weisser Bildschirm nach booten von Windows 7

ryder · 27.06.2013, 16:39

So sollst meine Anleitung lesen und nochmal meine Regeln.

Hugo81 · 27.06.2013, 16:47

scheisse...sorry

Code:

ATTFilter

ComboFix 13-06-26.01 - ATELCO 27.06.2013  20:48:45.1.4 - x64 MINIMAL
Microsoft Windows 7 Professional   6.1.7601.1.1252.49.1031.18.4095.3305 [GMT 2:00]
ausgeführt von:: E:\ComboFix.exe
AV: Avira Desktop *Enabled/Outdated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Enabled/Outdated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\ATELCO\AppData\Roaming\skype.dat
c:\users\ATELCO\AppData\Roaming\skype.ini
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_mv2
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-05-27 bis 2013-06-27  ))))))))))))))))))))))))))))))
.
.
2013-06-07 07:09 . 2013-05-13 06:37	9460464	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{16DCAB9D-F38A-441B-A11E-F24525C599E0}\mpengine.dll
2013-06-05 15:28 . 2013-06-05 15:28	--------	d-----w-	c:\users\ATELCO\AppData\Local\Incomedia
2013-06-05 09:12 . 2013-06-05 15:28	--------	d-----w-	c:\program files (x86)\WebSite X5 v9 - Compact
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-25 09:22 . 2013-05-25 09:22	719360	----a-w-	c:\windows\SysWow64\mshtmlmedia.dll
2013-05-25 09:22 . 2013-05-25 09:22	71680	----a-w-	c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-05-25 09:22 . 2013-05-25 09:22	523264	----a-w-	c:\windows\SysWow64\vbscript.dll
2013-05-25 09:22 . 2013-05-25 09:22	226304	----a-w-	c:\windows\system32\elshyph.dll
2013-05-25 09:22 . 2013-05-25 09:22	185344	----a-w-	c:\windows\SysWow64\elshyph.dll
2013-05-25 09:22 . 2013-05-25 09:22	1767424	----a-w-	c:\windows\SysWow64\wininet.dll
2013-05-25 09:22 . 2013-05-25 09:22	158720	----a-w-	c:\windows\SysWow64\msls31.dll
2013-05-25 09:22 . 2013-05-25 09:22	150528	----a-w-	c:\windows\SysWow64\iexpress.exe
2013-05-25 09:22 . 2013-05-25 09:22	138752	----a-w-	c:\windows\SysWow64\wextract.exe
2013-05-25 09:22 . 2013-05-25 09:22	1054720	----a-w-	c:\windows\system32\MsSpellCheckingFacility.exe
2013-05-25 09:22 . 2013-05-25 09:22	73728	----a-w-	c:\windows\SysWow64\SetIEInstalledDate.exe
2013-05-25 09:22 . 2013-05-25 09:22	61952	----a-w-	c:\windows\SysWow64\tdc.ocx
2013-05-25 09:22 . 2013-05-25 09:22	61440	----a-w-	c:\windows\SysWow64\iesetup.dll
2013-05-25 09:22 . 2013-05-25 09:22	48640	----a-w-	c:\windows\SysWow64\mshtmler.dll
2013-05-25 09:22 . 2013-05-25 09:22	38400	----a-w-	c:\windows\SysWow64\imgutil.dll
2013-05-25 09:22 . 2013-05-25 09:22	361984	----a-w-	c:\windows\SysWow64\html.iec
2013-05-25 09:22 . 2013-05-25 09:22	2877440	----a-w-	c:\windows\SysWow64\jscript9.dll
2013-05-25 09:22 . 2013-05-25 09:22	2706432	----a-w-	c:\windows\SysWow64\mshtml.tlb
2013-05-25 09:22 . 2013-05-25 09:22	23040	----a-w-	c:\windows\SysWow64\licmgr10.dll
2013-05-25 09:22 . 2013-05-25 09:22	1441280	----a-w-	c:\windows\SysWow64\inetcpl.cpl
2013-05-25 09:22 . 2013-05-25 09:22	137216	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2013-05-25 09:22 . 2013-05-25 09:22	12800	----a-w-	c:\windows\SysWow64\mshta.exe
2013-05-25 09:22 . 2013-05-25 09:22	110592	----a-w-	c:\windows\SysWow64\IEAdvpack.dll
2013-05-25 09:22 . 2013-05-25 09:22	109056	----a-w-	c:\windows\SysWow64\iesysprep.dll
2013-05-25 09:22 . 2013-05-25 09:22	97280	----a-w-	c:\windows\system32\mshtmled.dll
2013-05-25 09:22 . 2013-05-25 09:22	92160	----a-w-	c:\windows\system32\SetIEInstalledDate.exe
2013-05-25 09:22 . 2013-05-25 09:22	905728	----a-w-	c:\windows\system32\mshtmlmedia.dll
2013-05-25 09:22 . 2013-05-25 09:22	89600	----a-w-	c:\windows\system32\RegisterIEPKEYs.exe
2013-05-25 09:22 . 2013-05-25 09:22	855552	----a-w-	c:\windows\system32\jscript.dll
2013-05-25 09:22 . 2013-05-25 09:22	81408	----a-w-	c:\windows\system32\icardie.dll
2013-05-25 09:22 . 2013-05-25 09:22	77312	----a-w-	c:\windows\system32\tdc.ocx
2013-05-25 09:22 . 2013-05-25 09:22	762368	----a-w-	c:\windows\system32\ieapfltr.dll
2013-05-25 09:22 . 2013-05-25 09:22	67072	----a-w-	c:\windows\system32\iesetup.dll
2013-05-25 09:22 . 2013-05-25 09:22	62976	----a-w-	c:\windows\system32\pngfilt.dll
2013-05-25 09:22 . 2013-05-25 09:22	603136	----a-w-	c:\windows\system32\msfeeds.dll
2013-05-25 09:22 . 2013-05-25 09:22	599552	----a-w-	c:\windows\system32\vbscript.dll
2013-05-25 09:22 . 2013-05-25 09:22	53248	----a-w-	c:\windows\system32\jsproxy.dll
2013-05-25 09:22 . 2013-05-25 09:22	526336	----a-w-	c:\windows\system32\ieui.dll
2013-05-25 09:22 . 2013-05-25 09:22	52224	----a-w-	c:\windows\system32\msfeedsbs.dll
2013-05-25 09:22 . 2013-05-25 09:22	51712	----a-w-	c:\windows\system32\ie4uinit.exe
2013-05-25 09:22 . 2013-05-25 09:22	51200	----a-w-	c:\windows\system32\imgutil.dll
2013-05-25 09:22 . 2013-05-25 09:22	48640	----a-w-	c:\windows\system32\mshtmler.dll
2013-05-25 09:22 . 2013-05-25 09:22	452096	----a-w-	c:\windows\system32\dxtmsft.dll
2013-05-25 09:22 . 2013-05-25 09:22	441856	----a-w-	c:\windows\system32\html.iec
2013-05-25 09:22 . 2013-05-25 09:22	39936	----a-w-	c:\windows\system32\iernonce.dll
2013-05-25 09:22 . 2013-05-25 09:22	3958784	----a-w-	c:\windows\system32\jscript9.dll
2013-05-25 09:22 . 2013-05-25 09:22	281600	----a-w-	c:\windows\system32\dxtrans.dll
2013-05-25 09:22 . 2013-05-25 09:22	27648	----a-w-	c:\windows\system32\licmgr10.dll
2013-05-25 09:22 . 2013-05-25 09:22	270848	----a-w-	c:\windows\system32\iedkcs32.dll
2013-05-25 09:22 . 2013-05-25 09:22	2706432	----a-w-	c:\windows\system32\mshtml.tlb
2013-05-25 09:22 . 2013-05-25 09:22	2647552	----a-w-	c:\windows\system32\iertutil.dll
2013-05-25 09:22 . 2013-05-25 09:22	247296	----a-w-	c:\windows\system32\webcheck.dll
2013-05-25 09:22 . 2013-05-25 09:22	235008	----a-w-	c:\windows\system32\url.dll
2013-05-25 09:22 . 2013-05-25 09:22	2242048	----a-w-	c:\windows\system32\wininet.dll
2013-05-25 09:22 . 2013-05-25 09:22	216064	----a-w-	c:\windows\system32\msls31.dll
2013-05-25 09:22 . 2013-05-25 09:22	197120	----a-w-	c:\windows\system32\msrating.dll
2013-05-25 09:22 . 2013-05-25 09:22	19231232	----a-w-	c:\windows\system32\mshtml.dll
2013-05-25 09:22 . 2013-05-25 09:22	173568	----a-w-	c:\windows\system32\ieUnatt.exe
2013-05-25 09:22 . 2013-05-25 09:22	167424	----a-w-	c:\windows\system32\iexpress.exe
2013-05-25 09:22 . 2013-05-25 09:22	15404032	----a-w-	c:\windows\system32\ieframe.dll
2013-05-25 09:22 . 2013-05-25 09:22	1509376	----a-w-	c:\windows\system32\inetcpl.cpl
2013-05-25 09:22 . 2013-05-25 09:22	149504	----a-w-	c:\windows\system32\occache.dll
2013-05-25 09:22 . 2013-05-25 09:22	144896	----a-w-	c:\windows\system32\wextract.exe
2013-05-25 09:22 . 2013-05-25 09:22	1400416	----a-w-	c:\windows\system32\ieapfltr.dat
2013-05-25 09:22 . 2013-05-25 09:22	13824	----a-w-	c:\windows\system32\mshta.exe
2013-05-25 09:22 . 2013-05-25 09:22	136704	----a-w-	c:\windows\system32\iesysprep.dll
2013-05-25 09:22 . 2013-05-25 09:22	1365504	----a-w-	c:\windows\system32\urlmon.dll
2013-05-25 09:22 . 2013-05-25 09:22	136192	----a-w-	c:\windows\system32\iepeers.dll
2013-05-25 09:22 . 2013-05-25 09:22	135680	----a-w-	c:\windows\system32\IEAdvpack.dll
2013-05-25 09:22 . 2013-05-25 09:22	12800	----a-w-	c:\windows\system32\msfeedssync.exe
2013-05-25 09:22 . 2013-05-25 09:22	102912	----a-w-	c:\windows\system32\inseng.dll
2013-05-16 05:58 . 2012-04-03 09:11	692104	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-16 05:58 . 2011-05-18 17:24	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-15 17:59 . 2010-02-12 09:17	75016696	----a-w-	c:\windows\system32\MRT.exe
2013-05-02 00:06 . 2010-02-12 09:13	278800	------w-	c:\windows\system32\MpSigStub.exe
2013-04-13 05:49 . 2013-05-15 17:35	135168	----a-w-	c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-15 17:35	350208	----a-w-	c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-15 17:35	308736	----a-w-	c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-15 17:35	111104	----a-w-	c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-15 17:35	474624	----a-w-	c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-15 17:35	2176512	----a-w-	c:\windows\apppatch\AcGenral.dll
2013-04-12 14:45 . 2013-04-24 05:38	1656680	----a-w-	c:\windows\system32\drivers\ntfs.sys
2013-04-10 06:01 . 2013-05-15 17:35	265064	----a-w-	c:\windows\system32\drivers\dxgmms1.sys
2013-04-10 06:01 . 2013-05-15 17:35	983400	----a-w-	c:\windows\system32\drivers\dxgkrnl.sys
2013-04-10 03:30 . 2013-05-15 17:34	3153920	----a-w-	c:\windows\system32\win32k.sys
2011-03-21 08:03 . 2011-03-21 08:03	2808832	----a-w-	c:\program files (x86)\Common FilesDDBACSetup.msi
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{9B6B03F1-16CF-4491-BBBB-E872802DD717}]
2013-02-05 19:25	138752	----a-w-	c:\programdata\DNSErrorHelper\bho.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2012-06-20 11:18	1519824	----a-w-	c:\program files (x86)\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
2013-01-28 14:48	281760	----a-w-	c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2012-06-20 1519824]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-08-08 348664]
"ApnUpdater"="c:\program files (x86)\Ask.com\Updater\Updater.exe" [2012-06-20 1568976]
"PDFPrint"="c:\program files (x86)\PDF24\pdf24.exe" [2012-12-12 163000]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Philips SA011 Gere-Manager.lnk - c:\program files (x86)\Philips\GoGear SA011 Device Manager\main.exe [2010-5-18 119296]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\DRIVERS\massfilter.sys;c:\windows\SYSNATIVE\DRIVERS\massfilter.sys [x]
R3 MRV6X64U;Vista 64-bits Native WiFi Driver - USB;c:\windows\system32\DRIVERS\MRVW23C.sys;c:\windows\SYSNATIVE\DRIVERS\MRVW23C.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 ZTEusbnet;ZTE USB-NDIS miniport;c:\windows\system32\DRIVERS\ZTEusbnet.sys;c:\windows\SYSNATIVE\DRIVERS\ZTEusbnet.sys [x]
R3 ZTEusbvoice;ZTE VoUSB Port;c:\windows\system32\DRIVERS\ZTEusbvoice.sys;c:\windows\SYSNATIVE\DRIVERS\ZTEusbvoice.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 AntiVirWebService;Avira Browser Schutz;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [x]
S2 CodeMeter.exe;CodeMeter Runtime Server;c:\program files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe;c:\program files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe [x]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys;c:\windows\SYSNATIVE\Drivers\SSPORT.sys [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [x]
S2 WTService;WTService;c:\windows\system32\atwtusb.exe;c:\windows\SYSNATIVE\atwtusb.exe [x]
S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x]
S3 dfmirage;dfmirage;c:\windows\system32\DRIVERS\dfmirage.sys;c:\windows\SYSNATIVE\DRIVERS\dfmirage.sys [x]
S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-06-07 07:27	1165776	----a-w-	c:\program files (x86)\Google\Chrome\Application\27.0.1453.110\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-06-08 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-03 05:58]
.
2013-06-27 c:\windows\Tasks\AmiUpdXp.job
- c:\users\ATELCO\AppData\Local\SwvUpdater\Updater.exe [2013-02-05 15:32]
.
2013-06-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-24 18:24]
.
2013-06-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-24 18:24]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
2013-01-28 14:48	342176	----a-w-	c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
"MacrokeyManager"="WTMKM.exe" [2011-06-01 7329792]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]
"CDAServer"="c:\program files\Common Files\Common Desktop Agent\CDASrv.exe" [2012-02-20 456704]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = https://www.google.de/
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=95af7afe-0c3f-48aa-af3b-99cd65ae32d0&searchtype=ds&q={searchTerms}&installDate=28/02/2013
IE: Free YouTube Download - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
IE: {{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
LSP: c:\program files (x86)\Avira\AntiVir Desktop\avsda.dll
Trusted Zone: olb.de\www
TCP: DhcpNameServer = 192.168.178.1
DPF: {271A3CF5-5A54-447B-A08F-BE805F0DA60B} - hxxps://www.olb.de/olb_fb3_1830/plugin/AXFOAM.CAB
DPF: {579CACEB-F009-44D2-8775-C698876048DD} - hxxp://www.lizenzmanager.com/CmUserDataXControl1.ocx
FF - ProfilePath - c:\users\ATELCO\AppData\Roaming\Mozilla\Firefox\Profiles\blgcxzd8.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Web Search
FF - prefs.js: browser.startup.homepage - hxxp://www.trendekodo.de/plenty/ui/admin.html#tab2
FF - prefs.js: keyword.URL - hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=95af7afe-0c3f-48aa-af3b-99cd65ae32d0&searchtype=ds&installDate=28/02/2013&q=
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: !HIDDEN! 2013-02-27 08:55; {ACAA314B-EEBA-48e4-AD47-84E31C44796C}; c:\program files (x86)\Common Files\DVDVideoSoft\plugins\ff
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
WebBrowser-{7846AE31-BEA2-438A-8F5E-2D899361656C} - (no file)
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Philips]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-06-27  21:04:55 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2013-06-27 19:04
.
Vor Suchlauf: 17 Verzeichnis(se), 1.254.517.501.952 Bytes frei
Nach Suchlauf: 22 Verzeichnis(se), 1.254.462.148.608 Bytes frei
.
- - End Of File - - CD94A97D30367F056D11D1692631497B
A36C5E4F47E84449FF07ED3517B43A31

ich hoffe, ich hab diesmal alles richtig gemacht

27.06.2013, 16:39	#1
ryder /// TB-Ausbilder	weisser Bildschirm nach booten von Windows 7 So sollst meine Anleitung lesen und nochmal meine Regeln. __________________ Digitale Freibeuter gegen Malware! Keine Hilfe per PM!

weisser Bildschirm nach booten von Windows 7

Plagegeister aller Art und deren Bekämpfung: weisser Bildschirm nach booten von Windows 7

weisser Bildschirm nach booten von Windows 7

weisser Bildschirm nach booten von Windows 7

Ähnliche Themen: weisser Bildschirm nach booten von Windows 7