HTML/Crypted.gen

SHERRY · 03.11.2014, 18:52

Combofix Logfile:

Code:

ATTFilter

ComboFix 14-10-29.01 - SHERRY 03.11.2014  18:43:26.1.8 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.8076.5874 [GMT 1:00]
ausgeführt von:: c:\users\SHERRY\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\SHERRY\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-10-03 bis 2014-11-03  ))))))))))))))))))))))))))))))
.
.
2014-11-03 17:44 . 2014-11-03 17:44	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-10-31 03:29 . 2014-10-31 03:52	--------	d-----w-	c:\users\SHERRY\AppData\Roaming\Firestorm_x64
2014-10-31 03:29 . 2014-10-31 03:30	--------	d-----w-	c:\users\SHERRY\AppData\Local\FirestormOS_x64
2014-10-31 01:30 . 2014-10-31 01:31	--------	d-----w-	C:\FRST
2014-10-24 19:03 . 2014-10-24 19:03	--------	d-----w-	c:\program files (x86)\Common Files\Java
2014-10-24 19:03 . 2014-10-24 19:03	98216	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-10-24 19:03 . 2014-10-24 19:03	--------	d-----w-	c:\program files (x86)\Java
2014-10-24 17:33 . 2012-02-11 06:36	559104	----a-w-	c:\windows\system32\spoolsv.exe
2014-10-24 17:33 . 2012-02-11 06:36	67072	----a-w-	c:\windows\splwow64.exe
2014-10-23 20:59 . 2014-10-23 20:59	--------	d-----w-	c:\windows\SysWow64\wbem\en-US
2014-10-23 20:59 . 2014-10-23 20:59	--------	d-----w-	c:\windows\system32\wbem\en-US
2014-10-23 10:17 . 2013-05-10 05:56	12625920	----a-w-	c:\windows\system32\wmploc.DLL
2014-10-23 10:17 . 2013-05-10 04:56	12625408	----a-w-	c:\windows\SysWow64\wmploc.DLL
2014-10-23 10:17 . 2013-05-10 04:30	167424	----a-w-	c:\program files\Windows Media Player\wmplayer.exe
2014-10-23 10:17 . 2013-05-10 03:48	164864	----a-w-	c:\program files (x86)\Windows Media Player\wmplayer.exe
2014-10-23 10:17 . 2013-05-10 05:56	14631424	----a-w-	c:\windows\system32\wmp.dll
2014-10-23 10:10 . 2014-10-23 10:10	--------	d-----w-	c:\windows\Migration
2014-10-23 10:06 . 2013-10-14 16:00	28368	----a-w-	c:\windows\system32\IEUDINIT.EXE
2014-10-23 09:57 . 2014-10-23 09:57	9728	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-10-23 09:17 . 2012-07-26 03:08	229888	----a-w-	c:\windows\system32\WUDFHost.exe
2014-10-23 09:17 . 2012-07-26 03:08	84992	----a-w-	c:\windows\system32\WUDFSvc.dll
2014-10-23 09:17 . 2012-07-26 03:08	744448	----a-w-	c:\windows\system32\WUDFx.dll
2014-10-23 09:17 . 2012-07-26 03:08	45056	----a-w-	c:\windows\system32\WUDFCoinstaller.dll
2014-10-23 09:17 . 2012-07-26 03:08	194048	----a-w-	c:\windows\system32\WUDFPlatform.dll
2014-10-23 09:17 . 2012-07-26 02:26	87040	----a-w-	c:\windows\system32\drivers\WUDFPf.sys
2014-10-23 09:17 . 2012-07-26 02:26	198656	----a-w-	c:\windows\system32\drivers\WUDFRd.sys
2014-10-23 09:11 . 2012-03-01 06:46	23408	----a-w-	c:\windows\system32\drivers\fs_rec.sys
2014-10-23 09:11 . 2012-03-01 06:28	5120	----a-w-	c:\windows\system32\wmi.dll
2014-10-23 09:11 . 2012-03-01 05:29	5120	----a-w-	c:\windows\SysWow64\wmi.dll
2014-10-23 09:08 . 2014-03-09 21:48	171160	----a-w-	c:\windows\system32\infocardapi.dll
2014-10-23 09:08 . 2014-03-09 21:48	1389208	----a-w-	c:\windows\system32\icardagt.exe
2014-10-23 09:08 . 2014-03-09 21:47	99480	----a-w-	c:\windows\SysWow64\infocardapi.dll
2014-10-23 09:08 . 2014-03-09 21:47	619672	----a-w-	c:\windows\SysWow64\icardagt.exe
2014-10-23 09:08 . 2014-06-30 22:24	8856	----a-w-	c:\windows\system32\icardres.dll
2014-10-23 09:08 . 2014-06-30 22:14	8856	----a-w-	c:\windows\SysWow64\icardres.dll
2014-10-23 09:08 . 2014-06-06 06:16	35480	----a-w-	c:\windows\SysWow64\TsWpfWrp.exe
2014-10-23 09:08 . 2014-06-06 06:12	35480	----a-w-	c:\windows\system32\TsWpfWrp.exe
2014-10-23 09:06 . 2014-09-18 02:00	3241472	----a-w-	c:\windows\system32\msi.dll
2014-10-23 09:05 . 2012-08-21 21:01	245760	----a-w-	c:\windows\system32\OxpsConverter.exe
2014-10-23 09:05 . 2014-01-24 02:37	1684928	----a-w-	c:\windows\system32\drivers\ntfs.sys
2014-10-23 09:03 . 2014-03-04 09:43	57344	----a-w-	c:\windows\system32\cngprovider.dll
2014-10-23 09:02 . 2011-03-03 06:24	183296	----a-w-	c:\windows\system32\dnsrslvr.dll
2014-10-23 09:00 . 2011-05-03 05:29	976896	----a-w-	c:\windows\system32\inetcomm.dll
2014-10-23 09:00 . 2011-05-03 04:30	741376	----a-w-	c:\windows\SysWow64\inetcomm.dll
2014-10-23 09:00 . 2011-05-24 11:42	404480	----a-w-	c:\windows\system32\umpnpmgr.dll
2014-10-23 09:00 . 2011-05-24 10:40	64512	----a-w-	c:\windows\SysWow64\devobj.dll
2014-10-23 09:00 . 2011-05-24 10:40	44544	----a-w-	c:\windows\SysWow64\devrtl.dll
2014-10-23 09:00 . 2011-05-24 10:39	145920	----a-w-	c:\windows\SysWow64\cfgmgr32.dll
2014-10-23 09:00 . 2011-05-24 10:37	252928	----a-w-	c:\windows\SysWow64\drvinst.exe
2014-10-23 09:00 . 2011-02-12 11:34	267776	----a-w-	c:\windows\system32\FXSCOVER.exe
2014-10-23 09:00 . 2012-05-14 05:26	956928	----a-w-	c:\windows\system32\localspl.dll
2014-10-23 09:00 . 2012-05-01 05:40	209920	----a-w-	c:\windows\system32\profsvc.dll
2014-10-23 09:00 . 2011-12-16 08:46	634880	----a-w-	c:\windows\system32\msvcrt.dll
2014-10-23 09:00 . 2011-12-16 07:52	690688	----a-w-	c:\windows\SysWow64\msvcrt.dll
2014-10-23 09:00 . 2013-08-28 01:12	461312	----a-w-	c:\windows\system32\scavengeui.dll
2014-10-23 08:56 . 2014-07-14 02:02	1216000	----a-w-	c:\windows\system32\rpcrt4.dll
2014-10-23 08:56 . 2014-07-14 01:40	664064	----a-w-	c:\windows\SysWow64\rpcrt4.dll
2014-10-23 08:56 . 2013-10-12 02:30	830464	----a-w-	c:\windows\system32\nshwfp.dll
2014-10-23 08:56 . 2013-10-12 02:29	859648	----a-w-	c:\windows\system32\IKEEXT.DLL
2014-10-23 08:56 . 2013-10-12 02:29	324096	----a-w-	c:\windows\system32\FWPUCLNT.DLL
2014-10-23 08:56 . 2013-10-12 02:03	656896	----a-w-	c:\windows\SysWow64\nshwfp.dll
2014-10-23 08:56 . 2013-10-12 02:01	216576	----a-w-	c:\windows\SysWow64\FWPUCLNT.DLL
2014-10-17 12:17 . 2014-10-17 12:17	--------	d-----w-	c:\users\SHERRY\AppData\Local\PAYDAY
2014-10-17 12:17 . 2010-06-02 02:55	77656	----a-w-	c:\windows\system32\XAPOFX1_5.dll
2014-10-17 12:17 . 2010-06-02 02:55	74072	----a-w-	c:\windows\SysWow64\XAPOFX1_5.dll
2014-10-17 12:17 . 2010-06-02 02:55	527192	----a-w-	c:\windows\SysWow64\XAudio2_7.dll
2014-10-17 12:17 . 2010-06-02 02:55	518488	----a-w-	c:\windows\system32\XAudio2_7.dll
2014-10-17 12:17 . 2010-06-02 02:55	239960	----a-w-	c:\windows\SysWow64\xactengine3_7.dll
2014-10-17 12:17 . 2010-06-02 02:55	176984	----a-w-	c:\windows\system32\xactengine3_7.dll
2014-10-17 12:17 . 2010-05-26 09:41	2526056	----a-w-	c:\windows\system32\D3DCompiler_43.dll
2014-10-17 12:17 . 2010-05-26 09:41	2106216	----a-w-	c:\windows\SysWow64\D3DCompiler_43.dll
2014-10-17 12:17 . 2010-05-26 09:41	1907552	----a-w-	c:\windows\system32\d3dcsx_43.dll
2014-10-17 12:17 . 2010-05-26 09:41	1868128	----a-w-	c:\windows\SysWow64\d3dcsx_43.dll
2014-10-14 21:51 . 2014-10-14 21:51	--------	d-----w-	c:\users\SHERRY\AppData\Roaming\MingGuan
2014-10-14 21:51 . 2014-10-14 21:51	1184699	----a-w-	c:\windows\unins000.exe
2014-10-14 16:33 . 2014-10-14 16:33	43064	----a-w-	c:\windows\system32\drivers\avnetflt.sys
2014-10-08 15:26 . 2014-10-08 15:26	--------	d-----w-	c:\users\SHERRY\AppData\Roaming\OpenOffice
2014-10-08 15:26 . 2014-10-08 15:26	--------	d-----w-	c:\program files (x86)\OpenOffice 4
2014-10-05 21:29 . 2014-10-05 21:29	--------	d-----w-	c:\users\SHERRY\AppData\Roaming\LolClient
2014-10-05 21:02 . 2014-10-05 21:02	--------	d-----w-	c:\programdata\Riot Games
2014-10-05 21:01 . 2008-07-12 06:18	467984	----a-w-	c:\windows\SysWow64\d3dx10_39.dll
2014-10-05 21:01 . 2008-07-12 06:18	3851784	----a-w-	c:\windows\SysWow64\D3DX9_39.dll
2014-10-05 21:01 . 2008-07-12 06:18	1493528	----a-w-	c:\windows\SysWow64\D3DCompiler_39.dll
2014-10-05 21:00 . 2014-10-05 21:01	--------	d-----w-	c:\users\SHERRY\AppData\Roaming\Riot Games
2014-10-04 19:30 . 2014-10-11 14:29	--------	d-----w-	c:\users\SHERRY\AppData\Roaming\TeamViewer
2014-10-04 18:31 . 2014-10-04 18:31	--------	d-----w-	c:\windows\system32\SPReview
2014-10-04 18:30 . 2014-10-23 09:10	--------	d-----w-	c:\windows\system32\MRT
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-10-31 23:52 . 2014-10-04 11:30	281768	----a-w-	c:\windows\SysWow64\PnkBstrB.exe
2014-10-31 23:52 . 2014-10-04 11:30	281768	----a-w-	c:\windows\SysWow64\PnkBstrB.xtr
2014-10-26 23:26 . 2014-10-03 13:59	71344	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-10-26 23:26 . 2014-10-03 13:59	701104	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-10-25 17:15 . 2014-10-04 11:30	281768	----a-w-	c:\windows\SysWow64\PnkBstrB.ex0
2014-10-04 18:31 . 2009-07-14 02:36	175616	----a-w-	c:\windows\system32\msclmd.dll
2014-10-04 18:31 . 2009-07-14 02:36	152576	----a-w-	c:\windows\SysWow64\msclmd.dll
2014-10-04 11:30 . 2014-10-04 11:30	76888	----a-w-	c:\windows\SysWow64\PnkBstrA.exe
2014-10-04 06:42 . 2014-10-02 18:01	2197680	----a-w-	c:\windows\SysWow64\nvspcap.dll
2014-10-04 06:42 . 2014-10-02 18:01	1291280	----a-w-	c:\windows\SysWow64\nvspbridge.dll
2014-10-04 06:41 . 2014-10-02 18:01	2800296	----a-w-	c:\windows\system32\nvspcap64.dll
2014-10-04 06:41 . 2014-10-02 18:01	1715224	----a-w-	c:\windows\system32\nvspbridge64.dll
2014-09-24 10:44 . 2014-10-02 18:16	28600	----a-w-	c:\windows\system32\drivers\avkmgr.sys
2014-09-24 10:44 . 2014-10-02 18:16	131608	----a-w-	c:\windows\system32\drivers\avipbb.sys
2014-09-24 10:44 . 2014-10-02 18:16	119272	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2014-09-17 04:51 . 2014-10-02 18:00	31520	----a-w-	c:\windows\system32\nvhdap64.dll
2014-09-17 04:51 . 2014-10-02 18:00	197408	----a-w-	c:\windows\system32\drivers\nvhda64v.sys
2014-09-17 04:51 . 2014-10-02 18:00	1538880	----a-w-	c:\windows\system32\nvhdagenco6420103.dll
2014-09-15 07:06 . 2014-10-02 17:56	278152	------w-	c:\windows\system32\MpSigStub.exe
2014-09-15 00:08 . 2014-10-02 17:56	11578928	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{23806B96-8630-4F77-A20C-A389E01341CA}\mpengine.dll
2014-09-13 23:48 . 2014-10-02 18:00	984424	----a-w-	c:\windows\system32\nvumdshimx.dll
2014-09-13 23:48 . 2014-10-02 18:00	957584	----a-w-	c:\windows\system32\NvIFR64.dll
2014-09-13 23:48 . 2014-10-02 18:00	925896	----a-w-	c:\windows\system32\NvFBC64.dll
2014-09-13 23:48 . 2014-10-02 18:00	919240	----a-w-	c:\windows\SysWow64\NvIFR.dll
2014-09-13 23:48 . 2014-10-02 18:00	894096	----a-w-	c:\windows\SysWow64\NvFBC.dll
2014-09-13 23:48 . 2014-10-02 18:00	867528	----a-w-	c:\windows\SysWow64\nvumdshim.dll
2014-09-13 23:48 . 2014-10-02 18:00	501064	----a-w-	c:\windows\system32\nvEncodeAPI64.dll
2014-09-13 23:48 . 2014-10-02 18:00	4287296	----a-w-	c:\windows\system32\nvcuvid.dll
2014-09-13 23:48 . 2014-10-02 18:00	417096	----a-w-	c:\windows\SysWow64\nvEncodeAPI.dll
2014-09-13 23:48 . 2014-10-02 18:00	4008592	----a-w-	c:\windows\SysWow64\nvcuvid.dll
2014-09-13 23:48 . 2014-10-02 18:00	393024	----a-w-	c:\windows\system32\NvIFROpenGL.dll
2014-09-13 23:48 . 2014-10-02 18:00	352016	----a-w-	c:\windows\system32\nvoglshim64.dll
2014-09-13 23:48 . 2014-10-02 18:00	348304	----a-w-	c:\windows\SysWow64\NvIFROpenGL.dll
2014-09-13 23:48 . 2014-10-02 18:00	3223120	----a-w-	c:\windows\system32\nvapi64.dll
2014-09-13 23:48 . 2014-10-02 18:00	31887680	----a-w-	c:\windows\system32\nvoglv64.dll
2014-09-13 23:48 . 2014-10-02 18:00	303600	----a-w-	c:\windows\SysWow64\nvoglshim32.dll
2014-09-13 23:48 . 2014-10-02 18:00	2838424	----a-w-	c:\windows\SysWow64\nvapi.dll
2014-09-13 23:48 . 2014-10-02 18:00	24552592	----a-w-	c:\windows\SysWow64\nvoglv32.dll
2014-09-13 23:48 . 2014-10-02 18:00	20922512	----a-w-	c:\windows\system32\nvcompiler.dll
2014-09-13 23:48 . 2014-10-02 18:00	20589536	----a-w-	c:\windows\system32\nvwgf2umx.dll
2014-09-13 23:48 . 2014-10-02 18:00	19954520	----a-w-	c:\windows\system32\nvd3dumx.dll
2014-09-13 23:48 . 2014-10-02 18:00	1876296	----a-w-	c:\windows\system32\nvdispco6434411.dll
2014-09-13 23:48 . 2014-10-02 18:00	18106152	----a-w-	c:\windows\SysWow64\nvwgf2um.dll
2014-09-13 23:48 . 2014-10-02 18:00	174856	----a-w-	c:\windows\system32\nvinitx.dll
2014-09-13 23:48 . 2014-10-02 18:00	17259664	----a-w-	c:\windows\SysWow64\nvcompiler.dll
2014-09-13 23:48 . 2014-10-02 18:00	16875856	----a-w-	c:\windows\SysWow64\nvd3dum.dll
2014-09-13 23:48 . 2014-10-02 18:00	156840	----a-w-	c:\windows\SysWow64\nvinit.dll
2014-09-13 23:48 . 2014-10-02 18:00	1539272	----a-w-	c:\windows\system32\nvdispgenco6434411.dll
2014-09-13 23:48 . 2014-10-02 18:00	14026304	----a-w-	c:\windows\system32\nvopencl.dll
2014-09-13 23:48 . 2014-10-02 18:00	13939272	----a-w-	c:\windows\system32\nvcuda.dll
2014-09-13 23:48 . 2014-10-02 18:00	13157696	----a-w-	c:\windows\system32\drivers\nvlddmkm.sys
2014-09-13 23:48 . 2014-10-02 18:00	11392576	----a-w-	c:\windows\SysWow64\nvopencl.dll
2014-09-13 23:48 . 2014-10-02 18:00	11330776	----a-w-	c:\windows\SysWow64\nvcuda.dll
2014-09-13 21:53 . 2014-10-02 18:01	6890696	----a-w-	c:\windows\system32\nvcpl.dll
2014-09-13 21:53 . 2014-10-02 18:01	3529872	----a-w-	c:\windows\system32\nvsvc64.dll
2014-09-13 21:53 . 2014-10-02 18:01	934216	----a-w-	c:\windows\system32\nvvsvc.exe
2014-09-13 21:53 . 2014-10-02 18:01	62608	----a-w-	c:\windows\system32\nvshext.dll
2014-09-13 21:53 . 2014-10-02 18:01	385168	----a-w-	c:\windows\system32\nvmctray.dll
2014-09-13 21:53 . 2014-10-02 18:01	2557640	----a-w-	c:\windows\system32\nvsvcr.dll
2014-09-13 20:13 . 2014-10-02 18:01	613696	----a-w-	c:\windows\SysWow64\nvStreaming.exe
2014-09-11 15:37 . 2014-10-02 18:01	3961833	----a-w-	c:\windows\system32\nvcoproc.bin
2014-09-04 19:14 . 2014-10-02 18:00	38048	----a-w-	c:\windows\system32\drivers\nvvad64v.sys
2014-09-04 19:14 . 2014-10-02 18:00	34976	----a-w-	c:\windows\system32\nvaudcap64v.dll
2014-09-04 19:14 . 2014-10-02 18:00	32416	----a-w-	c:\windows\SysWow64\nvaudcap32v.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2013-04-26 292848]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2014-09-24 703736]
"GamingMouse"="d:\programme\Drakonia Configurator\hid.exe" [2012-06-07 246784]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-09-26 271744]
"Avira Systray"="c:\program files (x86)\Avira\My Avira\Avira.OE.Systray.exe" [2014-10-09 124720]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
R1 UsbCharger;UsbCharger;c:\windows\system32\DRIVERS\UsbCharger.sys;c:\windows\SYSNATIVE\DRIVERS\UsbCharger.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe;c:\windows\SYSNATIVE\AppleChargerSrv.exe [x]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AppleCharger.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 Avira.OE.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TeamViewer9;TeamViewer 9;d:\programme\TeamViewer_Service.exe;d:\programme\TeamViewer_Service.exe [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 VUSB3HUB;VIA USB 3 Root Hub Service;c:\windows\system32\DRIVERS\ViaHub3.sys;c:\windows\SYSNATIVE\DRIVERS\ViaHub3.sys [x]
S3 xhcdrv;VIA USB eXtensible Host Controller Service;c:\windows\system32\DRIVERS\xhcdrv.sys;c:\windows\SYSNATIVE\DRIVERS\xhcdrv.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VIAxHCUtl"="c:\program files\VIA XHCI UASP Utility\usb3Monitor" [X]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2013-10-03 391152]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2013-10-03 771056]
"Persistence"="c:\windows\system32\igfxpers.exe" [2013-10-03 769520]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2013-10-24 13662936]
"IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2013-08-07 36352]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-10-04 2463552]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-10-04 2800296]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\SHERRY\AppData\Roaming\Mozilla\Firefox\Profiles\jjd62u0i.default\
FF - prefs.js: browser.startup.homepage - google.de
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
AddRemove-BattlEye for A2 - c:\program files (x86)\Steam\steamapps\common\Arma 2BattlEye\UnInstallBE.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\windows\SysWOW64\PnkBstrA.exe
d:\programme\Drakonia Configurator\trayicon.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-11-03  18:46:13 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2014-11-03 17:46
.
Vor Suchlauf: 9 Verzeichnis(se), 45.883.125.760 Bytes frei
Nach Suchlauf: 14 Verzeichnis(se), 47.681.769.472 Bytes frei
.
- - End Of File - - 219AAEF707FCFCA5564FBEB9C6D861C0

--- --- ---
A36C5E4F47E84449FF07ED3517B43A31

HTML/Crypted.gen

Plagegeister aller Art und deren Bekämpfung: HTML/Crypted.gen

HTML/Crypted.gen

Ähnliche Themen: HTML/Crypted.gen