computiger | 02.04.2014 20:03 | Nach Deinstallation von Comodo Internet Security - Netzwerk defekt Hallo Zusammen, ich hoffe ihr könnt mir helfen
Ich bin Nutzer von Windows Vista Business 64Bit
Nachdem mein installiertes Comodo Internet Security zum wiederholten Mal seine Aktivierung verloren hatte wollte ich es deinstallieren.
Der Versuch klappte eher schlecht. Im Internet fand ich ein Deinstallationstool.
Nachdem es so aus sah das Alles in Ordnung wäre hat mein Netztwerk nach einem Neustart versagt. Im DeviceManager sind sämtliche Netzwerkkarten mit einem ! gekennzeichnet und können nicht gestartet werden.
zur besseren Auswertung hier das Farbar Log: Code:
Farbar Service Scanner Version: 25-02-2014
Ran by Mike (administrator) on 02-04-2014 at 20:17:29
Running from "D:\"
Microsoft® Windows Vista™ Business Service Pack 2 (X64)
Boot Mode: Minimal
****************************************************************
Internet Services:
============
Dnscache Service is not running. Checking service configuration:
The start type of Dnscache service is OK.
The ImagePath of Dnscache service is OK.
The ServiceDll of Dnscache service is OK.
Dhcp Service is not running. Checking service configuration:
The start type of Dhcp service is OK.
The ImagePath of Dhcp service is OK.
The ServiceDll of Dhcp service is OK.
Nsi Service is not running. Checking service configuration:
The start type of Nsi service is OK.
The ImagePath of Nsi service is OK.
The ServiceDll of Nsi service is OK.
Checking LEGACY_Nsi: ATTENTION!=====> Unable to open LEGACY_Nsi\0000 registry key. The key does not exist.
nsiproxy Service is not running. Checking service configuration:
The start type of nsiproxy service is OK.
The ImagePath of nsiproxy service is OK.
tdx Service is not running. Checking service configuration:
The start type of tdx service is OK.
The ImagePath of tdx service is OK.
afd Service is not running. Checking service configuration:
The start type of afd service is OK.
The ImagePath of afd service is OK.
Connection Status:
==============
Attempt to access Local Host IP returned error: Localhost is blocked: Other errors
LAN connected.
Attempt to access Google IP returned error. Other errors
Attempt to access Google.com returned error: Other errors
Attempt to access Yahoo.com returned error: Other errors
IE proxy is enabled.
Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.
MpsSvc Service is not running. Checking service configuration:
The start type of MpsSvc service is OK.
The ImagePath of MpsSvc service is OK.
The ServiceDll of MpsSvc service is OK.
bfe Service is not running. Checking service configuration:
The start type of bfe service is OK.
The ImagePath of bfe service is OK.
The ServiceDll of bfe service is OK.
Checking LEGACY_bfe: ATTENTION!=====> Unable to open LEGACY_bfe\0000 registry key. The key does not exist.
Firewall Disabled Policy:
==================
System Restore:
============
SDRSVC Service is not running. Checking service configuration:
The start type of SDRSVC service is OK.
The ImagePath of SDRSVC service is OK.
The ServiceDll of SDRSVC service is OK.
Checking LEGACY_SDRSVC: ATTENTION!=====> Unable to open LEGACY_SDRSVC\0000 registry key. The key does not exist.
VSS Service is not running. Checking service configuration:
The start type of VSS service is OK.
The ImagePath of VSS service is OK.
System Restore Disabled Policy:
========================
Security Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.
Checking LEGACY_wscsvc: ATTENTION!=====> Unable to open LEGACY_wscsvc\0000 registry key. The key does not exist.
Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.
BITS Service is not running. Checking service configuration:
The start type of BITS service is OK.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.
Checking LEGACY_BITS: ATTENTION!=====> Unable to open LEGACY_BITS\0000 registry key. The key does not exist.
EventSystem Service is not running. Checking service configuration:
The start type of EventSystem service is OK.
The ImagePath of EventSystem service is OK.
The ServiceDll of EventSystem service is OK.
Windows Autoupdate Disabled Policy:
============================
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.
Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1
Other Services:
==============
File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcsvc.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys
[2013-11-13 08:10] - [2013-09-04 04:31] - 0404992 ____A (Microsoft Corporation) 2BA159E1F9FD75F6A496742B20F1D9CF
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2013-08-13 23:02] - [2013-07-05 06:45] - 1423808 ____A (Microsoft Corporation) C2CB949645C299E23FBFD26CAD3FC96E
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
**** End of log **** und das ComboFix Log: Code:
ComboFix 14-03-24.01 - Mike 02.04.2014 20:40:29.1.2 - x64
Microsoft® Windows Vista™ Business 6.0.6002.2.1252.49.1031.18.4094.1976 [GMT 2:00]
ausgeführt von:: c:\users\Internet\Desktop\ComboFix.exe
AV: avast! Antivirus *Enabled/Outdated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Enabled/Outdated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
* Neuer Wiederherstellungspunkt wurde erstellt
.
- REDUZIERTER FUNKTIONALITÄTSMODUS -
. ADS - Windows: deleted 24 bytes in 1 streams.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\prefs.js
c:\program files (x86)\facemoods.com
c:\program files (x86)\facemoods.com\facemoods\1.4.17.11\bh\facemoods.dll
c:\program files (x86)\facemoods.com\facemoods\1.4.17.11\facemoods.crx
c:\program files (x86)\facemoods.com\facemoods\1.4.17.11\facemoods.png
c:\program files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodsApp.dll
c:\program files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodsEng.dll
c:\program files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe
c:\program files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodsTlbr.dll
c:\program files (x86)\facemoods.com\facemoods\1.4.17.11\uninstall.exe
c:\program files (x86)\kikin
c:\program files (x86)\kikin\default_settings.xml
c:\program files (x86)\kikin\file_list.txt
c:\program files (x86)\kikin\ie_kikin.dll
c:\program files (x86)\kikin\kikin.ico
c:\program files (x86)\kikin\KikinBroker.exe
c:\program files (x86)\kikin\uninst.exe
c:\program files (x86)\OnScreen
c:\program files (x86)\OnScreen\Bin\Interop.OSH.dll
c:\program files (x86)\OnScreen\Bin\Interop.ProgDVB.dll
c:\program files (x86)\OnScreen\Bin\Osh.Common.dll
c:\program files (x86)\OnScreen\Bin\OSH.dll
c:\program files (x86)\OnScreen\Bin\OSHCmd.exe
c:\program files (x86)\OnScreen\Bin\OSHHost.exe
c:\program files (x86)\OnScreen\Bin\OSHMixer.dll
c:\program files (x86)\OnScreen\Bin\OSHMixer.ini
c:\program files (x86)\OnScreen\Bin\OSHPDVB.dll
c:\program files (x86)\OnScreen\Bin\SimpleGrabber.dll
c:\program files (x86)\OnScreen\Data\Logos\Channels\ById\130.318.14.russia_today_tv.gif
c:\program files (x86)\OnScreen\Data\Logos\Channels\ById\130.318.8204.bbc_world.gif
c:\program files (x86)\OnScreen\Data\Logos\Channels\ById\130.318.8209.cnn_international.gif
c:\program files (x86)\OnScreen\Data\Logos\Channels\ByName\BBC World.gif
c:\program files (x86)\OnScreen\Data\Logos\Channels\ByName\CNNI.gif
c:\program files (x86)\OnScreen\Data\Logos\Channels\ByName\Russia Today.gif
c:\program files (x86)\OnScreen\Data\Logos\Channels\NotFound.gif
c:\program files (x86)\OnScreen\Data\OSH.mdb
c:\program files (x86)\OnScreen\GPL.txt
c:\program files (x86)\OnScreen\Html\App_Code\Configuration.cs
c:\program files (x86)\OnScreen\Html\App_Code\Constants.cs
c:\program files (x86)\OnScreen\Html\App_Code\Global.cs
c:\program files (x86)\OnScreen\Html\App_Code\Utils.cs
c:\program files (x86)\OnScreen\Html\Bin\Interop.OSH.dll
c:\program files (x86)\OnScreen\Html\Bin\Interop.ProgDVB.dll
c:\program files (x86)\OnScreen\Html\Bin\Osh.Common.dll
c:\program files (x86)\OnScreen\Html\ChannelLogo.ashx
c:\program files (x86)\OnScreen\Html\Code\Common.js
c:\program files (x86)\OnScreen\Html\Code\Main.js
c:\program files (x86)\OnScreen\Html\Code\MediaPlayer.js
c:\program files (x86)\OnScreen\Html\Code\OSH.js
c:\program files (x86)\OnScreen\Html\Code\ProgDVB.js
c:\program files (x86)\OnScreen\Html\Code\Teletext.js
c:\program files (x86)\OnScreen\Html\Code\ZoomPlayer.js
c:\program files (x86)\OnScreen\Html\Console\console.html
c:\program files (x86)\OnScreen\Html\Console\Firebug\firebug.css
c:\program files (x86)\OnScreen\Html\Console\Firebug\firebug.html
c:\program files (x86)\OnScreen\Html\Console\Firebug\firebug.js
c:\program files (x86)\OnScreen\Html\Controls\Clock.htc
c:\program files (x86)\OnScreen\Html\Controls\EPG.htc
c:\program files (x86)\OnScreen\Html\Controls\MenuItem.htc
c:\program files (x86)\OnScreen\Html\Controls\QuickInfoChannel.htc
c:\program files (x86)\OnScreen\Html\Controls\QuickInfoProgram.htc
c:\program files (x86)\OnScreen\Html\Controls\QuickInfoProgramPreview.htc
c:\program files (x86)\OnScreen\Html\Controls\QuickInfoRecording.htc
c:\program files (x86)\OnScreen\Html\Controls\QuickInfoTimeline.htc
c:\program files (x86)\OnScreen\Html\Controls\QuickInfoVideoFile.htc
c:\program files (x86)\OnScreen\Html\Controls\TeletextPage.htc
c:\program files (x86)\OnScreen\Html\default.aspx
c:\program files (x86)\OnScreen\Html\default.aspx.cs
c:\program files (x86)\OnScreen\Html\Global.asax
c:\program files (x86)\OnScreen\Html\Log\log.html
c:\program files (x86)\OnScreen\Html\OSH.config
c:\program files (x86)\OnScreen\Html\Plugins\Index.html
c:\program files (x86)\OnScreen\Html\Plugins\MediaController.htc
c:\program files (x86)\OnScreen\Html\Plugins\SubtitlesController.htc
c:\program files (x86)\OnScreen\Html\Plugins\VolumeController.htc
c:\program files (x86)\OnScreen\Html\ProgramScreenshot.ashx
c:\program files (x86)\OnScreen\Html\Screens\ChannelNumber.html
c:\program files (x86)\OnScreen\Html\Screens\EPG.html
c:\program files (x86)\OnScreen\Html\Screens\Home.html
c:\program files (x86)\OnScreen\Html\Screens\QuickInfo.html
c:\program files (x86)\OnScreen\Html\Screens\Record.html
c:\program files (x86)\OnScreen\Html\Screens\ScreenMasterPage.master
c:\program files (x86)\OnScreen\Html\Screens\ScreenMasterPage.master.cs
c:\program files (x86)\OnScreen\Html\Screens\Subtitles.html
c:\program files (x86)\OnScreen\Html\Screens\Teletext.html
c:\program files (x86)\OnScreen\Html\Screens\Weather.html
c:\program files (x86)\OnScreen\Html\Themes\Common\Controls\ChannelInfo.htc
c:\program files (x86)\OnScreen\Html\Themes\Common\Controls\ChannelNumberInput.htc
c:\program files (x86)\OnScreen\Html\Themes\Common\Controls\DateTime.htc
c:\program files (x86)\OnScreen\Html\Themes\Common\Controls\EPGInfo.htc
c:\program files (x86)\OnScreen\Html\Themes\Common\Controls\Menu.htc
c:\program files (x86)\OnScreen\Html\Themes\Common\Controls\RecordingInfo.htc
c:\program files (x86)\OnScreen\Html\Themes\Common\Controls\TunerInfo.htc
c:\program files (x86)\OnScreen\Html\Themes\Common\Images\blank.gif
c:\program files (x86)\OnScreen\Html\Themes\Common\Images\blank.png
c:\program files (x86)\OnScreen\Html\Themes\Common\Images\errorIcon.png
c:\program files (x86)\OnScreen\Html\Themes\Common\Images\gradient-RYG.gif
c:\program files (x86)\OnScreen\Html\Themes\Common\Images\infoIcon.png
c:\program files (x86)\OnScreen\Html\Themes\Common\Images\warningIcon.png
c:\program files (x86)\OnScreen\Html\Themes\MCE\Controls\Clock.htc
c:\program files (x86)\OnScreen\Html\Themes\MCE\Controls\MenuItem.htc
c:\program files (x86)\OnScreen\Html\Themes\MCE\Controls\MenuSeparator.htc
c:\program files (x86)\OnScreen\Html\Themes\MCE\Controls\QuickInfoChannel.htc
c:\program files (x86)\OnScreen\Html\Themes\MCE\Controls\QuickInfoProgram.htc
c:\program files (x86)\OnScreen\Html\Themes\MCE\Controls\QuickInfoProgramPreview.htc
c:\program files (x86)\OnScreen\Html\Themes\MCE\Controls\QuickInfoRecording.htc
c:\program files (x86)\OnScreen\Html\Themes\MCE\Controls\QuickInfoTimeline.htc
c:\program files (x86)\OnScreen\Html\Themes\MCE\Controls\QuickInfoVideoFile.htc
c:\program files (x86)\OnScreen\Html\Themes\MCE\Controls\TeletextPage.htc
c:\program files (x86)\OnScreen\Html\Themes\MCE\Images\common.background.png
c:\program files (x86)\OnScreen\Html\Themes\MCE\Images\common.button.green.focus.165x32.png
c:\program files (x86)\OnScreen\Html\Themes\MCE\Images\common.button.green.nofocus.165x32.png
c:\program files (x86)\OnScreen\Html\Themes\MCE\Images\epg.active.bg.png
c:\program files (x86)\OnScreen\Html\Themes\MCE\Images\epg.active.left.png
c:\program files (x86)\OnScreen\Html\Themes\MCE\Images\epg.active.right.png
c:\program files (x86)\OnScreen\Html\Themes\MCE\Images\epg.channel.png
c:\program files (x86)\OnScreen\Html\Themes\MCE\Images\epg.focus.bg.png
c:\program files (x86)\OnScreen\Html\Themes\MCE\Images\epg.focus.left.png
c:\program files (x86)\OnScreen\Html\Themes\MCE\Images\epg.focus.right.png
c:\program files (x86)\OnScreen\Html\Themes\MCE\Images\epg.inactive.bg.png
c:\program files (x86)\OnScreen\Html\Themes\MCE\Images\epg.inactive.left.png
c:\program files (x86)\OnScreen\Html\Themes\MCE\Images\epg.inactive.right.png
c:\program files (x86)\OnScreen\Html\Themes\MCE\Images\home.hover.epg.png
c:\program files (x86)\OnScreen\Html\Themes\MCE\Images\home.hover.quickinfo.png
c:\program files (x86)\OnScreen\Html\Themes\MCE\Images\home.hover.record.png
c:\program files (x86)\OnScreen\Html\Themes\MCE\Images\home.hover.settings.png
c:\program files (x86)\OnScreen\Html\Themes\MCE\Images\home.hover.weather.png
c:\program files (x86)\OnScreen\Html\Themes\MCE\Styles.css
c:\program files (x86)\OnScreen\Html\web.config
c:\program files (x86)\OnScreen\Readme.en.txt
c:\program files (x86)\OnScreen\Readme.ru.txt
c:\program files (x86)\OnScreen\Samples\Data\CreateDatabase.js
c:\program files (x86)\OnScreen\Samples\Data\CreateDatabase.sql
c:\program files (x86)\OnScreen\Samples\Data\OSH.mdb
c:\program files (x86)\OnScreen\Samples\Girder\OSH.gml
c:\program files (x86)\OnScreen\Samples\Girder\ProgDVB.gml
c:\program files (x86)\OnScreen\Samples\OSHHost\DumpChannelDatabase.js
c:\program files (x86)\OnScreen\Samples\OSHHost\GetChannelEpg.js
c:\program files (x86)\OnScreen\Samples\OSHHost\MakeScreenShot.js
c:\program files (x86)\OnScreen\Samples\OSHHost\OSHMonitor.js
c:\program files (x86)\OnScreen\Samples\ProgDVB\ProgDVBMonitor.js
c:\program files (x86)\OnScreen\Samples\ProgDVB\SendCommand.js
c:\users\Mike\AppData\Roaming\kikin
c:\users\Mike\AppData\Roaming\kikin\ff_configuration.xml
c:\users\Mike\AppData\Roaming\kikin\ff_kkes.xml
c:\users\Mike\AppData\Roaming\kikin\ff_settings.xml
c:\users\Mike\AppData\Roaming\kikin\ie_configuration.xml
c:\users\Mike\AppData\Roaming\kikin\ie_kkes.xml
c:\users\Mike\AppData\Roaming\kikin\ie_settings.xml
c:\users\Mike\Desktop\Search.lnk
c:\users\Mike\Desktop\Setup.exe
c:\windows\iun6002.exe
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
.
.
((((((((((((((((((((((( Dateien erstellt von 2014-03-02 bis 2014-04-02 ))))))))))))))))))))))))))))))
.
.
2014-04-02 18:31 . 2014-04-02 18:31 -------- d-----w- c:\users\Internet\AppData\Roaming\AVAST Software
2014-04-02 15:33 . 2014-04-02 15:44 -------- d-----w- c:\users\Internet\AppData\Roaming\Notepad++
2014-04-02 15:24 . 2014-04-02 15:43 -------- d-----w- c:\program files (x86)\Driver Fusion
2014-04-01 16:27 . 2014-04-01 16:27 -------- d-----w- c:\program files (x86)\Marvell
2014-04-01 16:20 . 2014-04-01 16:20 -------- d-----w- c:\program files (x86)\D-Link
2014-04-01 15:43 . 2014-04-02 18:32 -------- d-----w- c:\windows\system32\wbem\repository
2014-03-26 17:42 . 2012-03-27 06:48 389920 ----a-w- c:\windows\system32\drivers\yk60x64.sys
2014-03-26 16:20 . 2014-03-26 16:20 -------- d-----w- c:\users\Mike\AppData\Roaming\GlarySoft
2014-03-25 05:28 . 2014-03-25 05:28 -------- d-----w- c:\users\Mike\AppData\Roaming\Uninstaller Tool(Comodo Forums)
2014-03-25 05:28 . 2014-03-25 05:29 -------- d-----w- c:\users\Mike\AppData\Roaming\Dropbox
2014-03-25 05:28 . 2014-03-25 05:28 -------- d-----w- c:\users\Mike\AppData\Roaming\AVAST Software
2014-03-25 05:26 . 2014-03-25 05:26 79184 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-03-25 05:26 . 2014-03-25 05:26 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-03-25 05:26 . 2014-03-25 05:26 65264 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2014-03-25 05:26 . 2014-03-25 05:26 423240 ----a-w- c:\windows\system32\drivers\aswSP.sys
2014-03-25 05:26 . 2014-03-25 05:26 208928 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-03-25 05:26 . 2014-03-25 05:26 1039096 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-03-25 05:26 . 2014-03-25 05:26 64752 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2014-03-25 05:26 . 2014-03-25 05:26 334648 ----a-w- c:\windows\system32\aswBoot.exe
2014-03-25 05:26 . 2014-03-25 05:26 43152 ----a-w- c:\windows\avastSS.scr
2014-03-25 05:26 . 2014-03-25 05:26 -------- d-----w- c:\program files\AVAST Software
2014-03-25 05:23 . 2014-03-25 05:23 -------- d-----w- c:\programdata\AVAST Software
2014-03-15 20:01 . 2014-02-23 06:48 1347072 ----a-w- c:\windows\system32\urlmon.dll
2014-03-15 18:35 . 2014-02-07 12:11 2776064 ----a-w- c:\windows\system32\win32k.sys
2014-03-15 18:35 . 2014-01-30 10:12 1111040 ----a-w- c:\windows\system32\wer.dll
2014-03-15 18:35 . 2014-01-30 07:46 876032 ----a-w- c:\windows\SysWow64\wer.dll
2014-03-15 18:35 . 2013-11-13 01:54 2048 ----a-w- c:\windows\system32\tzres.dll
2014-03-15 18:35 . 2013-11-13 00:30 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2014-03-15 18:35 . 2014-02-03 13:20 619008 ----a-w- c:\windows\system32\qedit.dll
2014-03-15 18:35 . 2014-02-03 10:37 505344 ----a-w- c:\windows\SysWow64\qedit.dll
2014-03-07 21:10 . 2014-03-07 21:10 -------- d-----w- c:\program files (x86)\Common Files\Skype
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-04-01 16:21 . 2010-03-23 06:01 25640 ----a-w- c:\windows\gdrv.sys
2014-03-18 21:26 . 2006-11-02 12:35 90015360 ----a-w- c:\windows\system32\mrt.exe
2014-02-22 09:11 . 2012-03-31 07:55 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-02-22 09:11 . 2011-05-13 15:25 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-01-06 19:23 . 2014-01-06 19:23 4558848 ----a-w- c:\windows\SysWow64\GPhotos.scr
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0}]
2009-11-08 08:55 297808 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{6638A9DE-0745-4292-8A2E-AE530E7B9B3F}]
2009-05-03 17:37 277648 ----a-w- c:\program files (x86)\Kiwee Toolbar\2.8.167\KiweeIEToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{998A3C0C-8914-4D2A-AE36-BFA2E5AE6D5D}]
2011-04-02 07:10 676352 ----a-w- c:\program files (x86)\Digsby Donates\ShoppingBHO.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{6638A9DE-0745-4292-8A2E-AE530E7B9B3F}"= "c:\program files (x86)\Kiwee Toolbar\2.8.167\KiweeIEToolbar.dll" [2009-05-03 277648]
.
[HKEY_CLASSES_ROOT\clsid\{6638a9de-0745-4292-8a2e-ae530e7b9b3f}]
[HKEY_CLASSES_ROOT\KiweeIEToolbar.KiweeToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{259EEB17-79AA-44DF-8410-8E55F82A902A}]
[HKEY_CLASSES_ROOT\KiweeIEToolbar.KiweeToolbar]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Pando Media Booster"="c:\program files (x86)\Pando Networks\Media Booster\PMB.exe" [2012-12-15 3093624]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-03-25 3854640]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-01-26 336384]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888]
"NI Update Service"="c:\program files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe" [2011-11-02 3004512]
"LWS"="c:\program files (x86)\Logitech\LWS\Webcam Software\LWS.exe" [2011-03-01 190808]
"LifeCam"="c:\program files (x86)\Microsoft LifeCam\LifeExp.exe" [2010-05-20 119152]
"LexwareInfoService"="c:\program files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe" [2011-07-31 189808]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2010-01-19 43632]
"FreePDF Assistant"="c:\program files (x86)\FreePDF_XP\fpassist.exe" [2009-09-05 385024]
"DAEMON Tools"="c:\program files (x86)\DAEMON Tools\daemon.exe" [2006-11-12 157592]
"D-Link AirPlus G"="c:\program files (x86)\D-Link\AirPlus G\AirGCFG.exe" [2005-11-23 1544192]
"ContentTransferWMDetector.exe"="c:\program files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe" [2009-11-19 583016]
"CloneCDTray"="c:\program files (x86)\SlySoft\CloneCD\CloneCDTray.exe" [2009-01-29 57344]
"ATICustomerCare"="c:\program files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-05-04 311296]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
"ANIWZCS2Service"="c:\program files (x86)\ANI\ANIWZCS2 Service\WZCSLDR2.exe" [2005-10-19 49152]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
iissvcs REG_MULTI_SZ w3svc was
apphost REG_MULTI_SZ apphostsvc
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
Themes
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{69baf7eb-8a46-11dd-bdcf-005056c00008}]
\shell\AutoRun\command - N:\start.exe /checksection
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{be6bf4b7-94c6-11de-9ed1-005056c00008}]
\shell\AutoRun\command - M:\Menu.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-05-15 15:08 452136 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-04-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-18 06:01]
.
2014-03-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-18 06:01]
.
2014-03-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3182072358-3436669929-749226670-1000Core.job
- c:\users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-29 10:20]
.
2014-04-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3182072358-3436669929-749226670-1000UA.job
- c:\users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-29 10:20]
.
2014-03-26 c:\windows\Tasks\ROC_JAN2013_TB_rmv.job
- c:\program files (x86)\AVG Secure Search\PostInstall\ROC.exe [2013-01-24 02:53]
.
2010-12-16 c:\windows\Tasks\User_Feed_Synchronization-{1E6CA0E6-8A16-4460-98CB-567799F6AE2A}.job
- c:\windows\system32\msfeedssync.exe [2011-05-18 05:47]
.
2014-04-02 c:\windows\Tasks\User_Feed_Synchronization-{6C5A9156-7B63-4596-8EB9-7C198DCD898D}.job
- c:\windows\system32\msfeedssync.exe [2011-05-18 05:47]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-03-25 05:26 290888 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2014-01-30 14:05 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2014-01-30 14:05 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2014-01-30 14:05 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2014-01-30 14:05 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2014-01-30 14:05 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2014-01-30 14:05 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\HardLinkMenu]
@="{0A479751-02BC-11d3-A855-0004AC2568AA}"
[HKEY_CLASSES_ROOT\CLSID\{0A479751-02BC-11d3-A855-0004AC2568AA}]
2010-11-21 21:00 366280 ----a-w- c:\program files\LinkShellExtension\HardlinkShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IconOverlayHardLink]
@="{0A479751-02BC-11d3-A855-0004AC2568DD}"
[HKEY_CLASSES_ROOT\CLSID\{0A479751-02BC-11d3-A855-0004AC2568DD}]
2010-11-21 21:00 366280 ----a-w- c:\program files\LinkShellExtension\HardlinkShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IconOverlaySymbolicLink]
@="{0A479751-02BC-11d3-A855-0004AC2568EE}"
[HKEY_CLASSES_ROOT\CLSID\{0A479751-02BC-11d3-A855-0004AC2568EE}]
2010-11-21 21:00 366280 ----a-w- c:\program files\LinkShellExtension\HardlinkShellExt.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-03-17 10134560]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-02-11 186904]
"CDAServer"="c:\program files\Common Files\Common Desktop Agent\CDASrv.exe" [2010-12-17 438784]
"BtcMaestro"="c:\program files\KMaestro\KMaestro64.exe" [2006-11-03 368640]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\acaptuser64.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://feed.snap.do/?publisher=TightropeYB&dpid=TightropeYB&co=DE&userid=356a9d8c-2894-4c88-a0c4-5941e239bf3f&searchtype=ds&q={searchTerms}&installDate=05/04/2013
mSearchAssistant = hxxp://start.facemoods.com/?a=ironto&s={searchTerms}&f=4
IE: &Download by Orbit - f:\orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - f:\orbitdownloader\orbitmxt.dll/204
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: An vorhandene PDF-Datei anfügen - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: An vorhandenes PDF anfügen - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Do&wnload selected by Orbit - f:\orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - f:\orbitdownloader\orbitmxt.dll/202
IE: In Adobe PDF konvertieren - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Linkziel an vorhandene PDF-Datei anhängen - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Linkziel in Adobe PDF konvertieren - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Nach Microsoft E&xel exportieren - e:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: Verknüpfungsziel in Adobe PDF konvertieren - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: {{0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - {E601996F-E400-41CA-804B-CD6373A7EEE2} - c:\program files (x86)\kikin\ie_kikin.dll
TCP: DhcpNameServer = 192.168.1.1
DPF: CabBuilder - hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
FF - ProfilePath - c:\users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\fw8j1ycl.Standard-Benutzer\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2319825&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.startup.homepage - hxxp://www.leecher.to/f335/|hxxp://mygully.com/forum/377-ebooks/|hxxp://ukulele.kaypaulus.de/links.htm|hxxp://iso4de.com/spielend-e-gitarre-lernen-doppel-dvd-die-ultimative-e-gitarrenschule-fur-ein-und-umsteiger/|hxxp://www.boox.to/?x=65f79439b5a72f31030e2cbf4d148594&k=c053ff674569008882d5d37999a97dd1&q=%22ungez%C3%A4hmte+Nacht%22&time=20131104|hxxp://de-mg42.mail.yahoo.com/neo/launch#mail|https://www.lotto-niedersachsen.de/s/play/ground/elv_pay.do|hxxp://www.xboxhacks.de/autogg_0_9_3_rev72.t53285.html|hxxp://www.youtube.com/watch?v=a-TY8nO0RpU|hxxp://www.fitness-future.de/fotos.html
FF - prefs.js: keyword.URL - hxxp://feed.snap.do/?publisher=TightropeYB&dpid=TightropeYB&co=DE&userid=356a9d8c-2894-4c88-a0c4-5941e239bf3f&searchtype=ds&installDate=05/04/2013&q=
FF - prefs.js: network.proxy.ftp - 120.85.140.99
FF - prefs.js: network.proxy.ftp_port - 77
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: !HIDDEN! 2009-07-23 20:15; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - user.js: network.proxy.http -
FF - user.js: network.proxy.http_port - 0
FF - user.js: network.proxy.ssl -
FF - user.js: network.proxy.ssl_port - 0
FF - user.js: network.proxy.type - 0
FF - user.js: network.proxy.socks -
FF - user.js: network.proxy.socks_port - 0
.
.
------- Dateityp-Verknüpfung -------
.
.txt=DigitalFotoMaker.6.txt
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{64182481-4F71-486b-A045-B233BD0DA8FC} - c:\program files (x86)\facemoods.com\facemoods\1.4.17.11\bh\facemoods.dll
BHO-{E601996F-E400-41CA-804B-CD6373A7EEE2} - c:\program files (x86)\kikin\ie_kikin.dll
Toolbar-{DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - c:\program files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodsTlbr.dll
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk - c:\program files\COMODO\GeekBuddy\launcher.exe "unit_manager.exe"
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-facemoods - c:\program files (x86)\facemoods.com\facemoods\1.4.17.11\uninstall.exe
AddRemove-RDPSoftware Core Components - c:\windows\system32\uninst.exe
AddRemove-{E4A71A41-BCC8-480a-9E69-0DA29CBA7ECA} - N:\uninstall.exe
AddRemove-FoxTab AVI Converter - c:\program files (x86)\FoxTabAVIConverter\Uninstall\Uninstall.exe
AddRemove-FoxTab Music Converter - c:\program files (x86)\FoxTabMusicConverter\Uninstall\Uninstall.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.alb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FotoManager10Deluxe.8.alb"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1171A62F-05D2-11D1-83FC-00A0C9089C5A}]
@Denied: (A 2) (Everyone)
@="FlashProp Class"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1171A62F-05D2-11D1-83FC-00A0C9089C5A}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9b.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
@Denied: (A 2) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
@="Shockwave Flash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
@Denied: (A 2) (Everyone)
@=""
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
@="FlashBroker"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Minnetonka Audio Software\SurCode Dolby Digital Premiere\Version*Version]
"Version"=hex:58,91,8c,49,ab,f8,b9,22,42,81,0f,49,69,11,15,c6,54,45,1f,e7,80,
06,c7,a0,69,12,3d,0b,d3,10,c4,ce,47,f4,a0,4c,9f,34,07,f9,c1,95,5d,1e,8f,5f,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
Zeit der Fertigstellung: 2014-04-02 20:51:00
ComboFix-quarantined-files.txt 2014-04-02 18:51
.
Vor Suchlauf: 29 Verzeichnis(se), 10.357.964.800 Bytes frei
Nach Suchlauf: 33 Verzeichnis(se), 10.535.358.464 Bytes frei
.
- - End Of File - - 476A0183F5C3282335B89BBFAA7E7486
könnt ihr helfen? |