Antimalware Doctor entfernt, trotzdem verdächtige Datei übrig (azlkl.sys)

chemikär · 24.08.2010, 17:29

Combo Fix Log:

Combofix Logfile:

Code:

ATTFilter

ComboFix 10-08-22.07 - **** 24.08.2010  18:09:06.1.4 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6001.1.1252.49.1031.18.3071.2003 [GMT 2:00]
ausgeführt von:: c:\users\****\Desktop\cofi.exe
SP: Windows-Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Install.exe
c:\users\****\AppData\Roaming\9E5D7AD44EDC4D5D2F9AD202378D1506
c:\users\****\AppData\Roaming\9E5D7AD44EDC4D5D2F9AD202378D1506\enemies-names.txt
c:\users\****\AppData\Roaming\9E5D7AD44EDC4D5D2F9AD202378D1506\local.ini
c:\windows\system\msvbvm60.dll

.
(((((((((((((((((((((((   Dateien erstellt von 2010-07-24 bis 2010-08-24  ))))))))))))))))))))))))))))))
.

2010-08-24 16:19 . 2010-08-24 16:19	--------	d-----w-	c:\users\Default\AppData\Local\temp
2010-08-23 17:22 . 2010-08-23 17:22	--------	d-----w-	C:\_OTL
2010-08-22 13:10 . 2010-08-22 13:14	--------	d-----w-	c:\program files\trend micro
2010-08-22 13:10 . 2010-08-22 13:14	--------	d-----w-	C:\rsit
2010-08-21 21:18 . 2010-08-21 21:18	--------	d-----w-	c:\program files\CCleaner
2010-08-21 14:38 . 2010-08-21 14:38	--------	d-----w-	c:\users\****\AppData\Roaming\Malwarebytes
2010-08-21 14:35 . 2010-04-29 10:19	38224	----a-w-	c:\windows\system32\drivers\mbamswissarmy.sys
2010-08-21 14:35 . 2010-08-21 14:35	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2010-08-21 14:35 . 2010-08-21 14:35	--------	d-----w-	c:\programdata\Malwarebytes
2010-08-21 14:35 . 2010-04-29 10:19	20952	----a-w-	c:\windows\system32\drivers\mbam.sys
2010-08-19 17:57 . 2010-08-19 17:57	--------	d-----w-	c:\users\****\AppData\Roaming\A631A1E0297E4A7307FA897ECBAE081B
2010-08-16 20:23 . 2010-08-16 20:26	--------	d-----w-	c:\program files\VirtualBusA6CRC3
2010-08-14 11:31 . 2010-08-14 12:18	--------	d-----w-	c:\users\****\AppData\Local\British_Airways_Virtual_F
2010-08-11 16:17 . 2010-08-11 16:17	--------	d-----w-	c:\users\****\AppData\Roaming\NVIDIA
2010-08-10 08:17 . 2010-08-10 08:17	--------	d-----w-	c:\users\****\AppData\Local\2K Games
2010-08-09 09:59 . 2010-08-09 09:59	--------	d-----w-	c:\program files\Common Files\Steam
2010-08-09 09:59 . 2010-08-12 16:34	--------	d-----w-	c:\program files\Steam
2010-08-08 19:18 . 2010-08-08 20:21	--------	d-----w-	c:\program files\nHancer
2010-08-08 18:09 . 2010-08-08 18:09	--------	d-----w-	c:\programdata\Caphyon
2010-08-08 16:10 . 2010-08-08 16:10	--------	d-----w-	c:\programdata\NVIDIA Corporation
2010-08-08 16:08 . 2010-07-09 22:37	56936	----a-w-	c:\windows\system32\OpenCL.dll
2010-08-08 16:08 . 2010-07-09 22:37	5107816	----a-w-	c:\windows\system32\nvwgf2um.dll
2010-08-08 16:08 . 2010-07-09 22:37	14092904	----a-w-	c:\windows\system32\nvoglv32.dll
2010-08-08 16:08 . 2010-07-09 22:37	11008040	----a-w-	c:\windows\system32\drivers\nvlddmkm.sys
2010-08-08 16:08 . 2010-07-09 22:37	4553832	----a-w-	c:\windows\system32\nvcuda.dll
2010-08-08 16:08 . 2010-07-09 22:37	2892904	----a-w-	c:\windows\system32\nvcuvid.dll
2010-08-08 16:08 . 2010-07-09 22:37	2506344	----a-w-	c:\windows\system32\nvcuvenc.dll
2010-08-08 16:08 . 2010-07-09 22:37	236136	----a-w-	c:\windows\system32\nvcod1922.dll
2010-08-08 16:08 . 2010-07-09 22:37	236136	----a-w-	c:\windows\system32\nvcod.dll
2010-08-08 16:08 . 2010-07-09 22:37	10267240	----a-w-	c:\windows\system32\nvcompiler.dll
2010-07-27 10:00 . 1998-11-18 14:33	144384	----a-w-	c:\windows\system32\Iacenc.dll
2010-07-27 10:00 . 1997-06-13 06:56	56832	----a-w-	c:\windows\system32\Iyvu9_32.dll

.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-24 16:05 . 2008-10-14 19:17	--------	d-----w-	c:\programdata\Google Updater
2010-08-24 16:05 . 2009-06-06 22:08	--------	d-----w-	c:\users\****\AppData\Roaming\Skype
2010-08-24 16:02 . 2008-03-25 21:42	--------	d-----w-	c:\programdata\NVIDIA
2010-08-24 16:02 . 2009-06-06 22:09	--------	d-----w-	c:\users\****\AppData\Roaming\skypePM
2010-08-24 16:02 . 2010-08-08 16:25	37781	----a-w-	c:\programdata\nvModes.dat
2010-08-24 11:16 . 2008-03-26 04:53	618192	----a-w-	c:\windows\system32\perfh007.dat
2010-08-24 11:16 . 2008-03-26 04:53	122442	----a-w-	c:\windows\system32\perfc007.dat
2010-08-19 17:36 . 2008-12-09 16:50	--------	d-----w-	c:\users\****\AppData\Roaming\ICQ
2010-08-13 15:10 . 2008-03-25 21:51	--------	d-----w-	c:\program files\Microsoft Works
2010-08-13 15:06 . 2008-10-19 14:17	--------	d-----w-	c:\programdata\Microsoft Help
2010-08-12 10:04 . 2010-07-10 08:55	--------	d-----w-	c:\program files\ICQ7.2
2010-08-11 16:17 . 2008-11-08 17:13	--------	d-----w-	c:\program files\NVIDIA Corporation
2010-08-09 15:14 . 2008-10-09 12:48	--------	d-----w-	c:\program files\XAcars for MSFS
2010-08-08 20:21 . 2008-10-09 09:09	--------	d-----w-	c:\users\****\AppData\Roaming\nHancer
2010-08-08 18:10 . 2008-10-09 09:08	--------	d-----w-	c:\programdata\nHancer
2010-08-08 16:10 . 2008-10-07 09:47	--------	d-----w-	c:\program files\Common Files\Wise Installation Wizard
2010-08-07 14:34 . 2008-10-07 09:36	--------	d-----w-	c:\program files\SystemRequirementsLab
2010-08-04 08:02 . 2009-07-12 16:28	--------	d-----w-	c:\program files\vBus
2010-07-27 10:00 . 2008-03-25 21:38	--------	d-----w-	c:\program files\Intel
2010-07-25 14:31 . 2008-10-21 15:55	--------	d-----w-	c:\program files\FSacars
2010-07-25 12:19 . 2008-11-12 11:20	--------	d-----w-	c:\program files\VATroute
2010-07-20 07:31 . 2010-07-20 07:31	--------	d-----w-	c:\program files\Saitek
2010-07-20 07:29 . 2010-07-20 07:29	--------	d-----w-	c:\programdata\Saitek
2010-07-20 07:28 . 2008-03-25 21:38	--------	d--h--w-	c:\program files\InstallShield Installation Information
2010-07-10 10:02 . 2010-07-10 09:41	--------	d-----w-	c:\program files\SOB
2010-07-10 08:55 . 2010-07-10 08:55	--------	d-----w-	c:\program files\ICQ6Toolbar
2010-07-10 08:55 . 2010-07-10 08:55	--------	d-----w-	c:\programdata\ICQ
2010-07-10 08:55 . 2008-12-09 16:50	--------	d-----w-	c:\program files\ICQ6.5
2010-07-09 22:37 . 2010-08-08 16:08	10920	----a-w-	c:\windows\system32\drivers\nvBridge.kmd
2010-07-09 22:37 . 2009-02-09 12:18	604776	----a-w-	c:\windows\system32\nvudisp.exe
2010-07-09 22:37 . 2008-03-25 21:38	9818728	----a-w-	c:\windows\system32\nvd3dum.dll
2010-07-09 22:37 . 2008-03-25 21:38	1625192	----a-w-	c:\windows\system32\nvapi.dll
2010-07-09 14:20 . 2010-07-09 14:20	110696	----a-w-	c:\windows\system32\nvmctray.dll
2010-07-09 14:20 . 2010-07-09 14:20	66664	----a-w-	c:\windows\system32\nvshext.dll
2010-07-09 14:20 . 2010-07-09 14:20	1881704	----a-w-	c:\windows\system32\nvsvcr.dll
2010-07-09 14:20 . 2010-07-09 14:20	1469544	----a-w-	c:\windows\system32\nvsvc.dll
2010-07-09 14:20 . 2010-07-09 14:20	13939816	----a-w-	c:\windows\system32\nvcpl.dll
2010-07-09 14:20 . 2010-07-09 14:20	129640	----a-w-	c:\windows\system32\nvvsvc.exe
2010-07-08 14:09 . 2010-07-08 14:10	1388544	----a-w-	c:\windows\MSVBVM60.DLL
2010-07-07 11:46 . 2009-02-28 17:47	604776	----a-w-	c:\windows\system32\NVUNINST.EXE
2010-07-04 17:21 . 2010-07-04 17:21	--------	d-----w-	c:\program files\Cockpit-online.org
2010-07-03 16:30 . 2010-07-03 16:30	--------	d-----w-	c:\program files\vasFMCnav
2010-06-28 16:17 . 2010-08-13 07:45	833024	----a-w-	c:\windows\system32\wininet.dll
2010-06-28 16:13 . 2010-08-13 07:45	78336	----a-w-	c:\windows\system32\ieencode.dll
2010-06-27 13:16 . 2009-01-24 19:30	--------	d-----w-	c:\program files\vasFMC
2010-06-25 17:17 . 2010-06-25 17:16	--------	d-----w-	c:\program files\OrCAD_Demo
2010-06-21 13:18 . 2010-08-13 07:45	2036736	----a-w-	c:\windows\system32\win32k.sys
2010-06-18 16:43 . 2010-08-13 07:45	36352	----a-w-	c:\windows\system32\rtutils.dll
2010-06-18 14:43 . 2010-08-13 07:45	302080	----a-w-	c:\windows\system32\drivers\srv.sys
2010-06-18 14:43 . 2010-08-13 07:45	144896	----a-w-	c:\windows\system32\drivers\srv2.sys
2010-06-18 11:48 . 2010-06-18 11:48	1079048	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2010-06-16 15:59 . 2010-08-13 07:45	898952	----a-w-	c:\windows\system32\drivers\tcpip.sys
2010-06-11 15:31 . 2010-08-13 07:45	274432	----a-w-	c:\windows\system32\schannel.dll
2010-06-11 15:30 . 2010-08-13 07:45	1257472	----a-w-	c:\windows\system32\msxml3.dll
2010-06-08 17:00 . 2010-08-13 07:45	3598216	----a-w-	c:\windows\system32\ntkrnlpa.exe
2010-06-08 17:00 . 2010-08-13 07:45	3545992	----a-w-	c:\windows\system32\ntoskrnl.exe
2010-06-02 02:55 . 2010-08-10 08:16	74072	----a-w-	c:\windows\system32\XAPOFX1_5.dll
2010-06-02 02:55 . 2010-08-10 08:16	527192	----a-w-	c:\windows\system32\XAudio2_7.dll
2010-06-02 02:55 . 2010-08-10 08:16	239960	----a-w-	c:\windows\system32\xactengine3_7.dll
2010-05-27 19:16 . 2010-08-13 07:45	81920	----a-w-	c:\windows\system32\iccvid.dll
2008-10-08 09:28 . 2008-10-08 09:28	61	--sh--w-	c:\windows\cnerolf.bin
2008-10-07 16:05 . 2008-10-07 16:05	61	--sh--w-	c:\windows\cnerolf.dat
2008-11-16 15:15 . 2008-11-16 15:15	22	--sha-w-	c:\windows\SMINST\HPCD.sys
2008-03-26 05:25 . 2008-03-26 04:54	8192	--sha-w-	c:\windows\Users\Default\NTUSER.DAT
.

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-05-13 26192168]
"ICQ"="c:\program files\ICQ7.2\ICQ.exe" [2010-08-09 133432]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]
"RtHDVCpl"="RtHDVCpl.exe" [2008-01-15 4874240]
"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2007-04-18 65536]
"KBD"="c:\hp\KBD\KbdStub.EXE" [2006-12-08 65536]
"OsdMaestro"="c:\program files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" [2007-02-15 118784]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-07-12 178712]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2008-08-03 36352]
"Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2008-04-04 88584]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-09-08 198160]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2010-06-17 40368]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2010-03-30 1820040]
"ProfilerU"="c:\program files\Saitek\SD6\Software\ProfilerU.exe" [2009-06-03 237568]
"SaiMfd"="c:\program files\Saitek\SD6\Software\SaiMfd.exe" [2009-06-03 131072]

c:\users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux6"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"NVIDIA nTune"="c:\program files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
"WMPNSCFG"=c:\program files\Windows Media Player\WMPNSCFG.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"HP Health Check Scheduler"=[ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
"SunJavaUpdateReg"="c:\windows\system32\jureg.exe"
"HP Software Update"=c:\program files\HP\HP Software Update\HPWuSchd2.exe
"AVMWlanClient"=c:\program files\avmwlanstick\FRITZWLANMini.ex
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe"  -osboot
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):c1,2e,7b,9f,5c,38,ca,01

R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-01-08 135664]
R3 FWLANUSB;AVM FRITZ!WLAN;c:\windows\system32\DRIVERS\fwlanusb.sys [2006-04-05 264704]
R3 npusbio;npusbio;c:\windows\system32\Drivers\npusbio.sys [2008-04-25 36384]
R3 SaiH075C;SaiH075C;c:\windows\system32\DRIVERS\SaiH075C.sys [2006-07-27 176640]
S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
S2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [2010-03-30 1107336]
S2 HPBtnSrv;HP Chasis Button Service;c:\hp\HPEZBTN\HPBtnSrv.exe [2007-05-29 198240]
S2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [2010-06-02 246520]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-07-09 248936]
S2 TeamViewer4;TeamViewer 4;c:\program files\TeamViewer\Version4\TeamViewer_Service.exe [2009-07-30 185640]
S3 netr73;USB Wireless 802.11 b/g Adaptor Driver for Vista;c:\windows\system32\DRIVERS\netr73.sys [2008-02-26 493568]


--- Andere Dienste/Treiber im Speicher ---

*Deregistered* - azlkl
.
Inhalt des "geplante Tasks" Ordners

2010-08-24 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-10-14 18:34]

2010-08-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-08 14:26]

2010-08-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-08 14:26]

2010-08-24 c:\windows\Tasks\User_Feed_Synchronization-{B7A6DFE8-4CD8-4873-B942-5716A181E03A}.job
- c:\windows\system32\msfeedssync.exe [2008-10-10 07:33]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://start.icq.com/
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=81&bd=Pavilion&pf=desktop
IE: &AOL Toolbar-Suche - c:\program files\aol\aol toolbar 5.0\resources\de-de\local\search.html
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\****\AppData\Roaming\Mozilla\Firefox\Profiles\ykqyfzp3.default\
FF - prefs.js: browser.search.selectedEngine - Wikipedia (de)
FF - prefs.js: browser.startup.homepage - hxxp://www.spiegel.de/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.6&q=
FF - component: c:\program files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\components\SkypeFfComponent.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: c:\program files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: c:\program files\Opera\program\plugins\np32dsw.dll
FF - plugin: c:\program files\Opera\program\plugins\Npindeo.dll
FF - plugin: c:\program files\TVUPlayer\npTVUAx.dll
FF - plugin: c:\users\****\AppData\Roaming\Mozilla\Firefox\Profiles\ykqyfzp3.default\extensions\battlefieldheroespatcher@ea.com\platform\WINNT_x86-msvc\plugins\npBFHUpdater.dll
FF - plugin: c:\users\****\AppData\Roaming\Mozilla\Firefox\Profiles\ykqyfzp3.default\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll
FF - plugin: c:\users\****\AppData\Roaming\Mozilla\Firefox\Profiles\ykqyfzp3.default\extensions\moveplayer@movenetworks.com\platform\WINNT_x86-msvc\plugins\npmnqmp071303000004.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX Richtlinien ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true); 
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); 
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type",                  5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.size",  4096);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation",  false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, h**p://w*w.gmer.net
Rootkit scan 2010-08-24 18:19
Windows 6.0.6001 Service Pack 1 NTFS

Scanne versteckte Prozesse... 

Scanne versteckte Autostarteinträge... 

Scanne versteckte Dateien... 

Scan erfolgreich abgeschlossen
versteckte Dateien: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\]

.
--------------------- Gesperrte Registrierungsschluessel ---------------------

[HKEY_USERS\S-1-5-21-1400280738-944943155-76155050-1000\* c*]
@Allowed: (Read) (RestrictedCode)

[HKEY_USERS\S-1-5-21-1400280738-944943155-76155050-1000\Software\SecuROM\License information*]
"datasecu"=hex:e6,f9,c2,4d,26,fb,07,e7,71,6f,00,8b,31,cc,71,43,03,48,1d,98,f2,
   f6,25,cd,81,bf,76,68,01,f4,17,8f,8b,3c,b7,d8,1f,e2,bf,73,a8,d7,85,63,77,d0,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
Zeit der Fertigstellung: 2010-08-24  18:22:06
ComboFix-quarantined-files.txt  2010-08-24 16:22

Vor Suchlauf: 23 Verzeichnis(se), 442.321.981.440 Bytes frei
Nach Suchlauf: 29 Verzeichnis(se), 442.250.104.832 Bytes frei

- - End Of File - - 7B8AF77CACEF97CD8BA22C10D2C34BF1

--- --- ---

Antimalware Doctor entfernt, trotzdem verdächtige Datei übrig (azlkl.sys)

Plagegeister aller Art und deren Bekämpfung: Antimalware Doctor entfernt, trotzdem verdächtige Datei übrig (azlkl.sys)

Antimalware Doctor entfernt, trotzdem verdächtige Datei übrig (azlkl.sys)

Ähnliche Themen: Antimalware Doctor entfernt, trotzdem verdächtige Datei übrig (azlkl.sys)