Druckwarteschlange nimmt Auftrag nicht an

Fortuna1895 · Sep 30, 2010

Hallo zusammen,

habe folgendes Problem:

Nachdem ich einige Viren mit extrem Sensiblen Programmen entfernt habe, kann ich nun rein NICHTS mehr drucken. Sobald ich einen Auftrag bestätige erscheint zwar das Zeichen für die Druckerwarteschlange, es steht dort aber 0 Aufträge. Die spoolsv.exe und ihre .dll befinden sich noch im system32-Ordner.

Weitere Informationen:
Drucker Canon Pixma MP550 - Treiber aktuell
Windows Vista Home Premium 32bit - aktuell
Druckwarteschlangen-Dienst - gestartet/automatisch

Vielen Dank im Vorraus!
Dennis

poro · Oct 1, 2010

Wenn Du druckerelevante Dateien, welche durch bösartige gleichnamige ersetzt wurden, entfernt hast, wird da auch bestimmt nix.

Was wurde denn durch wen gefunden? Wie entfernt? Mögliche Fehlalarme?

Druckertreiber und Software mal neuinstalliert? Betriebssystem repariert?

Fortuna1895 · Oct 1, 2010

Hättest du mich nicht nocheinmal auf die Suche geschickt wäre mir folgendes nicht aufgefallen.

Und zwar hat im letzten Akt meiner Virensuche das Programm "Combofix" (falls unbekannt, man sagt "1 von 100 Systemen überleben Combofix nicht") folgenden Pfad entfernt:

c:\windows\system32\spool\prtprocs\w32x86\CNMPP9Z.DLL

Glücklicherweise ist mir dort das Wörtchen "spool" inmitten gerade aufgefallen.

Gibt es eine Möglichkeit diese Datei wiederherzustellen?

poro · Oct 1, 2010

Könnte da c:\windows\system32\ nochmal sein?

Das von sUBs erstellte Tool Combofix ist nicht zum täglichen Einsatz gedacht und sollte nicht von unerfahrenen Personen angewendet werden.

-

Combofix legt nun einen Wiederherstellungspunkt an und erstellt eine Sicherung der Registry, damit im Notfall darauf zurückgegriffen werden kann.

-

Hier wird darauf hingewiesen, dass das Log unter c:\combofix.txt zu finden ist.
Click to expand...

Häng das log hier mal an.

Ne Betriebssystemneuinstallation is bestimmt schneller gemacht als das Rumgemache hier.

Fortuna1895 · Oct 1, 2010

ComboFix 10-09-30.01 - Dennis 30.09.2010 20:47:53.1.2 - x86
Microsoft® Windows Vista Home Premium 6.0.6002.2.1252.49.1031.18.2046.866 [GMT 2:00]
ausgeführt von:: c:\users\Dennis\Downloads\ComboFix.exe
SP: Spybot - Search and Destroy *disabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\programdata\Microsoft\Network\Downloader\qmgr0.dat
c:\programdata\Microsoft\Network\Downloader\qmgr1.dat
c:\windows\jestertb.dll
c:\windows\system32\spool\prtprocs\w32x86\CNMPP9Z.DLL
c:\windows\system32\Startup.exe

----- BITS: Eventuell infizierte Webseiten -----

hxxp://wlxindex
.
((((((((((((((((((((((( Dateien erstellt von 2010-08-28 bis 2010-09-30 ))))))))))))))))))))))))))))))
.

2010-09-30 18:51 . 2010-09-30 18:52 -------- d-----w- c:\users\Dennis\AppData\Local\temp
2010-09-30 18:51 . 2010-09-30 18:51 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-09-30 17:54 . 2010-09-30 17:54 388096 ----a-r- c:\users\Dennis\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-09-30 14:38 . 2010-09-30 14:38 -------- d-----w- c:\programdata\KONAMI
2010-09-29 20:14 . 2010-09-29 20:14 -------- d-----w- c:\users\Dennis\AppData\Local\TVU Networks
2010-09-29 20:14 . 2010-09-29 20:14 -------- d-----w- c:\programdata\TVU Networks
2010-09-29 20:14 . 2010-09-29 20:14 -------- d-----w- c:\windows\system32\TVUAx
2010-09-29 16:46 . 2010-09-29 17:23 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2010-09-29 16:41 . 2010-09-29 17:36 -------- d-----w- c:\users\Dennis\AppData\Local\Windows Live
2010-09-29 16:39 . 2010-09-29 16:39 -------- d-----w- c:\users\Dennis\AppData\Local\Secunia CSI
2010-09-29 04:53 . 2010-09-29 04:53 -------- d-----w- c:\users\Dennis\AppData\Roaming\Malwarebytes
2010-09-29 04:53 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-09-29 04:53 . 2010-09-29 04:53 -------- d-----w- c:\programdata\Malwarebytes
2010-09-29 04:53 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-09-24 20:32 . 2010-09-24 20:32 -------- d-----w- c:\users\Dennis\AppData\Local\My Games
2010-09-24 20:22 . 2010-09-24 20:22 -------- d-----w- c:\users\Dennis\AppData\Roaming\Stardock
2010-09-24 20:22 . 2010-09-24 20:22 -------- dc-h--w- c:\programdata\{A3A26C56-02C3-4F76-A033-12EE2FB52AE6}
2010-09-24 20:22 . 2010-06-22 19:49 3349784 -c--a-w- c:\programdata\{A3A26C56-02C3-4F76-A033-12EE2FB52AE6}\Fences.exe
2010-09-24 20:22 . 2010-09-24 20:22 -------- d-----w- c:\users\Dennis\AppData\Local\PackageAware
2010-09-23 19:34 . 2010-09-23 19:34 -------- d-----w- c:\programdata\Codemasters
2010-09-23 19:33 . 2010-09-23 19:33 444952 ----a-w- c:\windows\system32\wrap_oal.dll
2010-09-23 19:33 . 2010-09-23 19:33 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2010-09-23 19:33 . 2010-09-23 19:33 -------- d-----w- c:\program files\OpenAL
2010-09-23 19:30 . 2004-12-05 17:38 102400 ----a-w- c:\windows\system\OpenAL32.dll
2010-09-23 15:39 . 2010-09-23 15:48 -------- d-----w- c:\users\Dennis\AppData\Local\Darksiders
2010-09-23 15:28 . 2010-06-02 02:55 74072 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2010-09-23 15:28 . 2010-06-02 02:55 527192 ----a-w- c:\windows\system32\XAudio2_7.dll
2010-09-23 15:28 . 2010-06-02 02:55 239960 ----a-w- c:\windows\system32\xactengine3_7.dll
2010-09-23 15:28 . 2010-05-26 09:41 470880 ----a-w- c:\windows\system32\d3dx10_43.dll
2010-09-23 15:28 . 2010-05-26 09:41 248672 ----a-w- c:\windows\system32\d3dx11_43.dll
2010-09-23 15:28 . 2010-05-26 09:41 2106216 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2010-09-23 15:28 . 2010-05-26 09:41 1998168 ----a-w- c:\windows\system32\D3DX9_43.dll
2010-09-23 15:28 . 2010-05-26 09:41 1868128 ----a-w- c:\windows\system32\d3dcsx_43.dll
2010-09-23 14:48 . 2010-04-05 17:02 317952 ----a-w- c:\windows\system32\MP4SDECD.DLL
2010-09-23 14:48 . 2010-04-16 16:46 502272 ----a-w- c:\windows\system32\usp10.dll
2010-09-23 14:48 . 2010-08-17 14:11 128000 ----a-w- c:\windows\system32\spoolsv.exe
2010-09-23 14:48 . 2010-05-27 20:08 739328 ----a-w- c:\windows\system32\inetcomm.dll
2010-09-22 20:35 . 2010-09-22 20:36 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE
2010-09-22 20:35 . 2010-09-22 20:35 -------- d-----w- c:\windows\system32\xlive
2010-09-15 17:10 . 2010-09-15 17:16 -------- d-----w- c:\users\Dennis\AppData\Roaming\GNU Solfege
2010-09-14 13:27 . 2010-09-14 13:27 56765 ----a-w- c:\programdata\DivX\DivXPlusShortcuts\Uninstaller.exe
2010-09-14 13:27 . 2010-09-14 13:26 185640 ----a-w- c:\programdata\DivX\Setup\finishPlugin.dll
2010-09-14 13:27 . 2010-09-14 13:27 56997 ----a-w- c:\programdata\DivX\WebPlayer\Uninstaller.exe
2010-09-14 13:27 . 2010-09-14 13:27 53600 ----a-w- c:\programdata\DivX\Update\Uninstaller.exe
2010-09-14 13:26 . 2010-09-14 13:26 57691 ----a-w- c:\programdata\DivX\Player\Uninstaller.exe
2010-09-14 13:26 . 2010-09-14 13:26 84063 ----a-w- c:\programdata\DivX\TransferWizard\Uninstaller.exe
2010-09-14 13:26 . 2010-09-14 13:26 54153 ----a-w- c:\programdata\DivX\DFXPlugin\Uninstaller.exe
2010-09-14 13:26 . 2010-09-14 13:26 144696 ----a-w- c:\programdata\DivX\RunAsUser\RUNASUSERPROCESS.exe
2010-09-13 17:07 . 2010-09-13 17:07 -------- d-----w- c:\windows\Sun
2010-09-12 15:59 . 2010-02-04 08:01 74072 ----a-w- c:\windows\system32\XAPOFX1_4.dll
2010-09-12 15:59 . 2010-02-04 08:01 528216 ----a-w- c:\windows\system32\XAudio2_6.dll
2010-09-12 15:59 . 2010-02-04 08:01 238936 ----a-w- c:\windows\system32\xactengine3_6.dll
2010-09-12 15:59 . 2010-02-04 08:01 22360 ----a-w- c:\windows\system32\X3DAudio1_7.dll
2010-09-12 15:56 . 2010-09-12 15:56 -------- d-----w- c:\programdata\bitComposer Games
2010-09-07 22:44 . 2008-07-12 06:18 3851784 ----a-w- c:\windows\system32\D3DX9_39.dll
2010-09-07 22:35 . 2010-09-07 22:35 -------- d-----w- c:\programdata\EA Logs
2010-09-07 22:10 . 2010-09-07 22:10 -------- d--h--r- c:\users\Dennis\AppData\Roaming\SecuROM
2010-09-07 19:58 . 2010-09-07 19:58 -------- d-----w- c:\programdata\EA Core
2010-09-07 19:55 . 2010-09-07 19:55 53632 ----a-w- c:\users\Dennis\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-09-07 19:54 . 2010-09-07 19:54 -------- d-----w- c:\programdata\Electronic Arts
2010-09-07 19:54 . 2010-09-07 19:55 53632 ----a-w- c:\users\Default\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-09-07 19:54 . 2010-09-07 19:55 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-09-05 17:34 . 2010-09-05 17:34 -------- d-----w- c:\users\Dennis\AppData\Local\TechSmith
2010-09-05 17:29 . 2010-04-07 13:10 411480 ----a-w- c:\windows\system32\tsccvid.dll
2010-09-05 17:29 . 2010-09-05 17:29 -------- d-----w- c:\windows\system32\QuickTime
2010-09-05 17:29 . 2010-09-05 17:29 -------- d-----w- c:\program files\QuickTime
2010-09-05 17:29 . 2010-09-05 17:29 -------- d-----w- c:\program files\Common Files\TechSmith Shared
2010-09-05 17:29 . 2010-09-05 17:29 -------- d-----w- c:\programdata\TechSmith
2010-09-03 21:03 . 2010-09-03 21:03 -------- d-----w- c:\program files\Common Files\Java
2010-09-03 21:01 . 2010-09-03 21:01 -------- d-----w- c:\program files\Sun
2010-09-03 21:01 . 2010-09-03 21:01 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-09-03 21:01 . 2010-09-03 21:01 -------- d-----w- c:\program files\Java
2010-09-03 20:13 . 2010-09-03 20:13 -------- d--h--w- c:\programdata\CanonIJScan
2010-09-03 20:13 . 2010-09-03 20:13 -------- d-----w- c:\users\Dennis\AppData\Roaming\Canon
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-30 18:45 . 2010-08-16 15:33 -------- d-----w- c:\programdata\NVIDIA
2010-09-30 18:44 . 2010-08-16 22:56 0 ----a-w- c:\windows\system32\drivers\lvuvc.hs
2010-09-30 18:41 . 2010-08-22 21:04 -------- d-----w- c:\users\Dennis\AppData\Roaming\Skype
2010-09-30 18:13 . 2010-08-22 21:05 -------- d-----w- c:\users\Dennis\AppData\Roaming\skypePM
2010-09-30 18:07 . 2010-08-16 23:18 37013 ----a-w- c:\programdata\nvModes.dat
2010-09-30 18:02 . 2010-08-16 13:50 -------- d-----w- c:\users\Dennis\AppData\Roaming\uTorrent
2010-09-30 05:32 . 2008-01-21 07:15 628504 ----a-w- c:\windows\system32\perfh007.dat
2010-09-30 05:32 . 2008-01-21 07:15 126248 ----a-w- c:\windows\system32\perfc007.dat
2010-09-29 18:55 . 2010-08-19 19:08 -------- d-----w- c:\users\Dennis\AppData\Roaming\vlc
2010-09-29 17:54 . 2010-08-16 23:15 -------- d-----w- c:\program files\Microsoft Silverlight
2010-09-29 17:19 . 2010-08-16 13:26 101608 ----a-w- c:\users\Dennis\AppData\Local\GDIPFONTCACHEV1.DAT
2010-09-29 16:49 . 2010-08-16 13:49 -------- d-----w- c:\program files\Windows Live
2010-09-27 15:59 . 2010-08-17 14:52 137976 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-09-27 15:59 . 2010-08-17 14:52 234280 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-09-23 15:48 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-09-23 14:59 . 2010-08-16 23:21 -------- d-----w- c:\programdata\Microsoft Help
2010-09-14 19:52 . 2010-08-16 15:59 188152 ----a-w- c:\users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\klm80olk.default\FlashGot.exe
2010-09-14 13:27 . 2010-08-16 13:58 57344 ----a-w- c:\programdata\DivX\RunAsUser\RUNASUSERPROCESS.dll
2010-09-14 13:27 . 2010-08-16 13:57 -------- d-----w- c:\programdata\DivX
2010-09-14 13:27 . 2010-08-16 13:57 -------- d-----w- c:\program files\DivX
2010-09-14 13:26 . 2010-08-16 13:58 850200 ----a-w- c:\programdata\DivX\Setup\DivXSetup.exe
2010-09-14 13:26 . 2010-08-16 13:58 1062184 ----a-w- c:\programdata\DivX\Setup\Resource.dll
2010-08-28 00:53 . 2010-08-16 23:16 -------- d-----w- c:\program files\NVIDIA Corporation
2010-08-27 09:01 . 2010-08-27 09:01 -------- d-----w- c:\users\Dennis\AppData\Roaming\U3
2010-08-25 23:22 . 2010-08-25 23:21 -------- d-----w- c:\program files\Common Files\Adobe
2010-08-24 11:10 . 2010-08-24 11:10 -------- d-----w- c:\users\Dennis\AppData\Roaming\Unity
2010-08-23 01:04 . 2010-08-23 00:37 -------- d-----w- c:\users\Dennis\AppData\Roaming\Summer Challenge
2010-08-22 21:07 . 2010-08-16 16:05 -------- d-----w- c:\users\Dennis\AppData\Roaming\DAEMON Tools Lite
2010-08-22 21:05 . 2010-08-22 21:05 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2010-08-22 21:01 . 2010-08-22 21:01 -------- d-----r- c:\program files\Skype
2010-08-22 21:01 . 2010-08-22 21:01 -------- d-----w- c:\program files\Common Files\Skype
2010-08-22 21:01 . 2010-08-22 21:00 -------- d-----w- c:\programdata\Skype
2010-08-20 12:28 . 2010-08-20 12:28 -------- d-----w- c:\program files\Windows Portable Devices
2010-08-20 12:28 . 2006-11-02 10:25 86016 ----a-w- c:\windows\Inf\infstor.dat
2010-08-20 12:28 . 2006-11-02 10:25 665600 ----a-w- c:\windows\Inf\drvindex.dat
2010-08-20 12:28 . 2006-11-02 10:25 51200 ----a-w- c:\windows\Inf\infpub.dat
2010-08-20 12:28 . 2006-11-02 10:25 143360 ----a-w- c:\windows\Inf\infstrng.dat
2010-08-20 12:28 . 2010-08-20 12:28 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
2010-08-20 12:25 . 2010-08-20 12:25 -------- d-----w- c:\programdata\NVIDIA Corporation
2010-08-19 15:11 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar
2010-08-19 15:11 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Sidebar
2010-08-19 15:11 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Journal
2010-08-19 15:11 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Collaboration
2010-08-19 15:11 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Photo Gallery
2010-08-19 15:11 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Defender
2010-08-19 11:32 . 2010-08-16 23:27 -------- d-----w- c:\program files\Microsoft.NET
2010-08-19 00:20 . 2010-08-19 00:20 -------- d-----w- c:\users\Dennis\AppData\Roaming\YoudaGames
2010-08-17 15:58 . 2010-08-17 15:55 -------- d-----w- c:\program files\Canon
2010-08-17 15:58 . 2010-08-17 15:58 -------- d--h--w- c:\programdata\CanonBJ
2010-08-17 15:56 . 2010-08-17 15:56 -------- d--h--w- c:\program files\CanonBJ
2010-08-17 15:50 . 2010-08-17 15:50 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2010-08-17 14:52 . 2010-08-17 14:52 138056 ----a-w- c:\users\Dennis\AppData\Roaming\PnkBstrK.sys
2010-08-17 14:52 . 2010-08-17 14:52 138056 ----a-w- c:\users\Dennis\AppData\Roaming\PnkBstrK.sys
2010-08-17 14:52 . 2010-08-17 14:52 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2010-08-17 14:52 . 2010-08-17 14:52 2434856 ----a-w- c:\windows\system32\pbsvc_bc2.exe
2010-08-17 14:37 . 2010-08-17 14:37 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
2010-08-16 23:28 . 2006-11-02 12:37 -------- d-----w- c:\program files\MSBuild
2010-08-16 23:27 . 2010-08-16 23:27 -------- d-----w- c:\program files\Microsoft Synchronization Services
2010-08-16 23:27 . 2010-08-16 23:27 -------- d-----w- c:\program files\Microsoft Sync Framework
2010-08-16 23:27 . 2010-08-16 23:27 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2010-08-16 23:26 . 2010-08-16 23:26 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2010-08-16 23:23 . 2010-08-16 23:23 -------- d-----w- c:\program files\Microsoft Analysis Services
2010-08-16 23:15 . 2010-08-16 23:15 -------- d-----w- c:\users\Dennis\AppData\Roaming\TuneUp Software
2010-08-16 23:14 . 2010-08-16 23:14 -------- d-----w- c:\programdata\TuneUp Software
2010-08-16 23:14 . 2010-08-16 23:14 -------- d-sh--w- c:\programdata\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2010-08-16 23:09 . 2010-08-16 23:07 -------- d-----w- c:\programdata\LogiShrd
2010-08-16 23:08 . 2010-08-16 14:10 -------- d-----w- c:\program files\Logitech
2010-08-16 23:08 . 2010-08-16 23:08 -------- d-----w- c:\users\Dennis\AppData\Roaming\Leadertech
2010-08-16 23:07 . 2010-08-16 22:56 -------- d-----w- c:\program files\Common Files\logishrd
2010-08-16 22:19 . 2010-08-16 22:19 -------- d-----w- c:\program files\MSXML 4.0
2010-08-16 20:05 . 2010-08-16 13:58 -------- d-----w- c:\users\Dennis\AppData\Roaming\DivX
2010-08-16 16:14 . 2010-08-16 16:14 -------- d-----w- c:\program files\Common Files\Steam
2010-08-16 16:05 . 2010-08-16 16:05 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2010-08-16 16:05 . 2010-08-16 16:05 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-08-16 16:05 . 2010-08-16 16:05 -------- d-----w- c:\programdata\DAEMON Tools Lite
2010-08-16 15:46 . 2010-08-16 15:46 -------- d-----w- c:\users\Dennis\AppData\Roaming\Avira
2010-08-16 15:38 . 2010-08-16 15:38 -------- d-----w- c:\programdata\ROCCAT
2010-08-16 15:38 . 2010-08-16 15:38 -------- d-----w- c:\program files\ROCCAT
2010-08-16 15:38 . 2010-08-16 13:30 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-08-16 15:38 . 2010-08-16 13:29 -------- d-----w- c:\program files\Common Files\InstallShield
2010-08-16 15:32 . 2010-08-16 15:32 -------- d-----w- c:\users\Dennis\AppData\Roaming\ROCCAT
2010-08-16 14:23 . 2010-08-16 13:29 16608 ----a-w- c:\windows\gdrv.sys
2010-08-16 14:21 . 2010-08-16 14:21 -------- d-----w- c:\program files\NeroInstall.bak
2010-08-16 14:20 . 2010-08-16 14:20 -------- d-----w- c:\users\Dennis\AppData\Roaming\Nero
2010-08-16 14:19 . 2010-08-16 14:17 -------- d-----w- c:\program files\Common Files\Nero
2010-08-16 14:17 . 2010-08-16 14:17 -------- d-----w- c:\programdata\Nero
2010-08-16 14:10 . 2010-08-16 14:10 -------- d-----w- c:\programdata\Logitech
2010-08-16 14:10 . 2010-08-16 14:10 -------- d-----w- c:\program files\Common Files\Logitech
2010-08-16 13:54 . 2010-08-16 13:54 0 ----a-w- c:\windows\nsreg.dat
2010-08-16 13:54 . 2010-08-16 13:53 -------- d-----w- c:\users\Dennis\AppData\Roaming\Thunderbird
2010-08-16 13:50 . 2010-08-16 13:26 680 ----a-w- c:\users\Dennis\AppData\Local\d3d9caps.dat
2010-08-16 13:47 . 2010-08-16 13:47 -------- d-----w- c:\program files\Common Files\Windows Live
2010-08-16 13:36 . 2010-08-16 13:33 -------- d-----w- c:\program files\Realtek
2010-08-16 13:33 . 2010-08-16 13:33 319456 ----a-w- c:\windows\DIFxAPI.dll
2010-08-16 13:33 . 2010-08-16 13:33 315392 ----a-w- c:\windows\HideWin.exe
2010-08-16 13:30 . 2010-08-16 13:30 -------- d-----w- c:\program files\Intel
2010-08-16 13:30 . 2010-08-16 13:30 -------- d-----w- c:\program files\GIGABYTE
2010-08-16 13:24 . 2010-08-16 13:24 -------- d-sh--we c:\programdata\Vorlagen
2010-08-16 13:24 . 2010-08-16 13:24 -------- d-sh--we c:\programdata\Startmenü
2010-08-16 13:24 . 2010-08-16 13:24 -------- d-sh--we c:\programdata\Favoriten

((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\NBHShellExt]
@="{8D2223A2-B3C6-4e32-B096-CDD11F628C60}"
[HKEY_CLASSES_ROOT\CLSID\{8D2223A2-B3C6-4e32-B096-CDD11F628C60}]
2008-02-28 12:04 97064 ----a-w- e:\nero\Nero8\InCD\NBHShx.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"FileHippo.com"="e:\filehippo.com\UpdateChecker.exe" [2010-08-09 248832]
"SpybotSD TeaTimer"="e:\spybot - search & destroy\TeaTimer.exe" [2009-03-05 2260480]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-08-10 4217720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2007-09-19 4702208]
"avgnt"="e:\avira\AntiVir Desktop\avgnt.exe" [2010-03-02 282792]
"Kone"="c:\program files\ROCCAT\Kone Mouse\KoneHID.EXE" [2009-09-15 180224]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{1984DD45-52CF-49cd-AB77-18F378FEA264}"= "e:\stardock\Fences\FencesMenu.dll" [2010-06-22 202088]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"CanonMyPrinter"=e:\drucker\BJMyPrt.exe /logon
"InCD"=e:\nero\Nero8\InCD\InCD.exe
"BCSSync"="e:\office 2010\Office14\BCSSync.exe" /DelayServices
"WinSys2"=c:\windows\system32\startup.exe
"SecurDisc"=e:\nero\Nero8\InCD\NBHGui.exe
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"Adobe Reader Speed Launcher"="e:\adobe reader\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-08-16 135664]
R3 GEST Service;GEST Service for program management.;c:\program files\GIGABYTE\GEST\GSvr.exe [2007-12-14 47624]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;e:\office 2010\Office14\GROOVE.EXE [2010-03-25 30969208]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2010-08-16 691696]
S2 AntiVirSchedulerService;Avira AntiVir Planer;e:\avira\AntiVir Desktop\sched.exe [2010-02-24 135336]
S2 NeroRegInCDSrv;Nero Registry InCD Service;e:\nero\Nero8\InCD\NBHRegInCDSrv.exe [2008-02-28 53032]
S2 SBSDWSCService;SBSD Security Center Service;e:\spybot - search & destroy\SDWinSec.exe [2009-01-26 1153368]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-07-09 248936]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;e:\tuneup\TuneUpUtilitiesService32.exe [2010-06-14 1051976]
S3 KoneFltr;ROCCAT Kone;c:\windows\system32\drivers\Kone.sys [2008-12-11 13056]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;e:\tuneup\TuneUpUtilitiesDriver32.sys [2010-02-24 10064]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Inhalt des "geplante Tasks" Ordners

2010-09-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-08-16 13:57]

2010-09-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-08-16 13:57]

2010-09-30 c:\windows\Tasks\User_Feed_Synchronization-{A4C9A809-7A21-44D9-AFF3-15178462A04E}.job
- c:\windows\system32\msfeedssync.exe [2010-09-30 04:24]
.
.
------- Zusätzlicher Suchlauf -------
.
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
FF - ProfilePath - c:\users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\klm80olk.default\
FF - prefs.js: browser.search.selectedEngine - Web Search...
FF - prefs.js: browser.startup.homepage - hxxp://vshare.toolbarhome.com/?hp=df
FF - prefs.js: keyword.URL - hxxp://vshare.toolbarhome.com/search.aspx?srch=ku&q=
FF - prefs.js: network.proxy.http - 206.248.239.190
FF - prefs.js: network.proxy.http_port - 81
FF - prefs.js: network.proxy.ssl_port - 8888
FF - component: c:\users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\klm80olk.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - component: c:\users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\klm80olk.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\FFExternalAlert.dll
FF - component: c:\users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\klm80olk.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\RadioWMPCore.dll
FF - component: c:\users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\klm80olk.default\extensions\jetpack@labs.mozilla.com\lib\WINNT_x86-msvc\1.9.2\jetpack.dll
FF - component: c:\users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\klm80olk.default\extensions\lazarus@interclue.com\platform\WINNT_x86-msvc\components\WeaveCrypto.dll
FF - component: e:\firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\components\SkypeFfComponent.dll
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: c:\program files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: c:\users\Dennis\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: c:\users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\klm80olk.default\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll
FF - plugin: e:\adobe reader\Reader\browser\nppdf32.dll
FF - plugin: e:\office~1\Office14\NPAUTHZ.DLL
FF - plugin: e:\office~1\Office14\NPSPWRAP.DLL
FF - plugin: e:\veetle\Player\npvlc.dll
FF - plugin: e:\veetle\plugins\npVeetle.dll
FF - plugin: e:\veetle\VLCBroadcast\npvbp.dll
FF - plugin: e:\vlc\npvlc.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX Richtlinien ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
FF - user.js: browser.urlbar.hideGoButton - false
FF - user.js: dom.disable_window_open_feature.minimizable - true
FF - user.js: dom.disable_window_open_feature.menubar - true
FF - user.js: dom.disable_window_open_feature.scrollbars - true
FF - user.js: browser.tabs.closeButtons - 1
FF - user.js: browser.tabs.tabMinWidth - 125
e:\firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
e:\firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
e:\firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-09-30 20:52
Windows 6.0.6002 Service Pack 2 NTFS

Scanne versteckte Prozesse...

Scanne versteckte Autostarteinträge...

Scanne versteckte Dateien...

c:\windows\TEMP\TMP0000003519DB88824A3FBDB3 524288 bytes executable

Scan erfolgreich abgeschlossen
versteckte Dateien: 1

**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------

[HKEY_USERS\S-1-5-21-129334088-945163104-4072451272-1000\Software\SecuROM\License information*]
"datasecu"=hex:3c,cb,73,11,74,fb,b8,a3,40,6c,3a,3f,64,a7,3e,81,3e,ca,aa,c2,82,
4d,9f,e6,f6,fd,96,4f,f6,6a,0a,b8,aa,90,89,55,84,8d,cb,04,4f,06,be,c8,b2,c3,\
"rkeysecu"=hex:7d,1c,a9,33,b0,da,af,a7,09,f4,2b,0f,7a,eb,af,89

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Zeit der Fertigstellung: 2010-09-30 20:53:40
ComboFix-quarantined-files.txt 2010-09-30 18:53

Vor Suchlauf: 7 Verzeichnis(se), 121.118.896.128 Bytes frei
Nach Suchlauf: 9 Verzeichnis(se), 121.113.063.424 Bytes frei

- - End Of File - - 46BE2F304A5FC21223058CEBAB1100DC

poro · Oct 1, 2010

Machmal

Druckertreiber und Software mal neuinstalliert? Betriebssystem repariert?
Click to expand...

Lt dem Log viel unnötiges (mit)installiert. Kenn mich aber mit Vista nicht so gut aus, kann also dazu nicht viel sagen.

Fortuna1895 · Oct 1, 2010

Hallo Poro, danke für deine freundliche Hilfe. Da aber nichts funktionieren wollte habe ich mich dazu entschlossen einfach die Systemwiederherstellung zu nutzen.

Nun läuft wieder alles! Herzlichen Dank!

mike_kilo · Oct 1, 2010

Da aber nichts funktionieren wollte habe ich mich dazu entschlossen einfach die Systemwiederherstellung zu nutzen.
Nun läuft wieder alles!
Click to expand...

Auweia! Es ist durchaus möglich, das der System Restore Ordner(System Volume Information) auch noch verseucht ist.....
Dann machst du den Bock zum Gärtner.

Log in or Sign up

Druckwarteschlange nimmt Auftrag nicht an

Fortuna1895 ROM

poro Ganzes Gigabyte

Fortuna1895 ROM

poro Ganzes Gigabyte

Fortuna1895 ROM

poro Ganzes Gigabyte

Fortuna1895 ROM

mike_kilo Ganzes Gigabyte

Share This Page