ComboFix 10-07-12.06 - Drago 13.07.2010  22:39:46.4.2 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.49.1031.18.3036.1607 [GMT 2:00]
ausgeführt von:: c:\users\Drago\Desktop\Combo-Fix.exe
Benutzte Befehlsschalter :: c:\users\Drago\Desktop\CFScript.txt
SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

FILE ::
"c:\users\Drago\AppData\Roaming\Adobe\Update\flacor.dat"
.

((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\users\Drago\AppData\Roaming\Adobe\Update\flacor.dat

.
(((((((((((((((((((((((   Dateien erstellt von 2010-06-13 bis 2010-07-13  ))))))))))))))))))))))))))))))
.

2010-07-13 20:47 . 2010-07-13 20:47	--------	d-----w-	c:\users\Public\AppData\Local\temp
2010-07-13 20:47 . 2010-07-13 20:47	--------	d-----w-	c:\users\Mcx1-DRAGO-PC\AppData\Local\temp
2010-07-13 20:47 . 2010-07-13 20:47	--------	d-----w-	c:\users\Katarina\AppData\Local\temp
2010-07-13 20:47 . 2010-07-13 20:47	--------	d-----w-	c:\users\Default\AppData\Local\temp
2010-07-13 20:47 . 2010-07-13 20:47	--------	d-----w-	c:\users\Birungueta\AppData\Local\temp
2010-07-13 20:06 . 2010-07-13 20:47	--------	d-----w-	c:\users\Drago\AppData\Local\temp
2010-07-13 19:45 . 2010-07-13 20:06	--------	d-----w-	C:\Combo-Fix
2010-07-12 21:29 . 2010-04-29 13:39	38224	----a-w-	c:\windows\system32\drivers\mbamswissarmy.sys
2010-07-12 21:29 . 2010-07-12 21:29	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2010-07-12 21:29 . 2010-04-29 13:39	20952	----a-w-	c:\windows\system32\drivers\mbam.sys
2010-07-12 21:12 . 2010-07-12 21:12	--------	d-----w-	C:\_OTL
2010-07-12 21:09 . 2010-07-12 21:09	--------	d-----w-	c:\program files\Common Files\Java
2010-07-12 21:08 . 2010-07-12 21:07	411368	----a-w-	c:\windows\system32\deployJava1.dll
2010-07-12 20:18 . 2010-07-12 20:18	--------	d-----w-	c:\users\Drago\AppData\Roaming\SUPERAntiSpyware.com
2010-07-12 20:18 . 2010-07-12 20:18	--------	d-----w-	c:\programdata\SUPERAntiSpyware.com
2010-07-08 21:41 . 2010-07-08 21:41	--------	d-----w-	c:\program files\KaraFun
2010-07-08 21:41 . 2010-07-08 21:41	--------	d-----w-	c:\programdata\Recisio
2010-07-08 21:24 . 2010-07-08 21:25	--------	d-----w-	c:\program files\UltraStar
2010-07-08 21:03 . 2010-07-08 21:05	--------	d-----w-	c:\program files\vanBasco's Karaoke Player
2010-06-28 10:56 . 2010-06-28 10:56	--------	d-----w-	c:\program files\sfArk
2010-06-28 10:55 . 2008-12-05 05:41	81920	----a-w-	c:\windows\portaudio.dll
2010-06-28 10:06 . 2010-07-12 11:10	--------	d-----w-	C:\timidity
2010-06-26 14:02 . 2010-06-28 14:31	--------	d-----w-	c:\program files\NetTVPlayer
2010-06-24 20:54 . 2009-11-08 08:55	99176	----a-w-	c:\windows\system32\PresentationHostProxy.dll
2010-06-24 20:54 . 2009-11-08 08:55	49472	----a-w-	c:\windows\system32\netfxperf.dll
2010-06-24 20:54 . 2009-11-08 08:55	297808	----a-w-	c:\windows\system32\mscoree.dll
2010-06-24 20:54 . 2009-11-08 08:55	295264	----a-w-	c:\windows\system32\PresentationHost.exe
2010-06-24 20:54 . 2009-11-08 08:55	1130824	----a-w-	c:\windows\system32\dfshim.dll
2010-06-22 20:55 . 2010-06-22 20:56	--------	d-----w-	c:\program files\Alextv
2010-06-21 21:31 . 2009-12-09 15:31	20992	----a-w-	c:\users\Drago\AppData\Roaming\Thunderbird\Profiles\45ev4t9x.default\extensions\{de1b245c-de57-11da-ba2d-0050c2490048}\library\WINNT-32\MinimizeToTrayPlus.dll
2010-06-21 19:13 . 2010-06-21 19:13	--------	d-----w-	c:\program files\iPod
2010-06-21 19:13 . 2010-06-21 19:14	--------	d-----w-	c:\program files\iTunes
2010-06-21 19:09 . 2010-06-21 19:09	--------	d-----w-	c:\program files\Bonjour
2010-06-21 19:08 . 2010-06-21 19:08	72504	----a-w-	c:\programdata\Apple Computer\Installer Cache\iTunes 9.2.0.61\SetupAdmin.exe
2010-06-14 21:45 . 2010-06-14 21:46	--------	d-----w-	c:\programdata\{429CAD59-35B1-4DBC-BB6D-1DB246563521}

.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-13 20:26 . 2009-11-04 23:59	--------	d-----w-	c:\program files\Mozilla Thunderbird
2010-07-13 19:45 . 2009-10-25 12:36	--------	d-----w-	c:\users\Drago\AppData\Roaming\Skype
2010-07-13 17:46 . 2009-10-25 12:37	--------	d-----w-	c:\users\Drago\AppData\Roaming\skypePM
2010-07-13 14:16 . 2010-02-28 18:32	--------	d-----w-	c:\users\Drago\AppData\Roaming\EndNote
2010-07-13 11:41 . 2010-04-20 17:10	--------	d-----w-	c:\program files\MSECache
2010-07-13 08:44 . 2009-11-02 19:35	147935	----a-w-	c:\windows\hpoins12.dat
2010-07-12 21:12 . 2009-10-30 23:08	--------	d-----w-	c:\users\Drago\AppData\Roaming\Alur
2010-07-12 21:09 . 2009-11-18 20:18	--------	d-----w-	c:\users\Drago\AppData\Roaming\Wyem
2010-07-12 11:10 . 2009-10-25 23:44	--------	d-----w-	c:\users\Drago\AppData\Roaming\Mp3tag
2010-07-12 11:10 . 2009-12-03 10:13	--------	d-----w-	c:\users\Drago\AppData\Roaming\gtk-2.0
2010-07-12 10:43 . 2008-01-21 07:15	618442	----a-w-	c:\windows\system32\perfh007.dat
2010-07-12 10:43 . 2008-01-21 07:15	122842	----a-w-	c:\windows\system32\perfc007.dat
2010-07-09 17:28 . 2010-04-09 16:24	1356	----a-w-	c:\users\Drago\AppData\Local\d3d9caps.dat
2010-07-09 17:12 . 2009-11-26 22:44	--------	d-----w-	c:\users\Drago\AppData\Roaming\Kigeo
2010-06-28 14:27 . 2009-10-25 14:34	--------	d-----w-	c:\users\Drago\AppData\Roaming\vlc
2010-06-28 14:25 . 2010-06-12 13:48	--------	d-----w-	c:\program files\NetTVProfessional
2010-06-28 08:58 . 2009-10-24 21:55	133208	----a-w-	c:\users\Drago\AppData\Local\GDIPFONTCACHEV1.DAT
2010-06-25 11:51 . 2009-11-11 00:20	--------	d-----w-	c:\program files\FTP Commander
2010-06-25 08:25 . 2010-01-27 22:40	--------	d-----w-	c:\program files\CCleaner
2010-06-21 21:22 . 2009-11-04 23:59	--------	d-----w-	c:\users\Drago\AppData\Roaming\Thunderbird
2010-06-21 19:13 . 2009-12-03 11:07	--------	d-----w-	c:\program files\Common Files\Apple
2010-06-18 18:58 . 2009-11-09 17:54	--------	d-----w-	c:\program files\JDownloader
2010-06-16 18:31 . 2009-12-03 11:11	--------	d-----w-	c:\program files\QuickTime
2010-06-12 13:28 . 2010-02-15 21:11	--------	d-----w-	c:\program files\NetTVPlus Player
2010-06-09 21:39 . 2009-11-18 00:01	--------	d-----w-	c:\program files\K-Lite Codec Pack
2010-06-07 17:21 . 2010-06-07 15:31	--------	d-----w-	c:\program files\Mozilla Sunbird
2010-06-06 20:12 . 2010-06-06 20:12	--------	d-----w-	c:\users\Drago\AppData\Roaming\Bump Technologies, Inc
2010-06-06 20:12 . 2010-06-06 20:12	--------	d-----w-	c:\program files\BumpTop
2010-06-05 07:11 . 2010-01-14 16:01	--------	d-----w-	c:\program files\Microsoft Silverlight
2010-06-02 08:00 . 2010-06-09 21:39	108032	----a-w-	c:\windows\system32\ff_vfw.dll
2010-06-02 02:55 . 2010-06-12 13:49	74072	----a-w-	c:\windows\system32\XAPOFX1_5.dll
2010-06-02 02:55 . 2010-06-12 13:49	527192	----a-w-	c:\windows\system32\XAudio2_7.dll
2010-06-02 02:55 . 2010-06-12 13:49	239960	----a-w-	c:\windows\system32\xactengine3_7.dll
2010-05-31 21:12 . 2010-05-31 21:12	--------	d-----w-	c:\program files\mcesoft
2010-05-31 10:05 . 2010-05-31 10:04	--------	d-----w-	c:\program files\Opera
2010-05-28 16:51 . 2009-12-03 10:51	--------	d-----w-	c:\program files\Rosetta Stone
2010-05-28 16:34 . 2010-05-16 16:20	--------	d-----w-	c:\program files\Nuance
2010-05-28 16:23 . 2006-11-02 12:37	--------	d-----w-	c:\program files\Microsoft Games
2010-05-28 16:22 . 2009-06-05 08:21	--------	d--h--w-	c:\program files\InstallShield Installation Information
2010-05-26 17:06 . 2010-06-10 01:03	34304	----a-w-	c:\windows\system32\atmlib.dll
2010-05-26 14:47 . 2010-06-10 01:03	289792	----a-w-	c:\windows\system32\atmfd.dll
2010-05-26 09:41 . 2010-06-12 13:49	248672	----a-w-	c:\windows\system32\d3dx11_43.dll
2010-05-26 09:41 . 2010-06-12 13:49	2106216	----a-w-	c:\windows\system32\D3DCompiler_43.dll
2010-05-26 09:41 . 2010-06-12 13:49	1868128	----a-w-	c:\windows\system32\d3dcsx_43.dll
2010-05-26 09:41 . 2010-06-12 13:49	470880	----a-w-	c:\windows\system32\d3dx10_43.dll
2010-05-26 09:41 . 2010-06-12 13:49	1998168	----a-w-	c:\windows\system32\D3DX9_43.dll
2010-05-24 15:27 . 2009-06-05 09:01	--------	d-----w-	c:\program files\Google
2010-05-21 12:14 . 2009-11-18 11:15	221568	------w-	c:\windows\system32\MpSigStub.exe
2010-05-18 14:35 . 2010-05-18 14:35	91424	----a-w-	c:\windows\system32\dnssd.dll
2010-05-18 14:35 . 2010-05-18 14:35	107808	----a-w-	c:\windows\system32\dns-sd.exe
2010-05-17 07:34 . 2010-05-16 14:52	--------	d-----w-	c:\users\Drago\AppData\Roaming\ScanSoft
2010-05-16 19:59 . 2009-11-18 17:28	2568	--sha-w-	c:\programdata\KGyGaAvL.sys
2010-05-16 19:59 . 2009-11-18 17:28	2568	--sha-w-	c:\programdata\KGyGaAvL.sys
2010-05-16 16:26 . 2010-05-16 16:26	--------	d-----w-	c:\users\Drago\AppData\Roaming\Macrovision
2010-05-16 16:23 . 2010-05-16 16:23	--------	d-----w-	c:\programdata\zeon
2010-05-16 16:23 . 2010-05-16 16:23	--------	d-----w-	c:\programdata\Macrovision
2010-05-16 16:22 . 2010-05-16 16:21	--------	d-----w-	c:\programdata\ScanSoft
2010-05-16 14:53 . 2010-05-16 14:53	--------	d-----w-	c:\users\Drago\AppData\Roaming\Zeon
2010-05-16 14:46 . 2010-05-16 14:46	--------	d-----w-	c:\users\Drago\AppData\Roaming\Nuance
2010-05-04 05:59 . 2010-06-10 01:03	916480	----a-w-	c:\windows\system32\wininet.dll
2010-05-04 05:55 . 2010-06-10 01:03	71680	----a-w-	c:\windows\system32\iesetup.dll
2010-05-04 05:55 . 2010-06-10 01:03	109056	----a-w-	c:\windows\system32\iesysprep.dll
2010-05-04 04:31 . 2010-06-10 01:03	133632	----a-w-	c:\windows\system32\ieUnatt.exe
2010-05-01 14:13 . 2010-06-10 01:03	2037248	----a-w-	c:\windows\system32\win32k.sys
2010-04-23 14:13 . 2010-05-26 00:50	2048	----a-w-	c:\windows\system32\tzres.dll
2010-04-20 19:12 . 2010-04-20 19:12	5514304	----a-w-	c:\users\Drago\AppData\Roaming\TVU Networks\AutoUpgrade\TVUPlayer2.5.2.2.exe
2010-04-19 18:47 . 2010-04-19 18:47	3062048	----a-w-	c:\windows\system32\usbaaplrc.dll
2010-04-19 18:47 . 2010-04-19 18:47	41984	----a-w-	c:\windows\system32\drivers\usbaapl.sys
2010-04-18 21:23 . 2010-04-18 21:23	1432504	----a-w-	c:\programdata\hps\12093\setup_Media_Markt.exe
2010-04-16 13:25 . 2010-04-16 13:25	117228	---ha-w-	c:\windows\system32\mlfcache.dat
2009-05-01 21:02 . 2009-05-01 21:02	1044480	----a-w-	c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02	200704	----a-w-	c:\program files\mozilla firefox\plugins\ssldivx.dll
.

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-07-03 135680]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ThpSrv"="c:\windows\system32\thpsrv" [X]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-03-30 7289376]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-03-20 1451304]
"ITSecMng"="c:\program files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe" [2008-12-19 83336]
"TUSBSleepChargeSrv"="c:\program files\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe" [2009-03-27 252288]
"HWSetup"="c:\program files\TOSHIBA\Utilities\HWSetup.exe" [2007-04-16 421888]
"SVPWUTIL"="c:\program files\TOSHIBA\Utilities\SVPWUTIL.exe" [2008-11-21 438272]
"KeNotify"="c:\program files\TOSHIBA\Utilities\KeNotify.exe" [2009-01-13 34088]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe" [2009-04-23 1011712]
"TWebCamera"="c:\program files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" [2009-04-16 2513472]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-04-21 61440]
"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2009-03-06 468320]
"HSON"="c:\program files\TOSHIBA\TBS\HSON.exe" [2009-03-09 55160]
"SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2009-03-31 503808]
"00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2009-03-23 729088]
"ToshibaServiceStation"="c:\program files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2009-04-01 1283384]
"HDMICtrlMan"="c:\program files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe" [2009-04-07 811008]
"TRCMan"="c:\program files\TOSHIBA\TRCMan\TRCMan.exe" [2008-11-26 701752]
"TPCHWMsg"="c:\program files\TOSHIBA\TPHM\TPCHWMsg.exe" [2009-04-15 570736]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"FreePDF Assistant"="c:\program files\FreePDF_XP\fpassist.exe" [2009-09-05 385024]
"CloneCDTray"="c:\program files\SlySoft\CloneCD\CloneCDTray.exe" [2006-09-28 57344]
"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2008-06-12 37232]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2008-06-11 640376]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-10-29 198160]
"Nuance OmniPage 17-reminder"="c:\program files\Nuance\OmniPage17\Ereg\Ereg.exe" [2008-11-03 54560]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-03-17 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-06-15 141624]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"TOSHIBA Online Product Information"="c:\program files\TOSHIBA\Toshiba Online Product Information\topi.exe" [2009-03-16 6158240]

c:\users\Katarina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files\Toshiba\TRDCReminder\TRDCReminder.exe [2009-2-24 391072]

c:\users\Mcx1-DRAGO-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files\Toshiba\TRDCReminder\TRDCReminder.exe [2009-2-24 391072]

c:\users\Drago\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Logitech Touch Mouse Server.lnk - c:\program files\Logitech Touch Mouse Server\iTouch-Server-Win.exe [2009-10-23 228352]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Automatic Update-Agent.lnk - c:\program files\T-Mobile\Communication Center\AutoUpdateSrv.exe [2009-11-16 499712]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-1-2 210520]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\acaptuser32.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnk.CommonStartup
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cfFncEnabler.exe]
2009-03-24 11:53	16384	----a-w-	c:\program files\Toshiba\ConfigFree\cfFncEnabler.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NDSTray.exe]
2009-05-12 20:26	299008	----a-w-	c:\program files\Toshiba\ConfigFree\NDSTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-03-17 19:53	421888	----a-w-	c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmartFaceVWatcher]
2009-03-24 17:33	163840	----a-w-	c:\program files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Teco]
2009-04-24 09:40	1323008	----a-w-	c:\program files\Toshiba\TECO\TEco.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2009-10-29 21:25	198160	----a-w-	c:\program files\Common Files\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toshiba Registration]
2009-03-04 13:53	96144	----a-w-	c:\program files\Toshiba\Registration\ToshibaReminder.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toshiba TEMPRO]
2009-03-23 12:30	1045904	----a-w-	c:\program files\Toshiba TEMPRO\TemproTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
2009-10-26 07:33	15872	----a-w-	c:\program files\Unlocker\UnlockerAssistant.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):7b,9f,7a,54,58,56,ca,01

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-4032735365-608106937-2049815217-1000]
"EnableNotificationsRef"=dword:00000001

R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2009-10-27 722416]
R1 SASDIFSV;SASDIFSV;c:\users\Drago\AppData\Local\Temp\SAS_SelfExtract\SASDIFSV.SYS [x]
R1 SASKUTIL;SASKUTIL;c:\users\Drago\AppData\Local\Temp\SAS_SelfExtract\SASKUTIL.SYS [x]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2009-11-10 135664]
R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2009-04-08 114528]
R3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2007-06-21 42512]
R4 ConfigFree Service;ConfigFree Service;c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
S0 Thpdrv;TOSHIBA HDD Protection Driver;c:\windows\system32\DRIVERS\thpdrv.sys [2009-03-25 30272]
S0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;c:\windows\system32\DRIVERS\Thpevm.SYS [2007-09-04 13336]
S2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-09-16 169312]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-04-21 176128]
S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
S2 camsvc;TOSHIBA Web Camera Service;c:\program files\Toshiba\TOSHIBA Web Camera Application\TWebCameraSrv.exe [2009-04-16 20544]
S2 gtdetectsc;GtDetectSc Service;c:\windows\system32\gtdetectsc.exe [2007-01-09 118784]
S2 GtFlashSwitch;GtFlashSwitch;c:\program files\Common Files\GtFlashSwitch\GtFlashSwitch.exe [2007-02-09 176128]
S2 TeamViewer5;TeamViewer 5;c:\program files\TeamViewer\Version5\TeamViewer_Service.exe [2010-01-12 185640]
S2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);c:\program files\Toshiba TEMPRO\TemproSvc.exe [2009-03-23 116104]
S2 TMachInfo;TMachInfo;c:\program files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-04-01 62776]
S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe [2009-04-24 176128]
S2 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2009-03-17 73728]
S2 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [2009-04-15 656752]
S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys [2009-03-20 12920]
S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2008-12-30 57856]
S3 enecirhid;ENE CIR HID Receiver;c:\windows\system32\DRIVERS\enecirhid.sys [2008-04-28 11264]
S3 enecirhidma;ENE CIR HIDmini Filter;c:\windows\system32\DRIVERS\enecirhidma.sys [2008-04-25 5632]
S3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\DRIVERS\ManyCam.sys [2008-01-14 21632]
S3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\NETw5v32.sys [2008-11-17 3668480]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [2009-03-18 22272]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12	REG_MULTI_SZ   	Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
.
Inhalt des "geplante Tasks" Ordners

2010-07-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-11-10 00:10]

2010-07-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-11-10 00:10]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.de/
uInternet Settings,ProxyOverride = *.local
IE: &Alles mit FlashGet laden - c:\program files\FlashGet\jc_all.htm
IE: &Mit FlashGet laden - c:\program files\FlashGet\jc_link.htm
IE: An vorhandene PDF-Datei anfügen - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: In Adobe PDF konvertieren - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Linkziel an vorhandene PDF-Datei anhängen - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Linkziel in Adobe PDF konvertieren - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~3\Office10\EXCEL.EXE/3000
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: {{76577871-04EC-495E-A12B-91F7C3600AFA} - http://rover.ebay.com/rover/1/707-44556-9400-3/4
IE: {{8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.de/exec/obidos/redirect-home?tag=Toshibadebholink-21&site=home
IE: {{FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - c:\program files\PokerStars.NET\PokerStarsUpdate.exe
Trusted Zone: btopenzone.com\www
Trusted Zone: t-mobile.net\hotspot
FF - ProfilePath - c:\users\Drago\AppData\Roaming\Mozilla\Firefox\Profiles\ct7w40o0.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\Picasa2\npPicasa2.dll
FF - plugin: c:\program files\Veetle\Player\npvlc.dll
FF - plugin: c:\program files\Veetle\plugins\npVeetle.dll
FF - plugin: c:\program files\Veetle\VLCBroadcast\npvbp.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX Richtlinien ----
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); 
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type",                  5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation",  false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-13 22:47
Windows 6.0.6002 Service Pack 2 NTFS

Scanne versteckte Prozesse... 

Scanne versteckte Autostarteinträge... 

Scanne versteckte Dateien... 

Scan erfolgreich abgeschlossen
versteckte Dateien: 0

**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------

[HKEY_USERS\S-1-5-21-4032735365-608106937-2049815217-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{3EE2FCA3-F0A8-ED94-C3EA-AB22E9FBF5A0}*]
"ianmocgdfpfejinkpi"=hex:6a,61,69,6a,62,6c,61,65,69,69,6e,6b,67,66,6f,6c,65,61,
   65,62,00,71
"hadoidhnldbmcenk"=hex:6a,61,69,6a,62,6c,61,65,69,69,6e,6b,67,66,6f,6c,65,61,
   65,62,00,44

[HKEY_USERS\S-1-5-21-4032735365-608106937-2049815217-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{9A4E3BC2-6451-D004-771F-4AAFA4EA7311}*]
"maphhjbkccpmhlhpdefjkcfcin"=hex:6a,61,6b,6a,64,61,67,6a,68,65,69,6f,65,66,61,
   6b,6b,66,6e,6e,00,00
"nabinlndebhlpajpeonchfmfiijn"=hex:6a,61,66,6a,6b,6f,6a,64,67,66,6d,63,65,70,
   6e,6a,6c,70,65,66,00,fe
.
Zeit der Fertigstellung: 2010-07-13  22:50:40
ComboFix-quarantined-files.txt  2010-07-13 20:50
ComboFix2.txt  2010-07-13 20:06
ComboFix3.txt  2010-01-28 20:26
ComboFix4.txt  2010-01-28 15:47

Vor Suchlauf: 19 Verzeichnis(se), 64.969.744.384 Bytes frei
Nach Suchlauf: 20 Verzeichnis(se), 64.927.326.208 Bytes frei

- - End Of File - - 71D0E631AAD4D5BE4980E2362BA94761