combofix log auswerten,wei tdsskiller das hier( UnsignedFile.Multi.Generic ) GEFUNDEN HAT

ajin28 · 19.12.2012, 00:11

Hallo ich hab vor paar stunde mit markus bi hir weiter gekommen,alle andre log und informatin sind bei thema Plagegeister aller Art und deren Bekämpfung unter hijachktis logfile von mir drinn aber wie soll ich jetz weiter gehen.
bitte um eure hilfe

Combofix Logfile:

Code:

ATTFilter

ComboFix 12-12-17.02 - emily 18.12.2012  21:49:49.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.4010.2334 [GMT 1:00]
ausgeführt von:: c:\users\emily\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *Disabled/Updated* {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
FW: Kaspersky Internet Security *Disabled* {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}
SP: Kaspersky Internet Security *Disabled/Updated* {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-11-18 bis 2012-12-18  ))))))))))))))))))))))))))))))
.
.
2012-12-18 20:56 . 2012-12-18 20:56	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-12-18 20:42 . 2012-12-18 20:42	--------	d-----w-	C:\TDSSKiller_Quarantine
2012-12-18 19:38 . 2012-12-18 19:38	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2012-12-18 19:38 . 2012-09-29 18:54	25928	----a-w-	c:\windows\system32\drivers\mbam.sys
2012-12-18 17:30 . 2012-12-18 17:30	388096	----a-r-	c:\users\emily\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-12-16 20:07 . 2012-12-16 20:07	--------	d-----w-	c:\users\emily\AppData\Roaming\ChemTable Software
2012-12-16 20:07 . 2012-12-16 20:07	--------	d-----w-	c:\users\emily\AppData\Local\ChemTable Software
2012-12-16 20:07 . 2012-12-18 19:39	--------	d-----w-	c:\users\emily\AppData\Local\AnVir
2012-12-16 20:05 . 2012-12-16 21:46	--------	d-----w-	c:\program files (x86)\AnVir Task Manager Free
2012-12-16 02:19 . 2012-12-16 02:19	--------	d-----w-	c:\program files (x86)\Trend Micro
2012-12-15 21:13 . 2012-12-15 21:13	--------	d-----w-	c:\users\emily\AppData\Roaming\Malwarebytes
2012-12-15 21:13 . 2012-12-15 21:13	--------	d-----w-	c:\programdata\Malwarebytes
2012-12-12 20:05 . 2012-11-09 05:45	2048	----a-w-	c:\windows\system32\tzres.dll
2012-12-12 20:04 . 2012-11-02 05:59	478208	----a-w-	c:\windows\system32\dpnet.dll
2012-12-12 20:04 . 2012-11-02 05:11	376832	----a-w-	c:\windows\SysWow64\dpnet.dll
2012-12-08 11:50 . 2012-12-08 12:13	--------	d-----w-	c:\users\emily\AppData\Local\CrashDumps
2012-12-08 11:42 . 2012-12-08 11:42	--------	d-----w-	c:\users\emily\AppData\Roaming\QuickScan
2012-12-07 11:36 . 2012-12-15 18:16	--------	d-----w-	c:\users\emily\AppData\Local\PokerStars.EU
2012-12-07 11:35 . 2012-12-13 16:46	--------	d-----w-	c:\program files (x86)\PokerStars.EU
2012-12-07 07:48 . 2012-12-07 07:49	--------	d-----w-	c:\programdata\VirtualizedApplications
2012-12-07 05:47 . 2012-12-07 05:47	--------	d-----w-	c:\program files (x86)\Microsoft.NET
2012-12-07 00:07 . 2012-12-07 00:07	--------	d-----w-	c:\users\emily\AppData\Roaming\Skype
2012-12-07 00:06 . 2012-12-07 00:06	--------	d-----w-	c:\program files (x86)\Common Files\Skype
2012-12-07 00:06 . 2012-12-07 00:06	--------	d-----r-	c:\program files (x86)\Skype
2012-12-06 23:13 . 2012-12-06 23:13	--------	d-----w-	c:\windows\system32\SPReview
2012-12-06 23:13 . 2012-12-06 23:13	--------	d-----w-	c:\windows\system32\EventProviders
2012-12-06 23:11 . 2012-12-13 16:21	67413224	----a-w-	c:\windows\system32\MRT.exe
2012-12-06 23:07 . 2010-11-05 01:57	48976	----a-w-	c:\windows\system32\netfxperf.dll
2012-12-06 23:07 . 2010-11-05 01:57	1942856	----a-w-	c:\windows\system32\dfshim.dll
2012-12-06 23:05 . 2010-11-20 13:33	184704	----a-w-	c:\windows\system32\drivers\pci.sys
2012-12-06 23:04 . 2010-11-20 13:27	529408	----a-w-	c:\windows\system32\wbemcomn.dll
2012-12-06 23:04 . 2010-11-20 13:27	244736	----a-w-	c:\program files\Windows Portable Devices\sqmapi.dll
2012-12-06 23:03 . 2010-11-20 13:27	244736	----a-w-	c:\windows\system32\sqmapi.dll
2012-12-06 22:57 . 2012-12-06 22:57	--------	d-----r-	C:\MSOCache
2012-12-06 22:46 . 2012-12-06 22:46	--------	d-----w-	c:\users\emily\AppData\Local\Diagnostics
2012-12-06 22:36 . 2012-12-06 22:37	--------	d-----w-	c:\program files (x86)\Google
2012-12-06 22:36 . 2012-12-06 22:38	--------	d-----w-	c:\users\emily\AppData\Local\Google
2012-12-06 22:35 . 2012-12-06 22:35	--------	d-----w-	c:\users\emily\AppData\Local\Apps
2012-12-06 22:35 . 2012-12-06 22:36	--------	d-----w-	c:\users\emily\AppData\Local\Deployment
2012-12-06 22:14 . 2012-12-15 21:42	--------	d-----w-	c:\users\emily\AppData\Roaming\SoftGrid Client
2012-12-06 22:14 . 2012-12-06 22:14	--------	d-----w-	c:\users\emily\AppData\Local\SoftGrid Client
2012-12-06 22:13 . 2012-12-06 23:19	--------	d-----w-	c:\program files (x86)\Microsoft Application Virtualization Client
2012-12-06 22:13 . 2012-12-06 22:13	--------	d-----w-	c:\program files\Microsoft Office
2012-12-06 22:13 . 2012-12-06 22:14	--------	d-----w-	c:\users\emily\AppData\Roaming\TP
2012-12-06 17:19 . 2012-07-26 07:46	2560	----a-w-	c:\windows\system32\drivers\de-DE\wdf01000.sys.mui
2012-12-06 17:19 . 2012-07-26 04:55	785512	----a-w-	c:\windows\system32\drivers\Wdf01000.sys
2012-12-06 17:19 . 2012-07-26 04:55	54376	----a-w-	c:\windows\system32\drivers\WdfLdr.sys
2012-12-06 17:19 . 2012-07-26 02:36	9728	----a-w-	c:\windows\system32\Wdfres.dll
2012-12-06 17:06 . 2010-02-23 08:16	294912	----a-w-	c:\windows\system32\browserchoice.exe
2012-12-06 16:55 . 2012-07-26 03:08	84992	----a-w-	c:\windows\system32\WUDFSvc.dll
2012-12-06 16:55 . 2012-07-26 03:08	194048	----a-w-	c:\windows\system32\WUDFPlatform.dll
2012-12-06 16:55 . 2012-07-26 02:26	87040	----a-w-	c:\windows\system32\drivers\WUDFPf.sys
2012-12-06 16:55 . 2012-07-26 02:26	198656	----a-w-	c:\windows\system32\drivers\WUDFRd.sys
2012-12-06 16:55 . 2012-07-26 03:08	229888	----a-w-	c:\windows\system32\WUDFHost.exe
2012-12-06 16:55 . 2012-07-26 03:08	744448	----a-w-	c:\windows\system32\WUDFx.dll
2012-12-06 16:55 . 2012-07-26 03:08	45056	----a-w-	c:\windows\system32\WUDFCoinstaller.dll
2012-12-06 16:52 . 2012-03-01 06:46	23408	----a-w-	c:\windows\system32\drivers\fs_rec.sys
2012-12-06 16:52 . 2012-03-01 06:33	81408	----a-w-	c:\windows\system32\imagehlp.dll
2012-12-06 16:52 . 2012-03-01 05:33	159232	----a-w-	c:\windows\SysWow64\imagehlp.dll
2012-12-06 16:52 . 2012-03-01 06:28	5120	----a-w-	c:\windows\system32\wmi.dll
2012-12-06 16:52 . 2012-03-01 05:29	5120	----a-w-	c:\windows\SysWow64\wmi.dll
2012-12-06 06:33 . 2011-11-17 06:35	395776	----a-w-	c:\windows\system32\webio.dll
2012-12-06 06:33 . 2011-11-17 05:35	314880	----a-w-	c:\windows\SysWow64\webio.dll
2012-12-06 06:33 . 2012-06-06 06:06	1881600	----a-w-	c:\windows\system32\msxml3.dll
2012-12-06 06:33 . 2012-06-06 06:06	2004480	----a-w-	c:\windows\system32\msxml6.dll
2012-12-06 06:33 . 2012-06-06 05:05	1390080	----a-w-	c:\windows\SysWow64\msxml6.dll
2012-12-06 06:33 . 2012-06-06 05:05	1236992	----a-w-	c:\windows\SysWow64\msxml3.dll
2012-12-06 06:33 . 2010-06-26 03:55	2048	----a-w-	c:\windows\system32\msxml3r.dll
2012-12-06 06:33 . 2010-06-26 03:24	2048	----a-w-	c:\windows\SysWow64\msxml3r.dll
2012-12-06 06:33 . 2012-08-30 18:03	5559664	----a-w-	c:\windows\system32\ntoskrnl.exe
2012-12-06 06:33 . 2012-08-30 17:12	3968880	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2012-12-06 06:33 . 2012-08-30 17:12	3914096	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2012-12-06 06:33 . 2012-06-09 05:43	14172672	----a-w-	c:\windows\system32\shell32.dll
2012-12-06 06:31 . 2012-04-28 03:55	210944	----a-w-	c:\windows\system32\drivers\rdpwd.sys
2012-12-06 06:30 . 2012-01-04 10:44	509952	----a-w-	c:\windows\system32\ntshrui.dll
2012-12-06 06:29 . 2011-04-22 22:15	27520	----a-w-	c:\windows\system32\drivers\Diskdump.sys
2012-12-06 06:28 . 2011-11-19 14:58	77312	----a-w-	c:\windows\system32\packager.dll
2012-12-06 06:28 . 2011-11-19 14:01	67072	----a-w-	c:\windows\SysWow64\packager.dll
2012-12-06 06:28 . 2011-02-23 04:55	90624	----a-w-	c:\windows\system32\drivers\bowser.sys
2012-12-06 06:28 . 2012-05-14 05:26	956928	----a-w-	c:\windows\system32\localspl.dll
2012-12-06 06:28 . 2010-11-20 13:27	39424	----a-w-	c:\windows\system32\Spool\prtprocs\x64\winprint.dll
2012-12-06 06:28 . 2011-12-16 08:46	634880	----a-w-	c:\windows\system32\msvcrt.dll
2012-12-06 06:28 . 2011-12-16 07:52	690688	----a-w-	c:\windows\SysWow64\msvcrt.dll
2012-12-06 06:28 . 2011-08-27 05:37	861696	----a-w-	c:\windows\system32\oleaut32.dll
2012-12-06 06:28 . 2011-08-27 05:37	331776	----a-w-	c:\windows\system32\oleacc.dll
2012-12-06 06:28 . 2011-08-27 04:26	571904	----a-w-	c:\windows\SysWow64\oleaut32.dll
2012-12-06 06:28 . 2011-08-27 04:26	233472	----a-w-	c:\windows\SysWow64\oleacc.dll
2012-12-06 06:12 . 2012-02-17 06:38	1031680	----a-w-	c:\windows\system32\rdpcore.dll
2012-12-06 06:12 . 2012-02-17 05:34	826880	----a-w-	c:\windows\SysWow64\rdpcore.dll
2012-12-06 06:12 . 2012-02-17 04:57	23552	----a-w-	c:\windows\system32\drivers\tdtcp.sys
2012-12-05 19:23 . 2012-06-02 22:19	57880	----a-w-	c:\windows\system32\wuauclt.exe
2012-12-05 19:23 . 2012-06-02 22:19	44056	----a-w-	c:\windows\system32\wups2.dll
2012-12-05 19:23 . 2012-06-02 22:19	2428952	----a-w-	c:\windows\system32\wuaueng.dll
2012-12-05 19:23 . 2012-06-02 22:15	2622464	----a-w-	c:\windows\system32\wucltux.dll
2012-12-05 19:22 . 2012-06-02 22:19	38424	----a-w-	c:\windows\system32\wups.dll
2012-12-05 19:22 . 2012-06-02 22:15	99840	----a-w-	c:\windows\system32\wudriver.dll
2012-12-05 19:22 . 2012-06-02 22:19	701976	----a-w-	c:\windows\system32\wuapi.dll
2012-12-05 19:20 . 2012-06-02 14:19	186752	----a-w-	c:\windows\system32\wuwebv.dll
2012-12-05 19:20 . 2012-06-02 14:15	36864	----a-w-	c:\windows\system32\wuapp.exe
2012-12-05 19:10 . 2012-07-11 16:09	64856	----a-w-	c:\windows\system32\klfphc.dll
2012-12-05 19:10 . 2012-12-05 19:10	--------	d-----w-	c:\windows\ELAMBKUP
2012-12-05 19:10 . 2012-12-18 18:09	--------	d-----w-	c:\programdata\Kaspersky Lab
2012-12-05 19:10 . 2012-12-05 19:10	--------	d-----w-	c:\program files (x86)\Kaspersky Lab
2012-12-05 19:10 . 2012-12-06 15:24	613720	----a-w-	c:\windows\system32\drivers\klif.sys
2012-12-05 19:10 . 2012-08-13 17:24	89432	----a-w-	c:\windows\system32\drivers\klflt.sys
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-06 23:39 . 2009-07-14 02:36	152576	----a-w-	c:\windows\SysWow64\msclmd.dll
2012-12-06 23:39 . 2009-07-14 02:36	175616	----a-w-	c:\windows\system32\msclmd.dll
2012-12-06 15:24 . 2012-07-25 13:53	29528	----a-w-	c:\windows\system32\drivers\klmouflt.sys
2012-12-06 15:24 . 2012-06-08 10:38	54104	----a-w-	c:\windows\system32\drivers\kltdi.sys
2012-12-06 15:24 . 2012-05-25 18:38	29016	----a-w-	c:\windows\system32\drivers\klkbdflt.sys
2012-10-16 08:38 . 2012-12-06 06:31	135168	----a-w-	c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-12-06 06:31	350208	----a-w-	c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-12-06 06:31	561664	----a-w-	c:\windows\apppatch\AcLayers.dll
2012-10-04 16:40 . 2012-12-12 20:05	44032	----a-w-	c:\windows\apppatch\acwow64.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AVP"="c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe" [2012-12-06 356376]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
" Malwarebytes Anti-Malware "="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-09-29 766536]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-01 183560]
R3 Samsung UPD Service;Samsung UPD Service;c:\windows\System32\SUPDSvc.exe [2010-08-09 166704]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [2012-08-02 28504]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys [2012-12-06 54104]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys [2012-08-13 178008]
S1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\Drivers\SABI.sys [2010-10-07 13824]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-21 2656280]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [2010-11-10 31088]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys [2012-12-06 29016]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [2012-12-06 29528]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-01-27 425064]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 32531149
*Deregistered* - 32531149
.
Inhalt des "geplante Tasks" Ordners
.
2012-12-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-06 22:36]
.
2012-12-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-06 22:36]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-02-27 11780712]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.de/
mStart Page = hxxp://samsung.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: {{07BA1DA9-F501-4796-8728-74D1B91A6CD5} - c:\program files (x86)\PokerStars.EU\PokerStarsUpdate.exe
TCP: DhcpNameServer = 192.168.1.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-12-18  22:00:09
ComboFix-quarantined-files.txt  2012-12-18 21:00
.
Vor Suchlauf: 8 Verzeichnis(se), 74.731.806.720 Bytes frei
Nach Suchlauf: 12 Verzeichnis(se), 74.688.786.432 Bytes frei
.
- - End Of File - - 1B37E1848950602C7A7E42EF99C791FA

--- --- ---

combofix log auswerten,wei tdsskiller das hier( UnsignedFile.Multi.Generic ) GEFUNDEN HAT

Mülltonne: combofix log auswerten,wei tdsskiller das hier( UnsignedFile.Multi.Generic ) GEFUNDEN HAT

combofix log auswerten,wei tdsskiller das hier( UnsignedFile.Multi.Generic ) GEFUNDEN HAT

Ähnliche Themen: combofix log auswerten,wei tdsskiller das hier( UnsignedFile.Multi.Generic ) GEFUNDEN HAT