Reparatur hab ich noch nicht versucht.
Krieg immer die meldung "seite konnte nicht gefunden werden."
Grad bin ich aber nicht am rechner. Ich probiers morgen nochmal so wie im cf tutorial beschrieben und meld mich dann wieder.
Vielen dank einstweilen und gute n8.
Hi,
Das sieht alles gar nicht gut aus. Reparieren hat nix gebracht.
Zusätzlich kann man bitdefender nun nach dem neustart nicht mal megr einschalten
Hi,
Das sieht alles gar nicht gut aus. Reparieren hat nix gebracht. Zusätzlich kann man bitdefender nun nach dem neustart nicht mal mehr einschalten
Hi,
Das sieht alles gar nicht gut aus. Reparieren hat nix gebracht. Zusätzlich kann man bitdefender nun nach dem neustart nicht mal mehr einschalten
Hi,
Das sieht alles gar nicht gut aus. Reparieren hat nix gebracht. Zusätzlich kann man bitdefender nun nach dem neustart nicht mal mehr einschalten.
Hi,
sitz jetzt wieder an dem betroffenen Rechner. Mache derzeit einen Scan mit Knopicilin. Die Reparatur des WLAN-Adapters hat keine Besserung gebracht.
Es gibt nun zusätzlich folgendes Problem: Bitdefender lässt sich nun überhaupt nicht mehr aktivieren.
Ich poste mal das CF Log Code:
ComboFix 13-02-26.01 - steaf 27.02.2013 16:54:06.3.2 - x86 MINIMAL
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.49.1031.18.3070.2149 [GMT 1:00]
ausgeführt von:: c:\users\steaf\Desktop\ComboFix.exe
AV: Bitdefender Virenschutz *Disabled/Outdated* {9B5F5313-CAF9-DD97-C460-E778420237B4}
FW: Bitdefender Firewall *Disabled* {A364D236-8096-DCCF-EF3F-4E4DBCD170CF}
SP: Bitdefender Spyware-Schutz *Disabled/Outdated* {203EB2F7-ECC3-D219-FED0-DC0A39857D09}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\drivers\ati4irxx.sys
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-01-27 bis 2013-02-27 ))))))))))))))))))))))))))))))
.
.
2013-02-27 16:04 . 2013-02-27 16:12 -------- d-----w- c:\users\steaf\AppData\Local\temp
2013-02-27 16:04 . 2013-02-27 16:04 -------- d-----w- c:\users\TRAKTOR\AppData\Local\temp
2013-02-27 16:04 . 2013-02-27 16:04 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-02-27 16:04 . 2013-02-27 16:04 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2013-02-27 13:42 . 2013-02-27 13:42 -------- d-----w- c:\program files\ESET
2013-02-27 13:38 . 2012-12-14 15:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-02-26 19:32 . 2013-01-13 19:53 187392 ----a-w- c:\windows\system32\UIAnimation.dll
2013-02-21 14:54 . 2010-10-12 23:10 189760 ----a-w- c:\windows\system32\bmidilib.dll
2013-02-21 14:52 . 2010-10-12 23:10 27720 ----a-w- c:\windows\system32\drivers\bomebus.sys
2013-02-21 14:52 . 2010-10-12 23:10 24136 ----a-w- c:\windows\system32\drivers\bomemidi.sys
2013-02-21 14:52 . 2013-02-21 14:52 -------- d-----w- c:\program files\Bome's Virtual MIDI Port
2013-02-21 14:52 . 2013-02-21 14:52 -------- d-----w- c:\program files\Bonjour
2013-02-21 14:51 . 2013-02-21 14:51 -------- d-----w- c:\program files\TouchOSC Bridge
2013-02-21 11:19 . 2013-02-21 16:12 -------- d-----w- c:\program files\Mozilla Thunderbird
2013-02-20 22:35 . 2013-02-21 00:56 -------- d-----w- c:\program files\Tobias Erichsen
2013-02-20 22:34 . 2013-02-20 22:34 -------- d-----w- c:\program files\Bonjour Print Services
2013-02-19 21:20 . 2013-02-19 21:20 -------- d-----w- c:\program files\Common Files\Java
2013-02-19 21:20 . 2013-02-19 21:19 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-02-19 10:30 . 2013-02-05 16:52 821824 ----a-w- c:\windows\system32\dgderapi.dll
2013-02-17 17:13 . 2013-02-17 17:13 -------- d-----w- c:\users\steaf\AppData\Local\bdch
2013-02-17 17:12 . 2013-02-17 17:12 -------- d-----w- c:\programdata\bdch
2013-02-15 22:31 . 2013-02-15 22:31 186432 ----a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll
2013-02-13 10:02 . 2013-01-08 22:01 768000 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-13 09:53 . 2013-01-05 05:00 3967848 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-02-13 09:53 . 2013-01-05 05:00 3913064 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-02-13 09:51 . 2013-01-03 05:05 1293672 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-02-13 09:51 . 2013-01-03 05:04 187752 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2013-02-13 09:51 . 2013-01-04 03:00 2347008 ----a-w- c:\windows\system32\win32k.sys
2013-02-13 09:51 . 2013-01-04 04:50 169984 ----a-w- c:\windows\system32\winsrv.dll
2013-02-07 13:46 . 2013-02-07 13:46 -------- d-----w- c:\users\steaf\AppData\Local\PDF24
2013-02-07 13:45 . 2013-02-07 13:46 -------- d-----w- c:\program files\PDF24
2013-02-06 17:33 . 2013-02-06 17:33 -------- d-----w- c:\program files\Evernote
2013-02-06 06:42 . 2013-02-06 06:42 83864 ----a-w- c:\windows\system32\drivers\ssudbus.sys
2013-02-06 06:42 . 2013-02-06 06:42 181784 ----a-w- c:\windows\system32\drivers\ssudmdm.sys
2013-02-05 16:52 . 2013-02-05 16:52 90112 ----a-w- c:\windows\MAMCityDownload.ocx
2013-02-05 16:52 . 2013-02-05 16:52 330240 ----a-w- c:\windows\MASetupCaller.dll
2013-02-05 16:52 . 2013-02-05 16:52 30568 ----a-w- c:\windows\MusiccityDownload.exe
2013-01-31 10:24 . 2013-01-31 10:24 -------- d-----w- c:\users\TRAKTOR\AppData\Local\Macromedia
2013-01-31 10:22 . 2013-01-31 10:22 -------- d-----w- c:\users\TRAKTOR\AppData\Local\Mozilla
2013-01-31 09:21 . 2013-01-31 09:21 -------- d-----w- c:\users\TRAKTOR\AppData\Roaming\OpenOffice.org
2013-01-31 09:15 . 2013-01-31 09:15 -------- d-----w- c:\users\TRAKTOR\AppData\Roaming\Bitdefender
2013-01-29 10:48 . 2012-04-17 12:40 72704 ----a-w- c:\windows\system32\drivers\bdvedisk.sys
2013-01-29 10:48 . 2013-01-30 20:38 66392 ----a-w- c:\windows\system32\drivers\bdsandbox.sys
2013-01-29 10:48 . 2012-07-06 13:13 77192 ----a-w- c:\windows\system32\drivers\BdfNdisf6.sys
2013-01-29 10:48 . 2007-04-11 09:11 511328 ----a-w- c:\windows\capicom.dll
2013-01-29 10:48 . 2012-11-02 12:17 242504 ----a-w- c:\windows\system32\drivers\avchv.sys
2013-01-29 10:48 . 2013-01-30 20:38 482928 ----a-w- c:\windows\system32\drivers\avckf.sys
2013-01-29 10:48 . 2013-01-30 20:38 625128 ----a-w- c:\windows\system32\drivers\avc3.sys
2013-01-29 10:47 . 2013-01-29 16:55 -------- d-----w- c:\users\steaf\AppData\Roaming\Bitdefender
2013-01-29 10:47 . 2013-01-29 10:50 -------- d-----w- c:\programdata\Bitdefender
2013-01-29 10:44 . 2012-08-29 16:24 161312 ----a-w- c:\windows\system32\drivers\gzflt.sys
2013-01-29 10:44 . 2012-10-31 11:13 343456 ----a-w- c:\windows\system32\drivers\trufos.sys
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-19 21:19 . 2012-06-25 05:28 861088 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-02-19 21:19 . 2010-05-14 06:40 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-02-18 10:35 . 2011-05-19 18:30 22528 ----a-w- c:\windows\system32\drivers\nhcDriver.sys
2013-02-10 18:49 . 2012-04-09 11:00 697712 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-02-10 18:49 . 2011-05-21 07:50 74096 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-02-05 16:53 . 2012-07-28 08:48 4659712 ----a-w- c:\windows\system32\Redemption.dll
2013-01-31 18:41 . 2012-07-24 19:16 83872 ----a-w- c:\windows\system32\drivers\atksgt.sys
2013-01-31 18:41 . 2012-07-24 19:16 25888 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2013-01-24 02:36 . 2012-08-04 08:39 42971 ----a-w- c:\windows\system32\pdreceive.exe
2013-01-24 02:36 . 2012-08-04 08:39 35836 ----a-w- c:\windows\system32\pdsend.exe
2012-12-28 09:01 . 2012-08-04 08:39 37587 ----a-w- c:\windows\system32\cyclist.exe
2012-12-16 14:13 . 2012-12-27 11:33 295424 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-27 11:33 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-07 12:26 . 2013-01-09 11:26 308736 ----a-w- c:\windows\system32\Wpc.dll
2012-12-07 12:20 . 2013-01-09 11:26 2576384 ----a-w- c:\windows\system32\gameux.dll
2012-12-07 10:46 . 2013-01-09 11:26 43520 ----a-w- c:\windows\system32\csrr.rs
2012-12-07 10:46 . 2013-01-09 11:26 30720 ----a-w- c:\windows\system32\usk.rs
2012-12-07 10:46 . 2013-01-09 11:26 45568 ----a-w- c:\windows\system32\oflc-nz.rs
2012-12-07 10:46 . 2013-01-09 11:26 44544 ----a-w- c:\windows\system32\pegibbfc.rs
2012-12-07 10:46 . 2013-01-09 11:26 20480 ----a-w- c:\windows\system32\pegi-pt.rs
2012-12-07 10:46 . 2013-01-09 11:26 23552 ----a-w- c:\windows\system32\oflc.rs
2012-12-07 10:46 . 2013-01-09 11:26 20480 ----a-w- c:\windows\system32\pegi-fi.rs
2012-12-07 10:46 . 2013-01-09 11:26 46592 ----a-w- c:\windows\system32\fpb.rs
2012-12-07 10:46 . 2013-01-09 11:26 20480 ----a-w- c:\windows\system32\pegi.rs
2012-12-07 10:46 . 2013-01-09 11:26 21504 ----a-w- c:\windows\system32\grb.rs
2012-12-07 10:46 . 2013-01-09 11:26 40960 ----a-w- c:\windows\system32\cob-au.rs
2012-12-07 10:46 . 2013-01-09 11:26 15360 ----a-w- c:\windows\system32\djctq.rs
2012-12-07 10:46 . 2013-01-09 11:26 55296 ----a-w- c:\windows\system32\cero.rs
2012-12-07 10:46 . 2013-01-09 11:26 51712 ----a-w- c:\windows\system32\esrb.rs
2012-11-30 04:47 . 2013-01-09 11:27 293376 ----a-w- c:\windows\system32\KernelBase.dll
2012-11-30 04:45 . 2013-01-09 11:27 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 11:27 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 11:27 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 11:27 4096 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 11:27 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 11:27 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 11:27 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 11:27 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 11:27 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 11:27 3584 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 11:27 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 11:27 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 11:27 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 11:27 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 11:26 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 11:26 3072 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 11:27 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 11:27 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 11:27 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 11:27 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 11:27 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 11:27 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 11:27 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 11:26 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-11-30 02:55 . 2013-01-09 11:27 271360 ----a-w- c:\windows\system32\conhost.exe
2012-11-30 02:38 . 2013-01-09 11:26 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-11-30 02:38 . 2013-01-09 11:26 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 02:38 . 2013-01-09 11:26 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 02:38 . 2013-01-09 11:26 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-02-20 16:14 . 2013-02-20 16:13 263064 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
Kryptografiedienst Fehler !!
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\steaf\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\steaf\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\steaf\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox1]
@="{152C96EB-288E-4EDC-B7C6-D21F8250ADF3}"
[HKEY_CLASSES_ROOT\CLSID\{152C96EB-288E-4EDC-B7C6-D21F8250ADF3}]
2012-10-18 16:25 240920 ----a-w- c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox2]
@="{342DAA0B-D796-460D-8566-901E08A1CCAD}"
[HKEY_CLASSES_ROOT\CLSID\{342DAA0B-D796-460D-8566-901E08A1CCAD}]
2012-10-18 16:25 240920 ----a-w- c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox3]
@="{57595DAE-1AE1-4D97-A49E-67CBB53B52DF}"
[HKEY_CLASSES_ROOT\CLSID\{57595DAE-1AE1-4D97-A49E-67CBB53B52DF}]
2012-10-18 16:25 240920 ----a-w- c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox4]
@="{33816773-98AE-4723-ADE0-EBE54C8B5A67}"
[HKEY_CLASSES_ROOT\CLSID\{33816773-98AE-4723-ADE0-EBE54C8B5A67}]
2012-10-18 16:25 240920 ----a-w- c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]
"SandboxieControl"="c:\program files\Sandboxie\SbieCtrl.exe" [2012-02-06 451856]
"KiesPreload"="c:\program files\Samsung\Kies\Kies.exe" [2013-02-13 1509232]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-08-28 1557800]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2012-12-18 38112]
"VirtualCloneDrive"="c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2011-03-07 89456]
"IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-11-05 283160]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-03-06 13605408]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-03-06 92704]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2000-01-01 10996368]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-10-25 421888]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-10-11 59280]
"Bdagent"="c:\program files\Bitdefender\Bitdefender 2013\bdagent.exe" [2013-01-30 1615368]
"PDFPrint"="c:\program files\PDF24\pdf24.exe" [2012-12-12 163000]
"NotebookHardwareControl"="c:\program files\Notebook Hardware Control\nhc.exe" [2007-05-04 2629632]
"KiesTrayAgent"="c:\program files\Samsung\Kies\KiesTrayAgent.exe" [2013-02-13 310128]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
c:\users\steaf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\steaf\AppData\Roaming\Dropbox\bin\Dropbox.exe [2013-1-20 28539272]
EvernoteClipper.lnk - c:\program files\Evernote\Evernote\EvernoteClipper.exe [2013-1-29 1078624]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2011-5-12 894240]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"midi1"=myokent.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-12-03 07:35 946352 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2012-10-11 20:56 59280 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Bonus.SSR.FR11]
2011-08-30 21:43 925960 ----a-w- c:\program files\ABBYY FineReader 11\Bonus.ScreenshotReader.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cisco AnyConnect Secure Mobility Agent for Windows]
2012-08-03 19:52 685048 ----a-w- c:\program files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
2012-07-11 20:51 138096 ----atw- c:\users\steaf\AppData\Local\Facebook\Update\FacebookUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KeePass 2 PreLoad]
2010-09-05 08:30 1655296 ----a-w- c:\program files\KeePass Password Safe 2\KeePass.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR]
2013-02-13 18:38 844144 ----a-w- c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload]
2013-02-13 18:38 1509232 ----a-w- c:\program files\Samsung\Kies\Kies.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
2013-02-13 18:38 310128 ----a-w- c:\program files\Samsung\Kies\KiesTrayAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NotebookHardwareControl]
2007-05-04 00:33 2629632 ----a-w- c:\program files\Notebook Hardware Control\nhc.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2009-03-06 09:52 13605408 ----a-w- c:\windows\System32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2009-03-06 09:52 92704 ----a-w- c:\windows\System32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2012-10-25 02:12 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-07-03 08:04 252848 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS fdrespub AppIDSvc QWAVE wcncsvc Mcx2Svc SensrSvc
GPSvcGroup REG_MULTI_SZ GPSvc
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
.
Inhalt des "geplante Tasks" Ordners
.
2013-02-27 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-09 18:49]
.
2013-02-26 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3663126332-4148620046-1305769861-1001Core.job
- c:\users\steaf\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-02-08 20:51]
.
2013-02-27 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3663126332-4148620046-1305769861-1001UA.job
- c:\users\steaf\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-02-08 20:51]
.
2013-02-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-28 19:31]
.
2013-02-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-28 19:31]
.
2013-02-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3663126332-4148620046-1305769861-1001Core.job
- c:\users\steaf\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-08 14:37]
.
2013-02-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3663126332-4148620046-1305769861-1001UA.job
- c:\users\steaf\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-08 14:37]
.
.
------- Zusätzlicher Suchlauf -------
.
mStart Page = about:blank
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Citavi Picker... - file://c:\programdata\Swiss Academic Software\Citavi Picker\Internet Explorer\ShowContextMenu.html
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: An vorhandene PDF-Datei anfügen - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Bild an &Bluetooth-Gerät senden... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
IE: Free YouTube Download - c:\users\steaf\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - c:\users\steaf\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Linkziel an vorhandene PDF-Datei anhängen - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Linkziel in Adobe PDF konvertieren - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Neue Notiz - c:\program files\Evernote\Evernote\\EvernoteIERes\NewNote.html
IE: Seite an &Bluetooth-Gerät senden... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie.htm
IE: Zu Evernote 4 hinzufügen - c:\program files\Evernote\Evernote\\EvernoteIERes\Clip.html
Trusted Zone: uni-frankfurt.de\vpn-einwahl
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{13F2E3EC-45EA-41E7-A5AC-5EB6C31FD282}\75C414E4D2030313144364136413035433: DhcpNameServer = 192.168.2.1
DPF: {816BE035-1450-40D0-8A3B-BA7825A83A77} - hxxp://support.lenovo.com/Resources/Lenovo/AutoDetect/Lenovo_AutoDetect2.cab
FF - ProfilePath - c:\users\steaf\AppData\Roaming\Mozilla\Firefox\Profiles\q7w4xs56.default\
.
.
------- Dateityp-Verknüpfung -------
.
vbefile\shell\open2\command="%SystemRoot%\System32\CScript.exe" "%1" %*
vbsfile\shell\open2\command="%SystemRoot%\System32\CScript.exe" "%1" %*
jsefile\shell\open2\command=c:\windows\System32\CScript.exe "%1" %*
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKCU-Run-ALBATTTOOL - c:\program files\AkkuLine.de\AkkuLine Batterie-Tool\AL-Batterie-Tool.exe
HKCU-Run-KiesAirMessage - c:\program files\Samsung\Kies\KiesAirMessage.exe
MSConfigStartUp-Acrobat Assistant 8 - c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe
MSConfigStartUp-Adobe Acrobat Speed Launcher - c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe
MSConfigStartUp-AllShareAgent - c:\program files\Samsung\AllShare\AllShareAgent.exe
MSConfigStartUp-DriverMax_RESTART - c:\program files\Innovative Solutions\DriverMax\devices.exe
MSConfigStartUp-GMX MediaCenter Syncmanager - c:\users\steaf\AppData\Roaming\GMX\GMX MediaCenter Syncmanager\SmartDriveSync.exe
MSConfigStartUp-KiesAirMessage - c:\program files\Samsung\Kies\KiesAirMessage.exe
MSConfigStartUp-MWS Reader 4 - c:\program files\MWS Reader 4\mwsr4.exe
AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'Explorer.exe'(4776)
c:\users\steaf\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
c:\program files\Lenovo\Bluetooth Software\btmmhook.dll
c:\windows\system32\SAMLIB.dll
c:\windows\system32\samcli.dll
c:\windows\system32\netutils.dll
c:\windows\system32\MPR.dll
c:\windows\System32\nlaapi.dll
c:\program files\Lenovo\Bluetooth Software\btncopy.dll
c:\windows\system32\dhcpcsvc.DLL
c:\windows\system32\dhcpcsvc6.DLL
c:\windows\system32\Wlanapi.dll
c:\windows\system32\wlanutil.dll
c:\windows\System32\netprofm.dll
c:\windows\system32\wkscli.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files\Bitdefender\Bitdefender 2013\vsserv.exe
c:\windows\system32\nvvsvc.exe
c:\program files\Sandboxie\SbieSvc.exe
c:\windows\system32\rundll32.exe
c:\program files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
c:\windows\system32\WLANExt.exe
c:\windows\system32\conhost.exe
c:\program files\ABBYY FineReader 11\NetworkLicenseServer.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Lenovo\Bluetooth Software\btwdins.exe
c:\program files\Intel\WiFi\bin\EvtEng.exe
c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
c:\program files\Notebook Hardware Control\nhcservice.exe
c:\program files\Common Files\Intel\WirelessCommon\RegSrvc.exe
c:\program files\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe
c:\program files\TeamViewer\Version7\TeamViewer_Service.exe
c:\program files\Bitdefender\Bitdefender 2013\updatesrv.exe
c:\program files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe
c:\windows\System32\WUDFHost.exe
c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\windows\System32\rundll32.exe
c:\program files\Synaptics\SynTP\SynTPHelper.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-02-27 17:18:10 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2013-02-27 16:18
.
Vor Suchlauf: 4.899.651.584 Bytes frei
Nach Suchlauf: 4.598.808.576 Bytes frei
.
- - End Of File - - 2B15A719F2787DCA81DB2B901287E899
WARUM hängt das Forum meine weiteren Beiträge denn immer an den letzten an und macht keinen neuen?? Außerdem kann ich keine alten Beiträge editieren!!
Versteh ich nicht | 
TDSSKiller.exe und speichere diese Datei auf dem Desktop
WARNUNG an die MITLESER: