Jetzt scheint alles reibungslos gelaufen zu sein :) Code:
ComboFix 12-02-13.01 - Dennis 14.02.2012 11:42:17.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.4091.2657 [GMT 1:00]
ausgeführt von:: c:\users\Dennis\Desktop\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
AV: Lavasoft Ad-Watch Live! Virenschutz *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Vorheriger Suchlauf -------
.
c:\users\Dennis\AppData\Roaming\vso_ts_preview.xml
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-01-14 bis 2012-02-14 ))))))))))))))))))))))))))))))
.
.
2012-02-14 10:53 . 2012-02-14 10:53 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-02-14 10:53 . 2012-02-14 10:53 -------- d-----w- c:\users\cHk\AppData\Local\temp
2012-02-12 17:13 . 2011-05-20 12:49 34624 ----a-w- c:\windows\system32\TURegOpt.exe
2012-02-12 17:13 . 2011-05-20 12:43 25920 ----a-w- c:\windows\system32\authuitu.dll
2012-02-12 17:13 . 2011-05-20 12:43 36160 ----a-w- c:\windows\system32\uxtuneup.dll
2012-02-12 17:13 . 2011-05-20 12:43 29504 ----a-w- c:\windows\SysWow64\uxtuneup.dll
2012-02-12 17:13 . 2011-05-20 12:43 21312 ----a-w- c:\windows\SysWow64\authuitu.dll
2012-02-12 15:47 . 2012-02-12 15:47 -------- d-----w- c:\users\Dennis\AppData\Roaming\ArcSoft
2012-02-12 15:46 . 2012-02-12 15:46 -------- d-----w- c:\users\Dennis\AppData\Local\ArcSoft
2012-02-12 15:46 . 2012-02-12 15:46 -------- d-----w- c:\programdata\ArcSoft
2012-02-12 15:46 . 2012-02-12 15:46 -------- d-----w- c:\program files (x86)\Common Files\ArcSoft
2012-02-12 15:46 . 2011-11-10 10:14 311872 ----a-w- c:\windows\system32\drivers\ArcSec.sys
2012-02-12 15:46 . 2010-12-30 16:29 80448 ----a-w- c:\windows\system32\MMCEDT5.exe
2012-02-12 15:44 . 2012-02-12 15:44 -------- d-----w- c:\users\Dennis\AppData\Local\Downloaded Installations
2012-02-12 15:22 . 2012-02-12 15:22 -------- d-----w- c:\users\Dennis\AppData\Local\AMD
2012-02-12 15:21 . 2012-02-12 15:21 -------- d-----w- c:\programdata\ATI
2012-02-12 15:13 . 2012-02-12 15:13 -------- d-----w- c:\program files (x86)\AMD APP
2012-02-12 15:12 . 2012-02-12 15:12 -------- d-----w- c:\programdata\AMD
2012-02-12 15:12 . 2010-02-18 08:18 46136 ----a-w- c:\windows\system32\drivers\amdiox64.sys
2012-02-12 09:40 . 2012-02-12 09:40 -------- d-----w- c:\windows\system32\%LOCALAPPDATA%
2012-02-10 11:19 . 2012-02-10 11:19 -------- d-----w- c:\program files (x86)\ESET
2012-02-10 08:20 . 2012-01-06 05:15 8602168 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{73B97690-9A8A-484B-9F5A-D364843EC570}\mpengine.dll
2012-02-09 12:43 . 2012-02-09 12:43 -------- d-----w- c:\windows\system32\SPReview
2012-02-09 12:41 . 2012-02-09 12:41 -------- d-----w- c:\windows\system32\EventProviders
2012-02-09 11:55 . 2012-02-09 11:55 -------- d-----w- c:\users\cHk\AppData\Local\LogMeIn
2012-02-08 15:37 . 2012-02-08 15:39 -------- d-----w- c:\programdata\Protexis
2012-02-08 15:35 . 2010-11-16 15:24 15672 ----a-w- c:\windows\system32\drivers\regi.sys
2012-02-07 14:32 . 2012-02-07 14:32 -------- d-----w- c:\users\Dennis\AppData\Local\MediaShow
2012-02-07 14:27 . 2012-02-07 14:27 -------- d-----w- c:\users\Dennis\AppData\Local\MediaServer
2012-02-07 14:26 . 2012-02-08 15:05 -------- d-----w- c:\programdata\PDVD
2012-02-07 14:26 . 2012-02-12 16:25 -------- d-----w- c:\users\Public\CyberLink
2012-02-07 14:26 . 2012-02-12 16:25 -------- d-----w- c:\users\Dennis\AppData\Local\CyberLink
2012-02-07 14:13 . 2012-02-12 16:26 -------- d-----w- c:\programdata\CyberLink
2012-02-07 14:13 . 2012-02-07 14:31 -------- d-----w- c:\users\Dennis\AppData\Roaming\CyberLink
2012-02-07 14:07 . 2012-02-07 14:23 -------- d-----w- c:\programdata\install_clap
2012-01-30 17:33 . 2012-01-30 17:33 5185536 ----a-r- c:\users\Dennis\AppData\Roaming\Microsoft\Installer\{D1E1F028-1953-43A3-BFD8-D2A00EC06E36}\RapeLay.exe
2012-01-30 17:33 . 2012-01-30 17:33 28672 ----a-r- c:\users\Dennis\AppData\Roaming\Microsoft\Installer\{D1E1F028-1953-43A3-BFD8-D2A00EC06E36}\_EB52FE80E75B_486E_9850_195DAB8E8D59.exe
2012-01-29 18:25 . 2012-01-29 18:25 -------- d-----w- c:\users\Dennis\AppData\Roaming\Avira
2012-01-29 10:24 . 2012-01-29 10:24 -------- d-----w- c:\users\Dennis\AppData\Roaming\Mozilla-Cache
2012-01-26 12:19 . 2012-01-26 12:20 -------- d-----w- c:\users\Dennis\AppData\Local\FullTiltPoker
2012-01-19 22:47 . 2012-01-19 23:10 -------- d-----w- c:\users\Dennis\AppData\Roaming\Gelbe Liste Pharmindex
2012-01-19 18:14 . 2012-01-19 18:15 -------- d-----w- C:\med7net
2012-01-19 18:13 . 2004-12-13 20:16 53248 ----a-w- c:\windows\SysWow64\foxtools.fll
2012-01-16 14:30 . 2012-01-16 14:30 -------- d-----w- c:\programdata\PassMark
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-09 12:59 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2012-02-09 12:59 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2012-01-26 23:52 . 2011-02-24 15:18 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-01-15 15:26 . 2011-01-03 00:34 280736 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-01-15 15:26 . 2011-01-03 00:10 280736 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-01-15 15:25 . 2011-01-03 00:10 215128 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2011-12-10 14:24 . 2011-08-22 21:18 23152 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-12-06 03:45 . 2011-12-06 03:45 10720256 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2011-12-06 03:18 . 2011-12-06 03:18 25371136 ----a-w- c:\windows\system32\atio6axx.dll
2011-12-06 03:17 . 2011-12-06 03:17 159744 ----a-w- c:\windows\system32\atiapfxx.exe
2011-12-06 03:17 . 2011-12-06 03:17 778752 ----a-w- c:\windows\SysWow64\aticfx32.dll
2011-12-06 03:16 . 2011-12-06 03:16 933888 ----a-w- c:\windows\system32\aticfx64.dll
2011-12-06 03:12 . 2011-12-06 03:12 466944 ----a-w- c:\windows\system32\ATIDEMGX.dll
2011-12-06 03:12 . 2011-12-06 03:12 494080 ----a-w- c:\windows\system32\atieclxx.exe
2011-12-06 03:11 . 2011-12-06 03:11 235520 ----a-w- c:\windows\system32\atiesrxx.exe
2011-12-06 03:10 . 2011-12-06 03:10 120320 ----a-w- c:\windows\system32\atitmm64.dll
2011-12-06 03:10 . 2011-12-06 03:10 423424 ----a-w- c:\windows\system32\atipdl64.dll
2011-12-06 03:10 . 2011-12-06 03:10 360448 ----a-w- c:\windows\SysWow64\atipdlxx.dll
2011-12-06 03:10 . 2011-12-06 03:10 278528 ----a-w- c:\windows\SysWow64\Oemdspif.dll
2011-12-06 03:09 . 2011-12-06 03:09 21504 ----a-w- c:\windows\system32\atimuixx.dll
2011-12-06 03:09 . 2011-12-06 03:09 59392 ----a-w- c:\windows\system32\atiedu64.dll
2011-12-06 03:09 . 2011-12-06 03:09 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll
2011-12-06 03:06 . 2011-12-06 03:06 6159872 ----a-w- c:\windows\SysWow64\atidxx32.dll
2011-12-06 02:56 . 2011-12-06 02:56 19125760 ----a-w- c:\windows\SysWow64\atioglxx.dll
2011-12-06 02:51 . 2011-12-06 02:51 7520768 ----a-w- c:\windows\system32\atidxx64.dll
2011-12-06 02:39 . 2011-12-06 02:39 1113088 ----a-w- c:\windows\system32\atiumd6v.dll
2011-12-06 02:39 . 2011-12-06 02:39 1828864 ----a-w- c:\windows\SysWow64\atiumdmv.dll
2011-12-06 02:39 . 2011-12-06 02:39 4072960 ----a-w- c:\windows\system32\atiumd6a.dll
2011-12-06 02:34 . 2011-12-06 02:34 51200 ----a-w- c:\windows\system32\aticalrt64.dll
2011-12-06 02:34 . 2011-12-06 02:34 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll
2011-12-06 02:34 . 2011-12-06 02:34 44544 ----a-w- c:\windows\system32\aticalcl64.dll
2011-12-06 02:34 . 2011-12-06 02:34 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll
2011-12-06 02:34 . 2011-12-06 02:34 13738496 ----a-w- c:\windows\system32\aticaldd64.dll
2011-12-06 02:33 . 2011-12-06 02:33 5919232 ----a-w- c:\windows\SysWow64\atiumdag.dll
2011-12-06 02:29 . 2011-12-06 02:29 11484672 ----a-w- c:\windows\SysWow64\aticaldd.dll
2011-12-06 02:28 . 2011-12-06 02:28 4206592 ----a-w- c:\windows\SysWow64\atiumdva.dll
2011-12-06 02:24 . 2011-12-06 02:24 7511040 ----a-w- c:\windows\system32\atiumd64.dll
2011-12-06 02:18 . 2011-12-06 02:18 58880 ----a-w- c:\windows\system32\coinst.dll
2011-12-06 02:13 . 2010-09-16 10:55 509952 ----a-w- c:\windows\system32\atiadlxx.dll
2011-12-06 02:12 . 2011-12-06 02:12 356352 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2011-12-06 02:12 . 2011-12-06 02:12 17408 ----a-w- c:\windows\system32\atig6pxx.dll
2011-12-06 02:12 . 2011-12-06 02:12 14336 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2011-12-06 02:12 . 2011-12-06 02:12 14336 ----a-w- c:\windows\system32\atiglpxx.dll
2011-12-06 02:12 . 2011-12-06 02:12 39936 ----a-w- c:\windows\system32\atig6txx.dll
2011-12-06 02:12 . 2011-12-06 02:12 33280 ----a-w- c:\windows\SysWow64\atigktxx.dll
2011-12-06 02:12 . 2011-12-06 02:12 327168 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2011-12-06 02:11 . 2010-11-26 02:16 42496 ----a-w- c:\windows\system32\atiuxp64.dll
2011-12-06 02:11 . 2011-12-06 02:11 33280 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2011-12-06 02:11 . 2011-12-06 02:11 39936 ----a-w- c:\windows\system32\atiu9p64.dll
2011-12-06 02:11 . 2011-12-06 02:11 29696 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2011-12-06 02:10 . 2011-12-06 02:10 54784 ----a-w- c:\windows\system32\atimpc64.dll
2011-12-06 02:10 . 2011-12-06 02:10 54784 ----a-w- c:\windows\system32\amdpcom64.dll
2011-12-06 02:10 . 2011-12-06 02:10 53760 ----a-w- c:\windows\SysWow64\atimpc32.dll
2011-12-06 02:10 . 2011-12-06 02:10 53760 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2011-12-06 02:10 . 2011-12-06 02:10 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2011-12-05 21:04 . 2011-12-05 21:04 69632 ----a-w- c:\windows\system32\OpenVideo64.dll
2011-12-05 21:04 . 2011-12-05 21:04 59904 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2011-12-05 21:03 . 2011-12-05 21:03 61952 ----a-w- c:\windows\system32\OVDecode64.dll
2011-12-05 21:03 . 2011-12-05 21:03 54784 ----a-w- c:\windows\SysWow64\OVDecode.dll
2011-12-05 21:03 . 2011-12-05 21:03 17580544 ----a-w- c:\windows\system32\amdocl64.dll
2011-12-05 21:03 . 2011-12-05 21:03 14499328 ----a-w- c:\windows\SysWow64\amdocl.dll
2011-12-05 21:02 . 2011-12-05 21:02 51200 ----a-w- c:\windows\system32\OpenCL.dll
2011-12-05 21:02 . 2011-12-05 21:02 44032 ----a-w- c:\windows\SysWow64\OpenCL.dll
2011-12-05 19:47 . 2011-12-05 19:47 95248 ----a-w- c:\windows\system32\drivers\AtihdW76.sys
2011-11-24 04:52 . 2011-12-14 13:48 3145216 ----a-w- c:\windows\system32\win32k.sys
2011-11-19 14:58 . 2012-01-11 13:51 77312 ----a-w- c:\windows\system32\packager.dll
2011-11-19 14:01 . 2012-01-11 13:51 67072 ----a-w- c:\windows\SysWow64\packager.dll
2011-11-17 06:41 . 2012-01-11 13:51 1731920 ----a-w- c:\windows\system32\ntdll.dll
2011-11-17 05:38 . 2012-01-11 13:51 1292080 ----a-w- c:\windows\SysWow64\ntdll.dll
2006-05-03 09:06 163328 --sha-r- c:\windows\SysWOW64\flvDX.dll
2007-02-21 10:47 31232 --sha-r- c:\windows\SysWOW64\msfDX.dll
2008-03-16 12:30 216064 --sha-r- c:\windows\SysWOW64\nbDX.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-08-10 975952]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2011-03-28 281768]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-12-05 343168]
"RemoteControl11"="e:\powerdvd11\PowerDVD11\PDVD11Serv.exe" [2011-04-20 234792]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
TotalMedia Server.lnk - e:\totalmediatheatre\TotalMedia Server\TM Server.exe [2010-12-20 519744]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-26 136176]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-26 136176]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [x]
R3 Lavasoft Kernexplorer;Lavasoft helper driver;e:\adaware\KernExplorer64.sys [2011-08-22 17152]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R4 ADExchange;ArcSoft Exchange Service;c:\program files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [2012-02-12 60064]
R4 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R4 CLHNServiceForPowerDVD;CLHNServiceForPowerDVD;e:\powerdvd11\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [2011-04-20 83240]
R4 CyberLink PowerDVD 11.0 Monitor Service;CyberLink PowerDVD 11.0 Monitor Service;e:\powerdvd11\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [2011-03-31 70952]
R4 CyberLink PowerDVD 11.0 Service;CyberLink PowerDVD 11.0 Service;e:\powerdvd11\PowerDVD11\Common\MediaServer\CLMSServer.exe [2011-03-31 312616]
R4 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-08-10 321104]
R4 GREGService;GREGService;c:\program files (x86)\Packard Bell\Registration\GREGsvc.exe [2010-01-08 23584]
R4 LMIGuardianSvc;LMIGuardianSvc;e:\logmein\x64\LMIGuardianSvc.exe [2011-09-26 375176]
R4 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 ArcSec;ArcSec;c:\windows\system32\drivers\ArcSec.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 {329F96B6-DF1E-4328-BFDA-39EA953C1312};Power Control [2012/02/12 18:01];e:\powerdvd11\PowerDVD11\Common\NavFilter\000.fcl [2011-04-12 09:16 148976]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-12-05 361984]
S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-03-28 136360]
S2 AODDriver4.01;AODDriver4.01;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2011-06-24 55424]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-10-20 821664]
S2 ePowerSvc;Acer ePower Service;c:\program files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [2010-06-11 868896]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;e:\adaware\AAWService.exe [2011-09-02 2152152]
S2 LMIInfo;LogMeIn Kernel Information Provider;e:\logmein\x64\RaInfo.sys [2011-01-11 15928]
S2 ntk_PowerDVD;ntk_PowerDVD;e:\powerdvd11\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys [2011-04-20 75248]
S2 regi;regi;c:\windows\system32\drivers\regi.sys [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2010-09-14 508264]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;e:\tuneup2011\TuneUpUtilitiesService64.exe [2011-05-20 2026304]
S2 Updater Service;Updater Service;c:\program files\Packard Bell\Packard Bell Updater\UpdaterService.exe [2010-01-28 243232]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x]
S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2010-09-14 219496]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;e:\tuneup2011\TuneUpUtilitiesDriver64.sys [2011-04-26 11856]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2012-02-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-26 08:04]
.
2012-02-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-26 08:04]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-06-22 10920552]
"PLFSetI"="c:\windows\PLFSetI.exe" [2010-06-09 206208]
"Acer ePower Management"="c:\program files\Packard Bell\Packard Bell Power Management\ePowerTray.exe" [2010-06-11 861216]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2010-07-21 2327952]
"LogMeIn GUI"="e:\logmein\x64\LogMeInSystray.exe" [2011-01-11 57928]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Zusätzlicher Suchlauf -------
.
uStart Page =
uLocal Page = c:\windows\system32\blank.htm
mStart Page =
mLocal Page =
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - e:\icq\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Dennis\AppData\Roaming\Mozilla\Firefox\Profiles\wef4pq6t.default\
FF - prefs.js: browser.startup.homepage - www.google.de
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc_bc2.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{329F96B6-DF1E-4328-BFDA-39EA953C1312}]
"ImagePath"="\??\e:\powerdvd11\PowerDVD11\Common\NavFilter\000.fcl"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1999676654-2780985729-305467352-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*b*e*p*âúa6\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-1999676654-2780985729-305467352-1000\Software\SecuROM\License information*]
"datasecu"=hex:1c,ac,12,05,ff,75,55,0a,44,9f,bb,3b,68,b3,dc,e2,77,86,2d,ac,f9,
e8,d2,21,18,2a,07,a1,6c,34,cd,25,43,2a,67,11,c1,7b,87,d6,fe,c9,bc,84,bc,d4,\
"rkeysecu"=hex:5e,0a,d0,11,c3,be,4c,10,a6,af,e6,39,8c,21,63,88
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\windows\SysWOW64\PnkBstrA.exe
e:\adaware\AAWTray.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-02-14 12:13:12 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2012-02-14 11:13
.
Vor Suchlauf: 18 Verzeichnis(se), 17.848.139.776 Bytes frei
Nach Suchlauf: 18 Verzeichnis(se), 17.739.137.024 Bytes frei
.
- - End Of File - - EF5204550655D3E0401F2C6697501DD9
Die Qoobox-Quarantäne hab ich im Upload-Channel hochgeladen :) |
