Trojaner-Board - Bundespolizei Virus und keine Ahnung wie ich jetzt vorgehen muss

Oh ich glaube das ist sie.
Combofix Logfile:
Code:
ComboFix 11-07-27.01 - Lenni 27.07.2011  14:28:26.2.2 - x64

Microsoft Windows 7 Ultimate   6.1.7601.1.1252.49.1031.18.4094.2837 [GMT 2:00]

ausgeführt von:: c:\users\Lenni\Desktop\ComboFix.exe

Benutzte Befehlsschalter :: c:\users\Lenni\Desktop\CFScript.txt

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

FILE ::

"c:\windows\system32\drivers\rdvgkmd.sys"

.

.

((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

.

(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

-------\Service_VGPU

.

.

(((((((((((((((((((((((   Dateien erstellt von 2011-06-27 bis 2011-07-27  ))))))))))))))))))))))))))))))

.

.

2011-07-26 15:15 . 2011-07-26 15:15        --------        d-----w-        C:\_OTL

2011-07-26 13:48 . 2011-07-26 13:48        --------        d-----w-        c:\users\Lenni\AppData\Roaming\Malwarebytes

2011-07-26 13:48 . 2011-07-26 13:48        --------        d-----w-        c:\programdata\Malwarebytes

2011-07-26 13:48 . 2011-07-06 17:52        41272        ----a-w-        c:\windows\SysWow64\drivers\mbamswissarmy.sys

2011-07-26 13:48 . 2011-07-26 13:48        --------        d-----w-        c:\program files (x86)\Malwarebytes' Anti-Malware

2011-07-26 13:48 . 2011-07-06 17:52        25912        ----a-w-        c:\windows\system32\drivers\mbam.sys

2011-07-25 15:46 . 2011-04-24 21:13        110992        ----a-w-        c:\program files (x86)\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak2\components\abhelperxpcom.dll

2011-07-25 15:46 . 2011-04-24 21:13        147856        ----a-w-        c:\program files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak2\components\kavlinkfilter.dll

2011-07-24 16:37 . 2011-07-24 16:37        --------        d-----w-        c:\program files (x86)\AviSynth 2.5

2011-07-24 16:35 . 2011-07-25 16:08        --------        d-----w-        c:\program files (x86)\Real

2011-07-24 16:34 . 2011-07-24 16:34        --------        d-----w-        c:\program files (x86)\eRightSoft

2011-07-24 16:21 . 2011-07-24 16:21        --------        d-----w-        C:\Mp3 Output

2011-07-16 14:00 . 2011-07-16 14:00        --------        d-----w-        c:\users\Lenni\AppData\Roaming\DVDVideoSoft

2011-07-09 11:18 . 2011-07-11 03:01        --------        d-----w-        c:\users\Lenni\AppData\Local\LG Electronics

2011-07-09 11:16 . 2011-07-11 03:01        --------        d-----w-        c:\program files (x86)\LG Electronics

2011-07-07 16:44 . 2011-07-07 16:44        --------        d-----w-        c:\users\Lenni\AppData\Roaming\Lonely Troops

2011-07-05 13:56 . 2011-07-05 13:57        --------        d-----w-        c:\users\Lenni\AppData\Roaming\HuruBeachParty

2011-07-02 23:02 . 2011-07-02 23:02        --------        d-----w-        c:\windows\system32\SPReview

2011-07-02 23:00 . 2011-07-02 23:00        --------        d-----w-        c:\windows\system32\EventProviders

2011-07-02 01:18 . 2010-11-20 13:33        951680        ----a-w-        c:\windows\system32\drivers\ndis.sys

2011-07-02 01:17 . 2010-11-20 13:27        666112        ----a-w-        c:\windows\system32\WMVSDECD.DLL

2011-07-02 01:14 . 2010-11-20 13:27        524288        ----a-w-        c:\windows\system32\wmicmiplugin.dll

2011-07-02 01:14 . 2010-11-20 13:27        529408        ----a-w-        c:\windows\system32\wbemcomn.dll

2011-07-02 01:14 . 2010-11-20 13:27        1225216        ----a-w-        c:\windows\system32\wbem\wbemcore.dll

2011-07-02 01:14 . 2010-11-20 13:27        933376        ----a-w-        c:\windows\system32\SmiEngine.dll

2011-07-02 01:14 . 2010-11-20 13:25        199168        ----a-w-        c:\windows\system32\PkgMgr.exe

2011-07-02 01:14 . 2010-11-20 13:26        422912        ----a-w-        c:\windows\system32\drvstore.dll

2011-07-02 01:14 . 2010-11-20 13:26        399872        ----a-w-        c:\windows\system32\dpx.dll

2011-06-30 21:24 . 2011-06-30 21:24        --------        d-----w-        c:\windows\system32\Macromed

2011-06-30 21:04 . 2011-06-30 21:04        404640        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2011-06-29 07:56 . 2011-05-24 11:42        404480        ----a-w-        c:\windows\system32\umpnpmgr.dll

2011-06-29 07:56 . 2011-05-24 10:40        64512        ----a-w-        c:\windows\SysWow64\devobj.dll

2011-06-29 07:56 . 2011-05-24 10:40        44544        ----a-w-        c:\windows\SysWow64\devrtl.dll

2011-06-29 07:56 . 2011-05-24 10:39        145920        ----a-w-        c:\windows\SysWow64\cfgmgr32.dll

2011-06-29 07:56 . 2011-05-24 10:37        252928        ----a-w-        c:\windows\SysWow64\drvinst.exe

2011-06-29 07:56 . 2010-11-20 13:25        207872        ----a-w-        c:\windows\system32\cfgmgr32.dll

.

.

.

((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-07-02 23:16 . 2009-07-14 02:36        152576        ----a-w-        c:\windows\SysWow64\msclmd.dll

2011-07-02 23:16 . 2009-07-14 02:36        175616        ----a-w-        c:\windows\system32\msclmd.dll

2011-06-12 21:21 . 2011-06-12 21:21        254528        ----a-w-        c:\windows\system32\drivers\dtsoftbus01.sys

2011-05-21 04:45 . 2011-05-21 04:45        86528        ----a-w-        c:\windows\SysWow64\iesysprep.dll

2011-05-21 04:45 . 2011-05-21 04:45        76800        ----a-w-        c:\windows\SysWow64\SetIEInstalledDate.exe

2011-05-21 04:45 . 2011-05-21 04:45        74752        ----a-w-        c:\windows\SysWow64\RegisterIEPKEYs.exe

2011-05-21 04:45 . 2011-05-21 04:45        63488        ----a-w-        c:\windows\SysWow64\tdc.ocx

2011-05-21 04:45 . 2011-05-21 04:45        48640        ----a-w-        c:\windows\SysWow64\mshtmler.dll

2011-05-21 04:45 . 2011-05-21 04:45        367104        ----a-w-        c:\windows\SysWow64\html.iec

2011-05-21 04:45 . 2011-05-21 04:45        161792        ----a-w-        c:\windows\SysWow64\msls31.dll

2011-05-21 04:45 . 2011-05-21 04:45        1126912        ----a-w-        c:\windows\SysWow64\wininet.dll

2011-05-21 04:45 . 2011-05-21 04:45        110592        ----a-w-        c:\windows\SysWow64\IEAdvpack.dll

2011-05-21 04:45 . 2011-05-21 04:45        89088        ----a-w-        c:\windows\system32\RegisterIEPKEYs.exe

2011-05-21 04:45 . 2011-05-21 04:45        74752        ----a-w-        c:\windows\SysWow64\iesetup.dll

2011-05-21 04:45 . 2011-05-21 04:45        420864        ----a-w-        c:\windows\SysWow64\vbscript.dll

2011-05-21 04:45 . 2011-05-21 04:45        35840        ----a-w-        c:\windows\SysWow64\imgutil.dll

2011-05-21 04:45 . 2011-05-21 04:45        23552        ----a-w-        c:\windows\SysWow64\licmgr10.dll

2011-05-21 04:45 . 2011-05-21 04:45        222208        ----a-w-        c:\windows\system32\msls31.dll

2011-05-21 04:45 . 2011-05-21 04:45        173056        ----a-w-        c:\windows\system32\ieUnatt.exe

2011-05-21 04:45 . 2011-05-21 04:45        152064        ----a-w-        c:\windows\SysWow64\wextract.exe

2011-05-21 04:45 . 2011-05-21 04:45        150528        ----a-w-        c:\windows\SysWow64\iexpress.exe

2011-05-21 04:45 . 2011-05-21 04:45        142848        ----a-w-        c:\windows\SysWow64\ieUnatt.exe

2011-05-21 04:45 . 2011-05-21 04:45        1427456        ----a-w-        c:\windows\SysWow64\inetcpl.cpl

2011-05-21 04:45 . 2011-05-21 04:45        1389056        ----a-w-        c:\windows\system32\wininet.dll

2011-05-21 04:45 . 2011-05-21 04:45        11776        ----a-w-        c:\windows\SysWow64\mshta.exe

2011-05-21 04:45 . 2011-05-21 04:45        101888        ----a-w-        c:\windows\SysWow64\admparse.dll

2011-05-21 04:45 . 2011-05-21 04:45        91648        ----a-w-        c:\windows\system32\SetIEInstalledDate.exe

2011-05-21 04:45 . 2011-05-21 04:45        85504        ----a-w-        c:\windows\system32\iesetup.dll

2011-05-21 04:45 . 2011-05-21 04:45        76800        ----a-w-        c:\windows\system32\tdc.ocx

2011-05-21 04:45 . 2011-05-21 04:45        603648        ----a-w-        c:\windows\system32\vbscript.dll

2011-05-21 04:45 . 2011-05-21 04:45        49664        ----a-w-        c:\windows\system32\imgutil.dll

2011-05-21 04:45 . 2011-05-21 04:45        48640        ----a-w-        c:\windows\system32\mshtmler.dll

2011-05-21 04:45 . 2011-05-21 04:45        448512        ----a-w-        c:\windows\system32\html.iec

2011-05-21 04:45 . 2011-05-21 04:45        30720        ----a-w-        c:\windows\system32\licmgr10.dll

2011-05-21 04:45 . 2011-05-21 04:45        165888        ----a-w-        c:\windows\system32\iexpress.exe

2011-05-21 04:45 . 2011-05-21 04:45        160256        ----a-w-        c:\windows\system32\wextract.exe

2011-05-21 04:45 . 2011-05-21 04:45        1492992        ----a-w-        c:\windows\system32\inetcpl.cpl

2011-05-21 04:45 . 2011-05-21 04:45        135168        ----a-w-        c:\windows\system32\IEAdvpack.dll

2011-05-21 04:45 . 2011-05-21 04:45        12288        ----a-w-        c:\windows\system32\mshta.exe

2011-05-21 04:45 . 2011-05-21 04:45        114176        ----a-w-        c:\windows\system32\admparse.dll

2011-05-21 04:45 . 2011-05-21 04:45        111616        ----a-w-        c:\windows\system32\iesysprep.dll

2011-05-14 06:24 . 2011-07-13 17:49        44032        ----a-w-        c:\windows\apppatch\acwow64.dll

2011-05-03 05:29 . 2011-06-15 05:42        976896        ----a-w-        c:\windows\system32\inetcomm.dll

2011-05-03 04:30 . 2011-06-15 05:42        741376        ----a-w-        c:\windows\SysWow64\inetcomm.dll

2011-04-29 03:06 . 2011-06-15 05:43        467456        ----a-w-        c:\windows\system32\drivers\srv.sys

2011-04-29 03:05 . 2011-06-15 05:43        410112        ----a-w-        c:\windows\system32\drivers\srv2.sys

2011-04-29 03:05 . 2011-06-15 05:43        168448        ----a-w-        c:\windows\system32\drivers\srvnet.sys

.

.

(((((((((((((((((((((((((((((   SnapShot@2011-07-27_04.44.17   )))))))))))))))))))))))))))))))))))))))))

.

- 2011-07-26 15:32 . 2011-07-26 15:32        2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

+ 2011-07-27 12:32 . 2011-07-27 12:32        2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

- 2011-07-26 15:32 . 2011-07-26 15:32        2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

+ 2011-07-27 12:32 . 2011-07-27 12:32        2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

+ 2010-04-05 19:39 . 2011-07-27 11:59        579314              c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin

+ 2009-07-14 05:01 . 2011-07-27 12:32        262896              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

- 2009-07-14 05:01 . 2011-07-26 15:31        262896              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

- 2011-03-23 01:14 . 2011-07-26 15:31        1844968              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3698355770-1554999282-4191537626-1001-8192.dat

+ 2011-03-23 01:14 . 2011-07-27 12:32        1844968              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3698355770-1554999282-4191537626-1001-8192.dat

.

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))

.

.

*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-03-02 98304]

"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2009-08-18 1157640]

"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-08-10 421888]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]

"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"

"NPSStartup"=

"facemoods"="c:\program files (x86)\facemoods.com\facemoods\1.4.17.5\facemoodssrv.exe" /md I

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"

"HP Software Update"=c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe

.

R2 gupdate;Google Update-Dienst (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-09 136176]

R3 Andbus;LGE Android Platform Composite USB Device;c:\windows\system32\DRIVERS\lgandbus64.sys [x]

R3 AndDiag;LGE Android Platform USB Serial Port;c:\windows\system32\DRIVERS\lganddiag64.sys [x]

R3 AndGps;LGE Android Platform USB GPS NMEA Port;c:\windows\system32\DRIVERS\lgandgps64.sys [x]

R3 ANDModem;LGE Android Platform USB Modem;c:\windows\system32\DRIVERS\lgandmodem64.sys [x]

R3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\lgandadb.sys [x]

R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [x]

R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-09 136176]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]

R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-09-02 225280]

R3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\system32\DRIVERS\s0017bus.sys [x]

R3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s0017mdfl.sys [x]

R3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s0017mdm.sys [x]

R3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s0017mgmt.sys [x]

R3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);c:\windows\system32\DRIVERS\s0017nd5.sys [x]

R3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s0017obex.sys [x]

R3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\system32\DRIVERS\s0017unic.sys [x]

R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]

R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]

R4 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]

S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]

S2 OMSI download service;Sony Ericsson OMSI download service;c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]

S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe [2010-02-01 1393480]

S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [x]

S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]

S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x]

S3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\DRIVERS\lgbtpt64.sys [x]

S3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\DRIVERS\lgbtbs64.sys [x]

S3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\DRIVERS\lgvmdm64.sys [x]

S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys [x]

S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys [2009-10-14 11856]

S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]

.

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]

hpdevmgmt        REG_MULTI_SZ           hpqcxs08 hpqddsvc

.

Inhalt des "geplante Tasks" Ordners

.

2011-07-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-09 12:58]

.

2011-07-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-09 12:58]

.

.

--------- x86-64 -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"combofix"="c:\combofix\CF25427.cfxxe" [X]

"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2009-06-11 301056]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-28 7982112]

.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs

UxTuneUp

.

------- Zusätzlicher Suchlauf -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = 

mLocal Page = c:\windows\SysWOW64\blank.htm

IE: Free YouTube Download - c:\users\Lenni\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm

IE: Free YouTube to Mp3 Converter - c:\users\Lenni\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000

TCP: DhcpNameServer = 192.168.2.1

FF - ProfilePath - c:\users\Lenni\AppData\Roaming\Mozilla\Firefox\Profiles\n5cribg4.default\

FF - prefs.js: browser.search.defaulturl - 

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxp://www.meinvz.net

FF - user.js: network.http.max-persistent-connections-per-server - 4

FF - user.js: nglayout.initialpaint.delay - 600

FF - user.js: content.notify.interval - 600000

FF - user.js: content.max.tokenizing.time - 1800000

FF - user.js: content.switch.threshold - 600000

.

.

--------------------- Gesperrte Registrierungsschluessel ---------------------

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.10"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Zeit der Fertigstellung: 2011-07-27  14:37:12 - PC wurde neu gestartet

ComboFix-quarantined-files.txt  2011-07-27 12:37

ComboFix2.txt  2011-07-27 04:46

.

Vor Suchlauf: 12 Verzeichnis(se), 68.974.452.736 Bytes frei

Nach Suchlauf: 14 Verzeichnis(se), 68.492.652.544 Bytes frei

.

- - End Of File - - 1A0F5177E664E2904BA2E3A424E3FC72
--- --- ---