System Care Antivirus - wie kann ich es entfernen?

Klaudia Ewa · 19.08.2013, 23:26

Hallo, hier das Combofix-Logfile:

Code:

ATTFilter

ComboFix 13-08-19.02 - Vaio 19.08.2013  23:49:47.1.4 - x64 NETWORK
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.43.1031.18.3950.2722 [GMT 2:00]
ausgeführt von:: c:\users\Vaio\Desktop\ComboFix.exe
AV: McAfee Anti-Virus und Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
SP: McAfee Anti-Virus und Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\6A4A355D84C28AD400006A49CB188FAA
c:\programdata\6A4A355D84C28AD400006A49CB188FAA\6A4A355D84C28AD400006A49CB188FAA
c:\programdata\6A4A355D84C28AD400006A49CB188FAA\6A4A355D84C28AD400006A49CB188FAA.exe
c:\programdata\6A4A355D84C28AD400006A49CB188FAA\6A4A355D84C28AD400006A49CB188FAA.ico
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-07-19 bis 2013-08-19  ))))))))))))))))))))))))))))))
.
.
2013-08-19 22:00 . 2013-08-19 22:00	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-08-19 19:55 . 2013-08-19 19:55	--------	d-----w-	C:\FRST
2013-08-17 08:44 . 2013-08-17 08:47	--------	d-----w-	c:\windows\system32\MRT
2013-08-17 06:46 . 2013-07-09 05:52	224256	----a-w-	c:\windows\system32\wintrust.dll
2013-08-17 06:46 . 2013-07-09 05:46	184320	----a-w-	c:\windows\system32\cryptsvc.dll
2013-08-17 06:46 . 2013-07-09 05:46	1472512	----a-w-	c:\windows\system32\crypt32.dll
2013-08-17 06:46 . 2013-07-09 05:46	139776	----a-w-	c:\windows\system32\cryptnet.dll
2013-08-17 06:46 . 2013-07-09 04:52	175104	----a-w-	c:\windows\SysWow64\wintrust.dll
2013-08-17 06:46 . 2013-07-09 04:46	140288	----a-w-	c:\windows\SysWow64\cryptsvc.dll
2013-08-17 06:46 . 2013-07-09 04:46	1166848	----a-w-	c:\windows\SysWow64\crypt32.dll
2013-08-17 06:46 . 2013-07-09 04:46	103936	----a-w-	c:\windows\SysWow64\cryptnet.dll
2013-08-17 06:46 . 2013-07-19 01:58	2048	----a-w-	c:\windows\system32\tzres.dll
2013-08-17 06:46 . 2013-07-19 01:41	2048	----a-w-	c:\windows\SysWow64\tzres.dll
2013-08-17 06:45 . 2013-07-25 09:25	1888768	----a-w-	c:\windows\system32\WMVDECOD.DLL
2013-08-17 06:45 . 2013-07-25 08:57	1620992	----a-w-	c:\windows\SysWow64\WMVDECOD.DLL
2013-08-17 06:45 . 2013-07-09 05:51	1217024	----a-w-	c:\windows\system32\rpcrt4.dll
2013-08-17 06:45 . 2013-07-09 04:52	663552	----a-w-	c:\windows\SysWow64\rpcrt4.dll
2013-08-17 06:45 . 2013-06-15 04:32	39936	----a-w-	c:\windows\system32\drivers\tssecsrv.sys
2013-08-17 06:45 . 2013-07-06 06:03	1910208	----a-w-	c:\windows\system32\drivers\tcpip.sys
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-08-17 08:44 . 2011-02-14 17:39	78161360	----a-w-	c:\windows\system32\MRT.exe
2013-06-25 22:41 . 2013-06-25 22:41	97280	----a-w-	c:\windows\system32\mshtmled.dll
2013-06-25 22:41 . 2013-06-25 22:41	92160	----a-w-	c:\windows\system32\SetIEInstalledDate.exe
2013-06-25 22:41 . 2013-06-25 22:41	905728	----a-w-	c:\windows\system32\mshtmlmedia.dll
2013-06-25 22:41 . 2013-06-25 22:41	81408	----a-w-	c:\windows\system32\icardie.dll
2013-06-25 22:41 . 2013-06-25 22:41	77312	----a-w-	c:\windows\system32\tdc.ocx
2013-06-25 22:41 . 2013-06-25 22:41	762368	----a-w-	c:\windows\system32\ieapfltr.dll
2013-06-25 22:41 . 2013-06-25 22:41	73728	----a-w-	c:\windows\SysWow64\SetIEInstalledDate.exe
2013-06-25 22:41 . 2013-06-25 22:41	719360	----a-w-	c:\windows\SysWow64\mshtmlmedia.dll
2013-06-25 22:41 . 2013-06-25 22:41	62976	----a-w-	c:\windows\system32\pngfilt.dll
2013-06-25 22:41 . 2013-06-25 22:41	61952	----a-w-	c:\windows\SysWow64\tdc.ocx
2013-06-25 22:41 . 2013-06-25 22:41	599552	----a-w-	c:\windows\system32\vbscript.dll
2013-06-25 22:41 . 2013-06-25 22:41	523264	----a-w-	c:\windows\SysWow64\vbscript.dll
2013-06-25 22:41 . 2013-06-25 22:41	52224	----a-w-	c:\windows\system32\msfeedsbs.dll
2013-06-25 22:41 . 2013-06-25 22:41	51200	----a-w-	c:\windows\system32\imgutil.dll
2013-06-25 22:41 . 2013-06-25 22:41	48640	----a-w-	c:\windows\SysWow64\mshtmler.dll
2013-06-25 22:41 . 2013-06-25 22:41	48640	----a-w-	c:\windows\system32\mshtmler.dll
2013-06-25 22:41 . 2013-06-25 22:41	452096	----a-w-	c:\windows\system32\dxtmsft.dll
2013-06-25 22:41 . 2013-06-25 22:41	441856	----a-w-	c:\windows\system32\html.iec
2013-06-25 22:41 . 2013-06-25 22:41	38400	----a-w-	c:\windows\SysWow64\imgutil.dll
2013-06-25 22:41 . 2013-06-25 22:41	361984	----a-w-	c:\windows\SysWow64\html.iec
2013-06-25 22:41 . 2013-06-25 22:41	281600	----a-w-	c:\windows\system32\dxtrans.dll
2013-06-25 22:41 . 2013-06-25 22:41	27648	----a-w-	c:\windows\system32\licmgr10.dll
2013-06-25 22:41 . 2013-06-25 22:41	270848	----a-w-	c:\windows\system32\iedkcs32.dll
2013-06-25 22:41 . 2013-06-25 22:41	247296	----a-w-	c:\windows\system32\webcheck.dll
2013-06-25 22:41 . 2013-06-25 22:41	235008	----a-w-	c:\windows\system32\url.dll
2013-06-25 22:41 . 2013-06-25 22:41	23040	----a-w-	c:\windows\SysWow64\licmgr10.dll
2013-06-25 22:41 . 2013-06-25 22:41	226304	----a-w-	c:\windows\system32\elshyph.dll
2013-06-25 22:41 . 2013-06-25 22:41	216064	----a-w-	c:\windows\system32\msls31.dll
2013-06-25 22:41 . 2013-06-25 22:41	197120	----a-w-	c:\windows\system32\msrating.dll
2013-06-25 22:41 . 2013-06-25 22:41	185344	----a-w-	c:\windows\SysWow64\elshyph.dll
2013-06-25 22:41 . 2013-06-25 22:41	173568	----a-w-	c:\windows\system32\ieUnatt.exe
2013-06-25 22:41 . 2013-06-25 22:41	167424	----a-w-	c:\windows\system32\iexpress.exe
2013-06-25 22:41 . 2013-06-25 22:41	158720	----a-w-	c:\windows\SysWow64\msls31.dll
2013-06-25 22:41 . 2013-06-25 22:41	1509376	----a-w-	c:\windows\system32\inetcpl.cpl
2013-06-25 22:41 . 2013-06-25 22:41	150528	----a-w-	c:\windows\SysWow64\iexpress.exe
2013-06-25 22:41 . 2013-06-25 22:41	149504	----a-w-	c:\windows\system32\occache.dll
2013-06-25 22:41 . 2013-06-25 22:41	144896	----a-w-	c:\windows\system32\wextract.exe
2013-06-25 22:41 . 2013-06-25 22:41	1441280	----a-w-	c:\windows\SysWow64\inetcpl.cpl
2013-06-25 22:41 . 2013-06-25 22:41	1400416	----a-w-	c:\windows\system32\ieapfltr.dat
2013-06-25 22:41 . 2013-06-25 22:41	138752	----a-w-	c:\windows\SysWow64\wextract.exe
2013-06-25 22:41 . 2013-06-25 22:41	13824	----a-w-	c:\windows\system32\mshta.exe
2013-06-25 22:41 . 2013-06-25 22:41	137216	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2013-06-25 22:41 . 2013-06-25 22:41	136192	----a-w-	c:\windows\system32\iepeers.dll
2013-06-25 22:41 . 2013-06-25 22:41	135680	----a-w-	c:\windows\system32\IEAdvpack.dll
2013-06-25 22:41 . 2013-06-25 22:41	12800	----a-w-	c:\windows\SysWow64\mshta.exe
2013-06-25 22:41 . 2013-06-25 22:41	12800	----a-w-	c:\windows\system32\msfeedssync.exe
2013-06-25 22:41 . 2013-06-25 22:41	110592	----a-w-	c:\windows\SysWow64\IEAdvpack.dll
2013-06-25 22:41 . 2013-06-25 22:41	1054720	----a-w-	c:\windows\system32\MsSpellCheckingFacility.exe
2013-06-25 22:41 . 2013-06-25 22:41	102912	----a-w-	c:\windows\system32\inseng.dll
2013-06-25 22:39 . 2013-06-25 22:39	9728	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-06-25 22:39 . 2013-06-25 22:39	9728	---ha-w-	c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-06-25 22:39 . 2013-06-25 22:39	648192	----a-w-	c:\windows\system32\d3d10level9.dll
2013-06-25 22:39 . 2013-06-25 22:39	604160	----a-w-	c:\windows\SysWow64\d3d10level9.dll
2013-06-25 22:39 . 2013-06-25 22:39	5632	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-06-25 22:39 . 2013-06-25 22:39	5632	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-06-25 22:39 . 2013-06-25 22:39	5632	---ha-w-	c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-06-25 22:39 . 2013-06-25 22:39	5632	---ha-w-	c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-06-25 22:39 . 2013-06-25 22:39	522752	----a-w-	c:\windows\system32\XpsGdiConverter.dll
2013-06-25 22:39 . 2013-06-25 22:39	465920	----a-w-	c:\windows\system32\WMPhoto.dll
2013-06-25 22:39 . 2013-06-25 22:39	417792	----a-w-	c:\windows\SysWow64\WMPhoto.dll
2013-06-25 22:39 . 2013-06-25 22:39	4096	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-06-25 22:39 . 2013-06-25 22:39	4096	---ha-w-	c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-06-25 22:39 . 2013-06-25 22:39	3928064	----a-w-	c:\windows\system32\d2d1.dll
2013-06-25 22:39 . 2013-06-25 22:39	364544	----a-w-	c:\windows\SysWow64\XpsGdiConverter.dll
2013-06-25 22:39 . 2013-06-25 22:39	363008	----a-w-	c:\windows\system32\dxgi.dll
2013-06-25 22:39 . 2013-06-25 22:39	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-06-25 22:39 . 2013-06-25 22:39	3584	---ha-w-	c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-06-25 22:39 . 2013-06-25 22:39	3419136	----a-w-	c:\windows\SysWow64\d2d1.dll
2013-06-25 22:39 . 2013-06-25 22:39	333312	----a-w-	c:\windows\system32\d3d10_1core.dll
2013-06-25 22:39 . 2013-06-25 22:39	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-06-25 22:39 . 2013-06-25 22:39	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-06-25 22:39 . 2013-06-25 22:39	3072	---ha-w-	c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-06-25 22:39 . 2013-06-25 22:39	3072	---ha-w-	c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-06-25 22:39 . 2013-06-25 22:39	296960	----a-w-	c:\windows\system32\d3d10core.dll
2013-06-25 22:39 . 2013-06-25 22:39	293376	----a-w-	c:\windows\SysWow64\dxgi.dll
2013-06-25 22:39 . 2013-06-25 22:39	2776576	----a-w-	c:\windows\system32\msmpeg2vdec.dll
2013-06-25 22:39 . 2013-06-25 22:39	2565120	----a-w-	c:\windows\system32\d3d10warp.dll
2013-06-25 22:39 . 2013-06-25 22:39	2560	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-06-25 22:39 . 2013-06-25 22:39	2560	---ha-w-	c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-06-25 22:39 . 2013-06-25 22:39	249856	----a-w-	c:\windows\SysWow64\d3d10_1core.dll
2013-06-25 22:39 . 2013-06-25 22:39	245248	----a-w-	c:\windows\system32\WindowsCodecsExt.dll
2013-06-25 22:39 . 2013-06-25 22:39	2284544	----a-w-	c:\windows\SysWow64\msmpeg2vdec.dll
2013-06-25 22:39 . 2013-06-25 22:39	221184	----a-w-	c:\windows\system32\UIAnimation.dll
2013-06-25 22:39 . 2013-06-25 22:39	220160	----a-w-	c:\windows\SysWow64\d3d10core.dll
2013-06-25 22:39 . 2013-06-25 22:39	207872	----a-w-	c:\windows\SysWow64\WindowsCodecsExt.dll
2013-06-25 22:39 . 2013-06-25 22:39	1988096	----a-w-	c:\windows\SysWow64\d3d10warp.dll
2013-06-25 22:39 . 2013-06-25 22:39	194560	----a-w-	c:\windows\system32\d3d10_1.dll
2013-06-25 22:39 . 2013-06-25 22:39	187392	----a-w-	c:\windows\SysWow64\UIAnimation.dll
2013-06-25 22:39 . 2013-06-25 22:39	1682432	----a-w-	c:\windows\system32\XpsPrint.dll
2013-06-25 22:39 . 2013-06-25 22:39	161792	----a-w-	c:\windows\SysWow64\d3d10_1.dll
2013-06-25 22:39 . 2013-06-25 22:39	1238528	----a-w-	c:\windows\system32\d3d10.dll
2013-06-25 22:39 . 2013-06-25 22:39	1175552	----a-w-	c:\windows\system32\FntCache.dll
2013-06-25 22:39 . 2013-06-25 22:39	1158144	----a-w-	c:\windows\SysWow64\XpsPrint.dll
2013-06-25 22:39 . 2013-06-25 22:39	1080832	----a-w-	c:\windows\SysWow64\d3d10.dll
2013-06-25 22:39 . 2013-06-25 22:39	10752	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-06-25 22:39 . 2013-06-25 22:39	10752	---ha-w-	c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-06-05 03:34 . 2013-07-11 23:54	3153920	----a-w-	c:\windows\system32\win32k.sys
2013-06-04 06:00 . 2013-07-11 23:54	624128	----a-w-	c:\windows\system32\qedit.dll
2013-06-04 04:53 . 2013-07-11 23:54	509440	----a-w-	c:\windows\SysWow64\qedit.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36	130736	----a-w-	c:\users\Vaio\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36	130736	----a-w-	c:\users\Vaio\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36	130736	----a-w-	c:\users\Vaio\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36	130736	----a-w-	c:\users\Vaio\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2012-06-07 39408]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-06-03 19603048]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2009-11-20 284696]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2009-08-26 320880]
"NortonOnlineBackupReminder"="c:\program files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" [2009-06-17 538472]
"PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2010-01-21 597792]
"MarketingTools"="c:\program files (x86)\Sony\Marketing Tools\MarketingTools.exe" [2010-11-30 26624]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-09-20 102400]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2010-09-30 1484856]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
.
c:\users\Vaio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Vaio\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-5-25 27776968]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-9-4 1081632]
honestech Audio Recorder 2.0 Deluxe Launcher.lnk - c:\program files (x86)\honestech Audio Recorder 2.0 Deluxe\HTARLauncher.exe [2011-6-23 386048]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2009-12-01 21:03	98304	----a-w-	c:\windows\System32\VESWinlogon.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"AntiVirusOverride"=dword:00000001
"FirewallDisableNotify"=dword:00000001
"FirewallOverride"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
.
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files (x86)\McAfee\SiteAdvisor\McSACore.exe;c:\program files (x86)\McAfee\SiteAdvisor\McSACore.exe [x]
R2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [x]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [x]
R2 Roxio Upnp Server 10;Roxio Upnp Server 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe;c:\program files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [x]
R2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe;c:\program files\Sony\VAIO Care\VCPerfService.exe [x]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [x]
R2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
R2 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [x]
R2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [x]
R2 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [x]
R2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe;c:\program files\Sony\VAIO Smart Network\VSNService.exe [x]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys;c:\windows\SYSNATIVE\DRIVERS\ArcSoftKsUFilter.sys [x]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys;c:\windows\SYSNATIVE\drivers\btusbflt.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys;c:\windows\SYSNATIVE\drivers\cfwids.sys [x]
R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys;c:\windows\SYSNATIVE\drivers\Impcd.sys [x]
R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys;c:\windows\SYSNATIVE\drivers\mferkdet.sys [x]
R3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe;c:\program files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [x]
R3 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [x]
R3 SOHDBSvr;VAIO Media plus Database Manager;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [x]
R3 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [x]
R3 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [x]
R3 SOHPlMgr;VAIO Media plus Playlist Manager;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TVICHW64;TVICHW64;c:\windows\system32\DRIVERS\TVICHW64.SYS;c:\windows\SYSNATIVE\DRIVERS\TVICHW64.SYS [x]
R3 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe;c:\program files\Sony\VAIO Power Management\SPMService.exe [x]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [x]
R3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe;c:\program files\Sony\VAIO Care\VCService.exe [x]
R3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update\VUAgent.exe;c:\program files\Sony\VAIO Update\VUAgent.exe [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys;c:\windows\SYSNATIVE\DRIVERS\mfenlfk.sys [x]
S1 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys;c:\windows\SYSNATIVE\drivers\mfewfpk.sys [x]
S2 McMPFSvc;McAfee Personal Firewall-Dienst;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [x]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [x]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe;c:\windows\SYSNATIVE\mfevtps.exe [x]
S2 rimspci;rimspci;c:\windows\system32\drivers\rimssne64.sys;c:\windows\SYSNATIVE\drivers\rimssne64.sys [x]
S2 risdsnpe;risdsnpe;c:\windows\system32\drivers\risdsne64.sys;c:\windows\SYSNATIVE\drivers\risdsne64.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys;c:\windows\SYSNATIVE\drivers\mfefirek.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys;c:\windows\SYSNATIVE\drivers\SFEP.sys [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2013-08-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-07 08:54]
.
2013-08-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-07 08:54]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36	164016	----a-w-	c:\users\Vaio\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36	164016	----a-w-	c:\users\Vaio\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36	164016	----a-w-	c:\users\Vaio\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36	164016	----a-w-	c:\users\Vaio\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-12-16 9636896]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2010-11-30 171520]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.zamg.ac.at/cms/de/wetter/wetter-oesterreich/wien
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: An OneNote s&enden - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 212.186.211.21 195.34.133.21
FF - ProfilePath - c:\users\Vaio\AppData\Roaming\Mozilla\Firefox\Profiles\a54kiqcs.default\
FF - prefs.js: network.proxy.type - 0
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM-Run-Apoint - c:\program files (x86)\Apoint\Apoint.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\% C3 Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-08-20  00:07:36
ComboFix-quarantined-files.txt  2013-08-19 22:07
.
Vor Suchlauf: 13 Verzeichnis(se), 416.244.764.672 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 417.811.652.608 Bytes frei
.
- - End Of File - - C54EE3EDF92CA63D2FF63850534A8FB1

Ich nehme an, dass noch einiges zu tun ist! Nachdem ich morgen wieder früh raus muss, meine Frage, ob Du morgen auch online bist und zu welcher Zeit? Ich könnte bis dahin die nächsten Aufgaben erledigen und wir könnten dann das weitere Programm durchgehen. Falls es aber besser ist, können wir auch heute noch fortsetzen - schreibe mir bitte kurz, was Du meinst!

Liebe Grüße,
Klaudia

System Care Antivirus - wie kann ich es entfernen?

Log-Analyse und Auswertung: System Care Antivirus - wie kann ich es entfernen?

System Care Antivirus - wie kann ich es entfernen?

Ähnliche Themen: System Care Antivirus - wie kann ich es entfernen?