Code:
ComboFix 13-01-15.02 - Roy 15.01.2013 23:08:10.1.8 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.49.1031.18.8086.5969 [GMT 1:00]
ausgeführt von:: c:\users\Roy\Desktop\ComboFix.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\$recycle.bin\S-1-5-18\$79d74d7b994e981d7e19bb4b4151ce3d\@
c:\$recycle.bin\S-1-5-18\$79d74d7b994e981d7e19bb4b4151ce3d\n
c:\programdata\dsgsdgdsgdsgw.pad
c:\programdata\Roaming
c:\users\Roy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\runctf.lnk
c:\users\Roy\wgsdgsdgdsgsd.dll
c:\windows\assembly\GAC_32\Desktop.ini
c:\windows\assembly\GAC_64\Desktop.ini
D:\install.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-12-15 bis 2013-01-15 ))))))))))))))))))))))))))))))
.
.
2013-01-15 14:23 . 2007-07-12 23:00 83968 ----a-w- c:\windows\system32\esxcwiad.dll
2013-01-15 14:23 . 2013-01-15 14:23 -------- d-----w- c:\program files (x86)\epson
2013-01-13 18:48 . 2013-01-13 18:48 -------- d-----w- c:\users\Roy\AppData\Roaming\Avira
2013-01-13 18:43 . 2013-01-13 18:43 -------- d-----w- c:\program files (x86)\Ask.com
2013-01-13 18:42 . 2012-12-03 14:36 129216 ----a-w- c:\windows\system32\drivers\avipbb.sys
2013-01-13 18:42 . 2012-12-03 14:36 99912 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2013-01-13 18:42 . 2012-11-16 19:17 27800 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2013-01-13 18:42 . 2013-01-13 18:43 -------- d-----w- c:\programdata\Avira
2013-01-13 17:37 . 2013-01-13 17:39 -------- d-----w- c:\windows\rescache
2013-01-12 18:12 . 2013-01-12 18:12 -------- d-----w- c:\programdata\REVOLT
2013-01-12 01:18 . 2013-01-12 01:18 -------- d-sh--w- c:\windows\SysWow64\%APPDATA%
2013-01-11 14:13 . 2012-11-19 00:01 9125352 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B9CEE454-450E-4E3B-88D3-2262CA6EDC7C}\mpengine.dll
2013-01-09 13:50 . 2012-11-02 05:30 2001408 ----a-w- c:\windows\system32\msxml6.dll
2013-01-06 17:19 . 2013-01-06 17:19 -------- d-----w- c:\users\Roy\AppData\Roaming\Command and Conquer 4
2013-01-04 23:49 . 2013-01-04 23:49 -------- d-----w- c:\program files (x86)\Common Files\InstallShield
2013-01-02 16:04 . 2013-01-03 22:54 -------- d-----w- c:\users\Roy\AppData\Roaming\Command & Conquer 3 Kanes Rache
2013-01-02 15:54 . 2013-01-02 15:54 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2012-12-31 09:47 . 2012-12-31 09:47 -------- d-----w- c:\users\Roy\AppData\Roaming\Command & Conquer 3 Tiberium Wars
2012-12-31 09:28 . 2012-12-31 09:28 -------- d--h--r- c:\users\Roy\AppData\Roaming\SecuROM
2012-12-30 20:13 . 2012-12-30 20:13 -------- d-----w- c:\users\Roy\AppData\Local\SKIDROW
2012-12-30 20:10 . 2012-12-30 20:10 -------- d-----w- c:\users\Roy\AppData\Local\My Games
2012-12-24 14:35 . 2012-12-24 14:35 -------- d-----w- c:\program files (x86)\MSECache
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-12 10:52 . 2012-11-24 04:20 74248 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-01-12 10:52 . 2012-11-24 04:20 697864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-11-30 04:56 . 2013-01-09 13:52 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-11-24 10:06 . 2012-11-24 10:06 319488 ----a-w- c:\windows\HideWin.exe
2012-11-24 10:06 . 2012-11-24 10:06 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-11-24 09:16 . 2012-11-24 09:16 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-11-24 09:16 . 2012-11-24 09:16 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-11-24 09:16 . 2012-11-24 09:16 89088 ----a-w- c:\windows\system32\ie4uinit.exe
2012-11-24 09:16 . 2012-11-24 09:16 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2012-11-24 09:16 . 2012-11-24 09:16 85504 ----a-w- c:\windows\system32\iesetup.dll
2012-11-24 09:16 . 2012-11-24 09:16 82432 ----a-w- c:\windows\system32\icardie.dll
2012-11-24 09:16 . 2012-11-24 09:16 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2012-11-24 09:16 . 2012-11-24 09:16 76800 ----a-w- c:\windows\system32\tdc.ocx
2012-11-24 09:16 . 2012-11-24 09:16 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2012-11-24 09:16 . 2012-11-24 09:16 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2012-11-24 09:16 . 2012-11-24 09:16 65024 ----a-w- c:\windows\system32\pngfilt.dll
2012-11-24 09:16 . 2012-11-24 09:16 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2012-11-24 09:16 . 2012-11-24 09:16 55296 ----a-w- c:\windows\system32\msfeedsbs.dll
2012-11-24 09:16 . 2012-11-24 09:16 534528 ----a-w- c:\windows\system32\ieapfltr.dll
2012-11-24 09:16 . 2012-11-24 09:16 49664 ----a-w- c:\windows\system32\imgutil.dll
2012-11-24 09:16 . 2012-11-24 09:16 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2012-11-24 09:16 . 2012-11-24 09:16 48640 ----a-w- c:\windows\system32\mshtmler.dll
2012-11-24 09:16 . 2012-11-24 09:16 452608 ----a-w- c:\windows\system32\dxtmsft.dll
2012-11-24 09:16 . 2012-11-24 09:16 448512 ----a-w- c:\windows\system32\html.iec
2012-11-24 09:16 . 2012-11-24 09:16 403248 ----a-w- c:\windows\system32\iedkcs32.dll
2012-11-24 09:16 . 2012-11-24 09:16 39936 ----a-w- c:\windows\system32\iernonce.dll
2012-11-24 09:16 . 2012-11-24 09:16 3695416 ----a-w- c:\windows\system32\ieapfltr.dat
2012-11-24 09:16 . 2012-11-24 09:16 367104 ----a-w- c:\windows\SysWow64\html.iec
2012-11-24 09:16 . 2012-11-24 09:16 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2012-11-24 09:16 . 2012-11-24 09:16 30720 ----a-w- c:\windows\system32\licmgr10.dll
2012-11-24 09:16 . 2012-11-24 09:16 282112 ----a-w- c:\windows\system32\dxtrans.dll
2012-11-24 09:16 . 2012-11-24 09:16 267776 ----a-w- c:\windows\system32\ieaksie.dll
2012-11-24 09:16 . 2012-11-24 09:16 249344 ----a-w- c:\windows\system32\webcheck.dll
2012-11-24 09:16 . 2012-11-24 09:16 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2012-11-24 09:16 . 2012-11-24 09:16 222208 ----a-w- c:\windows\system32\msls31.dll
2012-11-24 09:16 . 2012-11-24 09:16 197120 ----a-w- c:\windows\system32\msrating.dll
2012-11-24 09:16 . 2012-11-24 09:16 165888 ----a-w- c:\windows\system32\iexpress.exe
2012-11-24 09:16 . 2012-11-24 09:16 163840 ----a-w- c:\windows\system32\ieakui.dll
2012-11-24 09:16 . 2012-11-24 09:16 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2012-11-24 09:16 . 2012-11-24 09:16 160256 ----a-w- c:\windows\system32\wextract.exe
2012-11-24 09:16 . 2012-11-24 09:16 160256 ----a-w- c:\windows\system32\ieakeng.dll
2012-11-24 09:16 . 2012-11-24 09:16 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2012-11-24 09:16 . 2012-11-24 09:16 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2012-11-24 09:16 . 2012-11-24 09:16 149504 ----a-w- c:\windows\system32\occache.dll
2012-11-24 09:16 . 2012-11-24 09:16 145920 ----a-w- c:\windows\system32\iepeers.dll
2012-11-24 09:16 . 2012-11-24 09:16 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2012-11-24 09:16 . 2012-11-24 09:16 12288 ----a-w- c:\windows\system32\mshta.exe
2012-11-24 09:16 . 2012-11-24 09:16 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2012-11-24 09:16 . 2012-11-24 09:16 114176 ----a-w- c:\windows\system32\admparse.dll
2012-11-24 09:16 . 2012-11-24 09:16 111616 ----a-w- c:\windows\system32\iesysprep.dll
2012-11-24 09:16 . 2012-11-24 09:16 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2012-11-24 09:16 . 2012-11-24 09:16 10752 ----a-w- c:\windows\system32\msfeedssync.exe
2012-11-24 09:16 . 2012-11-24 09:16 103936 ----a-w- c:\windows\system32\inseng.dll
2012-11-24 09:16 . 2012-11-24 09:16 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2012-11-24 04:08 . 2012-11-24 04:08 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-11-24 04:07 . 2012-11-24 04:08 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-11-24 04:07 . 2012-11-24 04:08 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-11-18 16:26 . 2012-11-24 12:13 9271352 ----a-w- c:\windows\system32\nvcuda.dll
2012-11-18 16:26 . 2012-11-24 12:13 7819016 ----a-w- c:\windows\SysWow64\nvcuda.dll
2012-11-18 16:26 . 2012-11-24 12:13 7446192 ----a-w- c:\windows\system32\nvopencl.dll
2012-11-18 16:26 . 2012-11-24 12:13 6149904 ----a-w- c:\windows\SysWow64\nvopencl.dll
2012-11-18 16:26 . 2012-11-24 12:13 30056 ----a-w- c:\windows\system32\drivers\nvpciflt.sys
2012-11-18 16:26 . 2012-11-24 12:13 284008 ----a-w- c:\windows\system32\drivers\nvkflt.sys
2012-11-18 16:26 . 2012-11-24 12:13 2784104 ----a-w- c:\windows\system32\nvcuvid.dll
2012-11-18 16:26 . 2012-11-24 12:13 26811240 ----a-w- c:\windows\system32\nvoglv64.dll
2012-11-18 16:26 . 2012-11-24 12:13 2606440 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2012-11-18 16:26 . 2012-11-24 12:13 25256296 ----a-w- c:\windows\system32\nvcompiler.dll
2012-11-18 16:26 . 2012-11-24 12:13 2226024 ----a-w- c:\windows\system32\nvcuvenc.dll
2012-11-18 16:26 . 2012-11-24 12:13 20335976 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2012-11-18 16:26 . 2012-11-24 12:13 1874280 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2012-11-18 16:26 . 2012-11-24 12:13 18045968 ----a-w- c:\windows\system32\nvd3dumx.dll
2012-11-18 16:26 . 2012-11-24 12:13 17559912 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2012-11-18 16:26 . 2012-11-24 12:13 14953920 ----a-w- c:\windows\system32\nvwgf2umx.dll
2012-11-18 16:26 . 2012-11-24 12:13 12542672 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2012-11-18 16:26 . 2012-11-24 12:13 11528040 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2012-11-18 16:26 . 2012-10-08 10:42 841272 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2012-11-18 16:26 . 2012-10-08 10:42 1504104 ----a-w- c:\windows\system32\nvdispgenco64.dll
2012-11-18 16:26 . 2012-10-08 10:42 2496976 ----a-w- c:\windows\SysWow64\nvapi.dll
2012-11-18 16:26 . 2012-10-08 10:42 983936 ----a-w- c:\windows\system32\nvumdshimx.dll
2012-11-18 16:26 . 2012-10-08 10:42 15122280 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2012-11-18 16:26 . 2012-10-08 10:42 245432 ----a-w- c:\windows\system32\nvinitx.dll
2012-11-18 16:26 . 2012-10-08 10:42 201136 ----a-w- c:\windows\SysWow64\nvinit.dll
2012-11-18 16:26 . 2012-10-08 10:42 2816824 ----a-w- c:\windows\system32\nvapi64.dll
2012-11-18 16:26 . 2012-10-08 10:42 1805672 ----a-w- c:\windows\system32\nvdispco64.dll
2012-11-18 13:09 . 2012-11-24 04:32 890216 ----a-w- c:\windows\system32\nvvsvc.exe
2012-11-18 13:09 . 2012-11-24 04:32 877928 ----a-w- c:\windows\system32\nv3dappshext.dll
2012-11-18 13:09 . 2012-11-24 04:32 63336 ----a-w- c:\windows\system32\nvshext.dll
2012-11-18 13:09 . 2012-11-24 04:32 55144 ----a-w- c:\windows\system32\nv3dappshextr.dll
2012-11-18 13:09 . 2012-11-24 04:32 3603786 ----a-w- c:\windows\system32\nvcoproc.bin
2012-11-18 13:09 . 2012-11-24 04:32 2557800 ----a-w- c:\windows\system32\nvsvcr.dll
2012-11-18 13:09 . 2012-11-24 04:32 118120 ----a-w- c:\windows\system32\nvmctray.dll
2012-11-18 13:09 . 2012-11-24 04:32 3311464 ----a-w- c:\windows\system32\nvsvc64.dll
2012-11-18 13:09 . 2012-11-24 04:32 6223208 ----a-w- c:\windows\system32\nvcpl.dll
2012-11-18 04:49 . 2012-11-18 04:49 438632 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2012-11-15 01:38 . 2012-11-15 01:38 40712 ----a-w- c:\windows\system32\drivers\taphss6.sys
2012-11-15 01:33 . 2012-11-15 01:33 42248 ----a-w- c:\windows\system32\drivers\hssdrv6.sys
2012-11-09 05:34 . 2012-12-12 02:44 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-09 04:49 . 2012-12-12 02:44 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-11-02 05:27 . 2012-12-12 02:43 478208 ----a-w- c:\windows\system32\dpnet.dll
2012-11-02 04:48 . 2012-12-12 02:43 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2012-12-20 1521952]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{991D97B8-F0D8-4EA1-9100-7A65EA2D3A63}]
2012-08-28 06:53 84840 ----a-w- c:\users\Roy\AppData\Roaming\SenselessTV\bho.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2012-12-20 20:56 1521952 ----a-w- c:\program files (x86)\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]
2012-11-08 17:29 233288 ----a-w- c:\program files (x86)\Hotspot Shield\HssIE\HssIE.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2012-12-20 1521952]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"="c:\users\Roy\AppData\Local\Akamai\netsession_win.exe" [2012-10-09 4441920]
"WirelessManager"="c:\program files (x86)\Dell\Dell Mobile Broadband Manager\WirelessManager.exe" [2010-07-28 194600]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-11-06 3673728]
"Spotify Web Helper"="c:\users\Roy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2012-11-30 1199576]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2011-09-16 115048]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"GrooveMonitor"="d:\programme\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-09-23 926896]
"ApnUpdater"="c:\program files (x86)\Ask.com\Updater\Updater.exe" [2012-12-20 1574176]
"avgnt"="d:\programme\avira\Avira\AntiVir Desktop\avgnt.exe" [2012-12-04 384800]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer4"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protokoll;c:\windows\system32\DRIVERS\amppal.sys [2012-03-15 198144]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2012-06-25 272688]
R3 RTCore64;RTCore64;d:\msi afterburner\RTCore64.sys [2012-11-19 13368]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2012-11-18 30056]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2012-11-16 27800]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-11-24 283200]
S1 HssDRV6;Hotspot Shield Routing Driver 6;c:\windows\system32\DRIVERS\hssdrv6.sys [2012-11-15 42248]
S1 nvkflt;nvkflt;c:\windows\system32\DRIVERS\nvkflt.sys [2012-11-18 284008]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-03-15 659976]
S2 AntiVirSchedulerService;Avira Planer;d:\programme\avira\Avira\AntiVir Desktop\sched.exe [2012-12-04 85280]
S2 AntiVirWebService;Avira Browser-Schutz;d:\programme\avira\Avira\AntiVir Desktop\AVWEBGRD.EXE [2012-12-04 565024]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-04-23 135952]
S2 hshld;Hotspot Shield Service;c:\program files (x86)\Hotspot Shield\bin\openvpnas.exe [2012-11-15 527728]
S2 HssWd;Hotspot Shield Monitoring Service;c:\program files (x86)\Hotspot Shield\bin\hsswd.exe [2012-11-15 389488]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-11-18 382824]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [2012-06-25 3325232]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed - Virtueller Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys [2012-03-15 198144]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2011-09-13 95744]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2011-09-13 212992]
S3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys [2012-11-15 40712]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IntelPROSet"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2012-06-25 4802864]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-10-10 171040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-10-10 399392]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-10-10 441888]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: Nach Microsoft E&xel exportieren - d:\progra~1\Office12\EXCEL.EXE/3000
LSP: d:\programme\avira\Avira\AntiVir Desktop\avsda.dll
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Roy\AppData\Roaming\Mozilla\Firefox\Profiles\50atw7lq.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://de-de.facebook.com/
FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=AVR-4&o=APN10261&locale=de_DE&apn_uid=56bce785-82cd-4f6e-9383-4d8af298bcf8&apn_ptnrs=%5EAGS&apn_sauid=980322AE-BC2F-4FA0-BE19-2A22F04C6253&apn_dtid=%5EYYYYYY%5EYY%5EDE&&q=
FF - ExtSQL: 2012-12-09 03:44; afurladvisor@anchorfree.com; d:\programme\extensions\afurladvisor@anchorfree.com
FF - ExtSQL: 2012-12-09 23:50; support@Senseless.TV; c:\users\Roy\AppData\Roaming\SenselessTV\ffextension
FF - ExtSQL: 2013-01-13 19:43; toolbar@ask.com; c:\users\Roy\AppData\Roaming\Mozilla\Firefox\Profiles\50atw7lq.default\extensions\toolbar@ask.com
FF - ExtSQL: !HIDDEN! 2012-12-09 23:50; support@Senseless.TV; c:\users\Roy\AppData\Roaming\SenselessTV\ffextension
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-3912144494-1747458312-3632173641-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:16,81,ea,54,29,56,57,d5,a1,1c,04,b4,90,92,05,67,8a,81,38,e2,2f,dc,8b,
a4,34,7c,96,b4,f0,ff,15,ca,09,2d,e2,30,9f,ef,f3,9a,14,1b,14,61,e9,0b,1b,06,\
"??"=hex:b4,d0,75,48,79,14,2d,d9,dd,ea,e5,3f,40,40,a8,e9
.
[HKEY_USERS\S-1-5-21-3912144494-1747458312-3632173641-1000\Software\SecuROM\License information*]
"datasecu"=hex:a7,f4,c8,37,b8,fa,da,42,e5,44,63,d9,02,3f,54,a2,36,5b,bb,f5,3b,
bf,5b,ac,65,79,60,39,ea,8f,2e,94,f4,12,13,fb,ae,b9,ec,cb,aa,a8,ae,c9,09,1c,\
"rkeysecu"=hex:95,f4,20,b2,ec,e2,c2,c8,f6,1d,42,f4,aa,93,66,36
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
d:\programme\avira\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
c:\program files (x86)\Hotspot Shield\bin\openvpntray.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-01-15 23:18:12 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2013-01-15 22:18
.
Vor Suchlauf: 7.025.311.744 Bytes frei
Nach Suchlauf: 7.680.811.008 Bytes frei
.
- - End Of File - - 9739C03671317F38868E37B5E4B78D46 |