go2crete | 22.04.2015 10:49 | Danke! Code:
ComboFix 15-04-19.01 - tom 22.04.2015 10:53:29.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.1918.1036 [GMT 3:00]
ausgefόhrt von:: c:\users\tom\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((( Dateien erstellt von 2015-03-22 bis 2015-04-22 ))))))))))))))))))))))))))))))
.
.
2015-04-22 08:03 . 2015-04-22 08:03 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-04-22 08:03 . 2015-04-22 08:03 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2015-04-22 08:03 . 2015-04-22 08:03 -------- d-----w- c:\users\_ocster_1clk_backup_\AppData\Local\temp
2015-04-20 16:27 . 2015-04-20 15:12 24064 ----a-w- c:\windows\zoek-delete.exe
2015-04-20 16:27 . 2015-04-22 08:03 -------- d-----w- c:\users\tom\AppData\Local\Temp
2015-04-20 15:12 . 2015-04-20 16:23 -------- d-----w- C:\zoek_backup
2015-04-19 21:24 . 2015-04-19 21:24 -------- d-----w- C:\_OTL
2015-04-18 22:23 . 2015-04-18 22:45 -------- d-----w- c:\programdata\HitmanPro
2015-04-18 09:00 . 2015-04-21 10:31 -------- d-----w- C:\AdwCleaner
2015-04-15 22:46 . 2015-04-15 22:46 -------- d-----w- c:\program files (x86)\Common Files\Skype
2015-04-15 05:17 . 2015-03-05 05:12 404480 ----a-w- c:\windows\system32\gdi32.dll
2015-04-15 05:16 . 2015-04-01 23:49 235184 ----a-w- c:\program files (x86)\Internet Explorer\sqmapi.dll
2015-04-15 05:15 . 2015-03-04 04:55 367552 ----a-w- c:\windows\system32\clfs.sys
2015-04-15 05:15 . 2015-03-04 04:41 79360 ----a-w- c:\windows\system32\clfsw32.dll
2015-04-15 05:15 . 2015-03-04 04:10 58880 ----a-w- c:\windows\SysWow64\clfsw32.dll
2015-04-08 03:52 . 2015-04-21 15:23 -------- d-----w- C:\FRST
2015-04-04 06:43 . 2015-04-04 06:43 -------- d-s---w- c:\windows\SysWow64\GWX
2015-04-04 06:43 . 2015-04-04 06:43 -------- d-s---w- c:\windows\system32\GWX
2015-04-01 05:07 . 2015-04-01 05:07 -------- d-----w- C:\RegBackup
2015-03-31 14:53 . 2015-04-05 19:04 -------- d-----w- c:\program files (x86)\VS Revo Group
2015-03-31 06:55 . 2015-04-21 16:25 129752 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-03-31 06:54 . 2014-11-21 03:14 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-03-31 06:54 . 2014-11-21 03:14 93400 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-03-31 06:54 . 2014-11-21 03:14 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-03-31 06:54 . 2015-03-31 06:54 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-04-15 22:31 . 2012-03-29 17:30 128913832 ----a-w- c:\windows\system32\MRT.exe
2015-04-15 14:59 . 2012-04-04 19:35 778416 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-04-15 14:59 . 2012-04-04 19:35 142512 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-03-17 04:56 . 2015-04-15 05:17 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-02-26 03:25 . 2015-03-11 05:57 3204096 ----a-w- c:\windows\system32\win32k.sys
2015-02-20 04:41 . 2015-03-11 05:59 41984 ----a-w- c:\windows\system32\lpk.dll
2015-02-20 04:40 . 2015-03-11 05:59 100864 ----a-w- c:\windows\system32\fontsub.dll
2015-02-20 04:40 . 2015-03-11 05:59 14336 ----a-w- c:\windows\system32\dciman32.dll
2015-02-20 04:40 . 2015-03-11 05:59 46080 ----a-w- c:\windows\system32\atmlib.dll
2015-02-20 04:13 . 2015-03-11 05:59 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2015-02-20 04:13 . 2015-03-11 05:59 10240 ----a-w- c:\windows\SysWow64\dciman32.dll
2015-02-20 04:13 . 2015-03-11 05:59 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2015-02-20 04:12 . 2015-03-11 05:59 25600 ----a-w- c:\windows\SysWow64\lpk.dll
2015-02-20 03:29 . 2015-03-11 05:59 372224 ----a-w- c:\windows\system32\atmfd.dll
2015-02-20 03:09 . 2015-03-11 05:59 299008 ----a-w- c:\windows\SysWow64\atmfd.dll
2015-02-13 05:22 . 2015-03-11 05:58 14177280 ----a-w- c:\windows\system32\shell32.dll
2015-02-10 06:15 . 2014-11-19 13:33 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2015-02-04 09:23 . 2015-02-04 09:23 875688 ----a-w- c:\windows\SysWow64\msvcr120_clr0400.dll
2015-02-04 09:13 . 2015-02-04 09:13 869536 ----a-w- c:\windows\system32\msvcr120_clr0400.dll
2015-02-04 03:16 . 2015-03-11 05:55 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2015-02-04 02:54 . 2015-03-11 05:55 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2015-02-03 03:34 . 2015-03-11 05:59 693176 ----a-w- c:\windows\system32\winload.efi
2015-02-03 03:34 . 2015-03-11 05:59 94656 ----a-w- c:\windows\system32\drivers\mountmgr.sys
2015-02-03 03:33 . 2015-03-11 05:59 616360 ----a-w- c:\windows\system32\winresume.efi
2015-02-03 03:31 . 2015-03-11 05:59 14632960 ----a-w- c:\windows\system32\wmp.dll
2015-02-03 03:31 . 2015-03-11 05:59 782848 ----a-w- c:\windows\system32\wmdrmsdk.dll
2015-02-03 03:31 . 2015-03-11 05:59 229376 ----a-w- c:\windows\system32\wintrust.dll
2015-02-03 03:31 . 2015-03-11 05:58 1424896 ----a-w- c:\windows\system32\WindowsCodecs.dll
2015-02-03 03:31 . 2015-03-11 05:58 215552 ----a-w- c:\windows\system32\ubpm.dll
2015-02-03 03:31 . 2015-03-11 05:59 5120 ----a-w- c:\windows\system32\msdxm.ocx
2015-02-03 03:31 . 2015-03-11 05:59 5120 ----a-w- c:\windows\system32\dxmasf.dll
2015-02-03 03:31 . 2015-03-11 05:59 63488 ----a-w- c:\windows\system32\setbcdlocale.dll
2015-02-03 03:31 . 2015-03-11 05:59 1574400 ----a-w- c:\windows\system32\quartz.dll
2015-02-03 03:31 . 2015-03-11 05:59 500224 ----a-w- c:\windows\system32\AUDIOKSE.dll
2015-02-03 03:31 . 2015-03-11 05:59 371712 ----a-w- c:\windows\system32\qdvd.dll
2015-02-03 03:31 . 2015-03-11 05:59 188416 ----a-w- c:\windows\system32\pcasvc.dll
2015-02-03 03:31 . 2015-03-11 05:59 37376 ----a-w- c:\windows\system32\pcadm.dll
2015-02-03 03:31 . 2015-03-11 05:59 9728 ----a-w- c:\windows\system32\spwmp.dll
2015-02-03 03:31 . 2015-03-11 05:59 641024 ----a-w- c:\windows\system32\msscp.dll
2015-02-03 03:31 . 2015-03-11 05:59 325632 ----a-w- c:\windows\system32\msnetobj.dll
2015-02-03 03:31 . 2015-03-11 05:59 11264 ----a-w- c:\windows\system32\msmmsp.dll
2015-02-03 03:31 . 2015-03-11 05:59 432128 ----a-w- c:\windows\system32\mfplat.dll
2015-02-03 03:31 . 2015-03-11 05:59 4121600 ----a-w- c:\windows\system32\mf.dll
2015-02-03 03:31 . 2015-03-11 05:59 206848 ----a-w- c:\windows\system32\mfps.dll
2015-02-03 03:30 . 2015-03-11 05:59 631808 ----a-w- c:\windows\system32\evr.dll
2015-02-03 03:30 . 2015-03-11 05:59 284672 ----a-w- c:\windows\system32\EncDump.dll
2015-02-03 03:30 . 2015-03-11 05:59 1202176 ----a-w- c:\windows\system32\drmv2clt.dll
2015-02-03 03:30 . 2015-03-11 05:59 497664 ----a-w- c:\windows\system32\drmmgrtn.dll
2015-02-03 03:30 . 2015-03-11 05:59 1480192 ----a-w- c:\windows\system32\crypt32.dll
2015-02-03 03:30 . 2015-03-11 05:59 1069056 ----a-w- c:\windows\system32\cryptui.dll
2015-02-03 03:30 . 2015-03-11 05:59 82432 ----a-w- c:\windows\system32\cryptsp.dll
2015-02-03 03:30 . 2015-03-11 05:59 140288 ----a-w- c:\windows\system32\cryptnet.dll
2015-02-03 03:30 . 2015-03-11 05:59 187904 ----a-w- c:\windows\system32\cryptsvc.dll
2015-02-03 03:30 . 2015-03-11 05:59 842240 ----a-w- c:\windows\system32\blackbox.dll
2015-02-03 03:30 . 2015-03-11 05:59 680960 ----a-w- c:\windows\system32\audiosrv.dll
2015-02-03 03:30 . 2015-03-11 05:59 296448 ----a-w- c:\windows\system32\AudioSes.dll
2015-02-03 03:30 . 2015-03-11 05:59 440832 ----a-w- c:\windows\system32\AudioEng.dll
2015-02-03 03:30 . 2015-03-11 05:59 32256 ----a-w- c:\windows\system32\appidsvc.dll
2015-02-03 03:30 . 2015-03-11 05:59 58880 ----a-w- c:\windows\system32\appidapi.dll
2015-02-03 03:30 . 2015-03-11 05:59 55808 ----a-w- c:\windows\system32\rrinstaller.exe
2015-02-03 03:30 . 2015-03-11 05:59 9728 ----a-w- c:\windows\system32\pcalua.exe
2015-02-03 03:30 . 2015-03-11 05:59 11264 ----a-w- c:\windows\system32\pcawrk.exe
2015-02-03 03:30 . 2015-03-11 05:59 24576 ----a-w- c:\windows\system32\mfpmp.exe
2015-02-03 03:30 . 2015-03-11 05:59 126464 ----a-w- c:\windows\system32\audiodg.exe
2015-02-03 03:30 . 2015-03-11 05:59 146944 ----a-w- c:\windows\system32\appidpolicyconverter.exe
2015-02-03 03:30 . 2015-03-11 05:59 17920 ----a-w- c:\windows\system32\appidcertstorecheck.exe
2015-02-03 03:30 . 2015-03-11 05:59 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2015-02-03 03:29 . 2015-03-11 05:59 8704 ----a-w- c:\windows\system32\pcaevts.dll
2015-02-03 03:28 . 2015-03-11 05:59 2048 ----a-w- c:\windows\system32\mferror.dll
2015-02-03 03:19 . 2015-03-11 05:59 663552 ----a-w- c:\windows\system32\drivers\PEAuth.sys
2015-02-03 03:12 . 2015-03-11 05:59 617984 ----a-w- c:\windows\SysWow64\wmdrmsdk.dll
2015-02-03 03:12 . 2015-03-11 05:59 179200 ----a-w- c:\windows\SysWow64\wintrust.dll
2015-02-03 03:12 . 2015-03-11 05:58 1230848 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2015-02-03 03:12 . 2015-03-11 05:58 171520 ----a-w- c:\windows\SysWow64\ubpm.dll
2015-02-03 03:12 . 2015-03-11 05:59 4096 ----a-w- c:\windows\SysWow64\msdxm.ocx
2015-02-03 03:12 . 2015-03-11 05:59 4096 ----a-w- c:\windows\SysWow64\dxmasf.dll
2015-02-03 03:12 . 2015-03-11 05:59 1329664 ----a-w- c:\windows\SysWow64\quartz.dll
2015-02-03 03:12 . 2015-03-11 05:59 519680 ----a-w- c:\windows\SysWow64\qdvd.dll
2015-02-03 03:12 . 2015-03-11 05:59 442880 ----a-w- c:\windows\SysWow64\AUDIOKSE.dll
2015-02-03 03:12 . 2015-03-11 05:59 8192 ----a-w- c:\windows\SysWow64\spwmp.dll
2015-02-03 03:12 . 2015-03-11 05:59 504320 ----a-w- c:\windows\SysWow64\msscp.dll
2015-02-03 03:12 . 2015-03-11 05:59 265216 ----a-w- c:\windows\SysWow64\msnetobj.dll
2015-02-03 03:12 . 2015-03-11 05:59 3209728 ----a-w- c:\windows\SysWow64\mf.dll
2015-02-03 03:12 . 2015-03-11 05:59 354816 ----a-w- c:\windows\SysWow64\mfplat.dll
2015-02-03 03:12 . 2015-03-11 05:59 103424 ----a-w- c:\windows\SysWow64\mfps.dll
2015-02-03 03:12 . 2015-03-11 05:59 489984 ----a-w- c:\windows\SysWow64\evr.dll
2015-02-03 03:12 . 2015-03-11 05:59 988160 ----a-w- c:\windows\SysWow64\drmv2clt.dll
2015-02-03 03:12 . 2015-03-11 05:59 406016 ----a-w- c:\windows\SysWow64\drmmgrtn.dll
2015-02-03 03:12 . 2015-03-11 05:59 1174528 ----a-w- c:\windows\SysWow64\crypt32.dll
2015-02-03 03:12 . 2015-03-11 05:59 1005056 ----a-w- c:\windows\SysWow64\cryptui.dll
2015-02-03 03:12 . 2015-03-11 05:59 81408 ----a-w- c:\windows\SysWow64\cryptsp.dll
2015-02-03 03:12 . 2015-03-11 05:59 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2015-02-03 03:12 . 2015-03-11 05:59 143872 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2015-02-03 03:12 . 2015-03-11 05:59 744960 ----a-w- c:\windows\SysWow64\blackbox.dll
2015-02-03 03:12 . 2015-03-11 05:59 374784 ----a-w- c:\windows\SysWow64\AudioEng.dll
2015-02-03 03:12 . 2015-03-11 05:59 50688 ----a-w- c:\windows\SysWow64\appidapi.dll
2015-02-03 03:12 . 2015-03-11 05:59 195584 ----a-w- c:\windows\SysWow64\AudioSes.dll
2015-02-03 03:11 . 2015-03-11 05:59 50176 ----a-w- c:\windows\SysWow64\rrinstaller.exe
2015-02-03 03:11 . 2015-03-11 05:59 23040 ----a-w- c:\windows\SysWow64\mfpmp.exe
2015-02-03 03:11 . 2015-03-11 05:59 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Eintrδge & legitime Standardeintrδge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Rainlendar2"="c:\program files (x86)\Rainlendar2\Rainlendar2.exe" [2012-07-24 2498048]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-10 61440]
"RemoteControl"="c:\program files (x86)\CyberLink\PowerDVD\PDVDServ.exe" [2003-12-08 32768]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-03-31 5227648]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-12-19 1022152]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2014-10-02 421888]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2012-4-2 113664]
Logo Calibration Loader.lnk - c:\program files (x86)\GretagMacbeth\i1\Eye-One Match 3\CalibrationLoader\CalibrationLoader.exe [2014-1-2 708608]
ProfileReminder.lnk - c:\program files (x86)\GretagMacbeth\i1\Eye-One Match 3\ProfileReminder.exe [2014-1-2 954368]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 PDIHWCTL;PDIHWCTL;c:\windows\system32\drivers\pdihwctl.sys;c:\windows\SYSNATIVE\drivers\pdihwctl.sys [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 WOTUpdater;WOT Updater;c:\users\tom\AppData\LocalLow\WOT\IE\WOTUpdater.exe;c:\users\tom\AppData\LocalLow\WOT\IE\WOTUpdater.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys;c:\windows\SYSNATIVE\pwdrvio.sys [x]
R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys;c:\windows\SYSNATIVE\pwdspio.sys [x]
R3 SeqCal;SeqCal;c:\windows\system32\DRIVERS\SeqCal.sys;c:\windows\SYSNATIVE\DRIVERS\SeqCal.sys [x]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys;c:\windows\SYSNATIVE\DRIVERS\SWDUMon.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswKbd;aswKbd; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 aksdf;aksdf;c:\windows\system32\drivers\aksdf.sys;c:\windows\SYSNATIVE\drivers\aksdf.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 ocster_1clk_backup;Ocster 1-Click Backup;c:\program files\Ocster 1-Click Backup\bin\backupService-ox1c.exe;c:\program files\Ocster 1-Click Backup\bin\backupService-ox1c.exe [x]
S2 OpLclSrv;OKI Local Port Manager;c:\program files\Okidata\Common\Extend3\portmgrsrv.exe;c:\program files\Okidata\Common\Extend3\portmgrsrv.exe [x]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2015-04-22 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-04 14:59]
.
2015-04-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-27 01:42]
.
2015-04-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-27 01:42]
.
2015-04-21 c:\windows\Tasks\MT66 Software Update.job
- c:\program files (x86)\Common Files\MT66 Software Update\UpdateClient.exe [2013-08-18 15:44]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-11-15 18:53 860984 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Ocster 1-Click Backup"="c:\program files\Ocster 1-Click Backup\bin\backupClient-ox1c.exe" [2015-03-05 85312]
.
------- Zusδtzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\tom\AppData\Roaming\Mozilla\Firefox\Profiles\dpo5gpid.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: network.proxy.type - 0
.
- - - - Entfernte verwaiste Registrierungseintrδge - - - -
.
BHO-{11111111-1111-1111-1111-110611791177} - c:\program files (x86)\SuperPlusRadio v2.1\SuperPlusRadio v2.1-bho64.dll
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{8E5E2654-AD2D-48BF-AC2D-D17F00898D06}"=hex:51,66,7a,6c,4c,1d,38,12,3a,25,4d,
8a,1f,e3,d1,0d,d3,3b,92,3f,05,d7,c9,12
"{95B7759C-8C7F-4BF1-B163-73684A933233}"=hex:51,66,7a,6c,4c,1d,38,12,f2,76,a4,
91,4d,c2,9f,0e,ce,75,30,28,4f,cd,76,27
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=hex:51,66,7a,6c,4c,1d,38,12,11,7f,11,
d0,78,5b,08,05,de,bb,01,03,dd,4c,30,54
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{FF059E31-CC5A-4E2E-BF3B-96E929D65503}"=hex:51,66,7a,6c,4c,1d,38,12,5f,9d,16,
fb,68,82,40,0b,c0,2d,d5,a9,2c,88,11,17
"{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,38,12,11,dd,f9,
b9,57,8c,be,54,c3,fb,43,e0,cc,54,f1,1b
.
[HKEY_USERS\S-1-5-21-2275449289-3566808654-4135082120-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{F6D6508E-42EF-149F-D88C-FD4867C1E262}*]
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2015-04-22 11:05:46
ComboFix-quarantined-files.txt 2015-04-22 08:05
ComboFix2.txt 2015-04-18 09:49
.
Vor Suchlauf: 8.776.351.744 Bytes frei
Nach Suchlauf: 8.810.446.848 Bytes frei
.
- - End Of File - - D74AAF91F89C23CB363E323F0E1121C6
A36C5E4F47E84449FF07ED3517B43A31 |