HalloKnallo | 27.02.2015 14:49 | Ich bekomme vieles hin;) Code:
ComboFix 15-02-16.01 - Denise 27.02.2015 13:36:06.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.3956.1350 [GMT 1:00]
ausgeführt von:: c:\users\Denise\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((( Dateien erstellt von 2015-01-27 bis 2015-02-27 ))))))))))))))))))))))))))))))
.
.
2015-02-27 12:44 . 2015-02-27 12:44 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-02-27 12:41 . 2015-02-27 12:41 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F51D4045-86EB-4220-BDC4-1CF341A89651}\offreg.dll
2015-02-27 12:20 . 2015-02-16 03:21 11910896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F51D4045-86EB-4220-BDC4-1CF341A89651}\mpengine.dll
2015-02-27 12:20 . 2014-12-22 23:41 298120 ------w- c:\windows\system32\MpSigStub.exe
2015-02-26 18:37 . 2015-02-26 18:37 -------- d-----w- c:\users\Denise\AppData\Roaming\idesktop
2015-02-25 22:32 . 2015-02-25 22:32 -------- d-----w- c:\program files (x86)\VS Revo Group
2015-02-25 22:19 . 2015-02-25 22:23 -------- d-----w- C:\FRST
2015-02-25 16:38 . 2015-02-25 16:38 3466856 ----a-w- c:\program files (x86)\Mozilla Firefox\d3dcompiler_47.dll
2015-02-25 16:38 . 2015-02-25 16:38 169584 ----a-w- c:\program files (x86)\Mozilla Firefox\gmp-clearkey\0.1\clearkey.dll
2015-02-25 16:38 . 2015-02-25 16:38 970912 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcr120.dll
2015-02-25 16:38 . 2015-02-25 16:38 455328 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcp120.dll
2015-02-25 16:35 . 2015-02-25 16:35 0 ----a-w- c:\windows\ativpsrm.bin
2015-02-21 13:59 . 2015-01-19 11:04 45224 ----a-w- c:\windows\system32\drivers\iSafeKrnlBoot.sys
2015-02-21 13:59 . 2015-01-03 08:57 52392 ----a-w- c:\windows\system32\drivers\iSafeNetFilter.sys
2015-02-21 13:59 . 2015-02-21 13:59 -------- d-----w- c:\windows\system32\log
2015-02-21 13:58 . 2015-02-21 13:58 -------- d-----w- c:\users\Denise\AppData\Roaming\Elex-tech
2015-02-21 13:58 . 2015-02-21 13:58 -------- d-----w- c:\program files (x86)\Elex-tech
2015-02-21 13:58 . 2015-02-21 14:05 -------- d-----w- c:\users\Denise\AppData\Roaming\eCyber
2015-02-20 22:38 . 2015-02-20 22:38 -------- d-----w- c:\program files\CCleaner
2015-02-20 22:27 . 2015-02-20 22:27 -------- d-----w- c:\users\Denise\AppData\Roaming\dlg
2015-02-20 22:27 . 2015-02-20 22:27 -------- d-----w- c:\users\Denise\AppData\Roaming\Wise Care 365
2015-02-18 09:54 . 2015-02-18 15:30 -------- d-----w- c:\users\Denise\AppData\Roaming\XNote Stopwatch
2015-02-18 09:53 . 2015-02-18 09:53 -------- d-----w- c:\users\Denise\AppData\Local\Tempe66429c07b9aa6116ce65789337bd61f
2015-02-18 09:53 . 2015-02-18 09:53 -------- d-----w- c:\users\Denise\AppData\Local\Tempb3ead7a4635cc4fc44cf9a35989aba42
2015-02-18 09:53 . 2015-02-18 09:53 -------- d-----w- c:\users\Denise\AppData\Local\Temp148c2fc992b0f2cfc7cc8ad700bd505c
2015-02-18 09:53 . 2015-02-20 13:48 -------- d-----w- c:\users\Denise\Stopwatches
2015-02-18 09:53 . 2015-02-18 09:53 -------- d-----w- c:\program files (x86)\XNote Stopwatch
2015-02-18 09:52 . 2015-02-18 09:52 -------- d-----w- c:\users\Denise\ChromeExtensions
2015-02-18 09:52 . 2015-02-18 09:52 -------- d-----w- c:\users\Denise\AppData\Local\Tempc1f0b5bad0397ed03ebeaf9b1503f1a5
2015-02-15 07:51 . 2015-01-23 05:39 378832 ----a-w- c:\windows\system32\LavasoftTcpService64.dll
2015-02-15 07:51 . 2015-01-23 05:39 332216 ----a-w- c:\windows\SysWow64\LavasoftTcpService.dll
2015-02-13 00:45 . 2015-01-23 03:43 620032 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2015-02-13 00:45 . 2015-01-23 04:42 814080 ----a-w- c:\windows\system32\jscript9diag.dll
2015-02-13 00:45 . 2015-01-23 04:41 6041600 ----a-w- c:\windows\system32\jscript9.dll
2015-02-13 00:45 . 2015-01-23 03:17 4300800 ----a-w- c:\windows\SysWow64\jscript9.dll
2015-02-11 09:53 . 2015-01-13 03:10 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2015-02-11 09:52 . 2014-12-08 03:09 406528 ----a-w- c:\windows\system32\scesrv.dll
2015-02-11 09:52 . 2014-12-08 02:46 308224 ----a-w- c:\windows\SysWow64\scesrv.dll
2015-02-11 09:52 . 2015-01-14 06:09 5554112 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-02-11 09:52 . 2015-01-14 05:44 3972544 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2015-02-11 09:52 . 2015-01-14 05:44 3917760 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2015-02-11 09:52 . 2015-01-14 06:05 503808 ----a-w- c:\windows\system32\srcore.dll
2015-02-11 09:52 . 2015-01-14 06:05 50176 ----a-w- c:\windows\system32\srclient.dll
2015-02-11 09:52 . 2015-01-14 06:04 296960 ----a-w- c:\windows\system32\rstrui.exe
2015-02-11 09:52 . 2015-01-14 05:41 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2015-02-11 09:52 . 2015-01-09 02:03 3201536 ----a-w- c:\windows\system32\win32k.sys
2015-02-07 13:42 . 2012-08-16 10:13 21248 ----a-w- c:\windows\system32\drivers\rpkmdrv.sys
2015-02-07 13:42 . 2015-02-07 13:42 -------- d-----w- c:\program files (x86)\Rapoo
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-02-27 12:10 . 2014-12-06 02:45 129752 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-02-12 02:03 . 2012-10-28 09:56 116773704 ----a-w- c:\windows\system32\MRT.exe
2015-02-08 13:21 . 2013-11-18 13:11 701616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-02-08 13:21 . 2013-11-18 13:11 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-12-19 03:06 . 2015-01-14 05:10 210432 ----a-w- c:\windows\system32\profsvc.dll
2014-12-19 01:46 . 2015-01-14 05:10 141312 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2014-12-11 17:47 . 2015-01-14 05:10 52736 ----a-w- c:\windows\system32\TSWbPrxy.exe
2014-12-06 04:17 . 2015-01-14 05:10 303616 ----a-w- c:\windows\system32\nlasvc.dll
2014-12-06 03:50 . 2015-01-14 05:10 52224 ----a-w- c:\windows\SysWow64\nlaapi.dll
2014-12-06 03:50 . 2015-01-14 05:10 156672 ----a-w- c:\windows\SysWow64\ncsi.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2015-01-20 7404312]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-08-10 975952]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2010-06-28 265984]
"LedStatus"="c:\program files (x86)\Rapoo\RpWireless\LedStatus.exe" [2013-01-05 1709736]
"Launch"="c:\program files (x86)\Rapoo\RpWireless\Launch.exe" [2013-08-21 411664]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Acer VCM.lnk - c:\program files (x86)\Acer\Acer VCM\AcerVCM.exe [2010-9-23 704032]
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-6-25 1129760]
Ulead Photo Express SE Calendar Checker.lnk - c:\program files (x86)\Ulead Systems\Ulead Photo Express 3.0 SE\CalCheck.exe [2012-10-26 61440]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableSecureUIAPath"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS;c:\windows\SYSNATIVE\drivers\AmUStor.SYS [x]
R3 ArcService;Arc Service;c:\program files (x86)\Perfect World Entertainment\Arc\ArcService.exe;c:\program files (x86)\Perfect World Entertainment\Arc\ArcService.exe [x]
R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 InputFilter_Hid_FlexDef2b;Siliten HID Devices(FlexDef2b) Driver Service;c:\windows\system32\DRIVERS\InputFilter_FlexDef2b.sys;c:\windows\SYSNATIVE\DRIVERS\InputFilter_FlexDef2b.sys [x]
R3 iSafeKrnlBoot;YAC Boot Driver;c:\windows\system32\DRIVERS\iSafeKrnlBoot.sys;c:\windows\SYSNATIVE\DRIVERS\iSafeKrnlBoot.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
R3 xhunter1;xhunter1;c:\windows\xhunter1.sys;c:\windows\xhunter1.sys [x]
S1 iSafeKrnl;YAC Mini-Filter Driver;c:\program files (x86)\Elex-tech\YAC\iSafeKrnl.sys;c:\program files (x86)\Elex-tech\YAC\iSafeKrnl.sys [x]
S1 iSafeKrnlKit;YAC Kit Driver;c:\program files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys;c:\program files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [x]
S1 iSafeKrnlMon;YAC Monitor Driver;c:\program files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys;c:\program files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [x]
S1 iSafeKrnlR3;YAC Ring3 Driver;c:\program files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys;c:\program files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys [x]
S1 iSafeNetFilter;YAC NDIS Driver;c:\windows\system32\DRIVERS\iSafeNetFilter.sys;c:\windows\SYSNATIVE\DRIVERS\iSafeNetFilter.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [x]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe;c:\program files (x86)\Acer\Registration\GREGsvc.exe [x]
S2 iSafeService;YAC Service;c:\program files (x86)\Elex-tech\YAC\iSafeSvc.exe;c:\program files (x86)\Elex-tech\YAC\iSafeSvc.exe [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [x]
S2 RS_Service;Raw Socket Service;c:\program files (x86)\Acer\Acer VCM\RS_Service.exe;c:\program files (x86)\Acer\Acer VCM\RS_Service.exe [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 Point64;Microsoft Mouse and Keyboard Center Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
S3 rpkmdrv;Rapoo Wireless Device Driver;c:\windows\system32\drivers\rpkmdrv.sys;c:\windows\SYSNATIVE\drivers\rpkmdrv.sys [x]
S3 ScreamBAudioSvc;ScreamBee Audio;c:\windows\system32\drivers\ScreamingBAudio64.sys;c:\windows\SYSNATIVE\drivers\ScreamingBAudio64.sys [x]
S4 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*Deregistered* - avipbb
.
Inhalt des "geplante Tasks" Ordners
.
2015-02-27 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-18 13:21]
.
2015-02-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-08 21:36]
.
2015-02-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-08 21:36]
.
2013-02-12 c:\windows\Tasks\ROC_REG_JAN_DELETE.job
- c:\programdata\AVG January 2013 Campaign\ROC.exe [2013-01-21 16:07]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2010-03-04 520760]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2010-06-10 324608]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-06-11 861216]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.com
uDefault_Page_URL = hxxp://www.google.com
uLocal Page = c:\windows\system32\blank.htm
mDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = www.google.com
IE: Free YouTube Download - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
IE: {{c0e8ae32-0758-4c8d-ab71-23b361fe8964} - c:\users\Denise\AppData\Local\Temp\ie_script.htm
TCP: DhcpNameServer = 62.109.121.1 62.109.121.2 192.168.123.254
FF - ProfilePath - c:\users\Denise\AppData\Roaming\Mozilla\Firefox\Profiles\mc94r83q.default-1390297469328\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com
FF - prefs.js: keyword.URL - hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAapkk-BltlS2RzKgRbqMZDUKLcftn_YIHtDU8BEe3exu2tXAejbJiwsGXcu9-Xvk6vnfkg8X3OgIU98o4rxTwW5mkbo5uPwtl8QIKk37JNOKPj59TaGkJaOZMpn8DAUd4e1ljta8ojlPk1RUw6oXhZwzFXThxT35w,,&q=
user_pref(extensions.autoDisableScopes,14);
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{30c85a3d-1d96-4589-b63f-91fb7ef45a41} - c:\program files (x86)\Positive Finds\Extensions\30c85a3d-1d96-4589-b63f-91fb7ef45a41.dll
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-AVG-Secure-Search-Update_0913b - c:\users\Denise\AppData\Roaming\AVG 0913b Campaign\AVG-Secure-Search-Update-0913b.exe
Wow6432Node-HKCU-Run-DriverTurbo - c:\program files (x86)\DriverTurbo\DriverTurbo.exe
Wow6432Node-HKCU-Run-Web Companion - c:\program files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
BHO-{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - (no file)
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Diercke Globus - c:\windows\Diercke Globus Uninstaller.exe
AddRemove-Ulead Photo Express 3.0 SE - c:\windows\IsUn0407.exe
AddRemove-{2E569492-CB19-4510-AB49-1C6A36C6F525}_is1 - c:\windows\unins000.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{98889811-442D-49DD-99D7-DC866BE87DBC}"=hex:51,66,7a,6c,4c,1d,38,12,7f,9b,9b,
9c,1f,0a,b3,0c,e6,c1,9f,c6,6e,b6,39,a8
"{C510DFFB-0AFE-484C-BA40-CED5B74C4EEF}"=hex:51,66,7a,6c,4c,1d,38,12,95,dc,03,
c1,cc,44,22,0d,c5,56,8d,95,b2,12,0a,fb
"{2EECD738-5844-4A99-B4B6-146BF802613B}"=hex:51,66,7a,6c,4c,1d,38,12,56,d4,ff,
2a,76,16,f7,0f,cb,a0,57,2b,fd,5c,25,2f
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,
72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}"=hex:51,66,7a,6c,4c,1d,38,12,07,5b,93,
aa,6e,60,ba,0b,f0,6d,b2,b7,80,44,00,83
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{DFF9B2DA-EF99-4B26-83CB-7058299999D8}"=hex:51,66,7a,6c,4c,1d,38,12,b4,b1,ea,
db,ab,a1,48,0e,fc,dd,33,18,2c,c7,dd,cc
"{F225A2E3-8EE1-4204-B7A0-F4C551578A87}"=hex:51,66,7a,6c,4c,1d,38,12,8d,a1,36,
f6,d3,c0,6a,07,c8,b6,b7,85,54,09,ce,93
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:ae,04,dd,90,54,a6,ce,01
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,fe,a4,9f,f0,75,f6,8c,41,ad,3b,b7,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,fe,a4,9f,f0,75,f6,8c,41,ad,3b,b7,\
.
[HKEY_USERS\S-1-5-21-2375547224-3117472764-2524716017-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-2375547224-3117472764-2524716017-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2015-02-27 13:49:20
ComboFix-quarantined-files.txt 2015-02-27 12:49
.
Vor Suchlauf: 10 Verzeichnis(se), 364.482.252.800 Bytes frei
Nach Suchlauf: 16 Verzeichnis(se), 364.059.561.984 Bytes frei
.
- - End Of File - - 5E7BF24A90688BD328630E5CEA7E6F48
A36C5E4F47E84449FF07ED3517B43A31 Ich habe die Vermutung, dass das überhäufen von Werbung von positive finds jetzt beendet ist.
Habe eben zufällig bei den Addons die malware "positive finds" gefunden und sofort deinstalliert.
Mein Vetrauen ist zum Firefox gebrochen.
Hatte nämlich dvd video soft neu installiert, geupdatet.
Und seit dem habe ich den Mist.
Nie wieder dvd video soft, auch wenn es lange, lange Zeit ein gutes Programm, war doch jetzt lade ich meine Musik eben "nur" noch als video runter, mit dem utube video add on. |