hab die Anweisungen soweit durchgeführt und hier ist die ComboFix.TXT
Wurde der Rechner jetzt soweit gereinigt?
Combofix Logfile:
Code:
Alles auswählen Aufklappen ATTFilter
ComboFix 12-03-31.02 - install 31.03.2012 14:43:32.1.4 - x64
Microsoft Windows 7 Professional 6.1.7600.0.1252.49.1031.18.4091.2856 [GMT 2:00]
ausgeführt von:: c:\users\install\Desktop\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\install\AppData\Roaming\Microsoft\Windows\Cookies\isindex.dat
E:\install.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-02-28 bis 2012-03-31 ))))))))))))))))))))))))))))))
.
.
2012-03-31 12:48 . 2012-03-31 12:48 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-03-30 14:44 . 2012-03-30 14:53 -------- d-----w- C:\_OTL
2012-03-30 10:40 . 2012-03-14 03:27 8669240 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{16143528-B3E3-4164-9BBE-34D8ABCAEEA8}\mpengine.dll
2012-03-22 19:34 . 2012-03-22 19:34 -------- d-----w- c:\program files (x86)\Microsoft Works
2012-03-22 19:33 . 2012-03-22 19:33 -------- d-----w- c:\windows\PCHEALTH
2012-03-22 19:33 . 2012-03-22 19:33 -------- d-----w- c:\program files (x86)\Microsoft.NET
2012-03-18 15:42 . 2012-03-18 15:52 -------- d-----w- c:\users\install\AppData\Roaming\DeepBurner
2012-03-14 15:04 . 2012-01-25 06:27 76288 ----a-w- c:\windows\system32\rdpwsx.dll
2012-03-14 15:04 . 2012-01-25 06:27 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-03-14 15:04 . 2012-01-25 06:20 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-03-10 18:56 . 2012-03-10 18:56 -------- d-----w- c:\programdata\AVSVideoBurner
2012-03-10 18:44 . 2007-02-27 17:36 974848 ----a-w- c:\windows\SysWow64\mfc70.dll
2012-03-10 18:44 . 2007-02-27 17:36 487424 ----a-w- c:\windows\SysWow64\msvcp70.dll
2012-03-10 18:44 . 2007-02-27 17:36 344064 ----a-w- c:\windows\SysWow64\msvcr70.dll
2012-03-10 14:40 . 2012-03-10 14:40 -------- d-----w- c:\users\install\AppData\Roaming\AVS4YOU
2012-03-10 14:39 . 2012-03-10 18:45 -------- d-----w- c:\program files (x86)\AVS4YOU
2012-03-10 14:39 . 2012-03-10 18:45 -------- d-----w- c:\program files (x86)\Common Files\AVSMedia
2012-03-10 14:38 . 2012-03-10 14:40 -------- d-----w- c:\programdata\AVS4YOU
2012-03-10 14:38 . 2011-08-22 15:32 24576 ----a-w- c:\windows\SysWow64\msxml3a.dll
2012-03-10 12:40 . 2012-03-10 12:40 -------- d-----w- c:\windows\SysWow64\wbem\en-US
2012-03-10 12:40 . 2012-03-10 12:40 -------- d-----w- c:\windows\system32\wbem\en-US
2012-03-10 00:33 . 2012-03-10 00:33 982912 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2012-03-09 21:33 . 2009-09-10 06:28 311808 ----a-w- c:\windows\system32\msv1_0.dll
2012-03-09 21:33 . 2009-09-10 05:52 257024 ----a-w- c:\windows\SysWow64\msv1_0.dll
2012-03-09 21:27 . 2012-03-09 21:27 -------- d-----w- c:\program files (x86)\Microsoft CAPICOM 2.1.0.2
2012-03-09 21:26 . 2009-11-25 11:47 99176 ----a-w- c:\windows\SysWow64\PresentationHostProxy.dll
2012-03-09 21:26 . 2009-11-25 11:47 49472 ----a-w- c:\windows\SysWow64\netfxperf.dll
2012-03-09 21:26 . 2009-11-25 11:47 48960 ----a-w- c:\windows\system32\netfxperf.dll
2012-03-09 21:26 . 2009-11-25 11:47 297808 ----a-w- c:\windows\SysWow64\mscoree.dll
2012-03-09 21:26 . 2009-11-25 11:47 295264 ----a-w- c:\windows\SysWow64\PresentationHost.exe
2012-03-09 21:26 . 2009-11-25 11:47 1130824 ----a-w- c:\windows\SysWow64\dfshim.dll
2012-03-09 21:26 . 2009-11-25 11:47 109912 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2012-03-09 21:26 . 2009-11-25 11:47 444752 ----a-w- c:\windows\system32\mscoree.dll
2012-03-09 21:26 . 2009-11-25 11:47 320352 ----a-w- c:\windows\system32\PresentationHost.exe
2012-03-09 21:26 . 2009-11-25 11:47 1942856 ----a-w- c:\windows\system32\dfshim.dll
2012-03-09 21:26 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2012-03-09 21:08 . 2011-11-17 07:10 340992 ----a-w- c:\windows\system32\schannel.dll
2012-03-09 21:07 . 2010-08-21 06:38 1024512 ----a-w- c:\windows\system32\wmpmde.dll
2012-03-09 21:02 . 2011-11-05 05:17 2048 ----a-w- c:\windows\system32\tzres.dll
2012-03-09 21:01 . 2011-04-09 06:58 142336 ----a-w- c:\windows\system32\poqexec.exe
2012-03-09 21:00 . 2010-03-05 07:52 84992 ----a-w- c:\windows\system32\asycfilt.dll
2012-03-09 21:00 . 2010-03-05 07:42 67584 ----a-w- c:\windows\SysWow64\asycfilt.dll
2012-03-09 21:00 . 2011-11-17 07:14 1739160 ----a-w- c:\windows\system32\ntdll.dll
2012-03-09 21:00 . 2011-11-17 05:41 1292592 ----a-w- c:\windows\SysWow64\ntdll.dll
2012-03-09 21:00 . 2011-06-23 05:29 5507968 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-03-09 21:00 . 2011-06-23 04:38 3957120 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-03-09 21:00 . 2011-06-23 04:38 3902336 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-03-09 20:58 . 2011-02-23 05:15 90624 ----a-w- c:\windows\system32\drivers\bowser.sys
2012-03-09 20:57 . 2009-12-29 08:03 220672 ----a-w- c:\windows\system32\wintrust.dll
2012-03-09 20:57 . 2009-12-29 06:55 172032 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-03-09 20:57 . 2010-01-09 07:19 139264 ----a-w- c:\windows\system32\cabview.dll
2012-03-09 20:57 . 2010-01-09 06:52 132608 ----a-w- c:\windows\SysWow64\cabview.dll
2012-03-09 20:29 . 2012-03-09 20:29 51496 ----a-w- c:\windows\system32\drivers\stflt.sys
2012-03-09 15:15 . 2012-03-09 15:15 -------- d-----w- c:\users\install\AppData\Local\Diagnostics
2012-03-03 16:36 . 2012-03-03 16:36 -------- d-----w- c:\users\install\AppData\Roaming\Ubisoft
2012-03-03 16:36 . 2012-03-03 16:36 -------- d-----w- c:\programdata\Ubisoft
2012-03-03 16:31 . 2007-05-16 15:45 4496232 ----a-w- c:\windows\system32\d3dx9_34.dll
2012-03-03 14:22 . 2012-03-03 14:22 -------- d-----w- c:\programdata\Solidshield
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-23 08:18 . 2011-07-25 22:05 279656 ------w- c:\windows\system32\MpSigStub.exe
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{9BFBA68E-E21B-458E-AE12-FE85E903D2C1}]
2011-06-08 17:04 282656 ----a-w- c:\program files (x86)\AlterGeo\AlterGeo Magic Scanner\3.3.2.779\AlterGeo.BrowserPlugin.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-10-31 21:02 94208 ----a-w- c:\users\install\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-10-31 21:02 94208 ----a-w- c:\users\install\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-10-31 21:02 94208 ----a-w- c:\users\install\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-10-31 21:02 94208 ----a-w- c:\users\install\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Pando Media Booster"="c:\program files (x86)\Pando Networks\Media Booster\PMB.exe" [2011-07-26 3077528]
"KPeerNexonEU"="c:\nexon\NEXON_EU_Downloader\nxEULauncher.exe" [2011-07-26 438272]
"Logitech Vid"="c:\program files (x86)\Logitech\Vid HD\Vid.exe" [2011-01-13 6129496]
"DAEMON Tools Lite"="e:\daemon tools lite\DTLite.exe" [2011-11-10 3514176]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BCU"="c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe" [2009-08-04 346320]
"NUSB3MON"="c:\program files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2009-09-25 106496]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-02 98304]
"avgnt"="e:\avira\AntiVir Desktop\avgnt.exe" [2011-07-25 281768]
"AVMWlanClient"="c:\program files (x86)\avmwlanstick\wlangui.exe" [2010-10-22 2105344]
"MAgent"="e:\mailagent\MAgent.exe" [2011-07-25 13233856]
"Guard.Mail.ru.gui"="c:\program files (x86)\Mail.Ru\Guard\GuardMailRu.exe" [2011-12-11 1768144]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"LWS"="e:\logitech webcam\LWS\Webcam Software\LWS.exe" [2011-03-01 190808]
.
c:\users\install\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\install\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-2-15 24246216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R3 avmeject;AVM Eject;c:\windows\system32\drivers\avmeject.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
R3 MAUSBFASTTRACKPRO;Service for M-Audio FastTrack Pro;c:\windows\system32\DRIVERS\MAudioFastTrackPro.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S0 hotcore3;hc3ServiceName;c:\windows\system32\DRIVERS\hotcore3.sys [x]
S0 mv91cons;Marvell 91xx Config Device Driver;c:\windows\system32\DRIVERS\mv91cons.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira AntiVir Planer;e:\avira\AntiVir Desktop\sched.exe [2011-07-25 136360]
S2 BCUService;Browser Configuration Utility Service;c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe [2009-08-04 219360]
S2 Guard.Mail.ru;Guard.Mail.ru;c:\program files (x86)\Mail.Ru\Guard\GuardMailRu.exe [2011-12-11 1768144]
S2 lxbk_device;lxbk_device;c:\windows\system32\lxbkcoms.exe [2008-02-19 565928]
S2 NIHardwareService;NIHardwareService;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2011-04-07 5352960]
S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2011-03-04 428640]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 FWLANUSB;AVM FRITZ!WLAN;c:\windows\system32\DRIVERS\fwlanusb.sys [x]
S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [x]
S3 LVUVC64;Logitech HD Webcam C270(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [x]
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
iissvcs REG_MULTI_SZ w3svc was
apphost REG_MULTI_SZ apphostsvc
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-10-31 21:02 97792 ----a-w- c:\users\install\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-10-31 21:02 97792 ----a-w- c:\users\install\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-10-31 21:02 97792 ----a-w- c:\users\install\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-10-31 21:02 97792 ----a-w- c:\users\install\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-09-22 8116256]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"lxbkbmgr.exe"="c:\program files (x86)\Lexmark X1100 Series\lxbkbmgr.exe" [2008-02-28 74408]
"M-Audio Taskbar Icon"="c:\windows\system32\M-AudioTaskBarIcon.exe" [2010-12-07 798728]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: &??????? ? Microsoft Excel - e:\office\OFFICE11\EXCEL.EXE/3000
IE: {{7558B7E5-7B26-4201-BEDB-00D5FF534523} - e:\mailagent\magent.exe
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - e:\icq7.5\ICQ.exe
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\install\AppData\Roaming\Mozilla\Firefox\Profiles\71zsfnsc.default\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKCU-Run-MediaGet2 - c:\users\install\AppData\Local\MediaGet2\mediaget.exe
HKLM-Run-SpywareTerminatorShield - c:\program files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
HKLM-Run-SpywareTerminatorUpdater - c:\program files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
AddRemove-Digitale Bibliothek 5 - e:\digitale bibliothek 5\uninstall.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10w_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10w_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10w.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10w.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10w.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10w.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\!-*]
"7040110900063D11C8EF10054038389C"="C?\\Windows\\SysWOW64\\FM20ENU.DLL"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
e:\avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\avmwlanstick\WlanNetService.exe
c:\program files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files (x86)\Lexmark X1100 Series\lxbkbmon.exe
c:\nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-03-31 14:54:05 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2012-03-31 12:54
.
Vor Suchlauf: 14 Verzeichnis(se), 16.716.795.904 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 16.570.363.904 Bytes frei
.
- - End Of File - - 1E23405E6EA629DE53DBD92F88F62EF8
--- --- ---
31.03.2012, 14:00
Baum-Darstellung