Battlecry | 20.07.2013 18:34 | Hallo ryder, hier einmal der ComboFix Log: Code:
ComboFix 13-07-20.03 - Dean 20.07.2013 19:29:17.1.8 - x64
Microsoft Windows 8 6.2.9200.0.1252.49.1031.18.16342.14259 [GMT 2:00]
ausgeführt von:: c:\users\Dean\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\IsUn0407.exe
c:\windows\SysWow64\frapsvid.dll
c:\windows\SysWow64\tmpB246.tmp
c:\windows\wininit.ini
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-06-20 bis 2013-07-20 ))))))))))))))))))))))))))))))
.
.
2013-07-20 17:31 . 2013-07-20 17:31 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-07-20 14:24 . 2013-07-20 14:25 101 ----a-w- c:\windows\DeleteOnReboot.bat
2013-07-19 15:28 . 2013-07-19 15:28 -------- d-----w- c:\program files (x86)\Common Files\BattlEye
2013-07-19 15:18 . 2013-07-19 15:18 -------- d-----w- c:\users\Dean\AppData\Local\DayZCommander
2013-07-19 15:18 . 2013-07-19 15:18 -------- d-----w- c:\program files (x86)\Dotjosh Studios
2013-07-19 15:15 . 2013-07-19 15:15 -------- d-----w- c:\windows\SysWow64\searchplugins
2013-07-19 15:15 . 2013-07-19 15:15 -------- d-----w- c:\windows\SysWow64\Extensions
2013-07-19 15:01 . 2013-07-19 15:01 -------- d-----w- c:\users\Dean\AppData\Local\ArmA 2
2013-07-19 14:59 . 2013-07-20 15:44 -------- d-----w- c:\users\Dean\AppData\Local\ArmA 2 OA
2013-07-19 12:26 . 2013-06-01 09:25 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2013-07-19 12:26 . 2013-06-01 09:23 1842176 ----a-w- c:\windows\SysWow64\dwmcore.dll
2013-07-18 19:13 . 2013-07-18 19:13 -------- d-----w- c:\users\Dean\AppData\Roaming\DownLite
2013-07-18 19:12 . 2013-07-18 19:12 -------- d-----w- c:\program files (x86)\hosts
2013-07-18 15:12 . 2013-05-15 22:35 144384 ----a-w- c:\windows\system32\tssdisai.dll
2013-07-14 15:25 . 2013-07-14 15:25 -------- d-----w- c:\users\Dean\AppData\Local\Sniper Elite Zombie Army
2013-07-14 12:57 . 2013-07-14 12:57 -------- d-----w- c:\users\Dean\AppData\Local\The Witcher 2
2013-07-13 11:48 . 2013-07-13 11:48 -------- d-sh--w- c:\programdata\SecuROM
2013-07-13 11:44 . 2013-07-13 11:45 -------- d-----w- c:\users\Dean\AppData\Local\Rockstar Games
2013-07-13 11:44 . 2013-07-13 11:44 -------- d--h--r- c:\users\Dean\AppData\Roaming\SecuROM
2013-07-13 11:44 . 2013-07-13 11:44 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2013-07-12 15:06 . 2013-04-11 04:12 1029632 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Ink\journal.dll
2013-07-12 15:06 . 2013-04-11 04:12 1413632 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Ink\InkObj.dll
2013-07-12 15:06 . 2013-04-10 22:35 1617920 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2013-07-12 15:06 . 2013-04-10 22:35 2035200 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\InkObj.dll
2013-07-12 15:06 . 2013-04-10 22:35 1318912 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2013-07-12 15:06 . 2013-04-10 22:35 1306112 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2013-07-12 15:06 . 2013-04-10 22:35 1272320 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2013-07-12 15:06 . 2013-06-01 09:25 496640 ----a-w- c:\windows\SysWow64\qedit.dll
2013-07-12 15:06 . 2013-06-01 09:21 595968 ----a-w- c:\windows\system32\qedit.dll
2013-07-12 15:06 . 2013-05-30 23:14 4036096 ----a-w- c:\windows\system32\win32k.sys
2013-07-12 15:06 . 2013-04-11 22:30 1421312 ----a-w- c:\windows\SysWow64\DWrite.dll
2013-07-12 15:06 . 2013-04-11 22:22 1838080 ----a-w- c:\windows\system32\DWrite.dll
2013-07-10 15:01 . 2013-07-10 15:01 -------- d-----w- c:\users\Dean\AppData\Local\Adobe
2013-07-09 16:03 . 2013-07-09 16:03 -------- d-----w- c:\program files (x86)\SystemRequirementsLab
2013-07-09 16:01 . 2013-07-09 16:01 -------- d-----w- c:\users\Dean\SystemRequirementsLab
2013-07-09 16:00 . 2013-07-09 16:00 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-07-09 16:00 . 2013-07-09 16:00 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-07-09 16:00 . 2013-07-09 16:00 867240 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-07-09 16:00 . 2013-07-09 16:00 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-07-09 16:00 . 2013-07-09 16:00 -------- d-----w- c:\program files (x86)\Java
2013-06-30 12:12 . 2013-06-30 12:12 -------- d-----w- c:\users\Dean\AppData\Roaming\Leadertech
2013-06-30 12:12 . 2013-06-30 12:12 -------- d-----w- c:\users\Dean\AppData\Local\Logitech
2013-06-30 12:12 . 2013-06-30 12:12 -------- d-----w- c:\programdata\LogiShrd
2013-06-30 12:12 . 2013-06-30 19:19 -------- d-----w- c:\program files\Logitech Gaming Software
2013-06-30 12:12 . 2013-06-30 12:12 -------- d-----w- c:\users\Dean\AppData\Roaming\Logitech
2013-06-30 12:12 . 2013-06-30 12:12 -------- d-----w- c:\users\Dean\AppData\Roaming\Logishrd
2013-06-29 20:39 . 2013-06-29 20:39 -------- d-----w- c:\users\Dean\AppData\Local\World in Conflict
2013-06-29 20:32 . 2013-06-29 20:32 -------- d-----w- c:\users\Dean\AppData\Roaming\InstallShield
2013-06-29 18:47 . 2013-06-29 18:47 2434856 ----a-w- c:\windows\SysWow64\pbsvc_bc2.exe
2013-06-29 16:57 . 2013-06-29 16:57 -------- d-----w- c:\program files (x86)\TeamViewer
2013-06-23 20:43 . 2013-06-26 20:17 -------- d-----w- c:\program files (x86)\DVDVideoSoft
2013-06-23 20:43 . 2013-06-26 20:17 -------- d-----w- c:\program files (x86)\Common Files\DVDVideoSoft
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-20 16:27 . 2013-06-01 21:43 282296 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-07-20 16:27 . 2013-03-09 02:32 282296 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-07-20 16:26 . 2013-03-08 22:45 215128 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2013-07-12 15:13 . 2013-03-09 02:12 78185248 ----a-w- c:\windows\system32\MRT.exe
2013-07-01 07:25 . 2013-05-11 15:32 83672 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2013-06-29 19:56 . 2013-06-01 21:43 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2013-06-27 22:04 . 2012-07-26 08:14 78200 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-27 22:04 . 2012-07-26 08:14 693112 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-30 23:24 . 2013-06-16 14:42 1257472 ----a-w- c:\windows\system32\kernel32.dll
2013-05-23 23:01 . 2013-06-16 14:42 1300992 ----a-w- c:\windows\system32\gdi32.dll
2013-05-23 22:27 . 2013-06-16 14:42 1022464 ----a-w- c:\windows\SysWow64\gdi32.dll
2013-05-20 14:33 . 2012-07-26 08:13 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-15 22:37 . 2013-06-16 14:39 44032 ----a-w- c:\windows\SysWow64\UXInit.dll
2013-05-15 22:35 . 2013-06-16 14:39 53760 ----a-w- c:\windows\system32\UXInit.dll
2013-05-15 02:25 . 2013-06-16 14:42 888320 ----a-w- c:\windows\system32\autochk.exe
2013-05-15 02:25 . 2013-06-16 14:42 542208 ----a-w- c:\windows\system32\untfs.dll
2013-05-15 02:24 . 2013-06-16 14:42 793088 ----a-w- c:\windows\SysWow64\autochk.exe
2013-05-15 02:24 . 2013-06-16 14:42 482816 ----a-w- c:\windows\SysWow64\untfs.dll
2013-05-14 13:14 . 2013-06-16 14:39 2706432 ----a-w- c:\windows\system32\mshtml.tlb
2013-05-14 09:23 . 2013-06-16 14:39 2706432 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-05-11 15:31 . 2013-03-08 17:52 17536 ----a-w- c:\programdata\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
2013-05-04 07:58 . 2013-06-16 14:41 120736 ----a-w- c:\windows\system32\AuthHost.exe
2013-05-04 07:34 . 2013-06-16 14:41 446720 ----a-w- c:\windows\system32\drivers\USBHUB3.SYS
2013-05-04 07:34 . 2013-06-16 14:41 284416 ----a-w- c:\windows\system32\drivers\spaceport.sys
2013-05-04 07:30 . 2013-06-16 14:41 58312 ----a-w- c:\windows\system32\wuauclt.exe
2013-05-04 06:59 . 2013-06-16 14:41 39424 ----a-w- c:\windows\system32\wuapp.exe
2013-05-04 06:59 . 2013-06-16 14:41 1483776 ----a-w- c:\windows\system32\VSSVC.exe
2013-05-04 06:59 . 2013-06-16 14:41 812544 ----a-w- c:\windows\system32\Magnify.exe
2013-05-04 06:59 . 2013-06-16 14:41 98304 ----a-w- c:\windows\system32\wudriver.dll
2013-05-04 06:59 . 2013-06-16 14:41 251904 ----a-w- c:\windows\system32\WUSettingsProvider.dll
2013-05-04 06:59 . 2013-06-16 14:41 141824 ----a-w- c:\windows\system32\wuwebv.dll
2013-05-04 06:59 . 2013-06-16 14:41 3241472 ----a-w- c:\windows\system32\wuaueng.dll
2013-05-04 06:59 . 2013-06-16 14:41 760320 ----a-w- c:\windows\system32\wuapi.dll
2013-05-04 06:59 . 2013-06-16 14:41 1619968 ----a-w- c:\windows\system32\wucltux.dll
2013-05-04 06:59 . 2013-06-16 14:41 13644288 ----a-w- c:\windows\system32\Windows.UI.Xaml.dll
2013-05-04 06:58 . 2013-06-16 14:41 10116096 ----a-w- c:\windows\system32\twinui.dll
2013-05-04 06:58 . 2013-06-16 14:41 328192 ----a-w- c:\windows\system32\ubpm.dll
2013-05-04 06:58 . 2013-06-16 14:41 1332736 ----a-w- c:\windows\system32\sysmain.dll
2013-05-04 06:58 . 2013-06-16 14:41 173568 ----a-w- c:\windows\system32\storewuauth.dll
2013-05-04 06:58 . 2013-06-16 14:41 330240 ----a-w- c:\windows\system32\stobject.dll
2013-05-04 06:58 . 2013-06-16 14:41 93696 ----a-w- c:\windows\system32\psmsrv.dll
2013-05-04 06:58 . 2013-06-16 14:41 470528 ----a-w- c:\windows\system32\netprofmsvc.dll
2013-05-04 06:58 . 2013-06-16 14:41 151552 ----a-w- c:\windows\system32\netprofm.dll
2013-05-04 06:58 . 2013-06-16 14:41 169984 ----a-w- c:\windows\system32\netplwiz.dll
2013-05-04 06:57 . 2013-06-16 14:41 17408 ----a-w- c:\windows\system32\muifontsetup.dll
2013-05-04 06:57 . 2013-06-16 14:41 560640 ----a-w- c:\windows\system32\mfmp4srcsnk.dll
2013-05-04 06:57 . 2013-06-16 14:41 501760 ----a-w- c:\windows\system32\DevicePairing.dll
2013-05-04 06:57 . 2013-06-16 14:41 179712 ----a-w- c:\windows\system32\bisrv.dll
2013-05-04 06:57 . 2013-06-16 14:41 122368 ----a-w- c:\windows\system32\biwinrt.dll
2013-05-04 06:57 . 2013-06-16 14:41 2305024 ----a-w- c:\windows\system32\authui.dll
2013-05-04 06:57 . 2013-06-16 14:41 389120 ----a-w- c:\windows\system32\BCP47Langs.dll
2013-05-04 06:57 . 2013-06-16 14:41 1131520 ----a-w- c:\windows\system32\AppXDeploymentServer.dll
2013-05-04 06:57 . 2013-06-16 14:41 708096 ----a-w- c:\windows\system32\AppXDeploymentExtensions.dll
2013-05-04 06:56 . 2013-06-16 14:41 419840 ----a-w- c:\windows\system32\intl.cpl
2013-05-04 04:58 . 2013-06-16 14:41 34304 ----a-w- c:\windows\SysWow64\wuapp.exe
2013-05-04 04:58 . 2013-06-16 14:41 758784 ----a-w- c:\windows\SysWow64\Magnify.exe
2013-05-04 04:58 . 2013-06-16 14:41 83968 ----a-w- c:\windows\SysWow64\wudriver.dll
2013-05-04 04:58 . 2013-06-16 14:41 125952 ----a-w- c:\windows\SysWow64\wuwebv.dll
2013-05-04 04:58 . 2013-06-16 14:41 621056 ----a-w- c:\windows\SysWow64\wuapi.dll
2013-05-04 04:57 . 2013-06-16 14:41 10788864 ----a-w- c:\windows\SysWow64\Windows.UI.Xaml.dll
2013-05-04 04:57 . 2013-06-16 14:41 8857088 ----a-w- c:\windows\SysWow64\twinui.dll
2013-05-04 04:57 . 2013-06-16 14:41 247296 ----a-w- c:\windows\SysWow64\ubpm.dll
2013-05-04 04:57 . 2013-06-16 14:41 303616 ----a-w- c:\windows\SysWow64\stobject.dll
2013-05-04 04:57 . 2013-06-16 14:41 18432 ----a-w- c:\windows\SysWow64\npmproxy.dll
2013-05-04 04:57 . 2013-06-16 14:41 151040 ----a-w- c:\windows\SysWow64\netplwiz.dll
2013-05-04 04:57 . 2013-06-16 14:41 115712 ----a-w- c:\windows\SysWow64\netprofm.dll
2013-05-04 04:57 . 2013-06-16 14:41 14336 ----a-w- c:\windows\SysWow64\muifontsetup.dll
2013-05-04 04:56 . 2013-06-16 14:41 411136 ----a-w- c:\windows\SysWow64\mfmp4srcsnk.dll
2013-05-04 04:56 . 2013-06-16 14:41 449536 ----a-w- c:\windows\SysWow64\DevicePairing.dll
2013-05-04 04:56 . 2013-06-16 14:41 92160 ----a-w- c:\windows\SysWow64\biwinrt.dll
2013-05-04 04:56 . 2013-06-16 14:41 2035712 ----a-w- c:\windows\SysWow64\authui.dll
2013-05-04 04:56 . 2013-06-16 14:41 309760 ----a-w- c:\windows\SysWow64\BCP47Langs.dll
2013-05-04 04:55 . 2013-06-16 14:41 389632 ----a-w- c:\windows\SysWow64\intl.cpl
2013-05-04 04:51 . 2013-06-16 14:41 14848 ----a-w- c:\windows\system32\rars.rs
2013-05-04 04:47 . 2013-06-16 14:41 427520 ----a-w- c:\windows\system32\drivers\rdbss.sys
2013-05-04 04:10 . 2013-06-16 14:41 14848 ----a-w- c:\windows\SysWow64\rars.rs
2013-05-01 16:19 . 2013-05-01 16:17 311968 ----a-w- c:\windows\system32\drivers\atksgt.sys
2013-05-01 16:17 . 2013-05-01 16:17 43168 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2013-04-28 22:28 . 2013-06-16 14:39 915968 ----a-w- c:\windows\system32\uxtheme.dll
2013-04-27 05:20 . 2013-06-16 14:39 733184 ----a-w- c:\windows\system32\win32spl.dll
2013-04-23 23:13 . 2013-06-16 14:39 1013248 ----a-w- c:\windows\SysWow64\certutil.exe
2013-04-23 23:12 . 2013-06-16 14:39 1569792 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-04-23 23:12 . 2013-06-16 14:39 109056 ----a-w- c:\windows\SysWow64\cryptnet.dll
2013-04-23 22:56 . 2013-06-16 14:39 1255936 ----a-w- c:\windows\system32\certutil.exe
2013-04-23 22:55 . 2013-06-16 14:39 68096 ----a-w- c:\windows\system32\cryptsvc.dll
2013-04-23 22:55 . 2013-06-16 14:39 1889280 ----a-w- c:\windows\system32\crypt32.dll
2013-04-23 22:55 . 2013-06-16 14:39 141312 ----a-w- c:\windows\system32\cryptnet.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="d:\programme\Steam\steam.exe" [2013-07-10 1672616]
"EADM"="d:\programme\Origin\Origin.exe" [2013-06-04 3456080]
"Facebook Update"="c:\users\Dean\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2013-05-18 138096]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2012-08-15 2994880]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-07-01 345144]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-05-15 152392]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2012-07-26 62976]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\progra~2\NVIDIA~1\3DVISI~1\nvStInit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
R3 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\System32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 ccSet_NARA;NARA Settings Manager;c:\windows\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\NARAx64\0401000.00E\ccSetx64.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDVDisk.sys [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 CCDMonitorService;CCDMonitorService;c:\program files (x86)\Acer\Acer Cloud\CCDMonitorService.exe;c:\program files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [x]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe;c:\windows\SYSNATIVE\IProsetMonitor.exe [x]
S2 iocbios2;iocbios2;c:\program files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys;c:\program files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 XTU3SERVICE;Intel(R) Extreme Tuning Utility Service;c:\program files (x86)\Intel\Extreme Tuning Utility\XtuService.exe;c:\program files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [x]
S3 AcpiCtlDrv;AcpiCtlDrv;c:\windows\System32\drivers\AcpiCtlDrv.sys;c:\windows\SYSNATIVE\drivers\AcpiCtlDrv.sys [x]
S3 ePowerSvc;ePower Service;c:\program files\Acer\Acer Power Management\ePowerSvc.exe;c:\program files\Acer\Acer Power Management\ePowerSvc.exe [x]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
S3 ICCWDT;Intel(R) Watchdog Timer Driver (Intel(R) WDT);c:\windows\System32\drivers\ICCWDT.sys;c:\windows\SYSNATIVE\drivers\ICCWDT.sys [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-07-13 10:27 1173456 ----a-w- c:\program files (x86)\Google\Chrome\Application\28.0.1500.72\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-07-20 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-04-28 15:01]
.
2013-05-18 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1833201039-3952551347-1159158854-1001Core1ce53fc8ef22827.job
- c:\users\Dean\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-05-18 19:19]
.
2013-07-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-03-08 18:30]
.
2013-07-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-03-08 18:30]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-07-02 12921488]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2013-04-24 7477016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\progra~2\NVIDIA~1\3DVISI~1\nvStInit64.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Free YouTube Download - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
TCP: DhcpNameServer = 192.168.2.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
AddRemove-553E35CD-0415-41bc-B39A-410375E88534 - c:\program files (x86)\Intel\ACPI Driver Installer\Uninstall\setup.exe
AddRemove-BattlEye for A2 - d:\programme\Steam\steamapps\common\Arma 2BattlEye\UnInstallBE.exe
AddRemove-Fraps - c:\fraps\uninstall.exe
AddRemove-Plus-HD-2.3 - c:\program files (x86)\Plus-HD-2.3\Uninstall.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc_bc2.exe
AddRemove-The Elder Scrolls V Skyrim Update 10 (1.7.7.0.6) Deutsche Version 1.00 - d:\programme\The Elder Scrolls V - Skyrim\Uninstall.exe
AddRemove-VGhlIEVsZGVyIFNjcm9sbHMgViBTa3lyaW0gRHJhZ29uYm9y~2F14EC6B_is1 - d:\programme\The Elder Scrolls V - Skyrim\The Elder Scrolls V Skyrim\unins000.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1833201039-3952551347-1159158854-1001CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\Software\SecuROM\License information*]
"datasecu"=hex:36,09,e8,d1,ef,92,e5,6a,62,d6,3b,f2,34,5a,fe,43,f2,ae,9a,80,3e,
b9,eb,6d,2a,87,2d,d6,cf,86,ff,48,44,8d,9a,06,18,e9,e0,da,1c,91,81,17,14,6b,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B9A09F18-45AB-4F09-A117-A4ADDA8FA8C8}]
@Denied: (A) (Everyone)
"Solution"="{36eb6792-3a29-43b3-8cd0-f67d266fb426}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane\0]
"Key"="ActionsPane"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\8.0\\ActionsPane.xsd"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
Zeit der Fertigstellung: 2013-07-20 19:31:56
ComboFix-quarantined-files.txt 2013-07-20 17:31
.
Vor Suchlauf: 8 Verzeichnis(se), 59.281.850.368 Bytes frei
Nach Suchlauf: 13 Verzeichnis(se), 59.166.576.640 Bytes frei
.
- - End Of File - - 65E56567322F4BA0777CB358588576CF
D41D8CD98F00B204E9800998ECF8427E |