Trojaner-Board - GVU Trojaner

also im abgesicherten Modus hab ichs nach dem 2ten versuch geschaft

hier ist das log file

Combofix Logfile:

Code:

ComboFix 13-05-20.01 - STROMBERG 21.05.2013   0:16.2.4 - x64 MINIMAL

Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.3948.3278 [GMT 2:00]

ausgeführt von:: c:\users\STROMBERG\Desktop\ComboFix.exe

AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}

SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

 * Neuer Wiederherstellungspunkt wurde erstellt

.

.

((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

---- Vorheriger Suchlauf -------

.

C:\Install.exe

c:\program files (x86)\Common Files\337\libcef\1.1364.1123\icudt.dll

c:\program files (x86)\Common Files\337\libcef\1.1364.1123\libcef.dll

c:\program files (x86)\Common Files\337\libcef\1.1364.1123\locales\en-US.pak

c:\program files (x86)\IMinent Toolbar\tbHElper.dll

c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\bh\inCRedibar.dll

c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarApp.dll

c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarEng.dll

c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarsrv.exe

c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\inCRedibartlbr.dll

c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\uninstall.exe

c:\program files (x86)\Windows Live\Messenger\msacm32.dll

c:\programdata\2433f433

c:\users\STROMBERG\AppData\Roaming\2433f433

c:\users\STROMBERG\AppData\Roaming\convert\convert.exe

c:\users\STROMBERG\Desktop\Setup.exe

c:\windows\SysWow64\Uninstall-TvPlugin-5.8

c:\windows\Uninstall-TvPlugin-5.9

c:\windows\wininit.ini

.

.

(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

-------\Service_SrvUpdater

.

.

(((((((((((((((((((((((   Dateien erstellt von 2013-04-20 bis 2013-05-20  ))))))))))))))))))))))))))))))

.

.

2013-05-20 22:21 . 2013-05-20 22:21        --------        d-----w-        c:\users\UpdatusUser\AppData\Local\temp

2013-05-20 22:21 . 2013-05-20 22:21        --------        d-----w-        c:\users\Default\AppData\Local\temp

2013-05-19 12:53 . 2013-05-19 12:54        --------        d-----w-        c:\users\STROMBERG\AppData\Roaming\Desk 365

2013-05-19 12:53 . 2013-05-19 12:54        --------        d-----w-        c:\program files (x86)\Desk 365

2013-05-19 12:52 . 2013-05-19 12:52        --------        d-----w-        c:\users\STROMBERG\AppData\Roaming\eIntaller

2013-05-19 12:50 . 2013-05-19 12:54        --------        d-----w-        c:\program files (x86)\Plus-HD-1.8

2013-05-18 14:36 . 2013-05-11 22:27        262552        ----a-w-        c:\program files (x86)\Mozilla Firefox\browser\components\browsercomps.dll

2013-05-18 14:36 . 2013-05-11 22:26        96664        ----a-w-        c:\program files (x86)\Mozilla Firefox\webapprt-stub.exe

2013-05-18 14:36 . 2013-05-11 22:26        170232        ----a-w-        c:\program files (x86)\Mozilla Firefox\webapp-uninstaller.exe

2013-05-18 14:36 . 2013-05-11 22:26        26520        ----a-w-        c:\program files (x86)\Mozilla Firefox\plugin-hang-ui.exe

2013-05-18 14:36 . 2013-05-11 22:26        74136        ----a-w-        c:\program files (x86)\Mozilla Firefox\breakpadinjector.dll

2013-05-18 12:48 . 2013-05-18 12:48        --------        d-----w-        c:\users\STROMBERG\AppData\Roaming\Malwarebytes

2013-05-18 12:46 . 2013-05-18 12:46        --------        d-----w-        c:\programdata\Malwarebytes

2013-05-18 12:46 . 2013-05-18 12:47        --------        d-----w-        c:\program files (x86)\Malwarebytes' Anti-Malware

2013-05-18 12:46 . 2013-04-04 12:50        25928        ----a-w-        c:\windows\system32\drivers\mbam.sys

2013-05-18 12:45 . 2013-05-18 12:45        --------        d-----w-        c:\users\STROMBERG\AppData\Local\Programs

2013-05-17 13:09 . 2013-05-05 21:36        17818624        ----a-w-        c:\windows\system32\mshtml.dll

2013-05-17 13:09 . 2013-05-05 21:16        2382848        ----a-w-        c:\windows\system32\mshtml.tlb

2013-05-17 13:09 . 2013-05-05 19:12        2382848        ----a-w-        c:\windows\SysWow64\mshtml.tlb

2013-05-17 11:51 . 2013-04-10 06:01        265064        ----a-w-        c:\windows\system32\drivers\dxgmms1.sys

2013-05-17 11:51 . 2013-04-10 06:01        983400        ----a-w-        c:\windows\system32\drivers\dxgkrnl.sys

2013-05-17 11:51 . 2011-02-03 11:25        144384        ----a-w-        c:\windows\system32\cdd.dll

2013-05-17 11:51 . 2013-04-10 03:30        3153920        ----a-w-        c:\windows\system32\win32k.sys

2013-05-17 11:51 . 2013-03-19 05:53        48640        ----a-w-        c:\windows\system32\wwanprotdim.dll

2013-05-17 11:51 . 2013-03-19 05:53        230400        ----a-w-        c:\windows\system32\wwansvc.dll

2013-05-17 11:51 . 2013-02-27 05:52        14172672        ----a-w-        c:\windows\system32\shell32.dll

2013-05-17 11:50 . 2013-02-27 05:52        197120        ----a-w-        c:\windows\system32\shdocvw.dll

2013-05-17 11:50 . 2013-02-27 05:48        1930752        ----a-w-        c:\windows\system32\authui.dll

2013-05-17 11:50 . 2013-02-27 06:02        111448        ----a-w-        c:\windows\system32\consent.exe

2013-05-17 11:50 . 2013-02-27 05:47        70144        ----a-w-        c:\windows\system32\appinfo.dll

2013-05-17 11:50 . 2013-02-27 04:49        1796096        ----a-w-        c:\windows\SysWow64\authui.dll

2013-05-14 19:34 . 2013-05-17 11:08        --------        d-----w-        c:\users\STROMBERG\AppData\Roaming\Ikyv

2013-05-14 19:34 . 2013-05-14 19:39        --------        d-----w-        c:\users\STROMBERG\AppData\Roaming\Peqyc

2013-05-14 19:34 . 2013-05-14 19:34        --------        d-----w-        c:\users\STROMBERG\AppData\Roaming\Bepoi

2013-05-14 19:27 . 2013-05-14 19:27        16948616        ----a-w-        c:\windows\SysWow64\FlashPlayerInstaller.exe

2013-05-10 17:19 . 2013-05-20 20:56        76232        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{5F1CB7D1-E63D-4738-836E-50303682738D}\offreg.dll

2013-05-10 10:07 . 2013-04-10 03:46        9317456        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{5F1CB7D1-E63D-4738-836E-50303682738D}\mpengine.dll

2013-05-08 20:07 . 2013-05-08 20:06        83160        ----a-w-        c:\windows\system32\drivers\avnetflt.sys

2013-05-05 09:14 . 2013-05-05 09:14        --------        d-----w-        c:\users\STROMBERG\AppData\Local\Facebook

2013-05-03 22:19 . 2013-05-18 12:34        --------        d-----w-        c:\users\STROMBERG\AppData\Roaming\Somy

2013-05-03 22:19 . 2013-05-13 18:05        --------        d-----w-        c:\users\STROMBERG\AppData\Roaming\Huebmu

2013-05-03 22:19 . 2013-05-03 22:19        --------        d-----w-        c:\users\STROMBERG\AppData\Roaming\Ymycu

2013-04-25 19:26 . 2013-04-25 19:26        163504        ----a-w-        c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10144.bin

2013-04-25 18:42 . 2013-04-12 14:45        1656680        ----a-w-        c:\windows\system32\drivers\ntfs.sys

.

.

.

((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-05-19 12:05 . 2012-08-17 15:55        75016696        ----a-w-        c:\windows\system32\MRT.exe

2013-05-14 19:28 . 2012-06-23 20:44        692104        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe

2013-05-14 19:28 . 2011-11-08 12:22        71048        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2013-05-10 17:52 . 2011-03-29 02:36        22240        ----a-w-        c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

2013-05-02 00:06 . 2010-11-21 03:27        278800        ------w-        c:\windows\system32\MpSigStub.exe

2013-04-13 05:49 . 2013-05-17 11:51        135168        ----a-w-        c:\windows\apppatch\AppPatch64\AcXtrnal.dll

2013-04-13 05:49 . 2013-05-17 11:51        350208        ----a-w-        c:\windows\apppatch\AppPatch64\AcLayers.dll

2013-04-13 05:49 . 2013-05-17 11:51        308736        ----a-w-        c:\windows\apppatch\AppPatch64\AcGenral.dll

2013-04-13 05:49 . 2013-05-17 11:51        111104        ----a-w-        c:\windows\apppatch\AppPatch64\acspecfc.dll

2013-04-13 04:45 . 2013-05-17 11:51        474624        ----a-w-        c:\windows\apppatch\AcSpecfc.dll

2013-04-13 04:45 . 2013-05-17 11:51        2176512        ----a-w-        c:\windows\apppatch\AcGenral.dll

2013-04-07 18:45 . 2013-04-07 18:44        8527952        ----a-w-        c:\programdata\Microsoft\BingBar\BBSvc\7.1.391.0oemBingBarSetup-Partner.EXE

2013-04-07 08:54 . 2012-09-14 08:14        1455408        ----a-w-        c:\windows\system32\dmwu.exe

2013-04-07 08:53 . 2012-09-14 08:14        33792        ----a-w-        c:\windows\system32\ImHttpComm.dll

2013-03-31 10:24 . 2013-03-31 10:24        28600        ----a-w-        c:\windows\system32\drivers\avkmgr.sys

2013-03-31 10:24 . 2013-03-31 10:24        130016        ----a-w-        c:\windows\system32\drivers\avipbb.sys

2013-03-31 10:24 . 2013-03-31 10:24        100712        ----a-w-        c:\windows\system32\drivers\avgntflt.sys

2013-03-19 06:04 . 2013-04-10 18:33        5550424        ----a-w-        c:\windows\system32\ntoskrnl.exe

2013-03-19 05:46 . 2013-04-10 18:33        43520        ----a-w-        c:\windows\system32\csrsrv.dll

2013-03-19 05:04 . 2013-04-10 18:33        3968856        ----a-w-        c:\windows\SysWow64\ntkrnlpa.exe

2013-03-19 05:04 . 2013-04-10 18:33        3913560        ----a-w-        c:\windows\SysWow64\ntoskrnl.exe

2013-03-19 04:47 . 2013-04-10 18:33        6656        ----a-w-        c:\windows\SysWow64\apisetschema.dll

2013-03-19 03:06 . 2013-04-10 18:33        112640        ----a-w-        c:\windows\system32\smss.exe

2012-08-13 09:09 . 2012-08-13 09:09        473600        ----a-w-        c:\program files\setup.exe

2012-08-13 09:09 . 2012-08-13 09:09        3166208        ----a-w-        c:\program files\openofficeorg341.msi

.

.

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))

.

.

*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 

REGEDIT4

.

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{09152f0b-739c-4dec-a245-1aa8a37594f1}"= "c:\program files (x86)\iNTERNET_TURBO\prxtbiNT0.dll" [2013-04-14 231712]

"{cd90bf73-20f6-44ef-993d-bb920303bd2e}"= "c:\program files (x86)\Veoh_Web_Player\prxtbVeo0.dll" [2013-04-14 231712]

.

[HKEY_CLASSES_ROOT\clsid\{09152f0b-739c-4dec-a245-1aa8a37594f1}]

.

[HKEY_CLASSES_ROOT\clsid\{cd90bf73-20f6-44ef-993d-bb920303bd2e}]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{09152f0b-739c-4dec-a245-1aa8a37594f1}]

2013-04-14 12:35        231712        ----a-w-        c:\program files (x86)\iNTERNET_TURBO\prxtbiNT0.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{11111111-1111-1111-1111-110311251140}]

2013-05-19 12:53        743272        ----a-w-        c:\program files (x86)\Plus-HD-1.8\Plus-HD-1.8-bho.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087}]

2013-01-29 13:28        170840        ----a-w-        c:\program files\Web Assistant\Extension32.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{58124A0B-DC32-4180-9BFF-E0E21AE34026}]

2010-07-02 07:54        2607872        ----a-w-        c:\program files (x86)\IMinent Toolbar\tbcore3.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}]

2012-02-27 08:42        88976        ----a-w-        c:\progra~2\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0}]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}]

2013-01-23 12:24        247704        ----a-w-        c:\program files (x86)\Delta\delta\1.8.10.0\bh\delta.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{cd90bf73-20f6-44ef-993d-bb920303bd2e}]

2013-04-14 12:35        231712        ----a-w-        c:\program files (x86)\Veoh_Web_Player\prxtbVeo0.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]

2012-07-04 13:03        1310040        ----a-r-        c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]

"{99079a25-328f-4bd4-be04-00955acaa0a7}"= "c:\progra~2\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll" [2012-02-27 88976]

"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2012-07-04 1310040]

"{09152f0b-739c-4dec-a245-1aa8a37594f1}"= "c:\program files (x86)\iNTERNET_TURBO\prxtbiNT0.dll" [2013-04-14 231712]

"{cd90bf73-20f6-44ef-993d-bb920303bd2e}"= "c:\program files (x86)\Veoh_Web_Player\prxtbVeo0.dll" [2013-04-14 231712]

"{977AE9CC-AF83-45E8-9E03-E2798216E2D5}"= "c:\program files (x86)\IMinent Toolbar\tbcore3.dll" [2010-07-02 2607872]

"{82E1477C-B154-48D3-9891-33D83C26BCD3}"= "c:\program files (x86)\Delta\delta\1.8.10.0\deltaTlbr.dll" [2013-01-23 321944]

.

[HKEY_CLASSES_ROOT\clsid\{99079a25-328f-4bd4-be04-00955acaa0a7}]

.

[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]

[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]

[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]

[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]

.

[HKEY_CLASSES_ROOT\clsid\{09152f0b-739c-4dec-a245-1aa8a37594f1}]

.

[HKEY_CLASSES_ROOT\clsid\{cd90bf73-20f6-44ef-993d-bb920303bd2e}]

.

[HKEY_CLASSES_ROOT\clsid\{977ae9cc-af83-45e8-9e03-e2798216e2d5}]

[HKEY_CLASSES_ROOT\TBSB01620.TBSB01620.3]

[HKEY_CLASSES_ROOT\TypeLib\{EC4085F2-8DB3-45a6-AD0B-CA289F3C5D7E}]

[HKEY_CLASSES_ROOT\TBSB01620.TBSB01620]

.

[HKEY_CLASSES_ROOT\clsid\{82e1477c-b154-48d3-9891-33d83c26bcd3}]

[HKEY_CLASSES_ROOT\delta.deltadskBnd.1]

[HKEY_CLASSES_ROOT\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}]

[HKEY_CLASSES_ROOT\delta.deltadskBnd]

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"VeohPlugin"="c:\program files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" [2012-06-11 4692840]

"Driver Mender"="c:\program files (x86)\Driver Mender\Driver Mender\DriverMender.exe" [2012-11-12 3595704]

"Driver Detective"="c:\program files (x86)\Driver Mender\Driver Mender\DriverMender.exe" [2012-11-12 3595704]

"Facebook Update"="c:\users\STROMBERG\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2013-05-05 138096]

"Desk 365"="c:\program files (x86)\Desk 365\desk365.exe" [2013-05-19 895568]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]

"BackupManagerTray"="c:\program files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" [2011-04-24 297280]

"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2011-07-01 1110096]

"24x7HELP"="c:\program files (x86)\24x7Help\App24x7Help.exe" [2013-03-12 1773648]

"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]

"Iminent"="c:\program files (x86)\Iminent\Iminent.exe" [2012-08-24 1073784]

"IminentMessenger"="c:\program files (x86)\Iminent\Iminent.Messengers.exe" [2012-08-24 884856]

"EEventManager"="c:\program files (x86)\Epson Software\Event Manager\EEventManager.exe" [2010-08-30 979328]

"SweetIM"="c:\program files (x86)\SweetIM\Messenger\SweetIM.exe" [2012-10-04 115032]

"Sweetpacks Communicator"="c:\program files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe" [2012-08-15 231768]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]

"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-05-08 345312]

.

c:\users\STROMBERG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

OpenOffice.org 3.4.1.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2012-8-13 1199104]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Acer VCM.lnk - c:\program files (x86)\Acer\Acer VCM\AcerVCM.exe [2011-11-8 723560]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]

"LoadAppInit_DLLs"=1 (0x1)

"AppInit_DLLs"=c:\progra~3\BPROTE~1\261125~1.80\{EAB34~1\protector.dll

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

R1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2013-03-31 28600]

R1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [2012-01-25 22648]

R1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [2012-01-25 20520]

R1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [2012-01-25 62776]

R1 nvkflt;nvkflt;c:\windows\system32\DRIVERS\nvkflt.sys [2011-09-08 249152]

R2 24x7HelpSvc;24x7HelpService;c:\program files (x86)\24x7Help\App24x7Svc.exe [2013-02-22 342608]

R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-05-14 759048]

R2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2013-03-31 86752]

R2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2011-09-16 105120]

R2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe [2012-06-11 193616]

R2 bProtector;bProtector;c:\programdata\bProtectorForWindows\2.6.1125.80\{eab34bca-99d8-4192-8f3b-58b53f6d08e7}\bProtect.exe [2013-03-06 2569168]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 CxAudMsg;Conexant Audio Message Service;c:\windows\system32\CxAudMsg64.exe [2010-12-16 198784]

R2 desksvc;Desk 365 service;c:\program files (x86)\Desk 365\deskSvc.exe [2013-05-19 418896]

R2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2011-07-01 353872]

R2 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files\Common Files\EgisTec\Services\EgisTicketService.exe [2011-06-04 212016]

R2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2011-05-10 872552]

R2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE [2009-09-14 166400]

R2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [2009-09-14 128512]

R2 ffdshow manager;ffdshow manager;c:\programdata\ffdshow manager\2.2.580.185\{16cdff19-861d-48e3-a751-d99a27784753}\ffdshowmngr.exe [2012-09-01 1695776]

R2 Giraffic;Veoh Giraffic Video Accelerator;c:\program files (x86)\Giraffic\Veoh_GirafficWatchdog.exe [2013-05-13 2245232]

R2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2011-05-26 29696]

R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-05-20 13592]

R2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-01-13 1751656]

R2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2012-04-05 255376]

R2 lxea_device;lxea_device;c:\windows\system32\lxeacoms.exe [2010-04-14 1052328]

R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]

R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]

R2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]

R2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2011-04-24 256832]

R2 RS_Service;Raw Socket Service;c:\program files (x86)\Acer\Acer VCM\RS_Service.exe [2010-01-30 260640]

R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]

R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-09-07 381248]

R2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-10-08 19192]

R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-20 2656280]

R2 WajamUpdater;WajamUpdater;c:\program files (x86)\Wajam\Updater\WajamUpdater.exe [2012-06-14 109064]

R2 Web Assistant Updater;Web Assistant Updater;c:\program files\Web Assistant\ExtensionUpdaterService.exe [2013-01-29 188760]

R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2011-09-16 36000]

R3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe [2012-06-11 240208]

R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2011-09-16 330912]

R3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys [2011-09-16 110240]

R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [2011-09-16 167584]

R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2011-09-16 68256]

R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [2011-09-16 280992]

R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2011-09-16 517280]

R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2010-10-20 76912]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-04-04 25928]

R3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [2011-01-12 333928]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]

R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]

R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-10-08 150016]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]

S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2011-09-08 28992]

S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [2011-09-16 30368]

.

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

2013-04-12 20:18        1642448        ----a-w-        c:\program files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe

.

Inhalt des "geplante Tasks" Ordners

.

2013-05-05 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3360553633-3869384906-3284700676-1002Core.job

- c:\users\STROMBERG\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-05-05 09:14]

.

2013-05-20 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3360553633-3869384906-3284700676-1002UA.job

- c:\users\STROMBERG\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-05-05 09:14]

.

2013-05-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-15 21:35]

.

2013-05-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-15 21:35]

.

2013-05-20 c:\windows\Tasks\PC Performer_DEFAULT.job

- c:\program files (x86)\PC Performer\PCPerformer.exe [2013-02-19 14:53]

.

2013-04-03 c:\windows\Tasks\PC Performer_UPDATES.job

- c:\program files (x86)\PC Performer\PCPerformer.exe [2013-02-19 14:53]

.

2013-05-20 c:\windows\Tasks\Plus-HD-1.8-chromeinstaller.job

- c:\program files (x86)\Plus-HD-1.8\Plus-HD-1.8-chromeinstaller.exe [2013-05-19 12:50]

.

2013-05-20 c:\windows\Tasks\Plus-HD-1.8-codedownloader.job

- c:\program files (x86)\Plus-HD-1.8\Plus-HD-1.8-codedownloader.exe [2013-05-19 12:51]

.

2013-05-20 c:\windows\Tasks\Plus-HD-1.8-enabler.job

- c:\program files (x86)\Plus-HD-1.8\Plus-HD-1.8-enabler.exe [2013-05-19 12:54]

.

2013-05-20 c:\windows\Tasks\Plus-HD-1.8-firefoxinstaller.job

- c:\program files (x86)\Plus-HD-1.8\Plus-HD-1.8-firefoxinstaller.exe [2013-05-19 12:51]

.

2013-05-20 c:\windows\Tasks\Plus-HD-1.8-updater.job

- c:\program files (x86)\Plus-HD-1.8\Plus-HD-1.8-updater.exe [2013-05-19 12:54]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C1ED9DA0-AFD0-4b90-AC6A-D3874F591014}]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-03-31 392216]

"Persistence"="c:\windows\system32\igfxpers.exe" [2011-03-31 415768]

"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-09-16 976032]

"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-09-16 799904]

"ProShieldTSR"="c:\program files\Acer ProShield\EgisTSR.exe" [2011-06-04 165936]

"Power Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2011-05-10 1831528]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=c:\progra~2\SEARCH~2\Datamngr\x64\datamngr.dll c:\progra~2\SEARCH~2\Datamngr\x64\IEBHO.dll c:\windows\System32\nvinitx.dll

.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - LocalService

FontCache

.

------- Zusätzlicher Suchlauf -------

.

uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT3197087

uLocal Page = c:\windows\system32\blank.htm

mDefault_Search_URL = hxxp://www.google.ro

mDefault_Page_URL = hxxp://en.v9.com/?utm_source=b&utm_medium=sof&from=sof&uid=TOSHIBAXMK7559GSXP_128FT2E5TXX128FT2E5T&ts=1368967965

mStart Page = hxxp://en.v9.com/?utm_source=b&utm_medium=sof&from=sof&uid=TOSHIBAXMK7559GSXP_128FT2E5TXX128FT2E5T&ts=1368967965

mLocal Page = c:\windows\SysWOW64\blank.htm

mSearch Page = hxxp://www.google.ro

uSearchURL,(Default) = hxxp://www.google.ro

mSearchAssistant = hxxp://search.v9.com/web/?utm_source=b&utm_medium=sof&from=sof&uid=TOSHIBAXMK7559GSXP_128FT2E5TXX128FT2E5T&ts=0

mCustomizeSearch = hxxp://search.v9.com/web/?utm_source=b&utm_medium=sof&from=sof&uid=TOSHIBAXMK7559GSXP_128FT2E5TXX128FT2E5T&ts=0

TCP: DhcpNameServer = 192.168.2.1

FF - ProfilePath - c:\users\STROMBERG\AppData\Roaming\Mozilla\Firefox\Profiles\ryqbll1h.default-1352555086748\

FF - prefs.js: browser.search.selectedEngine - v9

FF - prefs.js: browser.startup.homepage - hxxp://en.v9.com/?utm_source=b&utm_medium=sof&from=sof&uid=TOSHIBAXMK7559GSXP_128FT2E5TXX128FT2E5T&ts=1368967965

FF - user.js: network.cookie.cookieBehavior - 0

FF - user.js: privacy.clearOnShutdown.cookies - false

FF - user.js: security.warn_viewing_mixed - false

FF - user.js: security.warn_viewing_mixed.show_once - false

FF - user.js: security.warn_submit_insecure - false

FF - user.js: security.warn_submit_insecure.show_once - false

.

- - - - Entfernte verwaiste Registrierungseinträge - - - -

.

URLSearchHooks-{84FF7BD6-B47F-46F8-9130-01B2696B36CB} - (no file)

BHO-{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll

Toolbar-Locked - (no file)

Toolbar-10 - (no file)

Toolbar-{F9639E4A-801B-4843-AEE3-03D9DA199E77} - c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll

Wow6432Node-HKCU-Run-Messenger (Yahoo!) - ~c:\progra~2\Yahoo!\Messenger\YahooMessenger.exe

Wow6432Node-HKCU-Run-Orbitum - c:\users\STROMBERG\AppData\Local\Orbitum\Application\chrome.exe

Toolbar-Locked - (no file)

Toolbar-10 - (no file)

WebBrowser-{09152F0B-739C-4DEC-A245-1AA8A37594F1} - (no file)

WebBrowser-{CD90BF73-20F6-44EF-993D-BB920303BD2E} - (no file)

WebBrowser-{977AE9CC-AF83-45E8-9E03-E2798216E2D5} - (no file)

AddRemove-BabylonToolbar - c:\program files (x86)\BabylonToolbar\BabylonToolbar\1.6.9.12\uninstall.exe

AddRemove-incredibar - c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\uninstall.exe

AddRemove-SopCast - c:\archivos de programa\SopCast\uninst.exe

AddRemove-SopCast Tv Plugin 5.8 Setup - c:\windows\system32\Uninstall-TvPlugin-5.8

AddRemove-SopCast Tv Plugin 5.9 Setup - c:\windows\Uninstall-TvPlugin-5.9

.

.

.

--------------------- Gesperrte Registrierungsschluessel ---------------------

.

[HKEY_USERS\.Default\Software\DataMngr\Files\ChromeHomepage]

@Denied: (2) (LocalSystem)

"Flag"=dword:00000000

.

[HKEY_USERS\.Default\Software\DataMngr\Files\Homepage]

@Denied: (2) (LocalSystem)

"Flag"=dword:00000000

.

[HKEY_USERS\.Default\Software\DataMngr\Files\SelectedSearch]

@Denied: (2) (LocalSystem)

"Flag"=dword:00000000

.

[HKEY_USERS\.Default\Software\DataMngr\Files\UrlbarSearch]

@Denied: (2) (LocalSystem)

"Flag"=dword:00000000

.

[HKEY_USERS\.Default\Software\DataMngr\List\Item1]

@Denied: (2) (LocalSystem)

"Flag"=dword:00000000

.

[HKEY_USERS\.Default\Software\DataMngr\List\Item2]

@Denied: (2) (LocalSystem)

"Flag"=dword:00000000

.

[HKEY_USERS\.Default\Software\DataMngr\List\Item3]

@Denied: (2) (LocalSystem)

"Flag"=dword:00000000

.

[HKEY_USERS\.Default\Software\DataMngr\Toolbar]

@Denied: (2) (LocalSystem)

"Flag"=dword:00000000

.

[HKEY_USERS\.Default\Software\DataMngr_Toolbar]

@Denied: (2) (LocalSystem)

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\software\McAfee]

"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,

   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\DataMngr\List\Item1]

@Denied: (2) (LocalSystem)

@Denied: (2) (S-1-5-21-3360553633-3869384906-3284700676-1002)

"Flag"=dword:00000000

"ID"="ieb"

"Key"="Software\\Microsoft\\Internet Explorer\\SearchScopes"

"Name"="DefaultScope"

"Value"="{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}"

"Window"="#32770"

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\DataMngr\List\Item2]

@Denied: (2) (LocalSystem)

@Denied: (2) (S-1-5-21-3360553633-3869384906-3284700676-1002)

"Flag"=dword:00000000

"ID"="hmp"

"Key"="SOFTWARE\\Microsoft\\Internet Explorer\\Main"

"Name"="Start Page"

"Value"="hxxp://www.searchnu.com/406"

"Window"="#32770"

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\DataMngr\List\Item3]

@Denied: (2) (LocalSystem)

@Denied: (2) (S-1-5-21-3360553633-3869384906-3284700676-1002)

"Flag"=dword:00000000

"Key"="SOFTWARE\\Microsoft\\Internet Explorer\\Main"

"Name"="FrameAuto"

"Value"="1"

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Zeit der Fertigstellung: 2013-05-21  00:23:33

ComboFix-quarantined-files.txt  2013-05-20 22:23

.

Vor Suchlauf: 19 Verzeichnis(se), 673.991.573.504 Bytes frei

Nach Suchlauf: 20 Verzeichnis(se), 673.507.532.800 Bytes frei

.

- - End Of File - - A45C340F49CFD6B038094A3F7680A9E8

--- --- ---

also hab sie bezeichnet

Code:

24x7 Help        PCRx.com, LLC        23.06.2012        3,59 MB        1.0.0.25 unbekannt

7-Zip 9.20                21.05.2013 notwendig                

ABBYY FineReader 9.0 Sprint        ABBYY        14.10.2012                9.01.513.58212 unbekannt

Acer Backup Manager        NTI Corporation        08.11.2011        336 MB        3.0.0.99 unbekannt

Acer Crystal Eye Webcam        CyberLink Corp.        25.01.2012        33,7 MB        1.0.1710 notwendig

Acer ePower Management        Acer Incorporated        25.01.2012                6.00.3007 unbekannt

Acer eRecovery Management        Acer Incorporated        08.11.2011                5.00.3502 unbekannt

Acer Registration        Acer Incorporated        25.01.2012                1.04.3502 unbekannt

Acer ScreenSaver        Acer Incorporated        25.01.2012                1.1.0913.2011 unbekannt

Acer Updater        Acer Incorporated        21.03.2013                1.02.3502 unbekannt

Acer VCM        Acer Incorporated        08.11.2011                4.05.3501 unbekannt

Adobe Flash Player 11 ActiveX        Adobe Systems Incorporated        14.05.2013        6,00 MB        11.7.700.202 notwendig

Adobe Flash Player 11 Plugin        Adobe Systems Incorporated        11.04.2013        6,00 MB        11.7.700.169 notwendig

Adobe Reader X (10.1.4) MUI        Adobe Systems Incorporated        05.01.2013        480 MB        10.1.4 unbekannt

Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver        Atheros Communications Inc.        08.11.2011                1.0.0.36 unbekannt

aTube Catcher        DsNET Corp        11.09.2012                3.1.1324 notwendig

Avira Free Antivirus        Avira        08.05.2013        129 MB        13.0.0.3640 notwendig

Babylon toolbar on IE        BabylonToolbar        01.09.2012 unnötig                

BabylonObjectInstaller        Babylon Ltd        01.09.2012        2,10 MB        2.0.0.4 unnötig

Battlefield Heroes (STROMBERG)        EA Digital illusions        02.08.2012 unnötig                

Benutzerhandbuch EPSON SX130 Series                29.12.2012 notwendig                

Bing Bar        Microsoft Corporation        08.04.2013        464 KB        7.1.391.0 unnötig

Bluetooth Win7 Suite (64)        Atheros Communications        25.01.2012        118 MB        7.4.0.96 notwendig

Bundled software uninstaller                21.05.2013 unbekannt                

CCleaner        Piriform        23.04.2013                4.01 notwendig

Chica Password Manager 2.0 2.0.0.8        ChicaLogic, Inc.        01.09.2012        20,4 MB        2.0 unnötig

Conexant HD Audio        Conexant        08.11.2011                8.52.0.50 unbekannt 

Corel WinDVD        Corel Inc.        25.01.2012        291 MB        10.0.5.899 unbekannt

DealPly                21.05.2013 unbekannt                

DealPly (remove only)        DealPly Technologies Ltd.        21.05.2013        1,20 MB        4.8.6.1 unbekannt

Delta Chrome Toolbar                27.02.2013 unbekannt                

Delta Chrome Toolbar        Visual Tools        27.02.2013 unbekannt                

Delta toolbar        Delta        27.02.2013                1.8.10.0 unbekannt

Desk 365        337 Technology Limited.        19.05.2013                1.11.16 unnötig

DivX-Setup        DivX, LLC        03.07.2012                2.6.1.9 unbekannt

Driver Mender        Driver Mender        29.12.2012        10,2 MB        8.1 unnötig

eBay Worldwide        OEM        23.06.2012        100 KB        2.2.0409 unnötig

Epson Easy Photo Print 2        SEIKO EPSON CORPORATION        14.10.2012                2.2.4.0 unbekannt

Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser)        SEIKO EPSON CORPORATION        14.10.2012                1.00.0000 unbekannt

Epson Event Manager        SEIKO EPSON CORPORATION        14.10.2012        40,5 MB        2.40.0009 unbekannt

EPSON Scan        Seiko Epson Corporation        14.10.2012 unbekannt                

EPSON SX130 Series Printer Uninstall        SEIKO EPSON Corporation        03.01.2013 unbekannt                

Facebook Video Calling 1.2.0.287        Skype Limited        05.05.2013        4,76 MB        1.2.287 unnötig

ffdshow v1.2.4422 [2012-04-09]                05.03.2013        13,5 MB        1.2.4422.0 unbekannt

FilesFrog Update Checker                21.05.2013 unbekannt                

Google Chrome        Google Inc.        15.07.2012                26.0.1410.64 notwendig

Google Earth Plug-in        Google        23.03.2013        80,7 MB        7.0.3.8542 notwendig

Haali Media Splitter                01.09.2012 unbekannt                

HDVidCodec        hdvidcodec.com        06.03.2013                2.1 Build 26473 unbekannt

IB Updater Service                09.04.2013                3.0.4.6 unbekannt

Identity Card        Acer Incorporated        25.01.2012                1.00.3501 unbekannt

iLivid        Bandoo Media Inc        09.11.2012                4.0.0.2208 unbekannt

Iminent        Iminent        01.09.2012                5.35.51.0 unnötig

IMinent Toolbar        IMinent        01.09.2012        3,37 MB        3.26.0 unnötig

Incredibar Toolbar  on IE                15.07.2012 unnötig                

Install Absolute Data Protect        Absolute Software        23.06.2012        642 KB        1.0.0.42 unbekannt

Intel(R) Control Center        Intel Corporation        25.01.2012                1.2.1.1007 unbekannt

Intel(R) Management Engine Components        Intel Corporation        26.01.2012                7.0.0.1144 unbekannt

Intel(R) Processor Graphics        Intel Corporation        26.01.2012                8.15.10.2345 unbekannt

Intel(R) Rapid Storage Technology        Intel Corporation        26.01.2012                10.6.0.1002 unbekannt

Internet Explorer Toolbar 4.6 by SweetPacks        SweetIM Technologies Ltd.        22.10.2012        4,27 MB        4.6.0004 notwendig

iNTERNET TURBO Toolbar        iNTERNET TURBO        10.02.2013                6.9.0.16 unbekannt

Java 7 Update 9        Oracle        15.11.2012        128 MB        7.0.90 unbekannt

Launch Manager        Acer Inc.        25.01.2012                6.0.8s1 unbekannt

LyricsPal        XingHao Software        21.05.2013 unbekannt                

Malwarebytes Anti-Malware Version 1.75.0.1300        Malwarebytes Corporation        21.05.2013        19,2 MB        1.75.0.1300 notwendig

Microsoft .NET Framework 4 Client Profile        Microsoft Corporation        25.06.2012        38,8 MB        4.0.30319 unbekannt

Microsoft .NET Framework 4 Client Profile DEU Language Pack        Microsoft Corporation        25.06.2012        2,93 MB        4.0.30319 unbekannt

Microsoft Silverlight        Microsoft Corporation        15.03.2013        50,6 MB        5.1.20125.0 unbekannt

Microsoft SQL Server 2005 Compact Edition [ENU]        Microsoft Corporation        08.11.2011        1,69 MB        3.1.0000 unbekannt

Microsoft Visual C++ 2005 Redistributable        Microsoft Corporation        23.06.2012        290 KB        8.0.59193 unbekannt

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161        Microsoft Corporation        27.09.2012        788 KB        9.0.30729.6161 unbekannt

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022        Microsoft Corporation        19.02.2013        1,41 MB        9.0.21022 unbekannt

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17        Microsoft Corporation        08.11.2011        596 KB        9.0.30729 unbekannt

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161        Microsoft Corporation        20.07.2012        600 KB        9.0.30729.6161 unbekannt

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219        Microsoft Corporation        14.09.2012        12,2 MB        10.0.40219 unbekannt

Mozilla Firefox 21.0 (x86 de)        Mozilla        18.05.2013        44,7 MB        21.0 notwendig

Mozilla Maintenance Service        Mozilla        18.05.2013        333 KB        21.0 unbekannt

MSXML 4.0 SP2 (KB954430)        Microsoft Corporation        24.06.2012        1,27 MB        4.20.9870.0 unbekannt

MSXML 4.0 SP2 (KB973688)        Microsoft Corporation        24.06.2012        1,33 MB        4.20.9876.0 unbekannt

newsXpresso        esobi Inc.        08.11.2011        7,34 MB        1.0.0.40 unbekannt

Norton Online Backup        Symantec Corporation        08.11.2011        6,19 MB        2.1.17869 unnötig

NTI Media Maker 9        NTI Corporation        25.01.2012        1,60 GB        9.0.2.8942 unbekannt

NVIDIA 3D Vision Treiber 285.25        NVIDIA Corporation        25.01.2012                285.25 unbekannt

NVIDIA Grafiktreiber 285.25        NVIDIA Corporation        25.01.2012                285.25 unbekannt

NVIDIA HD-Audiotreiber 1.2.24.0        NVIDIA Corporation        23.12.2012                1.2.24.0 unbekannt

NVIDIA PhysX        NVIDIA Corporation        25.01.2012        78,9 MB        9.10.0514 unbekannt

OpenOffice.org 3.4.1        Apache Software Foundation        27.09.2012        331 MB        3.41.9593 notwendig

PC Performer        PerformerSoft LLC        19.02.2013        11,8 MB        11.10 unnötig

Plus-HD-1.8        Plus HD        19.05.2013                1.27.153.1 unbekannt

PriceGong 2.6.4        PriceGong        05.08.2012                2.6.4 unbekannt

ProShield        Egis Technology Inc.        25.01.2012        90,8 MB        1.0.48.3 unbekannt

PunkBuster Services        Even Balance, Inc.        02.08.2012                0.990 unbekannt

Realtek PCIE Card Reader        Realtek Semiconductor Corp.        08.11.2011                6.1.7600.74 notwendig

Search-Results Toolbar        APN LLC        09.11.2012                1.0.0.12 unbekannt

Searchqu Toolbar        Bandoo Media Inc        11.07.2012                4.1.0.2881 unbekannt

Skype™ 5.10        Skype Technologies S.A.        27.08.2012        19,4 MB        5.10.116 notwendig

SMPlayer 0.6.9        RVM        05.08.2012                0.6.9 unbekannt

SoftwareUpdater                27.02.2013 unbekannt                

SopCast 3.5.0        www.sopcast.com        18.05.2013                3.5.0 notwendig

SopCast Tv Plugin 5.8 Setup                30.09.2012 unnötig                

SopCast Tv Plugin 5.9 Setup                30.09.2012 notwendig                

SweetIM for Messenger 3.7        SweetIM Technologies Ltd.        22.10.2012        5,12 MB        3.7.0007 unbekannt

SweetPacks bundle uninstaller        SweetIM Technologies Ltd.        22.10.2012        2,46 MB        1.0.0000 unbekannt

Synaptics Pointing Device Driver        Synaptics Incorporated        25.01.2012        46,4 MB        15.2.14.0 unbekannt

Update Manager for SweetPacks 1.1        SweetIM Technologies Ltd.        22.10.2012        2,76 MB        1.1.0008 unbekannt

Veoh Giraffic Video Accelerator        Giraffic        18.05.2013                0.86.412.230 unbekannt

Veoh Web Player        Veoh Networks, Inc.        05.08.2012                1.1.2.0000 unbekannt

Veoh Web Player Toolbar        Veoh Web Player        10.02.2013                6.9.0.16 unbekannt

VideoPerformer        PerformerSoft LLC        19.02.2013 unbekannt                

VIO Player version 1.2        VIO Player        01.09.2012        23,3 MB        1.2 unbekannt

VLC media player 2.0.1        VideoLAN        30.09.2012                2.0.1 unbekannt

Wajam        Wajam        05.08.2012                1.45 unbekannt

Web Assistant 2.0.0.573        IncrediBar        01.03.2013        2,27 MB        2.0.0.573 unbekannt

Welcome Center        Acer Incorporated        25.01.2012                1.02.3504 unbekannt

Windows Live Essentials        Microsoft Corporation        08.11.2011                15.4.3538.0513 unbekannt

Yahoo! Messenger        Yahoo! Inc.        23.06.2012 notwendig                

Yahoo! Software Update                23.06.2012 unbekannt                

Yahoo! Toolbar                23.06.2012 unbekannt                

YourFileDownloader        hxxp://yourfiledownloader.com/        30.09.2012                1.0.4 unbekannt

Überwachungstool für die Intel® Turbo-Boost-Technik 2.0        Intel        25.01.2012        25,9 MB        2.0.82.0 unbekannt