ComboFix 09-02-21.01 - Der Boss 2009-02-23 9:23:26.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1031.18.2046.1602 [GMT 1:00] ausgeführt von:: c:\dokumente und einstellungen\Der Boss\Desktop\ComboFix.exe AV: Avira AntiVir PersonalEdition *On-access scanning enabled* (Updated) * Neuer Wiederherstellungspunkt wurde erstellt . ((((((((((((((((((((((( Dateien erstellt von 2009-01-23 bis 2009-02-23 )))))))))))))))))))))))))))))) . 2009-02-18 21:44 . 2009-02-18 21:44 d-------- c:\dokumente und einstellungen\Family\Anwendungsdaten\Ahead 2009-02-18 21:39 . 2009-02-18 21:39 d-------- c:\dokumente und einstellungen\Family\Anwendungsdaten\DivX 2009-02-18 11:23 . 2009-02-18 11:24 d-------- c:\programme\BabasChess 2009-02-18 09:56 . 2009-02-23 08:18 69 --a------ c:\windows\NeroDigital.ini 2009-02-17 18:27 . 2009-02-18 09:23 d-------- c:\dokumente und einstellungen\Der Boss\Anwendungsdaten\Ahead 2009-02-17 18:25 . 2009-02-17 18:25 d-------- c:\programme\Nero 2009-02-17 18:25 . 2009-02-17 18:28 d-------- c:\programme\Gemeinsame Dateien\Ahead 2009-02-07 20:19 . 2009-02-07 20:19 d-------- c:\programme\Windows Media Connect 2 2009-02-07 20:19 . 2008-04-14 13:00 221,184 --a------ c:\windows\system32\wmpns.dll 2009-02-07 20:17 . 2009-02-07 20:17 d-------- c:\windows\system32\LogFiles 2009-02-07 20:17 . 2009-02-07 20:18 d-------- c:\windows\system32\drivers\UMDF 2009-02-07 20:17 . 2009-02-07 20:18 d-------- C:\2ab66f473881e396f4787b 2009-02-07 20:17 . 2009-02-12 03:00 1,374 --a------ c:\windows\imsins.BAK 2009-02-07 17:49 . 2009-02-07 17:49 d-------- c:\windows\Sun 2009-02-07 17:47 . 2009-02-07 17:47 d-------- c:\programme\Java 2009-02-07 17:47 . 2009-02-07 17:47 410,984 --a------ c:\windows\system32\deploytk.dll 2009-02-07 17:47 . 2009-02-07 17:47 73,728 --a------ c:\windows\system32\javacpl.cpl 2009-01-24 23:26 . 2009-01-24 23:26 268 --ah----- C:\sqmdata00.sqm 2009-01-24 23:26 . 2009-01-24 23:26 244 --ah----- C:\sqmnoopt00.sqm . (((((((((((((((((((((((((((((((((((( Find3M Bericht )))))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-02-05 18:42 --------- d-----w c:\dokumente und einstellungen\Family\Anwendungsdaten\Winamp 2009-01-25 16:21 --------- d-----w c:\dokumente und einstellungen\Family\Anwendungsdaten\Zylom Games 2009-01-25 16:15 --------- d-----w c:\programme\CCleaner 2009-01-08 17:49 --------- d-----w c:\dokumente und einstellungen\Der Boss\Anwendungsdaten\DivX 2009-01-08 05:28 --------- d-----w c:\programme\DivX 2009-01-06 03:07 --------- d-----w c:\programme\PokerStars 2008-12-28 16:58 30,032 ----a-w c:\dokumente und einstellungen\Family\Anwendungsdaten\GDIPFONTCACHEV1.DAT 2008-12-26 21:36 --------- d-----w c:\dokumente und einstellungen\Family\Anwendungsdaten\Zylom 2008-12-26 21:36 --------- d-----w c:\dokumente und einstellungen\Family\Anwendungsdaten\ViquaSoft 2008-12-26 21:35 --------- d-----w c:\dokumente und einstellungen\All Users\Anwendungsdaten\Zylom 2008-12-20 22:31 826,368 ----a-w c:\windows\system32\wininet.dll 2008-12-11 00:33 86,016 ----a-w c:\windows\system32\dpl100.dll 2008-12-11 00:33 200,704 ----a-w c:\windows\system32\dtu100.dll 2008-12-09 02:28 593,920 ----a-w c:\windows\system32\dpuGUI11.dll 2008-12-09 02:28 57,344 ----a-w c:\windows\system32\dpv11.dll 2008-12-09 02:28 344,064 ----a-w c:\windows\system32\dpus11.dll 2008-12-09 02:28 294,912 ----a-w c:\windows\system32\dpu11.dll 2008-12-06 21:00 319,488 ----a-w c:\windows\HideWin.exe . (((((((((((((((((((((((((((( Autostartpunkte der Registrierung )))))))))))))))))))))))))))))))))))))))) . . *Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "avgnt"="c:\programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-09-17 13574144] "Microsoft Works Update Detection"="c:\programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe" [2001-10-04 28738] "WinampAgent"="c:\programme\Winamp\winampa.exe" [2008-08-04 36352] "SunJavaUpdateSched"="c:\programme\Java\jre6\bin\jusched.exe" [2009-02-07 136600] "NeroFilterCheck"="c:\programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648] "nwiz"="nwiz.exe" [2008-09-17 c:\windows\system32\nwiz.exe] "RTHDCPL"="RTHDCPL.EXE" [2008-09-24 c:\windows\RTHDCPL.EXE] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dotnet3.exe] "Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dotnet3[1].exe] "Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dotnet3[2].exe] "Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dotnetfx.exe] "Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dotnetfx3.exe] "Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dotnetfx30SP1setup.exe] "Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dotnetfx30SP1setup[1].exe] "Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dotnetfx30SP1setup[2].exe] "Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dotnetfx35.exe] "Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dotnetfx35setup.exe] "Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dotnetfx35setup[1].exe] "Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dotnetfx35setup[2].exe] "Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dotnetfx35[1].exe] "Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dotnetfx35[2].exe] "Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dotnetfx3setup.exe] "Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dotnetfx3setup[1].exe] "Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dotnetfx3setup[2].exe] "Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dotnetfx3[1].exe] "Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dotnetfx3[2].exe] "Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dotnetfx3_ia64.exe] "Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dotnetfx3_ia64[1].exe] "Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dotnetfx3_ia64[2].exe] "Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dotnetfx3_x64.exe] "Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dotnetfx3_x64[1].exe] "Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dotnetfx3_x64[2].exe] "Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dotnetfx[1].exe] "Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dotnetfx[2].exe] "Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx20SP1_ia64.exe] "Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx20SP1_ia64[1].exe] "Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx20SP1_ia64[2].exe] "Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx20SP1_x64.exe] "Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx20SP1_x64[1].exe] "Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx20SP1_x64[2].exe] "Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx20SP1_x86.exe] "Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx20SP1_x86[1].exe] "Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx20SP1_x86[2].exe] "Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx20SP2_ia64.exe] "Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx20SP2_ia64[1].exe] "Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx20SP2_ia64[2].exe] "Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx20SP2_x64.exe] "Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx20SP2_x64[1].exe] "Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx20SP2_x64[2].exe] "Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx20SP2_x86.exe] "Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx20SP2_x86[1].exe] "Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx20SP2_x86[2].exe] "Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx30SP1_x64.exe] "Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx30SP1_x64[1].exe] "Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx30SP1_x64[2].exe] "Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx30SP1_x86.exe] "Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx30SP1_x86[1].exe] "Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx30SP1_x86[2].exe] "Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx35_ia64.exe] "Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx35_ia64[1].exe] "Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx35_ia64[2].exe] "Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx35_x64.exe] "Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx35_x64[1].exe] "Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx35_x64[2].exe] "Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx35_x86.exe] "Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx35_x86[1].exe] "Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx35_x86[2].exe] "Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx64.exe] "Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx64[1].exe] "Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\NetFx64[2].exe] "Debugger"=c:\windows\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] --a------ 2008-06-12 02:38 34672 c:\programme\Adobe\Reader 9.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FLMOFFICE4DMOUSE] --a------ 2008-12-08 16:23 958464 c:\programme\Labtec\Mouse\2.1\moffice.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Works Portfolio] --a------ 2001-10-04 15:47 331830 c:\programme\Microsoft Works\wkssb.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter] --a------ 2008-09-17 23:55 86016 c:\windows\system32\nvmctray.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WorksFUD] --a------ 2001-10-09 12:28 24576 c:\programme\Microsoft Works\wkfud.exe [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Programme\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Programme\\Windows Live\\Messenger\\livecall.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009 R0 xfilt;VIA SATA IDE Hot-plug Driver;c:\windows\system32\drivers\xfilt.sys [2007-11-20 17920] R1 BS_I2cIo;BS_I2cIo;c:\windows\system32\drivers\BS_I2cIo.sys [2008-12-06 6272] R2 ZDCNDIS5;ZDCNDIS5 NDIS5.1 Protocol Driver;c:\windows\system32\ZDCndis5.sys [2007-04-20 20736] R3 ZY202_XP;Deutsche Telekom 802.11g 1211 Driver;c:\windows\system32\drivers\WlanUZXP.sys [2007-04-20 519168] S3 BS_Flash;BS_Flash;c:\programme\BIOS Update\Award\BS_Flash.sys [2008-12-06 3604] . - - - - Entfernte verwaiste Registrierungseinträge - - - - HKLM-Run-NWEReboot - (no file) . ------- Zusätzlicher Suchlauf ------- . uStart Page = hxxp://www.google.de/ FF - ProfilePath - c:\dokumente und einstellungen\Der Boss\Anwendungsdaten\Mozilla\Firefox\Profiles\vkpgvd4k.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/ . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-02-23 09:24:36 Windows 5.1.2600 Service Pack 3 NTFS Scanne versteckte Prozesse... Scanne versteckte Autostarteinträge... Scanne versteckte Dateien... Scan erfolgreich abgeschlossen versteckte Dateien: 0 ************************************************************************** . Zeit der Fertigstellung: 2009-02-23 9:25:44 ComboFix-quarantined-files.txt 2009-02-23 08:25:42 Vor Suchlauf: 12 Verzeichnis(se), 302.848.061.440 Bytes frei Nach Suchlauf: 12 Verzeichnis(se), 303,062,974,464 Bytes frei WindowsXP-KB310994-SP2-Pro-BootDisk-DEU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect 247 --- E O F --- 2009-02-12 02:02:02