 -------- d-----w- c:\users\Alex\AppData\Roaming\Desktop Sidebar
2010-03-07 21:40 . 2010-03-08 12:52 -------- d-----w- c:\program files\Google
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-06 17:43 . 2010-02-25 21:28 -------- d-----w- c:\users\Alex\AppData\Roaming\Spamihilator
2010-04-06 17:35 . 2009-07-27 16:21 682510 ----a-w- c:\windows\system32\perfh007.dat
2010-04-06 17:35 . 2009-07-27 16:21 142214 ----a-w- c:\windows\system32\perfc007.dat
2010-04-06 17:28 . 2010-02-25 19:16 -------- d-----w- c:\users\Alex\AppData\Roaming\Skype
2010-04-06 16:13 . 2010-02-25 19:36 -------- d-----w- c:\users\Alex\AppData\Roaming\skypePM
2010-04-06 08:37 . 2010-02-25 22:38 -------- d-----w- c:\program files\Minilyrics
2010-04-06 04:36 . 2009-07-13 23:11 43088 ----a-w- c:\windows\system32\drivers\pcw.sys
2010-04-05 22:28 . 2010-02-25 22:14 -------- d-----w- c:\program files\CCleaner
2010-04-05 18:30 . 2010-02-25 21:27 -------- d-----w- c:\users\Alex\AppData\Roaming\.purple
2010-04-05 16:52 . 2010-02-25 21:27 -------- d-----w- c:\users\Alex\AppData\Roaming\Audacity
2010-04-04 20:32 . 2010-03-03 18:45 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-04-04 11:02 . 2010-02-25 22:26 -------- d-----w- c:\program files\ONAIR
2010-04-02 16:21 . 2010-02-25 19:23 -------- d-----w- c:\programdata\Skype
2010-04-01 12:46 . 2010-02-25 21:27 -------- d-----w- c:\users\Alex\AppData\Roaming\dvdcss
2010-03-31 02:44 . 2010-02-25 18:57 115072 ----a-w- c:\users\Alex\AppData\Local\GDIPFONTCACHEV1.DAT
2010-03-31 00:05 . 2010-02-28 14:48 -------- d-----w- c:\program files\Common Files\Apple
2010-03-30 21:27 . 2010-02-25 21:28 -------- d-----w- c:\users\Alex\AppData\Roaming\PC Suite
2010-03-30 21:23 . 2010-03-30 21:23 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2010-03-30 21:22 . 2010-03-30 21:22 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2010-03-30 21:22 . 2010-02-25 21:28 -------- d-----w- c:\users\Alex\AppData\Roaming\Nokia
2010-03-29 18:16 . 2010-03-29 18:16 50 ----a-w- c:\windows\system32\bridf08b.dat
2010-03-29 18:16 . 2010-03-29 18:16 -------- d-----w- c:\program files\Brother
2010-03-29 18:15 . 2010-02-25 21:27 -------- d-----w- c:\users\Alex\AppData\Roaming\InstallShield
2010-03-29 18:13 . 2010-03-03 18:45 -------- d-----w- c:\program files\Common Files\InstallShield
2010-03-15 20:47 . 2010-02-25 21:27 -------- d-----w- c:\users\Alex\AppData\Roaming\gtk-2.0
2010-03-11 23:17 . 2010-02-27 18:54 -------- d-----w- c:\programdata\Microsoft Help
2010-03-06 02:04 . 2010-03-06 02:04 -------- d-----w- c:\program files\Franzis
2010-03-04 14:11 . 2010-03-04 14:11 -------- d-----w- c:\programdata\Blizzard
2010-03-03 20:12 . 2010-03-03 20:12 -------- d-----w- c:\program files\Microsoft Silverlight
2010-03-03 19:33 . 2010-03-03 18:53 5 ----a-w- c:\windows\system32\SySCut.dat
2010-03-03 18:53 . 2010-03-03 18:53 -------- d-----w- c:\program files\SuperAudiotool
2010-03-03 18:52 . 2010-03-03 18:52 3082 ----a-w- c:\windows\system32\affv11300p2now.sys
2010-03-03 18:45 . 2010-03-03 18:45 -------- d-----w- c:\program files\Coolringer
2010-03-02 19:23 . 2010-03-02 19:18 -------- d-----w- c:\program files\Opera
2010-03-01 19:22 . 2010-02-27 18:57 -------- d-----w- c:\program files\Microsoft Works
2010-02-28 15:50 . 2010-02-28 15:50 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_09_00.Wdf
2010-02-28 14:54 . 2010-02-28 14:54 -------- d-----w- c:\program files\iTunes Library Updater
2010-02-28 14:51 . 2010-02-28 14:50 -------- d-----w- c:\programdata\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2010-02-28 14:50 . 2010-02-28 14:49 -------- d-----w- c:\programdata\Apple Computer
2010-02-28 14:49 . 2010-02-28 14:49 -------- d-----w- c:\program files\Apple Software Update
2010-02-28 14:48 . 2010-02-28 14:48 -------- d-----w- c:\programdata\Apple
2010-02-28 01:16 . 2010-02-28 01:16 -------- d-----w- c:\users\Alex\AppData\Roaming\IrfanView
2010-02-28 01:16 . 2010-02-28 01:16 -------- d-----w- c:\program files\IrfanView
2010-02-28 01:01 . 2010-02-27 18:54 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2010-02-27 19:27 . 2010-02-27 19:27 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
2010-02-27 18:57 . 2009-07-14 04:52 -------- d-----w- c:\program files\MSBuild
2010-02-27 18:56 . 2010-02-27 18:56 -------- d-----w- c:\program files\Microsoft.NET
2010-02-27 18:46 . 2010-02-27 18:46 -------- d-----w- c:\program files\DAEMON Tools Lite
2010-02-27 18:46 . 2010-02-27 18:46 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-02-27 18:46 . 2010-02-27 18:46 -------- d-----w- c:\programdata\DAEMON Tools Lite
2010-02-27 18:26 . 2010-02-27 18:22 -------- d-----w- c:\users\Alex\AppData\Roaming\SoftGrid Client
2010-02-27 18:22 . 2010-02-27 18:22 -------- d-----w- c:\users\Alex\AppData\Roaming\NVD
2010-02-27 18:22 . 2010-02-27 18:20 -------- d-----w- c:\users\Alex\AppData\Roaming\TP
2010-02-27 17:29 . 2010-02-27 17:29 -------- d-----w- c:\programdata\MiKTeX
2010-02-27 17:29 . 2010-02-27 17:28 -------- d-----w- c:\program files\MiKTeX 2.8
2010-02-27 17:24 . 2010-02-27 17:24 -------- d-----w- c:\programdata\Aspell
2010-02-27 17:24 . 2010-02-27 17:24 -------- d-----w- c:\program files\LyX16
2010-02-27 15:53 . 2010-02-27 15:53 -------- d-----w- c:\program files\Mp3 File Editor
2010-02-27 15:53 . 2010-02-27 15:53 286720 ----a-w- c:\windows\iun506.exe
2010-02-27 15:23 . 2010-02-27 15:22 -------- d-----w- c:\programdata\IM
2010-02-27 15:22 . 2010-02-27 15:22 -------- d-----w- c:\programdata\IncrediMail
2010-02-27 15:06 . 2010-02-27 14:57 -------- d-----w- c:\users\Alex\AppData\Roaming\eM Client
2010-02-26 23:28 . 2010-02-25 20:31 -------- d-----w- c:\program files\The KMPlayer
2010-02-26 16:14 . 2010-02-26 16:14 -------- d-----w- c:\programdata\NVIDIA
2010-02-26 16:14 . 2010-02-26 16:13 -------- d-----w- c:\program files\NVIDIA Corporation
2010-02-26 14:53 . 2010-02-26 14:53 -------- d-----w- c:\program files\Common Files\Steam
2010-02-26 14:42 . 2010-02-26 14:42 -------- d-----w- c:\programdata\Spamihilator
2010-02-26 14:14 . 2010-02-26 14:14 -------- d-----w- c:\program files\Spamihilator
2010-02-25 23:34 . 2010-02-25 23:34 -------- d-----w- c:\programdata\MediaMonkey
2010-02-25 22:39 . 2010-02-25 22:33 -------- d-----w- c:\program files\MediaMonkey
2010-02-25 22:24 . 2010-02-25 22:22 -------- d-----w- c:\program files\Pidgin
2010-02-25 22:21 . 2010-02-25 22:21 -------- d-----w- c:\program files\Common Files\GTK
2010-02-25 22:11 . 2010-02-25 22:11 -------- d-----w- c:\program files\RocketDock
2010-02-25 21:33 . 2010-02-25 21:27 -------- d-----w- c:\users\Alex\AppData\Roaming\Roaming
2010-02-25 21:27 . 2010-02-25 21:27 -------- d-----w- c:\users\Alex\AppData\Roaming\MiKTeX
2010-02-25 20:58 . 2010-02-25 20:58 -------- d-----w- c:\program files\TuneUp Utilities 2010
2010-02-25 20:58 . 2010-02-25 20:58 -------- d-----w- c:\users\Alex\AppData\Roaming\TuneUp Software
2010-02-25 20:58 . 2010-02-25 20:57 -------- d-----w- c:\programdata\TuneUp Software
2010-02-25 20:57 . 2010-02-25 20:57 -------- d-sh--w- c:\programdata\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2010-02-25 20:42 . 2010-02-25 20:42 -------- d-----w- c:\program files\Tracker Software
2010-02-25 20:32 . 2010-02-25 20:32 -------- d-----w- c:\program files\OpenOffice.org 3
2010-02-25 20:18 . 2009-07-13 23:40 409088 ----a-w- c:\windows\system32\systemcpl.dll
2010-02-25 20:18 . 2009-07-13 23:36 13824 ----a-w- c:\windows\system32\slwga.dll
2010-02-25 20:18 . 2009-07-13 23:24 811520 ----a-w- c:\windows\system32\user32.dll
2010-02-25 20:06 . 2010-02-25 20:06 -------- d-----w- c:\program files\Common Files\Java
2010-02-25 20:05 . 2010-02-25 20:05 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-02-25 20:05 . 2010-02-25 20:05 -------- d-----w- c:\program files\Java
2010-02-25 19:36 . 2010-02-25 19:36 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2010-02-25 19:27 . 2010-02-25 19:27 -------- d-----w- c:\users\Alex\AppData\Roaming\Thunderbird
2010-02-25 19:20 . 2010-02-25 19:20 -------- d-----w- c:\program files\Microsoft LifeCam
2010-02-25 19:13 . 2010-02-25 18:58 -------- d-----w- c:\program files\avmwlanstick
2010-02-25 19:10 . 2010-02-25 19:10 0 ----a-w- c:\windows\nsreg.dat
2010-02-25 18:54 . 2010-02-25 18:54 -------- d-sh--we c:\programdata\Vorlagen
2010-02-25 18:54 . 2010-02-25 18:54 -------- d-sh--we c:\programdata\Startmenü
2010-02-25 18:54 . 2010-02-25 18:54 -------- d-sh--we c:\programdata\Favoriten
2010-02-25 18:54 . 2010-02-25 18:54 -------- d-sh--we c:\programdata\Dokumente
2010-02-25 18:54 . 2010-02-25 18:54 -------- d-sh--we c:\programdata\Anwendungsdaten
2010-02-25 18:54 . 2010-02-25 18:54 -------- d-sh--we c:\program files\Gemeinsame Dateien
2010-02-25 09:05 . 2010-02-25 20:58 30536 ----a-w- c:\windows\system32\TURegOpt.exe
2010-02-25 08:59 . 2010-02-25 20:58 21320 ----a-w- c:\windows\system32\authuitu.dll
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.
------- Sigcheck -------
[-] 2010-02-25 . 7BD7F45FF37FA0669CD32CA0EF46E22C . 811520 . . [6.1.7600.16385] . . c:\windows\System32\user32.dll
.
((((((((((((((((((((((((((((( SnapShot@2010-04-06_17.37.00 )))))))))))))))))))))))))))))))))))))))))
.
- 2010-02-25 18:43 . 2010-04-06 17:29 32768 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-02-25 18:43 . 2010-04-06 17:43 32768 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:41 . 2010-04-06 17:43 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:41 . 2010-04-06 17:29 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-04-06 17:37 . 2010-04-06 17:29 16384 c:\windows\System32\%APPDATA%\Microsoft\Windows\IETldCache\index.dat
- 2010-02-25 19:21 . 2010-04-06 17:05 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-02-25 19:21 . 2010-04-06 18:02 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-02-25 19:21 . 2010-04-06 17:05 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-02-25 19:21 . 2010-04-06 18:02 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-02-25 19:21 . 2010-04-06 18:02 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-02-25 19:21 . 2010-04-06 17:05 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-02-25 18:55 . 2010-04-06 17:43 245760 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2010-02-25 18:55 . 2010-04-06 17:28 245760 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2010-02-25 18:43 . 2010-04-06 17:29 458752 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-02-25 18:43 . 2010-04-06 17:43 458752 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 02:03 . 2010-04-06 17:43 6815744 c:\windows\System32\SMI\Store\Machine\SCHEMA.DAT
- 2009-07-14 02:03 . 2010-04-06 16:25 6815744 c:\windows\System32\SMI\Store\Machine\SCHEMA.DAT
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ONAIR"="c:\program files\ONAIR\ONAIR.exe" [2010-04-03 404992]
"RocketDock"="c:\windows.old\Program Files\RocketDock\RocketDock.exe" [2007-09-02 495616]
"Microsoft Office Outlook"="c:\progra~1\MICROS~3\Office12\OUTLOOK.EXE" [2009-08-17 12957536]
"Skype"="c:\progra~1\Skype\Phone\Skype.exe" [2009-04-16 24264488]
c:\users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Spamihilator.lnk - c:\program files\Spamihilator\spamihilator.exe [2010-2-26 1512448]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"AVMWlanClient"=c:\program files\avmwlanstick\wlangui.exe
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
"PPort11reminder"="c:\program files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "c:\programdata\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini"
"PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe"
"IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe"
"ControlCenter3"=c:\program files\Brother\ControlCenter3\brctrcen.exe /autorun
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
"BrMfcWnd"=c:\program files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-02-27 691696]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-02-25 1047880]
S3 FWLANUSB;AVM FRITZ!WLAN;c:\windows\system32\DRIVERS\fwlanusb.sys [2006-04-06 264704]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2010-02-24 10064]
--- Andere Dienste/Treiber im Speicher ---
*Deregistered* - vlzmzq
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://mystart.incredimail.com/
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\vlzmzq]
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2010-04-06 20:14:52
ComboFix-quarantined-files.txt 2010-04-06 18:14
ComboFix2.txt 2010-04-06 17:43
Vor Suchlauf: 29 Verzeichnis(se), 25.540.456.448 Bytes frei
Nach Suchlauf: 30 Verzeichnis(se), 25.342.287.872 Bytes frei
- - End Of File - - B99C77D99453C825F43C0AA910DA8210
06.04.2010, 19:17
Baum-Darstellung