posadi17 im IE

lillimucki · 08.05.2014, 19:13

Code:

ATTFilter

ComboFix 14-05-07.03 - Heiner 08.05.2014  19:46:56.2.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.8179.5423 [GMT 2:00]
ausgeführt von:: c:\users\Heiner\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
FW: avast! Antivirus *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\1&1
c:\programdata\1&1\1&1 SmartFax\Settings.xml
c:\programdata\1360059849.bdinstall.bin
c:\programdata\1361789707.bdinstall.bin
c:\programdata\1375123999.bdinstall.bin
c:\programdata\1375125864.bdinstall.bin
c:\programdata\1375127725.bdinstall.bin
c:\programdata\1375163116.bdinstall.bin
c:\programdata\1375164939.bdinstall.bin
c:\programdata\1375166760.bdinstall.bin
c:\programdata\1375168582.bdinstall.bin
c:\programdata\1375170453.bdinstall.bin
c:\programdata\1375172319.bdinstall.bin
c:\programdata\1375174181.bdinstall.bin
c:\programdata\1375176048.bdinstall.bin
c:\programdata\1375211915.bdinstall.bin
c:\programdata\1375213805.bdinstall.bin
c:\programdata\1375215677.bdinstall.bin
c:\programdata\1375292848.bdinstall.bin
c:\programdata\1375294670.bdinstall.bin
c:\programdata\1375296573.bdinstall.bin
c:\programdata\1375298477.bdinstall.bin
c:\programdata\1375300381.bdinstall.bin
c:\programdata\1375302251.bdinstall.bin
c:\programdata\1375337207.bdinstall.bin
c:\programdata\1375339048.bdinstall.bin
c:\programdata\1375384680.bdinstall.bin
c:\programdata\1385017842.bdinstall.bin
c:\programdata\1385019667.bdinstall.bin
c:\programdata\1385021488.bdinstall.bin
c:\programdata\1385023308.bdinstall.bin
c:\programdata\1385025129.bdinstall.bin
c:\programdata\1385026950.bdinstall.bin
c:\programdata\1385028863.bdinstall.bin
c:\programdata\1385030684.bdinstall.bin
c:\programdata\1385032505.bdinstall.bin
c:\programdata\1385106047.bdinstall.bin
c:\programdata\1385154955.bdinstall.bin
c:\programdata\1385156777.bdinstall.bin
c:\programdata\1385241206.bdinstall.bin
c:\programdata\1385243032.bdinstall.bin
c:\programdata\1385244853.bdinstall.bin
c:\programdata\1385246673.bdinstall.bin
c:\programdata\1385248495.bdinstall.bin
c:\programdata\1385250320.bdinstall.bin
c:\programdata\1385252146.bdinstall.bin
c:\programdata\1385254012.bdinstall.bin
c:\programdata\1385287188.bdinstall.bin
c:\programdata\1385289011.bdinstall.bin
c:\programdata\1385290832.bdinstall.bin
c:\programdata\1385292652.bdinstall.bin
c:\programdata\1385294472.bdinstall.bin
c:\programdata\1385296292.bdinstall.bin
c:\programdata\1385298112.bdinstall.bin
c:\programdata\1385299930.bdinstall.bin
c:\programdata\1385301753.bdinstall.bin
c:\programdata\1385303592.bdinstall.bin
c:\programdata\1385353308.bdinstall.bin
c:\programdata\1385355128.bdinstall.bin
c:\programdata\1385356948.bdinstall.bin
c:\programdata\1385358768.bdinstall.bin
c:\programdata\1385360588.bdinstall.bin
c:\programdata\1385362409.bdinstall.bin
c:\programdata\1385364229.bdinstall.bin
c:\programdata\1385366050.bdinstall.bin
c:\programdata\1385367870.bdinstall.bin
c:\programdata\1385369690.bdinstall.bin
c:\programdata\1385371510.bdinstall.bin
c:\programdata\1385373330.bdinstall.bin
c:\programdata\1385375150.bdinstall.bin
c:\programdata\1385376971.bdinstall.bin
c:\programdata\1385378793.bdinstall.bin
c:\programdata\1385380613.bdinstall.bin
c:\programdata\1385382433.bdinstall.bin
c:\programdata\1385384379.bdinstall.bin
c:\programdata\1385386229.bdinstall.bin
c:\programdata\1385388050.bdinstall.bin
c:\programdata\1385389876.bdinstall.bin
c:\programdata\1385391696.bdinstall.bin
c:\users\Heiner\AppData\Roaming\1&1
c:\users\Heiner\AppData\Roaming\1&1\1&1 SmartFax\FaxNumberHistory.xml
c:\users\Heiner\AppData\Roaming\1&1\1&1 SmartFax\Settings.xml
c:\users\Heiner\AppData\Roaming\FoxitReaderUpdateInfo.txt
c:\users\Heiner\GoToAssistDownloadHelper.exe
c:\windows\Installer\{E60036CF-1E46-4DFE-832F-5476574B30FF}\BillMinder.8C5DA79E_7079_4AB3_81F7_712153351D0D.exe
c:\windows\IsUn0407.exe
c:\windows\SysWow64\System32\MASetupCleaner.exe
c:\windows\SysWow64\System32\muzapp.exe
D:\install.exe
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_ACEDRV11
-------\Service_acedrv11
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-04-08 bis 2014-05-08  ))))))))))))))))))))))))))))))
.
.
2014-05-08 17:59 . 2014-05-08 17:59	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-05-08 10:49 . 2014-05-08 10:49	--------	d-----w-	c:\programdata\Logitech
2014-05-08 10:49 . 2014-05-08 10:49	--------	d-----w-	c:\users\Heiner\AppData\Roaming\Leadertech
2014-05-08 10:49 . 2014-05-08 10:49	53248	----a-r-	c:\users\Heiner\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2014-05-08 10:49 . 2014-05-08 10:49	--------	d-----w-	c:\program files (x86)\Common Files\LogiShrd
2014-05-08 10:48 . 2014-05-08 10:48	18960	----a-w-	c:\windows\system32\drivers\LNonPnP.sys
2014-05-08 10:47 . 2014-05-08 10:49	--------	d-----w-	c:\programdata\Logishrd
2014-05-08 10:47 . 2014-05-08 10:47	--------	d-----w-	c:\program files\Logitech
2014-05-08 10:47 . 2014-05-08 10:48	--------	d-----w-	c:\program files\Common Files\LogiShrd
2014-05-08 10:46 . 2014-05-08 10:49	--------	d-----w-	c:\users\Heiner\AppData\Roaming\Logitech
2014-05-08 10:46 . 2014-05-08 10:47	--------	d-----w-	c:\users\Heiner\AppData\Roaming\Logishrd
2014-05-07 07:51 . 2014-05-07 07:54	--------	d-----w-	C:\FRST
2014-05-07 06:36 . 2014-05-07 06:36	--------	d-----w-	c:\users\Heiner\AppData\Roaming\Solvusoft
2014-05-06 23:02 . 2014-05-06 23:01	313256	----a-w-	c:\windows\system32\javaws.exe
2014-05-06 23:02 . 2014-05-06 23:01	108968	----a-w-	c:\windows\system32\WindowsAccessBridge-64.dll
2014-05-06 23:02 . 2014-05-06 23:01	189352	----a-w-	c:\windows\system32\javaw.exe
2014-05-06 23:02 . 2014-05-06 23:01	189352	----a-w-	c:\windows\system32\java.exe
2014-05-06 21:51 . 2014-04-17 03:31	10651704	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{2613D108-F098-4BDA-A0E3-D21386E14F4C}\mpengine.dll
2014-05-06 14:48 . 2014-05-06 14:48	--------	d-----w-	c:\users\Heiner\AppData\Roaming\AVAST Software
2014-05-06 14:48 . 2014-05-06 14:47	93568	----a-w-	c:\windows\system32\drivers\aswRdr2.sys
2014-05-06 14:48 . 2014-05-06 14:47	85328	----a-w-	c:\windows\system32\drivers\aswStm.sys
2014-05-06 14:48 . 2014-05-06 14:47	79184	----a-w-	c:\windows\system32\drivers\aswMonFlt.sys
2014-05-06 14:48 . 2014-05-06 14:47	65776	----a-w-	c:\windows\system32\drivers\aswRvrt.sys
2014-05-06 14:48 . 2014-05-06 14:47	423240	----a-w-	c:\windows\system32\drivers\aswSP.sys
2014-05-06 14:48 . 2014-05-06 14:47	29208	----a-w-	c:\windows\system32\drivers\aswHwid.sys
2014-05-06 14:48 . 2014-05-06 14:47	208416	----a-w-	c:\windows\system32\drivers\aswVmm.sys
2014-05-06 14:48 . 2014-05-06 14:47	1039096	----a-w-	c:\windows\system32\drivers\aswSnx.sys
2014-05-06 14:48 . 2014-05-06 14:47	28184	----a-w-	c:\windows\system32\drivers\aswKbd.sys
2014-05-06 14:47 . 2014-05-06 14:47	334648	----a-w-	c:\windows\system32\aswBoot.exe
2014-05-06 14:47 . 2014-05-06 14:47	43152	----a-w-	c:\windows\avastSS.scr
2014-05-06 14:47 . 2014-05-06 14:47	447888	----a-w-	c:\windows\system32\drivers\aswNdisFlt.sys
2014-05-06 14:47 . 2014-05-06 14:47	--------	d-----w-	c:\program files\AVAST Software
2014-05-06 14:44 . 2014-05-06 14:44	--------	d-----w-	c:\programdata\AVAST Software
2014-05-06 14:43 . 2014-05-06 14:43	--------	d-----w-	c:\windows\SysWow64\wbem\Logs
2014-05-05 14:21 . 2014-05-06 14:42	--------	d-----w-	c:\program files (x86)\G Data
2014-05-05 14:20 . 2014-05-06 14:41	--------	d-----w-	c:\programdata\G Data
2014-05-05 14:14 . 2014-05-05 14:14	--------	d-----w-	c:\program files\CCleaner
2014-05-03 18:37 . 2014-05-03 18:37	--------	d-----w-	c:\users\Heiner\AppData\Local\Trend Micro
2014-05-03 18:34 . 2014-05-03 18:40	--------	d-----w-	c:\programdata\Trend Micro Installer
2014-05-03 18:30 . 2014-05-03 18:30	--------	d-s---w-	c:\windows\system32\CompatTel
2014-05-03 18:30 . 2014-04-14 02:24	465408	----a-w-	c:\windows\system32\aepdu.dll
2014-05-03 18:30 . 2014-04-14 02:19	424448	----a-w-	c:\windows\system32\aeinv.dll
2014-05-03 18:23 . 2014-05-03 18:23	--------	d-----w-	c:\program files (x86)\Hosts_Anti_Adwares_PUPs
2014-05-03 07:00 . 2014-04-29 14:01	23547904	----a-w-	c:\windows\system32\mshtml.dll
2014-05-03 07:00 . 2014-04-29 13:40	2724864	----a-w-	c:\windows\system32\mshtml.tlb
2014-05-03 07:00 . 2014-04-29 12:34	2724864	----a-w-	c:\windows\SysWow64\mshtml.tlb
2014-05-01 17:34 . 2014-05-07 06:29	--------	d-----w-	C:\AdwCleaner
2014-04-30 13:57 . 2014-05-08 16:17	119512	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-04-29 09:31 . 2014-04-29 09:31	--------	d-----w-	c:\program files (x86)\StartupStar
2014-04-29 07:48 . 2014-04-29 07:48	--------	d-----w-	c:\program files (x86)\ Malwarebytes Anti-Malware 
2014-04-29 07:48 . 2014-04-03 07:51	63192	----a-w-	c:\windows\system32\drivers\mwac.sys
2014-04-29 07:48 . 2014-04-03 07:51	88280	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2014-04-29 07:42 . 2013-10-21 13:36	583048	----a-w-	c:\windows\AmPUn0.exe
2014-04-29 07:42 . 2014-04-29 07:42	--------	d-----w-	c:\program files\AmP
2014-04-26 12:36 . 2014-04-26 12:36	--------	d-----w-	c:\users\Heiner\AppData\Roaming\InetStat
2014-04-26 12:35 . 2014-04-26 12:49	--------	d-----w-	c:\users\Heiner\AppData\Roaming\ARCHOS KEY user guide
2014-04-24 19:54 . 2014-04-24 19:54	--------	d-sh--w-	c:\users\Heiner\AppData\Local\EmieUserList
2014-04-24 19:54 . 2014-04-24 19:54	--------	d-sh--w-	c:\users\Heiner\AppData\Local\EmieSiteList
2014-04-22 17:36 . 2014-04-22 17:37	--------	d-----w-	c:\program files (x86)\FinanzGruppe-IBAN-Konverter
2014-04-22 10:24 . 2014-04-22 10:24	--------	d-----w-	c:\program files\Microsoft Mouse and Keyboard Center
2014-04-12 08:46 . 2014-04-12 08:46	--------	d-----w-	c:\users\Heiner\AppData\Roaming\DataDesign
2014-04-12 08:31 . 2014-04-12 08:45	--------	d-----w-	c:\users\Heiner\AppData\Roaming\Lexware
2014-04-12 08:30 . 2014-04-12 08:30	--------	d-----w-	c:\program files (x86)\Common Files\DataDesign
2014-04-12 08:29 . 2014-04-12 08:30	--------	d-----w-	c:\program files (x86)\Lexware
2014-04-12 08:29 . 2014-04-12 08:31	--------	d-----w-	c:\programdata\Lexware
2014-04-12 08:28 . 2014-04-12 08:30	--------	d-----w-	c:\program files (x86)\Common Files\Lexware
2014-04-12 08:28 . 2014-04-12 08:31	--------	d-----w-	c:\users\Heiner\AppData\Local\Lexware
2014-04-10 09:49 . 2014-04-10 09:49	--------	d-----w-	c:\windows\CryptoGuard
2014-04-09 11:19 . 2014-01-23 03:21	206080	----a-w-	c:\windows\system32\drivers\ssudmdm.sys
2014-04-09 11:19 . 2014-01-23 03:21	108800	----a-w-	c:\windows\system32\drivers\ssudbus.sys
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-04-30 21:29 . 2012-03-30 12:25	692400	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-04-30 21:29 . 2012-01-03 04:26	70832	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-04-29 07:00 . 2014-02-21 22:01	17931952	----a-w-	c:\windows\SysWow64\FlashPlayerInstaller.exe
2014-04-10 09:41 . 2013-10-19 16:42	93144	----a-w-	c:\windows\system32\drivers\hmpalert.sys
2014-04-10 09:41 . 2013-10-19 16:42	548424	----a-w-	c:\windows\system32\hmpalert.dll
2014-04-10 09:41 . 2013-10-19 16:42	477008	----a-w-	c:\windows\SysWow64\hmpalert.dll
2014-04-09 07:01 . 2012-03-11 08:55	90655440	----a-w-	c:\windows\system32\MRT.exe
2014-04-08 14:15 . 2014-03-25 08:40	10	----a-w-	c:\users\Heiner\AppData\Roaming\pdfdrawcodec.dll
2014-04-03 07:50 . 2012-09-25 08:58	25816	----a-w-	c:\windows\system32\drivers\mbam.sys
2014-03-31 07:35 . 2010-11-21 03:27	270496	------w-	c:\windows\system32\MpSigStub.exe
2014-03-19 13:23 . 2014-03-19 13:23	862664	----a-w-	c:\windows\SysWow64\msvcr110.dll
2014-03-19 13:23 . 2014-03-19 13:23	828872	----a-w-	c:\windows\system32\msvcr110.dll
2014-03-19 13:23 . 2014-03-19 13:23	661448	----a-w-	c:\windows\system32\msvcp110.dll
2014-03-19 13:23 . 2014-03-19 13:23	534480	----a-w-	c:\windows\SysWow64\msvcp110.dll
2014-03-19 13:23 . 2014-03-19 13:23	50896	----a-w-	c:\windows\system32\drivers\point64.sys
2014-03-19 13:23 . 2014-03-19 13:23	354264	----a-w-	c:\windows\system32\vccorlib110.dll
2014-03-19 13:23 . 2014-03-19 13:23	251864	----a-w-	c:\windows\SysWow64\vccorlib110.dll
2014-03-19 13:23 . 2014-03-19 13:23	2276560	----a-w-	c:\windows\system32\coin95ip.dll
2014-03-19 13:23 . 2014-03-19 13:23	1795952	----a-w-	c:\windows\system32\WdfCoInstaller01011.dll
2014-03-04 09:17 . 2014-04-09 05:53	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2014-02-28 08:51 . 2014-02-28 08:51	825696	----a-w-	c:\windows\SysWow64\Ddbaccpl.cpl
2014-02-28 08:51 . 2014-02-28 08:51	227680	----a-w-	c:\windows\SysWow64\ddBACCTM.cpl
2014-02-26 15:37 . 2012-03-20 13:13	9728	----a-w-	c:\windows\SysWow64\WindowsClosingService.exe
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"Klebezettel NG"="c:\program files (x86)\Klebezettel NG\klebez.exe" [2014-02-20 4418048]
"Alle meine Passworte"="c:\progra~2\AMP\AMP.EXE" [2011-05-25 3792776]
"KiesPreload"="c:\program files (x86)\Samsung\Kies\Kies.exe" [2014-02-14 1564992]
"pdiface"="c:\program files\Bitdefender\60-Second Virus Scanner\pdiface.exe" [2013-10-30 283608]
"KiesPDLR.exe"="c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2014-02-14 845120]
"SOS_Agent"="c:\program files (x86)\Steganos Online Shield\OnlineShieldClient.exe" [2014-04-09 4709720]
"InetStat"="c:\users\Heiner\AppData\Roaming\InetStat\inetstat.exe" [2014-04-26 1260648]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-06-01 336384]
"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]
"PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2011-05-06 658424]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2014-02-14 311616]
"DivXMediaServer"="c:\program files (x86)\DivX\DivX Media Server\DivXMediaServer.exe" [2013-05-20 450560]
"CanonQuickMenu"="c:\program files (x86)\Canon\Quick Menu\CNQMMAIN.EXE" [2012-09-27 1279120]
"LexwareInfoService"="c:\program files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe" [2011-07-31 189808]
"Z-defragRAM"="d:\z-defrag ram\zdefrag27\z-defrag\Z-defrag.EXE" [2011-03-17 233536]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-05-06 3873704]
.
c:\users\Heiner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Geburtstagsmahner.lnk - d:\zehbesoft\Geburtstagsmahner\GebAlert.exe [2012-3-11 493056]
Logitech . Produktregistrierung.lnk - c:\program files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe /remind /language=DEU /_WFM="." [2009-11-16 517384]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Meine Dienste.lnk - c:\program files\Telekom\Meine Dienste\StartMeineDienste.exe Autostart [2012-8-30 269944]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"HideSCABattery"= 1 (0x1)
"DisableThumbnailsOnNetworkFolders"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="c:\windows\system32\userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"HP Software Update"=c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
R2 JetDrive WindowsClosingService;JetDrive WindowsClosingService;c:\windows\System32\WindowsClosingService;c:\windows\SYSNATIVE\WindowsClosingService [x]
R2 MBAMService;MBAMService;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [x]
R2 MCSWASVR;Mediencenter Service;c:\program files\Telekom\Mediencenter\DTAG.Mediencenter.BackgroundService.exe;c:\program files\Telekom\Mediencenter\DTAG.Mediencenter.BackgroundService.exe [x]
R2 Netzmanager Service;Netzmanager Infrastruktur Informationssystem Dienst;c:\program files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe ;c:\program files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe  [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 cpudrv64;cpudrv64;c:\program files (x86)\SystemRequirementsLab\cpudrv64.sys;c:\program files (x86)\SystemRequirementsLab\cpudrv64.sys [x]
R3 DfSdkS;Defragmentation-Service;c:\program files (x86)\Ashampoo\Ashampoo HDD Control 2\DfSdkS64.exe;c:\program files (x86)\Ashampoo\Ashampoo HDD Control 2\DfSdkS64.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys;c:\windows\SYSNATIVE\drivers\dgderdrv.sys [x]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\SysWOW64\FsUsbExDisk.SYS;c:\windows\SysWOW64\FsUsbExDisk.SYS [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 jetdrive;jddrv;c:\windows\system32\DRIVERS\jddrv.sys;c:\windows\SYSNATIVE\DRIVERS\jddrv.sys [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 Point64;Microsoft Mouse and Keyboard Center Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RRNetCap;RRNetCap Service;c:\windows\system32\DRIVERS\rrnetcap.sys;c:\windows\SYSNATIVE\DRIVERS\rrnetcap.sys [x]
R3 SandraAgentSrv;SiSoftware Deployment Agent Service;c:\program files\SiSoftware\SiSoftware Sandra Lite 2013.SP1a\RpcAgentSrv.exe;c:\program files\SiSoftware\SiSoftware Sandra Lite 2013.SP1a\RpcAgentSrv.exe [x]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 TelekomNM6;Telekom Netzmanager Packet Filter Driver;c:\program files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys;c:\program files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WO_LiveService;Ashampoo LiveTuner Service;c:\program files (x86)\Ashampoo\Ashampoo WinOptimizer 10\LiveTunerService.exe;c:\program files (x86)\Ashampoo\Ashampoo WinOptimizer 10\LiveTunerService.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 amd_sata;amd_sata;c:\windows\system32\drivers\amd_sata.sys;c:\windows\SYSNATIVE\drivers\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\drivers\amd_xata.sys;c:\windows\SYSNATIVE\drivers\amd_xata.sys [x]
S0 aswNdisFlt;Avast! Firewall Driver;c:\windows\system32\DRIVERS\aswNdisFlt.sys;c:\windows\SYSNATIVE\DRIVERS\aswNdisFlt.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 CryptBox;CryptBox;c:\windows\SysWOW64\drivers\CryptBox.sys;c:\windows\SysWOW64\drivers\CryptBox.sys [x]
S0 hotcore3;hc3ServiceName;c:\windows\system32\DRIVERS\hotcore3.sys;c:\windows\SYSNATIVE\DRIVERS\hotcore3.sys [x]
S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys;c:\windows\SYSNATIVE\drivers\aswKbd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 cbfs3;cbfs3;c:\windows\system32\drivers\cbfs3.sys;c:\windows\SYSNATIVE\drivers\cbfs3.sys [x]
S2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [x]
S2 AHDDC2;Ashampoo HDD Control 2 Service;c:\program files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe;c:\program files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe;c:\program files\AVAST Software\Avast\afwServ.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 DBService;DATA BECKER Update Service;c:\program files (x86)\Common Files\DATA BECKER Shared\DBService.exe;c:\program files (x86)\Common Files\DATA BECKER Shared\DBService.exe [x]
S2 EpsonScanSvc;Epson Scanner Service;c:\windows\system32\EscSvc64.exe;c:\windows\SYSNATIVE\EscSvc64.exe [x]
S2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe;c:\windows\SYSNATIVE\ezSharedSvcHost.exe [x]
S2 hmpalert;HitmanPro.Alert Support Driver;c:\windows\system32\drivers\hmpalert.sys;c:\windows\SYSNATIVE\drivers\hmpalert.sys [x]
S2 hmpalertsvc;HitmanPro.Alert Service;c:\program files (x86)\HitmanPro.Alert\hmpalert.exe;c:\program files (x86)\HitmanPro.Alert\hmpalert.exe [x]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [x]
S2 LiveTunerPM;Ashampoo LiveTuner ProcessMonitor Driver;c:\program files (x86)\Ashampoo\Ashampoo WinOptimizer 10\LiveTunerProcessMonitor64.sys;c:\program files (x86)\Ashampoo\Ashampoo WinOptimizer 10\LiveTunerProcessMonitor64.sys [x]
S2 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys;c:\windows\SYSNATIVE\drivers\mbamchameleon.sys [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [x]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 Online Shield Starter Service;Online Shield Starter Service;c:\program files (x86)\Steganos Online Shield\OnlineShieldService.exe;c:\program files (x86)\Steganos Online Shield\OnlineShieldService.exe [x]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe;c:\program files (x86)\PDF Complete\pdfsvc.exe [x]
S2 pdserv;Bitdefender 60-Second Virus Scanner Service;c:\program files\Bitdefender\60-Second Virus Scanner\pdscan.exe \svc;c:\program files\Bitdefender\60-Second Virus Scanner\pdscan.exe \svc [x]
S2 RtkAudioService;Realtek Audio Service;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [x]
S3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS;c:\windows\SYSNATIVE\drivers\AmUStor.SYS [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 dvdfab;dvdfab;c:\windows\system32\drivers\dvdfab.sys;c:\windows\SYSNATIVE\drivers\dvdfab.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 RRNetCapMP;RRNetCapMP;c:\windows\system32\DRIVERS\rrnetcap.sys;c:\windows\SYSNATIVE\DRIVERS\rrnetcap.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\drivers\usbfilter.sys;c:\windows\SYSNATIVE\drivers\usbfilter.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2014-05-08 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 21:29]
.
2014-05-07 c:\windows\Tasks\DriverDoc_UPDATES.job
- c:\program files (x86)\DriverDoc\Solvusoftdd.exe [2013-07-26 17:06]
.
2014-05-02 c:\windows\Tasks\HPCeeScheduleForHEINER-HP$.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15]
.
2014-05-05 c:\windows\Tasks\HPCeeScheduleForHeiner.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15]
.
2014-05-08 c:\windows\Tasks\StartupStar Firewall.job
- c:\program files (x86)\StartupStar\StartupStar.exe [2014-04-29 11:32]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-05-06 14:47	290888	----a-w-	c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EldosIconOverlay]
@="{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}"
[HKEY_CLASSES_ROOT\CLSID\{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}]
2010-05-15 13:55	187672	----a-w-	c:\windows\System32\CbFsMntNtf3.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\McsShellOverlayUpload]
@="{0774B5A9-ADB5-4D3A-915F-72C7EF9CD262}"
[HKEY_CLASSES_ROOT\CLSID\{0774B5A9-ADB5-4D3A-915F-72C7EF9CD262}]
2011-11-23 12:02	308736	----a-w-	c:\windows\System32\DTAG.Mediencenter.ShellExtension.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2014-02-14 311616]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-02-29 242192]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2011-03-14 2779024]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2013-07-31 3091224]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\quicken8\inet\common\blank.htm
uSearchAssistant = hxxp://www.google.com
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Alles mit FlashGet laden - c:\program files (x86)\FlashGet\jc_all.htm
IE: Mit FlashGet laden - c:\program files (x86)\FlashGet\jc_link.htm
TCP: DhcpNameServer = 192.168.2.1 192.168.2.1
FF - ProfilePath - c:\users\Heiner\AppData\Roaming\Mozilla\Firefox\Profiles\ekhthtf0.default-1380005200022\
FF - prefs.js: browser.startup.homepage - hxxps://www.google.de/|hxxp://www.onlinetvrecorder.com/v2/?go=list&tab=search&station=&date=sinceregister&year=2014&fd=1&fm=1&td=31&tm=12&actor=&director=&minutes=&title=&times=0&intext=0&cbde=0&cbsing=0&cben=0&cbxy=0&cbfav=0&rating=0&weekday=&searchmethod=match&indatefrom=0&indateto=0&intimefrom=&intimeto=&genre=0&format=&source=my&filestate=&wdh=&fsk=&start=0&view=table&order=beginn&saveorder=beginn|hxxp://www.wetter.com/wetter_aktuell/wettervorhersage/heute/deutschland/obernzenn/DE0007791.html|hxxp://wetter.msn.com/local.aspx?wealocations=wc:8256724&q=Bad+Windsheim%2c+BY|hxxp://www.unwetterzentrale.de/uwz/getwarning_de.php?xpos=187&ypos=193&bland=bayern&lang=de|hxxp://www.unwetterzentrale.de/uwz/bayernindex.html
FF - prefs.js: network.proxy.type - 0
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - (no file)
Toolbar-10 - (no file)
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-Easybits Recovery - c:\program files (x86)\EasyBits For Kids\ezRecover.exe
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Quicken 2014 Zahlungserinnerung.lnk - c:\windows\Installer\{E60036CF-1E46-4DFE-832F-5476574B30FF}\BillMinder.8C5DA79E_7079_4AB3_81F7_712153351D0D.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-10 - (no file)
Toolbar-Locked - (no file)
WebBrowser-{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF} - (no file)
AddRemove-ZehbeSoft Geburtstagsmahner - c:\windows\system32\GKSUI20.EXE
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\JetDrive WindowsClosingService]
"ImagePath"="c:\windows\System32\WindowsClosingService"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_206_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_206_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_206_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_206_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_206.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.13"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_206.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_206.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_206.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\SysWOW64\ezSharedSvcHost.exe
c:\program files (x86)\Canon\IJPLM\IJPLMSVC.EXE
c:\program files (x86)\AmP\AmP.exe
c:\program files (x86)\Canon\Quick Menu\CNQMSWCS.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-05-08  20:09:34 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2014-05-08 18:09
.
Vor Suchlauf: 41 Verzeichnis(se), 131.328.126.976 Bytes frei
Nach Suchlauf: 49 Verzeichnis(se), 130.509.320.192 Bytes frei
.
- - End Of File - - 39C6405A4EA78513A9C1DBA9090DBADD
A36C5E4F47E84449FF07ED3517B43A31

posadi17 im IE

Plagegeister aller Art und deren Bekämpfung: posadi17 im IE

posadi17 im IE

Ähnliche Themen: posadi17 im IE