wannabee | 19.08.2011 20:02 | Hab alles ausgeführt, und als ich google chrome browser ausführen wollte kam '' es wurde versucht einen Registrierungsschlüssel zu entfernen oder wurde als löschen markiert '' verweigerte mir erst den Zugang doch dann als ich als Administrator ausführen chrome ausgeführt habe ging es .
hier der log :) Code:
ComboFix 11-08-19.01 - robin 19.08.2011 20:47:34.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.4095.2965 [GMT 2:00]
ausgeführt von:: c:\users\robin\Downloads\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
c:\program files (x86)\AutocompletePro
c:\program files (x86)\AutocompletePro\FireFoxExtension.exe
c:\program files (x86)\AutocompletePro\InstTracker.exe
c:\users\robin\AppData\Roaming\PnkBstrB.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2011-07-19 bis 2011-08-19 ))))))))))))))))))))))))))))))
.
.
2011-08-19 18:51 . 2011-08-19 18:51 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2011-08-19 18:51 . 2011-08-19 18:51 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-08-18 01:23 . 2011-08-18 01:23 -------- d-----w- C:\_OTL
2011-08-17 17:15 . 2011-08-12 04:10 8862544 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{36A181F9-2F21-4463-8A58-1E455ACD3D34}\mpengine.dll
2011-08-16 07:22 . 2011-08-17 12:48 -------- d-----w- c:\program files (x86)\The Sims 3 Ultimate Bundle
2011-08-15 20:09 . 2011-08-15 20:09 -------- d-----w- c:\windows\Internet Logs
2011-08-13 03:08 . 2004-08-18 08:34 442368 ----a-w- c:\windows\SysWow64\vp6vfw.dll
2011-08-12 23:45 . 2011-08-12 23:45 -------- d-----w- c:\program files (x86)\ESET
2011-08-12 14:34 . 2011-08-12 14:34 -------- d-----w- c:\users\robin\AppData\Roaming\Malwarebytes
2011-08-12 14:33 . 2011-08-12 14:33 -------- d-----w- c:\programdata\Malwarebytes
2011-08-12 14:33 . 2011-07-06 17:52 41272 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-08-12 14:33 . 2011-08-12 14:33 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-08-12 14:33 . 2011-07-06 17:52 25912 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-12 05:52 . 2009-06-18 10:55 18816 ------w- c:\windows\SysWow64\SAVRKBootTasks.sys
2011-08-12 05:07 . 2009-06-18 10:54 6144 ------w- c:\windows\system32\3966.tmp
2011-08-12 04:52 . 2009-06-18 10:54 6144 ------w- c:\windows\system32\6B5D.tmp
2011-08-12 04:52 . 2011-08-12 04:52 -------- d-----w- c:\program files (x86)\Sophos
2011-08-11 18:28 . 2011-08-11 18:28 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
2011-08-11 18:10 . 2011-08-11 18:10 -------- d-----w- c:\program files (x86)\THQ
2011-08-11 17:58 . 2011-08-11 17:58 -------- d-----w- c:\users\robin\AppData\Local\SKIDROW
2011-08-10 15:29 . 2011-07-08 07:31 924632 ----a-w- c:\program files (x86)\Mozilla Firefox\firefox.exe
2011-08-09 17:08 . 2011-08-09 17:08 -------- d-----w- c:\programdata\EA Core
2011-08-09 17:08 . 2011-08-09 17:08 -------- d-----w- c:\programdata\Electronic Arts
2011-08-09 10:28 . 2011-08-13 03:07 -------- d-----w- c:\program files (x86)\EA Games
2011-07-29 20:37 . 2011-07-29 20:37 -------- d-----w- c:\windows\SysWow64\wbem\en-US
2011-07-29 20:37 . 2011-07-29 20:37 -------- d-----w- c:\windows\system32\wbem\en-US
2011-07-27 21:00 . 2011-07-27 21:00 -------- d-----w- c:\program files (x86)\Microsoft
2011-07-27 21:00 . 2011-07-27 21:00 -------- d-----w- c:\program files (x86)\Windows Live SkyDrive
2011-07-27 20:59 . 2011-07-27 21:00 -------- d-----w- c:\program files (x86)\Windows Live
2011-07-27 20:59 . 2011-07-27 20:59 -------- d-----w- c:\windows\PCHEALTH
2011-07-27 20:59 . 2011-07-27 20:59 145968464 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\wlc5E7F.tmp
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-12 02:55 . 2011-05-22 15:47 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-07-28 18:10 . 2009-08-18 10:49 564632 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\wlidui.dll
2011-07-28 18:10 . 2009-08-18 09:24 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-07-16 04:26 . 2011-08-11 01:20 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2011-07-02 17:57 . 2011-04-10 23:39 88288 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-07-02 17:57 . 2011-04-10 23:39 123784 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-06-21 17:11 . 2011-07-06 04:45 28976 ----a-w- c:\windows\system32\nitrolocalmon2.dll
2011-06-21 17:11 . 2011-07-06 04:45 17200 ----a-w- c:\windows\system32\nitrolocalui2.dll
2011-06-11 03:07 . 2011-07-13 02:08 3137536 ----a-w- c:\windows\system32\win32k.sys
2011-05-25 07:25 . 2011-06-28 10:59 29288 ----a-w- c:\windows\system32\nvhdap64.dll
2011-05-25 07:25 . 2011-06-28 10:59 174184 ----a-w- c:\windows\system32\drivers\nvhda64v.sys
2011-05-25 07:25 . 2011-05-05 07:38 1426536 ----a-w- c:\windows\system32\nvhdagenco642040.dll
2011-05-25 07:25 . 2011-06-28 10:59 1016936 ----a-w- c:\windows\system32\nvvsvc.exe
2011-05-25 07:25 . 2011-06-28 10:59 2560616 ----a-w- c:\windows\system32\nvsvcr.dll
2011-05-25 07:25 . 2011-06-28 10:59 61544 ----a-w- c:\windows\system32\nvshext.dll
2011-05-25 07:25 . 2011-06-28 10:59 3040872 ----a-w- c:\windows\system32\nvsvc64.dll
2011-05-25 07:25 . 2011-06-28 10:59 117864 ----a-w- c:\windows\system32\nvmctray.dll
2011-05-25 07:25 . 2011-06-28 10:59 6300776 ----a-w- c:\windows\system32\nvcpl.dll
2011-05-25 07:25 . 2011-06-28 10:59 739432 ----a-w- c:\windows\system32\easyupdatusapiu64.dll
2011-05-25 07:25 . 2011-06-28 10:59 8863336 ----a-w- c:\windows\system32\nvwgf2umx.dll
2011-05-25 07:25 . 2011-06-28 10:59 67176 ----a-w- c:\windows\system32\OpenCL.dll
2011-05-25 07:25 . 2011-06-28 10:59 57960 ----a-w- c:\windows\SysWow64\OpenCL.dll
2011-05-25 07:25 . 2011-06-28 10:59 6555240 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2011-05-25 07:25 . 2011-06-28 10:59 22286952 ----a-w- c:\windows\system32\nvoglv64.dll
2011-05-25 07:25 . 2011-06-28 10:59 16456296 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2011-05-25 07:25 . 2011-06-28 10:59 13206120 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2011-05-25 07:25 . 2011-06-28 10:59 15223912 ----a-w- c:\windows\system32\nvd3dumx.dll
2011-05-25 07:25 . 2011-06-28 10:59 1496168 ----a-w- c:\windows\system32\nvdispco6420150.dll
2011-05-25 07:25 . 2011-06-28 10:59 1427048 ----a-w- c:\windows\system32\nvgenco642090.dll
2011-05-25 07:25 . 2011-06-28 10:59 11992680 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2011-05-25 07:25 . 2011-06-28 10:59 7123560 ----a-w- c:\windows\system32\nvcuda.dll
2011-05-25 07:25 . 2011-06-28 10:59 5301352 ----a-w- c:\windows\SysWow64\nvcuda.dll
2011-05-25 07:25 . 2011-06-28 10:59 2943592 ----a-w- c:\windows\system32\nvcuvid.dll
2011-05-25 07:25 . 2011-06-28 10:59 2804328 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2011-05-25 07:25 . 2011-06-28 10:59 2212968 ----a-w- c:\windows\system32\nvcuvenc.dll
2011-05-25 07:25 . 2011-06-28 10:59 2082408 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2011-05-25 07:25 . 2011-06-28 10:59 18583144 ----a-w- c:\windows\system32\nvcompiler.dll
2011-05-25 07:25 . 2011-06-28 10:59 13011560 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2011-05-25 07:25 . 2011-06-28 10:59 2644584 ----a-w- c:\windows\system32\nvapi64.dll
2011-05-25 07:25 . 2011-06-28 10:59 2335848 ----a-w- c:\windows\SysWow64\nvapi.dll
2011-05-24 17:14 . 2011-04-09 14:03 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-05-24 11:42 . 2011-06-29 02:17 404480 ----a-w- c:\windows\system32\umpnpmgr.dll
2011-05-24 11:00 . 2011-05-24 11:00 254528 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-05-24 10:40 . 2011-06-29 02:17 64512 ----a-w- c:\windows\SysWow64\devobj.dll
2011-05-24 10:40 . 2011-06-29 02:17 44544 ----a-w- c:\windows\SysWow64\devrtl.dll
2011-05-24 10:39 . 2011-06-29 02:17 145920 ----a-w- c:\windows\SysWow64\cfgmgr32.dll
2011-05-24 10:37 . 2011-06-29 02:17 252928 ----a-w- c:\windows\SysWow64\drvinst.exe
2006-05-03 09:06 163328 --sha-r- c:\windows\SysWOW64\flvDX.dll
2007-02-21 10:47 31232 --sha-r- c:\windows\SysWOW64\msfDX.dll
2008-03-16 12:30 216064 --sha-r- c:\windows\SysWOW64\nbDX.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2011-03-04 281768]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-07-06 449584]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer3"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 ALSysIO;ALSysIO;c:\users\robin\AppData\Local\Temp\ALSysIO64.sys [x]
R3 CompFilter64;UVCCompositeFilter;c:\windows\system32\DRIVERS\lvbflt64.sys [x]
R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [x]
R3 LVUSBS64;Logitech USB Monitor Filter;c:\windows\system32\DRIVERS\LVUSBS64.sys [x]
R3 LVUVC64;Logitech HD Webcam C510(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [x]
R3 MEMSWEEP2;MEMSWEEP2;c:\windows\system32\3966.tmp [x]
R3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\DRIVERS\s0016bus.sys [x]
R3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s0016mdfl.sys [x]
R3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s0016mdm.sys [x]
R3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s0016mgmt.sys [x]
R3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\DRIVERS\s0016nd5.sys [x]
R3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s0016obex.sys [x]
R3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\DRIVERS\s0016unic.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-05-08 136360]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-07-06 366640]
S2 NitroReaderDriverReadSpool2;NitroPDFReaderDriverCreatorReadSpool2;c:\program files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe [2011-06-21 341296]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-05-25 2214504]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-05-20 378472]
S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2011-04-01 428640]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
.
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.msn.de/
mLocal Page =
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files (x86)\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\robin\AppData\Roaming\Mozilla\Firefox\Profiles\0kcgbs5l.default\
FF - prefs.js: browser.search.selectedEngine -
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.2.9&q=
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MEMSWEEP2]
"ImagePath"="\??\c:\windows\system32\3966.tmp"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1801085710-2570601300-3358964583-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:06,90,56,80,67,50,02,17,e5,b9,4f,b4,73,8a,d1,65,f5,0f,c3,9a,19,bc,06,
59,e3,64,e7,ff,db,36,90,95,84,fa,16,72,6b,60,7b,3b,1f,0d,16,9b,9f,b8,93,d2,\
"??"=hex:65,34,23,f1,ac,3e,ae,99,14,20,f8,2a,53,ca,02,2f
.
[HKEY_USERS\S-1-5-21-1801085710-2570601300-3358964583-1000\Software\SecuROM\License information*]
"datasecu"=hex:21,7e,a7,c5,e4,fc,06,e2,c9,22,a2,2d,c6,6c,50,33,d4,1e,e0,d2,68,
5f,45,c3,fb,ee,27,ea,de,25,8f,97,6f,e8,a8,eb,05,c0,5a,04,78,3a,8c,52,68,f1,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10o_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10o_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\windows\SysWOW64\PnkBstrA.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2011-08-19 20:56:16 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2011-08-19 18:56
.
Vor Suchlauf: 10 Verzeichnis(se), 82.573.234.176 Bytes frei
Nach Suchlauf: 14 Verzeichnis(se), 82.415.718.400 Bytes frei
.
- - End Of File - - 1C9C567AD23D1594C283D467EB0F5B32 |