tr/sirefef.16896 und tr/atraps.gen2; wie bekomme ich die weg?

dalyay · 12.09.2012, 16:40

Ja, der normal modus geht wieder.

habe combofix jetzt nochmal vom Desktop ausgeführt.

Code:

ATTFilter

ComboFix 12-09-12.02 - Admin 12.09.2012  17:33:18.2.8 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.16366.14306 [GMT 2:00]
ausgeführt von:: c:\users\Sebastian\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-08-12 bis 2012-09-12  ))))))))))))))))))))))))))))))
.
.
2012-09-12 15:36 . 2012-09-12 15:36	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-09-11 20:23 . 2012-09-11 20:49	--------	d-----w-	c:\program files (x86)\Common Files\Blizzard Entertainment
2012-09-07 03:29 . 2012-09-07 03:29	--------	d-----w-	C:\totalcmd
2012-09-07 03:24 . 2012-09-07 03:24	--------	d-----w-	c:\program files (x86)\FileZilla FTP Client
2012-09-04 22:05 . 2012-09-04 22:05	--------	d-----w-	c:\program files (x86)\UseNeXT
2012-09-04 21:51 . 2012-09-04 21:51	--------	d-----w-	c:\program files\WinRAR
2012-09-04 21:14 . 2012-09-04 21:14	--------	d-----w-	c:\program files (x86)\Foxit Software
2012-09-03 20:09 . 2012-09-03 20:09	--------	d-----w-	c:\program files (x86)\EAGLE-6.2.0
2012-09-03 17:03 . 2012-09-03 17:03	--------	d-----w-	c:\programdata\Malwarebytes
2012-08-28 01:53 . 2012-08-28 01:53	--------	d-----w-	c:\program files (x86)\Resource Hacker
2012-08-24 20:52 . 2012-08-24 20:52	--------	d-----w-	c:\programdata\VOWSoft
2012-08-24 20:52 . 2012-08-24 20:52	--------	d-----w-	c:\program files (x86)\iPodRobot
2012-08-22 18:21 . 2012-08-22 18:21	--------	d-----w-	c:\programdata\Blizzard Entertainment
2012-08-21 17:54 . 2012-08-21 17:54	--------	d-----w-	c:\program files (x86)\coolspot AG
2012-08-21 17:46 . 2012-08-21 17:46	--------	d-----w-	c:\program files (x86)\SecretCity 3DChat
2012-08-21 17:46 . 2012-08-21 17:46	--------	d-----w-	c:\program files (x86)\Utherverse Digital Inc
2012-08-21 08:17 . 2012-08-20 22:21	--------	d-----w-	c:\windows\Panther
2012-08-21 08:17 . 2012-08-21 08:17	--------	d-----w-	C:\Hotfix
2012-08-21 08:17 . 2012-08-21 08:17	--------	d-----w-	C:\Drivers
2012-08-21 08:17 . 2012-08-20 22:20	--------	d-----w-	c:\windows\system32\OEM
2012-08-21 08:16 . 2012-08-21 08:16	--------	d-----w-	c:\windows\SysWow64\XPSViewer
2012-08-21 08:16 . 2012-08-21 08:16	--------	d-----w-	c:\windows\SysWow64\drivers\UMDF\de-DE
2012-08-21 08:16 . 2012-08-21 08:16	--------	d-----w-	c:\windows\SysWow64\drivers\de-DE
2012-08-21 08:16 . 2012-08-21 08:16	--------	d-----w-	c:\windows\SysWow64\de
2012-08-21 08:16 . 2012-08-21 08:16	--------	d-----w-	c:\windows\SysWow64\0407
2012-08-21 08:16 . 2012-08-21 08:16	--------	d-----w-	c:\windows\de-DE
2012-08-21 08:16 . 2012-08-20 23:38	--------	d-----w-	c:\windows\SysWow64\wbem\de-DE
2012-08-21 08:16 . 2012-08-21 08:16	--------	d-----w-	c:\windows\system32\drivers\UMDF\de-DE
2012-08-21 08:16 . 2012-08-21 08:16	--------	d-----w-	c:\windows\system32\drivers\de-DE
2012-08-21 08:16 . 2012-08-21 08:16	--------	d-----w-	c:\windows\system32\de
2012-08-21 08:16 . 2012-08-21 08:16	--------	d-----w-	c:\windows\system32\0407
2012-08-21 08:16 . 2012-08-20 23:38	--------	d-----w-	c:\windows\system32\wbem\de-DE
2012-08-21 08:14 . 2009-07-14 03:05	3584	----a-w-	c:\windows\system32\Spool\prtprocs\x64\de-DE\LXKPTPRC.DLL.mui
2012-08-21 05:46 . 2012-08-21 05:47	--------	d-----w-	c:\programdata\Battle.net
2012-08-21 05:42 . 2012-09-03 19:29	--------	d-----w-	c:\users\Sebastian
2012-08-21 05:38 . 2012-08-21 05:38	--------	d-----w-	c:\program files (x86)\Mozilla Thunderbird
2012-08-21 05:37 . 2012-08-21 05:37	--------	d-----w-	c:\program files (x86)\OpenOffice.org 3
2012-08-21 05:33 . 2012-08-21 05:40	--------	d-----w-	c:\program files (x86)\Mozilla Maintenance Service
2012-08-21 05:32 . 2012-07-18 16:04	27760	----a-w-	c:\windows\system32\drivers\avkmgr.sys
2012-08-21 05:32 . 2012-07-18 16:04	132832	----a-w-	c:\windows\system32\drivers\avipbb.sys
2012-08-21 05:32 . 2012-07-18 16:04	98848	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2012-08-21 05:32 . 2012-08-21 05:32	--------	d-----w-	c:\programdata\Avira
2012-08-21 05:32 . 2012-08-21 05:32	--------	d-----w-	c:\program files (x86)\Avira
2012-08-21 05:21 . 2012-08-21 05:21	--------	d-----w-	c:\program files (x86)\Innovative Solutions
2012-08-21 05:19 . 2012-08-21 05:19	--------	d-sh--w-	c:\windows\system32\%APPDATA%
2012-08-21 05:16 . 2012-08-21 06:17	70344	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-08-21 05:16 . 2012-08-21 06:17	426184	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2012-08-21 05:16 . 2012-08-21 05:16	--------	d-----w-	c:\windows\SysWow64\Macromed
2012-08-21 05:16 . 2012-08-21 05:16	--------	d-----w-	c:\windows\system32\Macromed
2012-08-21 04:51 . 2011-12-06 13:55	53248	----a-w-	c:\windows\SysWow64\CSVer.dll
2012-08-21 02:43 . 2012-08-21 02:43	--------	d-----w-	c:\programdata\PCDr
2012-08-21 02:43 . 2012-08-21 02:43	--------	d-----w-	c:\program files\AlienAutopsy
2012-08-21 02:39 . 2012-09-12 15:29	--------	d-----w-	c:\programdata\NVIDIA
2012-08-21 02:35 . 2012-08-21 05:35	--------	dc----w-	c:\windows\system32\DRVSTORE
2012-08-21 02:35 . 2010-08-20 09:05	21616	----a-w-	c:\windows\system32\drivers\stdcfltn.sys
2012-08-21 02:34 . 2012-08-21 02:34	--------	d-----w-	c:\program files\STMicroelectronics
2012-08-21 02:31 . 2012-08-21 02:31	--------	d-----w-	c:\program files\Synaptics
2012-08-21 02:31 . 2011-03-30 13:12	215336	----a-w-	c:\windows\system32\SynTPAPI.dll
2012-08-21 02:31 . 2011-03-30 13:12	1721576	----a-w-	c:\windows\system32\WdfCoInstaller01009.dll
2012-08-21 02:31 . 2011-03-30 13:12	148264	----a-w-	c:\windows\system32\SynTPCo4.dll
2012-08-21 02:31 . 2011-03-30 13:12	1395760	----a-w-	c:\windows\system32\drivers\SynTP.sys
2012-08-21 02:31 . 2011-03-30 13:12	107816	----a-w-	c:\windows\SysWow64\SynTPCOM.dll
2012-08-21 02:31 . 2011-03-30 13:12	400168	----a-w-	c:\windows\system32\SynCOM.dll
2012-08-21 02:31 . 2011-03-30 13:12	273704	----a-w-	c:\windows\system32\SynCtrl.dll
2012-08-21 02:31 . 2011-03-30 13:12	218408	----a-w-	c:\windows\SysWow64\SynCtrl.dll
2012-08-21 02:31 . 2011-03-30 13:12	173352	----a-w-	c:\windows\SysWow64\SynCOM.dll
2012-08-21 02:30 . 2011-03-03 15:23	81008	----a-w-	c:\windows\system32\accelernco01.dll
2012-08-21 02:30 . 2011-03-03 15:23	27760	----a-w-	c:\windows\system32\drivers\Accelern.sys
2012-08-21 02:28 . 2011-03-03 14:48	8192	----a-w-	c:\windows\system32\drivers\IntelMEFWVer.dll
2012-08-21 02:28 . 2012-08-21 02:28	--------	d-----w-	c:\program files (x86)\Common Files\postureAgent
2012-08-21 02:28 . 2012-08-21 04:51	--------	d-----w-	c:\program files (x86)\Intel
2012-08-21 02:27 . 2011-03-03 15:07	9888360	----a-w-	c:\windows\SysWow64\RtsPStorIcon.dll
2012-08-21 02:27 . 2011-03-03 15:07	335464	----a-w-	c:\windows\system32\drivers\RtsPStor.sys
2012-08-20 23:51 . 2011-02-19 12:05	1139200	----a-w-	c:\windows\system32\FntCache.dll
2012-08-20 23:51 . 2011-02-19 12:04	902656	----a-w-	c:\windows\system32\d2d1.dll
2012-08-20 23:51 . 2011-02-19 06:30	739840	----a-w-	c:\windows\SysWow64\d2d1.dll
2012-08-20 23:49 . 2012-05-04 11:00	366592	----a-w-	c:\windows\system32\qdvd.dll
2012-08-20 23:49 . 2012-05-04 09:59	514560	----a-w-	c:\windows\SysWow64\qdvd.dll
2012-08-20 23:43 . 2012-08-20 23:43	--------	d-----w-	c:\program files (x86)\Microsoft.NET
2012-08-20 23:30 . 2012-07-16 00:40	9133488	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{47679C7B-1F12-4896-8E81-30BF787E5E37}\mpengine.dll
2012-08-20 23:23 . 2010-02-23 08:16	294912	----a-w-	c:\windows\system32\browserchoice.exe
2012-08-20 23:18 . 2012-03-01 06:46	23408	----a-w-	c:\windows\system32\drivers\fs_rec.sys
2012-08-20 23:18 . 2012-03-01 06:38	220672	----a-w-	c:\windows\system32\wintrust.dll
2012-08-20 23:18 . 2012-03-01 06:33	81408	----a-w-	c:\windows\system32\imagehlp.dll
2012-08-20 23:18 . 2012-03-01 06:28	5120	----a-w-	c:\windows\system32\wmi.dll
2012-08-20 23:18 . 2012-03-01 05:37	172544	----a-w-	c:\windows\SysWow64\wintrust.dll
2012-08-20 23:18 . 2012-03-01 05:33	159232	----a-w-	c:\windows\SysWow64\imagehlp.dll
2012-08-20 23:18 . 2012-03-01 05:29	5120	----a-w-	c:\windows\SysWow64\wmi.dll
2012-08-20 23:17 . 2012-08-03 02:27	62134624	----a-w-	c:\windows\system32\MRT.exe
2012-08-20 23:15 . 2011-11-17 06:41	1731920	----a-w-	c:\windows\system32\ntdll.dll
2012-08-20 23:15 . 2011-11-17 05:38	1292080	----a-w-	c:\windows\SysWow64\ntdll.dll
2012-08-20 23:13 . 2011-11-19 14:58	77312	----a-w-	c:\windows\system32\packager.dll
2012-08-20 23:13 . 2011-11-19 14:01	67072	----a-w-	c:\windows\SysWow64\packager.dll
2012-08-20 23:10 . 2012-08-20 23:10	--------	d-----w-	c:\windows\SysWow64\Atheros_L1e
2012-08-20 23:10 . 2011-03-03 15:02	76912	----a-w-	c:\windows\system32\drivers\L1C62x64.sys
2012-08-20 23:08 . 2012-08-20 23:08	--------	d-----w-	c:\program files (x86)\AMD APP
2012-08-20 23:08 . 2012-08-20 23:08	--------	d-----w-	C:\Intel
2012-08-20 23:08 . 2012-08-20 23:08	--------	d-----w-	c:\program files\ATI
2012-08-20 23:08 . 2012-08-20 23:08	--------	d-----w-	c:\program files\ATI Technologies
2012-08-20 22:49 . 2012-02-17 06:38	1031680	----a-w-	c:\windows\system32\rdpcore.dll
2012-08-20 22:49 . 2012-02-17 05:34	826880	----a-w-	c:\windows\SysWow64\rdpcore.dll
2012-08-20 22:49 . 2012-02-17 04:57	23552	----a-w-	c:\windows\system32\drivers\tdtcp.sys
2012-08-20 22:47 . 2012-06-02 22:19	2428952	----a-w-	c:\windows\system32\wuaueng.dll
2012-08-20 22:47 . 2012-06-02 22:19	57880	----a-w-	c:\windows\system32\wuauclt.exe
2012-08-20 22:47 . 2012-06-02 22:19	44056	----a-w-	c:\windows\system32\wups2.dll
2012-08-20 22:47 . 2012-06-02 22:15	2622464	----a-w-	c:\windows\system32\wucltux.dll
2012-08-20 22:47 . 2012-06-02 22:19	38424	----a-w-	c:\windows\system32\wups.dll
2012-08-20 22:47 . 2012-06-02 22:19	701976	----a-w-	c:\windows\system32\wuapi.dll
2012-08-20 22:47 . 2012-06-02 22:15	99840	----a-w-	c:\windows\system32\wudriver.dll
2012-08-20 22:47 . 2012-06-02 13:19	186752	----a-w-	c:\windows\system32\wuwebv.dll
2012-08-20 22:47 . 2012-06-02 13:15	36864	----a-w-	c:\windows\system32\wuapp.exe
2012-08-20 22:46 . 2012-08-20 22:46	--------	d-----w-	c:\users\Public\Roaming
2012-08-20 22:46 . 2012-08-20 22:46	--------	d-----w-	c:\users\Default\Roaming
2012-08-20 22:45 . 2012-08-20 22:45	--------	d-----w-	c:\program files\Common Files\Intel
2012-08-20 22:45 . 2012-08-20 22:45	--------	d-----w-	c:\program files (x86)\Cisco
2012-08-20 22:45 . 2012-08-20 22:45	--------	d-----w-	c:\programdata\Intel
2012-08-20 22:45 . 2012-08-20 22:45	--------	d-----w-	c:\program files\Intel
2012-08-20 22:45 . 2012-09-07 03:32	--------	d-sh--w-	c:\windows\Installer
2012-08-20 22:44 . 2012-08-20 22:44	--------	d-----w-	C:\dell
2012-08-20 22:25 . 2012-08-20 22:25	--------	d-----w-	c:\program files (x86)\Creative
2012-08-20 22:24 . 2012-08-20 22:24	--------	d-----w-	c:\program files (x86)\Integrated Webcam
2012-08-20 22:24 . 2010-06-07 14:45	174848	----a-w-	c:\windows\system32\drivers\CtClsFlt.sys
2012-08-20 22:24 . 2009-05-28 08:49	224768	----a-w-	c:\windows\system32\drivers\CtAudDrv.sys
2012-08-20 22:24 . 2012-08-20 22:24	--------	d-----w-	c:\program files (x86)\Creative Live! Cam
2012-08-20 22:23 . 2012-08-21 02:38	--------	d--h--w-	c:\program files (x86)\InstallShield Installation Information
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DriverMax"="c:\program files (x86)\Innovative Solutions\DriverMax\drivermax.exe" [2012-07-31 11324352]
"Personal ID"="c:\progra~2\COOLSP~1\PERSON~1\PID.EXE" [2012-08-21 1132984]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Integrated Webcam Live! Central"="c:\program files (x86)\Integrated Webcam\Live! Central\WebcamInt.exe" [2010-08-11 487561]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-07-18 348664]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 59280]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-06-07 421776]
.
c:\users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Admin\AppData\Roaming\Dropbox\bin\Dropbox.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-21 250056]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [2010-06-07 174848]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-14 113120]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2011-01-05 340240]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-04-25 52736]
S0 stdcfltn;Disk Class Filter Driver for Accelerometer;c:\windows\system32\DRIVERS\stdcfltn.sys [2010-08-20 21616]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2012-07-18 27760]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-07-18 86224]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-06-26 378472]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-03-03 2656280]
S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\Accelern.sys [2011-03-03 27760]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2011-03-03 76912]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
S3 NETwNs64;___ Intel(R) Wireless WiFi Link der Serie 5000 Adaptertreiber für Windows 7 64-Bit;c:\windows\system32\DRIVERS\NETwNs64.sys [2011-01-04 8507392]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-09-30 80384]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-09-30 180736]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2011-07-05 174184]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [2011-03-03 335464]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
.
.
Inhalt des "geplante Tasks" Ordners
.
2012-09-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-21 06:17]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19	97792	----a-w-	c:\users\Sebastian\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-01-05 1933584]
"NVHotkey"="c:\windows\system32\nvHotkey.dll" [2011-06-26 315496]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"*WerKernelReporting"="c:\windows\SYSTEM32\WerFault.exe" [2009-07-14 415232]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\fdlo2jvk.default\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-09-12  17:37:28
ComboFix-quarantined-files.txt  2012-09-12 15:37
ComboFix2.txt  2012-09-11 19:57
.
Vor Suchlauf: 13 Verzeichnis(se), 33.580.015.616 Bytes frei
Nach Suchlauf: 14 Verzeichnis(se), 33.153.294.336 Bytes frei
.
- - End Of File - - 87FFA5CD75DA4419DFB7454E8DCD866C

tr/sirefef.16896 und tr/atraps.gen2; wie bekomme ich die weg?

Plagegeister aller Art und deren Bekämpfung: tr/sirefef.16896 und tr/atraps.gen2; wie bekomme ich die weg?

tr/sirefef.16896 und tr/atraps.gen2; wie bekomme ich die weg?

Ähnliche Themen: tr/sirefef.16896 und tr/atraps.gen2; wie bekomme ich die weg?