| |
| |||||||
Log-Analyse und Auswertung: C:\Windows\SysWOW64\cleanmgr.exe wurde blockiertWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
03.01.2015, 16:24
| #14 |
 |  C:\Windows\SysWOW64\cleanmgr.exe wurde blockiert Hallo, ich habe das Programm als Admin laufen lassen und alle Antivirensoftware beendet. Hier das Log: Combofixlog.txt Code:
ATTFilter ComboFix 15-01-02.01 - ***** 03.01.2015 13:07:24.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.3767.2284 [GMT 1:00]
ausgeführt von:: c:\users\*****\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\*****\AppData\Local\Microsoft\Windows\Temporary Internet Files\{08A66F0B-256D-4F96-AFEF-70ACF2E4AF35}.xps
c:\users\*****\AppData\Local\Microsoft\Windows\Temporary Internet Files\{1191F0A9-D15F-4FD7-86E7-839FB6609588}.xps
c:\users\*****\AppData\Local\Microsoft\Windows\Temporary Internet Files\{14675146-D8C9-4B47-B276-E8F157F90054}.xps
c:\users\*****\AppData\Local\Microsoft\Windows\Temporary Internet Files\{20E8D72D-391B-4159-B8DD-9294A4C28857}.xps
c:\users\*****\AppData\Local\Microsoft\Windows\Temporary Internet Files\{25D5FF3F-EB47-4120-B837-5B26E241E911}.xps
c:\users\*****\AppData\Local\Microsoft\Windows\Temporary Internet Files\{399FD048-A756-40FD-A02B-678811112338}.xps
c:\users\*****\AppData\Local\Microsoft\Windows\Temporary Internet Files\{3AC20C82-79BF-478C-9407-9C32BD079B81}.xps
c:\users\*****\AppData\Local\Microsoft\Windows\Temporary Internet Files\{3C93A0FB-1F21-4206-A82B-AB598D8F3DCC}.xps
c:\users\*****\AppData\Local\Microsoft\Windows\Temporary Internet Files\{3CB2C540-7FCC-4132-94F9-2B2620874067}.xps
c:\users\*****\AppData\Local\Microsoft\Windows\Temporary Internet Files\{409EAC21-CA51-4EEA-B763-FFD0DE231D82}.xps
c:\users\*****\AppData\Local\Microsoft\Windows\Temporary Internet Files\{435B5213-686E-493F-9337-DC5ABDAC52C4}.xps
c:\users\*****\AppData\Local\Microsoft\Windows\Temporary Internet Files\{581F5455-1035-46A4-9E4F-B8CE91F8ABD9}.xps
c:\users\*****\AppData\Local\Microsoft\Windows\Temporary Internet Files\{67F3FB38-BEF0-4394-B8B0-462143BD8236}.xps
c:\users\*****\AppData\Local\Microsoft\Windows\Temporary Internet Files\{71203242-21C7-440F-A138-6296B12B5064}.xps
c:\users\*****\AppData\Local\Microsoft\Windows\Temporary Internet Files\{72402509-9718-4967-A421-FCAA6D64A8EA}.xps
c:\users\*****\AppData\Local\Microsoft\Windows\Temporary Internet Files\{82E65D55-A934-4C9C-9606-11669DDFF5BA}.xps
c:\users\*****\AppData\Local\Microsoft\Windows\Temporary Internet Files\{93A843C7-B42B-4AB9-AD1F-91B9736145CB}.xps
c:\users\*****\AppData\Local\Microsoft\Windows\Temporary Internet Files\{A0C26009-8B5B-4298-8B37-F9A4B997D6A1}.xps
c:\users\*****\AppData\Local\Microsoft\Windows\Temporary Internet Files\{A4B0835B-AE10-46C0-AEE6-F0023F1A666E}.xps
c:\users\*****\AppData\Local\Microsoft\Windows\Temporary Internet Files\{A914F659-7F63-4575-834E-DDC6E5C3FB55}.xps
c:\users\*****\AppData\Local\Microsoft\Windows\Temporary Internet Files\{AC700A1C-EFE5-4E6B-A21D-82045CC23187}.xps
c:\users\*****\AppData\Local\Microsoft\Windows\Temporary Internet Files\{B1BE3FFF-2F1F-4C60-A237-6CCF1BD2DF91}.xps
c:\users\*****\AppData\Local\Microsoft\Windows\Temporary Internet Files\{B3BB33EC-CCBD-4736-844A-0C487DE05728}.xps
c:\users\*****\AppData\Local\Microsoft\Windows\Temporary Internet Files\{B5B331EF-B18E-40AC-9D1F-BE586C2B3011}.xps
c:\users\*****\AppData\Local\Microsoft\Windows\Temporary Internet Files\{B98921C8-240A-441E-B3FE-F525F5FF3A06}.xps
c:\users\*****\AppData\Local\Microsoft\Windows\Temporary Internet Files\{C1128A8F-EFAB-4570-BB96-D535517F542F}.xps
c:\users\*****\AppData\Local\Microsoft\Windows\Temporary Internet Files\{C3D56C8F-03CC-4D61-95C4-942489608411}.xps
c:\users\*****\AppData\Local\Microsoft\Windows\Temporary Internet Files\{D2C9AE81-48A9-458B-8EE7-7B63EF55F907}.xps
c:\users\*****\AppData\Local\Microsoft\Windows\Temporary Internet Files\{D321AA85-4DD9-4713-9E3B-34B21A81AC84}.xps
c:\users\*****\AppData\Local\Microsoft\Windows\Temporary Internet Files\{DC48DA1C-3519-4935-93B3-4CEF0BE39236}.xps
c:\users\*****\AppData\Local\Microsoft\Windows\Temporary Internet Files\{DD4EE62A-58A8-499A-B7F0-7A176426DC54}.xps
c:\users\*****\AppData\Local\Microsoft\Windows\Temporary Internet Files\{F07FAF4B-DD13-4B81-80DE-B8049B872F1B}.xps
c:\users\*****\AppData\Local\Microsoft\Windows\Temporary Internet Files\{F148751B-6920-4F61-A3A0-9B3A9533F530}.xps
c:\users\*****\AppData\Local\Microsoft\Windows\Temporary Internet Files\{F75AC5A3-0244-4F94-A212-1931B779AA06}.xps
c:\users\*****\Don't worry - .pdf
.
.
((((((((((((((((((((((((((((((((((((((( Treiber/Dienste )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_settings
.
.
((((((((((((((((((((((( Dateien erstellt von 2014-12-03 bis 2015-01-03 ))))))))))))))))))))))))))))))
.
.
2015-01-03 12:29 . 2015-01-03 12:29 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-01-03 11:06 . 2015-01-03 11:06 -------- d-----w- C:\TDSSKiller_Quarantine
2015-01-02 20:13 . 2015-01-02 20:47 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-01-02 19:18 . 2014-12-02 10:26 11870360 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3D92CA68-D90F-4167-B11D-584E007C8618}\mpengine.dll
2015-01-02 19:05 . 2015-01-02 19:05 -------- d-----w- c:\program files (x86)\VS Revo Group
2015-01-01 15:46 . 2015-01-01 15:54 -------- d-----w- C:\FRST
2015-01-01 12:15 . 2015-01-02 20:13 135384 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-01-01 07:58 . 2015-01-03 11:07 -------- d--h--w- c:\users\*****\AppData\Roaming\Izlwcl
2014-12-31 15:12 . 2013-09-20 09:49 21040 ----a-w- c:\windows\system32\sdnclean64.exe
2014-12-31 15:11 . 2015-01-03 12:04 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2014-12-31 15:11 . 2015-01-01 10:16 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2
2014-12-31 15:10 . 2014-12-31 15:10 -------- d-----w- c:\program files (x86)\ESET
2014-12-31 15:08 . 2014-12-31 15:08 -------- d-----w- c:\users\*****\AppData\Roaming\SUPERAntiSpyware.com
2014-12-31 15:08 . 2015-01-03 11:09 -------- d-----w- c:\program files\SUPERAntiSpyware
2014-12-31 15:08 . 2014-12-31 15:08 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2014-12-31 15:06 . 2015-01-02 20:10 96472 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-12-31 15:06 . 2014-12-31 15:06 -------- d-----w- c:\program files (x86)\ Malwarebytes Anti-Malware
2014-12-31 15:06 . 2014-11-21 05:54 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-12-31 15:06 . 2014-11-21 05:53 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-12-30 17:19 . 2014-12-30 17:19 1050432 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-12-30 17:17 . 2014-12-30 17:17 -------- d-----w- c:\program files\AVAST Software
2014-12-30 17:16 . 2014-12-30 17:16 -------- d-----w- C:\OETemp
2014-12-30 17:12 . 2014-12-30 17:17 -------- d-----w- c:\programdata\AVAST Software
2014-12-30 15:23 . 2014-12-30 15:23 -------- d-----w- c:\programdata\Malwarebytes
2014-12-30 06:13 . 2015-01-03 11:07 -------- d--h--w- c:\users\*****\AppData\Roaming\Poet_value
2014-12-30 06:13 . 2014-12-30 14:12 -------- d--h--w- c:\users\*****\AppData\Roaming\Boss-milk
2014-12-26 23:51 . 2014-12-30 06:13 -------- d--h--w- c:\users\*****\AppData\Roaming\Hqrk
2014-12-26 20:47 . 2014-12-30 16:06 -------- d--h--w- c:\users\*****\AppData\Local\Access-bed
2014-12-24 21:04 . 2014-12-24 21:04 -------- d--h--w- c:\users\*****\AppData\Roaming\Audience-rise
2014-12-24 20:28 . 2014-12-24 20:28 -------- d--h--w- c:\users\*****\AppData\Local\Audiencelip
2014-12-24 20:15 . 2014-12-24 20:15 -------- d--h--w- c:\users\*****\AppData\Roaming\Audiencewell
2014-12-24 19:55 . 2014-12-24 19:55 -------- d--h--w- c:\users\*****\AppData\Local\Audienceclub
2014-12-24 19:55 . 2014-12-24 20:28 -------- d--h--w- c:\users\*****\AppData\Local\Audience_camp
2014-12-24 19:53 . 2014-12-24 19:53 -------- d--h--w- c:\users\*****\AppData\Local\Audienceexchange
2014-12-24 19:51 . 2014-12-24 20:29 -------- d--h--w- c:\users\*****\AppData\Roaming\Audiencetowel
2014-12-24 19:50 . 2014-12-24 20:29 -------- d--h--w- c:\users\*****\AppData\Roaming\Audienceare
2014-12-24 19:43 . 2014-12-24 20:36 -------- d--h--w- c:\users\*****\AppData\Roaming\Audience-toe
2014-12-24 19:37 . 2014-12-24 19:37 -------- d--h--w- c:\users\*****\AppData\Roaming\Audiencelost
2014-12-24 19:29 . 2014-12-24 20:27 -------- d--h--w- c:\users\*****\AppData\Local\Audience-summer
2014-12-24 19:27 . 2014-12-24 20:46 -------- d--h--w- c:\users\*****\AppData\Local\Audience-drop
2014-12-24 19:25 . 2014-12-24 19:56 -------- d--h--w- c:\users\*****\AppData\Roaming\Audience_married
2014-12-24 19:24 . 2014-12-24 20:19 -------- d--h--w- c:\users\*****\AppData\Roaming\Audience-rely
2014-12-24 19:22 . 2014-12-24 20:22 -------- d--h--w- c:\users\*****\AppData\Local\Audience_charge
2014-12-24 19:20 . 2014-12-24 20:05 -------- d--h--w- c:\users\*****\AppData\Local\Audiencetell
2014-12-24 19:15 . 2014-12-24 19:45 -------- d--h--w- c:\users\*****\AppData\Local\Audience-web
2014-12-24 19:14 . 2014-12-24 19:20 -------- d--h--w- c:\users\*****\AppData\Roaming\Audience-guard
2014-12-24 19:12 . 2014-12-24 19:12 -------- d--h--w- c:\users\*****\AppData\Local\Audience_value
2014-12-24 19:08 . 2014-12-24 20:11 -------- d--h--w- c:\users\*****\AppData\Local\Audience-open
2014-12-24 19:07 . 2014-12-24 21:00 -------- d--h--w- c:\users\*****\AppData\Local\Audience-job
2014-12-24 19:06 . 2014-12-24 20:07 -------- d--h--w- c:\users\*****\AppData\Local\Audience_win
2014-12-24 19:06 . 2014-12-24 20:27 -------- d--h--w- c:\users\*****\AppData\Local\Audience_candle
2014-12-24 19:05 . 2014-12-24 20:55 -------- d--h--w- c:\users\*****\AppData\Local\Audience-lesson
2014-12-24 19:03 . 2014-12-24 20:58 -------- d--h--w- c:\users\*****\AppData\Roaming\Audience_join
2014-12-24 18:53 . 2014-12-24 18:59 -------- d--h--w- c:\users\*****\AppData\Local\Audience_range
2014-12-24 18:52 . 2014-12-24 20:28 -------- d--h--w- c:\users\*****\AppData\Roaming\Audienceseek
2014-12-24 18:52 . 2014-12-24 19:13 -------- d--h--w- c:\users\*****\AppData\Local\Audience-log
2014-12-24 18:51 . 2014-12-24 21:01 -------- d--h--w- c:\users\*****\AppData\Roaming\Audiencelip
2014-12-24 18:51 . 2014-12-24 20:28 -------- d--h--w- c:\users\*****\AppData\Roaming\Audience_depend
2014-12-24 18:50 . 2014-12-24 20:43 -------- d--h--w- c:\users\*****\AppData\Local\Audience-rice
2014-12-24 18:49 . 2014-12-24 21:03 -------- d--h--w- c:\users\*****\AppData\Local\Audiencelook
2014-12-24 18:47 . 2014-12-24 18:47 -------- d--h--w- c:\users\*****\AppData\Roaming\Audience-encourage
2014-12-24 18:45 . 2014-12-24 19:17 -------- d--h--w- c:\users\*****\AppData\Local\Audience-document
2014-12-24 18:42 . 2014-12-24 21:03 -------- d--h--w- c:\users\*****\AppData\Local\Audience-ice
2014-12-24 18:41 . 2014-12-24 20:46 -------- d--h--w- c:\users\*****\AppData\Local\Audience_slide
2014-12-24 18:40 . 2014-12-24 20:48 -------- d--h--w- c:\users\*****\AppData\Roaming\Audience_adopt
2014-12-24 18:39 . 2014-12-24 20:21 -------- d--h--w- c:\users\*****\AppData\Roaming\Audiencediffer
2014-12-24 18:39 . 2014-12-24 20:26 -------- d--h--w- c:\users\*****\AppData\Local\Audience-improve
2014-12-24 18:39 . 2014-12-24 19:45 -------- d--h--w- c:\users\*****\AppData\Roaming\Audience_boss
2014-12-24 18:37 . 2014-12-24 20:51 -------- d--h--w- c:\users\*****\AppData\Roaming\Audience-body
2014-12-24 18:35 . 2014-12-24 20:53 -------- d--h--w- c:\users\*****\AppData\Local\Audience_bake
2014-12-24 18:35 . 2014-12-24 20:53 -------- d--h--w- c:\users\*****\AppData\Local\Audience_profile
2014-12-24 18:35 . 2014-12-24 20:39 -------- d--h--w- c:\users\*****\AppData\Roaming\Audience_send
2014-12-24 18:33 . 2014-12-24 18:33 -------- d--h--w- c:\users\*****\AppData\Local\Audience_doctor
2014-12-24 18:32 . 2014-12-24 19:50 -------- d--h--w- c:\users\*****\AppData\Roaming\Audience-shock
2014-12-24 18:29 . 2014-12-24 20:49 -------- d--h--w- c:\users\*****\AppData\Roaming\Audience-rock
2014-12-24 18:29 . 2014-12-24 19:03 -------- d--h--w- c:\users\*****\AppData\Roaming\Audience-trash
2014-12-24 18:28 . 2014-12-24 20:22 -------- d--h--w- c:\users\*****\AppData\Roaming\Audience_overcome
2014-12-24 18:27 . 2014-12-24 20:59 -------- d--h--w- c:\users\*****\AppData\Local\Audienceperfect
2014-12-24 18:27 . 2014-12-24 18:27 -------- d--h--w- c:\users\*****\AppData\Roaming\Audiencebase
2014-12-24 18:27 . 2014-12-24 20:35 -------- d--h--w- c:\users\*****\AppData\Roaming\Audiencereply
2014-12-24 18:26 . 2014-12-24 20:45 -------- d--h--w- c:\users\*****\AppData\Local\Audiencefix
2014-12-24 18:26 . 2014-12-24 20:22 -------- d--h--w- c:\users\*****\AppData\Local\Audience_factor
2014-12-24 18:26 . 2014-12-24 20:46 -------- d--h--w- c:\users\*****\AppData\Roaming\Audiencerisk
2014-12-24 18:25 . 2014-12-24 20:31 -------- d--h--w- c:\users\*****\AppData\Local\Audiencecloud
2014-12-24 18:24 . 2014-12-24 19:40 -------- d--h--w- c:\users\*****\AppData\Roaming\Audience_title
2014-12-24 18:24 . 2014-12-24 21:01 -------- d--h--w- c:\users\*****\AppData\Local\Audienceorganize
2014-12-24 18:24 . 2014-12-24 18:24 -------- d--h--w- c:\users\*****\AppData\Roaming\Audience-ice
2014-12-24 18:23 . 2014-12-24 20:22 -------- d--h--w- c:\users\*****\AppData\Local\Audience-film
2014-12-24 18:22 . 2014-12-24 19:43 -------- d--h--w- c:\users\*****\AppData\Roaming\Audience-war
2014-12-24 18:20 . 2014-12-24 18:24 -------- d--h--w- c:\users\*****\AppData\Local\Audience_continue
2014-12-24 18:19 . 2014-12-24 20:23 -------- d--h--w- c:\users\*****\AppData\Local\Audience-date
2014-12-24 18:19 . 2014-12-24 20:22 -------- d--h--w- c:\users\*****\AppData\Roaming\Audience-beat
2014-12-24 18:18 . 2014-12-24 21:01 -------- d--h--w- c:\users\*****\AppData\Roaming\Audiencedig
2014-12-24 18:18 . 2014-12-24 19:59 -------- d--h--w- c:\users\*****\AppData\Local\Audience-anticipate
2014-12-24 18:18 . 2014-12-24 20:57 -------- d--h--w- c:\users\*****\AppData\Roaming\Audience-collect
2014-12-24 18:17 . 2014-12-24 20:59 -------- d--h--w- c:\users\*****\AppData\Local\Audiencemove
2014-12-24 18:15 . 2014-12-24 19:53 -------- d--h--w- c:\users\*****\AppData\Roaming\Audience_check
2014-12-24 18:14 . 2014-12-24 20:23 -------- d--h--w- c:\users\*****\AppData\Roaming\Audience-frequent
2014-12-24 18:14 . 2014-12-24 20:41 -------- d--h--w- c:\users\*****\AppData\Local\Audience-complicated
2014-12-24 18:13 . 2014-12-24 19:42 -------- d--h--w- c:\users\*****\AppData\Roaming\Audiencegarden
2014-12-24 18:13 . 2014-12-24 20:30 -------- d--h--w- c:\users\*****\AppData\Local\Audience-roll
2014-12-24 18:11 . 2014-12-24 19:54 -------- d--h--w- c:\users\*****\AppData\Roaming\Audience-eye
2014-12-24 18:09 . 2014-12-24 20:52 -------- d--h--w- c:\users\*****\AppData\Local\Audience-swim
2014-12-24 18:09 . 2014-12-24 20:09 -------- d--h--w- c:\users\*****\AppData\Local\Audience_intend
2014-12-24 18:09 . 2014-12-24 20:06 -------- d--h--w- c:\users\*****\AppData\Local\Audience_shake
2014-12-24 18:08 . 2014-12-24 19:04 -------- d--h--w- c:\users\*****\AppData\Local\Audience_witness
2014-12-24 18:08 . 2014-12-24 21:03 -------- d--h--w- c:\users\*****\AppData\Local\Audience-hunt
2014-12-24 18:07 . 2014-12-24 20:11 -------- d--h--w- c:\users\*****\AppData\Local\Audienceadmire
2014-12-24 18:06 . 2014-12-24 20:59 -------- d--h--w- c:\users\*****\AppData\Roaming\Audience-employ
2014-12-24 18:06 . 2014-12-24 20:43 -------- d--h--w- c:\users\*****\AppData\Roaming\Audiencedoubt
2014-12-24 18:05 . 2014-12-24 20:57 -------- d--h--w- c:\users\*****\AppData\Roaming\Audienceinstall
2014-12-24 18:05 . 2014-12-24 21:01 -------- d--h--w- c:\users\*****\AppData\Local\Audience-surprised
2014-12-24 18:04 . 2014-12-24 20:32 -------- d--h--w- c:\users\*****\AppData\Local\Audience-guess
2014-12-24 18:04 . 2014-12-24 20:28 -------- d--h--w- c:\users\*****\AppData\Local\Audience_network
2014-12-24 18:03 . 2014-12-24 20:20 -------- d--h--w- c:\users\*****\AppData\Local\Audience-want
2014-12-24 18:02 . 2014-12-24 21:02 -------- d--h--w- c:\users\*****\AppData\Roaming\Audience-tie
2014-12-24 18:02 . 2014-12-24 19:39 -------- d--h--w- c:\users\*****\AppData\Local\Audience_send
2014-12-24 18:01 . 2014-12-24 19:04 -------- d--h--w- c:\users\*****\AppData\Roaming\Audience_expand
2014-12-24 18:00 . 2014-12-24 21:05 -------- d--h--w- c:\users\*****\AppData\Local\Audience-strain
2014-12-24 18:00 . 2014-12-24 20:40 -------- d--h--w- c:\users\*****\AppData\Roaming\Audience_team
2014-12-24 18:00 . 2014-12-24 19:48 -------- d--h--w- c:\users\*****\AppData\Roaming\Audiencepiece
2014-12-24 17:59 . 2014-12-24 20:34 -------- d--h--w- c:\users\*****\AppData\Local\Audienceadvanced
2014-12-24 17:59 . 2014-12-24 20:03 -------- d--h--w- c:\users\*****\AppData\Roaming\Audience-lesson
2014-12-24 17:58 . 2014-12-24 20:43 -------- d--h--w- c:\users\*****\AppData\Roaming\Audience-score
2014-12-24 17:58 . 2014-12-24 20:24 -------- d--h--w- c:\users\*****\AppData\Local\Audience-bottom
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-12-17 04:02 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2014-12-17 04:01 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2014-12-11 12:54 . 2012-11-04 16:46 701104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-12-11 12:54 . 2012-03-26 17:10 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-11-24 13:04 . 2011-01-14 07:26 275080 ------w- c:\windows\system32\MpSigStub.exe
2014-11-19 03:31 . 2014-11-19 03:31 1217192 ----a-w- c:\windows\SysWow64\FM20.DLL
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-05-27 02:40 120176 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2014-12-15 7780120]
"Spybot-S&D Cleaning"="c:\program files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" [2014-06-24 4566952]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2010-05-27 337264]
"EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2010-03-11 201584]
"EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2010-03-11 407920]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2010-06-28 265984]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-08-10 975952]
"MDS_Menu"="c:\program files (x86)\Acer Arcade Deluxe\MediaShow Espresso\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"ArcadeMovieService"="c:\program files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe" [2010-06-25 124136]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-08-21 959176]
"MobileConnect"="c:\program files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe" [2009-09-11 2403840]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-12-31 5226600]
"SDTray"="c:\program files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [2014-06-24 4101576]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Acer VCM.lnk - c:\program files (x86)\Acer\Acer VCM\AcerVCM.exe [2010-9-8 704032]
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-6-25 1129760]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 AntiVirWebService;Avira Browser-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS;c:\windows\SYSNATIVE\drivers\AmUStor.SYS [x]
R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbnet.sys [x]
R3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\DRIVERS\ewusbfake.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbfake.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec MyWinLocker\x86\MWLService.exe;c:\program files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [x]
R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDVDisk.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [x]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe;c:\program files (x86)\Acer\Registration\GREGsvc.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [x]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [x]
S2 ODDPwrSvc;Acer ODD Power Service;c:\program files\Acer\Optical Drive Power Management\ODDPWRSvc.exe;c:\program files\Acer\Optical Drive Power Management\ODDPWRSvc.exe [x]
S2 RS_Service;Raw Socket Service;c:\program files (x86)\Acer\Acer VCM\RS_Service.exe;c:\program files (x86)\Acer\Acer VCM\RS_Service.exe [x]
S2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [x]
S2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [x]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [x]
S2 tor;Tor Win32 Service;c:\program files (x86)\Tor\tor.exe;c:\program files (x86)\Tor\tor.exe [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 VBoxAswDrv;VBoxAsw Support Driver;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [x]
S2 VMCService;Vodafone Mobile Connect Service;c:\program files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe;c:\program files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [x]
S3 AvastVBoxSvc;AvastVBox COM Service;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2015-01-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-03 12:54]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-12-31 08:06 860984 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-05-27 02:42 137584 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x64\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-07-13 11046504]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-07-13 2103912]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-04-09 320000]
"ODDPwr"="c:\program files\Acer\Optical Drive Power Management\ODDPwr.exe" [2010-04-22 223264]
"mwlDaemon"="c:\program files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe" [2010-05-27 349552]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-07-08 161304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-07-08 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-07-08 413208]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-06-11 861216]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.de/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: An OneNote s&enden - c:\progra~2\MICROS~3\Office14\ONBttnIE.dll/105
IE: Free YouTube to MP3 Converter - c:\users\*****\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~3\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 217.0.43.65 217.0.43.81
FF - ProfilePath - c:\users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\oa3r0bhf.default\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-nlsluhxz - c:\users\*****\AppData\Roaming\Izlwcl\jhhhxzuhxz.exe
Wow6432Node-HKCU-Run-poet-tear - c:\users\*****\AppData\Roaming\Poet_value\poetorganize.exe
Wow6432Node-HKCU-Run-audience-scratch - c:\users\*****\AppData\Roaming\Audience_extend\audience_remain.exe
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
Notify-SDWinLogon - SDWinLogon.dll
SafeBoot-26668947.sys
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_246_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_246_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_246_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_246_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_246.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.15"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_246.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_246.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_246.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Cyberlink\Shared files\RichVideo.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-01-03 16:19:46 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2015-01-03 15:19
.
Vor Suchlauf: 12 Verzeichnis(se), 142.140.645.376 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 141.814.366.208 Bytes frei
.
- - End Of File - - 2258BF03012BB160BF9246EF712D1C34
|
Baum-Darstellung