Code:
ComboFix 13-07-23.01 - Theo Hulok 23.07.2013 16:56:36.1.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.6127.3750 [GMT 2:00]
ausgeführt von:: c:\users\Theo Hulok\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\STF3FF2.tmp
C:\Thumbs.db
c:\users\Theo Hulok\AppData\Local\TempDIR
c:\windows\IsUn0407.exe
c:\windows\security\Database\tmp.edb
c:\windows\SysWow64\frapsvid.dll
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-06-23 bis 2013-07-23 ))))))))))))))))))))))))))))))
.
.
2013-07-23 15:02 . 2013-07-23 15:02 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E4B274CD-894C-4E57-92E4-75A945FFEBB1}\offreg.dll
2013-07-23 15:02 . 2013-07-23 15:02 -------- d-----w- c:\users\Mcx1-THEOHULOK-HP\AppData\Local\temp
2013-07-23 15:02 . 2013-07-23 15:02 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-07-23 10:16 . 2013-07-23 10:16 -------- d-----w- C:\FRST
2013-07-21 16:01 . 2013-07-21 16:01 -------- d-----w- c:\users\Theo Hulok\AppData\Roaming\Snz
2013-07-20 18:35 . 2013-07-02 08:34 9460976 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E4B274CD-894C-4E57-92E4-75A945FFEBB1}\mpengine.dll
2013-07-11 13:29 . 2013-05-27 05:50 1011712 ----a-w- c:\program files\Windows Defender\MpSvc.dll
2013-07-11 13:29 . 2013-05-27 05:50 571904 ----a-w- c:\program files\Windows Defender\MpClient.dll
2013-07-11 13:29 . 2013-05-27 05:50 314880 ----a-w- c:\program files\Windows Defender\MpCommu.dll
2013-07-11 13:29 . 2013-05-27 04:57 4608 ----a-w- c:\program files (x86)\Windows Defender\MsMpLics.dll
2013-07-11 13:29 . 2013-05-27 04:57 54784 ----a-w- c:\program files (x86)\Windows Defender\MpOAV.dll
2013-07-11 13:29 . 2013-05-27 04:57 392704 ----a-w- c:\program files (x86)\Windows Defender\MpClient.dll
2013-07-11 13:29 . 2013-05-27 03:15 9216 ----a-w- c:\program files (x86)\Windows Defender\MpAsDesc.dll
2013-07-11 13:29 . 2013-06-04 06:00 624128 ----a-w- c:\windows\system32\qedit.dll
2013-07-11 13:29 . 2013-06-04 04:53 509440 ----a-w- c:\windows\SysWow64\qedit.dll
2013-07-11 13:29 . 2013-05-06 06:03 1887744 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-07-11 13:29 . 2013-05-06 04:56 1620480 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2013-07-11 13:27 . 2013-06-05 03:34 3153920 ----a-w- c:\windows\system32\win32k.sys
2013-07-11 13:27 . 2013-04-10 05:48 1732608 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2013-07-11 13:27 . 2013-04-10 05:46 1402880 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2013-07-11 13:27 . 2013-04-10 05:46 1393152 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2013-07-11 13:27 . 2013-04-10 05:46 1367040 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2013-07-11 13:27 . 2013-04-10 05:03 936448 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2013-07-10 22:51 . 2013-04-09 23:34 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll
2013-07-10 22:51 . 2013-04-02 22:51 1643520 ----a-w- c:\windows\system32\DWrite.dll
2013-07-03 15:38 . 2013-07-21 16:01 -------- d-----w- c:\users\Theo Hulok\AppData\Roaming\Intermediate
2013-07-03 15:38 . 2013-07-03 15:38 -------- d-----w- c:\users\Theo Hulok\AppData\Roaming\DataMgr
2013-07-03 15:38 . 2013-07-03 15:38 -------- d-----w- c:\users\Theo Hulok\AppData\Roaming\SSync
2013-07-03 15:38 . 2013-07-03 15:38 -------- d-----w- c:\users\Theo Hulok\AppData\Roaming\SCheck
2013-07-03 15:34 . 2013-07-03 15:34 -------- d-----w- c:\program files (x86)\Common Files\Screaming Bee
2013-07-03 15:31 . 2013-07-03 15:31 -------- d-----w- c:\users\Theo Hulok\AppData\Roaming\PiccShare
2013-07-03 15:31 . 2013-07-03 15:31 -------- d-----w- c:\users\Theo Hulok\AppData\Roaming\Common
2013-07-01 23:28 . 2013-07-01 23:29 -------- d-----w- c:\programdata\SUPERSetup
2013-07-01 21:15 . 2013-07-01 21:15 -------- d-----w- c:\users\Theo Hulok\AppData\Local\Sony Online Entertainment
2013-06-28 11:21 . 2013-06-28 11:21 -------- d-----w- c:\program files (x86)\MSECache
2013-06-26 23:07 . 2013-06-26 23:07 -------- d-----w- c:\programdata\ATI
2013-06-26 23:06 . 2013-06-26 23:06 -------- d-----w- c:\program files (x86)\AMD AVT
2013-06-26 21:36 . 2013-06-26 21:38 -------- d-----w- c:\programdata\WarThunder
2013-06-26 21:36 . 2013-06-26 21:36 -------- d-----w- c:\users\Theo Hulok\AppData\Local\WarThunder
2013-06-24 08:40 . 2013-06-24 08:40 -------- d-----w- c:\programdata\Steam
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-03 20:48 . 2011-08-31 10:30 291128 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-07-03 20:48 . 2011-08-30 18:29 291128 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-06-28 06:21 . 2013-03-22 20:46 189936 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-06-28 06:21 . 2011-09-26 14:51 378944 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-06-28 06:21 . 2011-09-26 14:51 1030952 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-06-24 19:09 . 2011-08-30 18:29 291088 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2013-06-14 11:49 . 2013-06-14 11:49 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2013-06-12 19:37 . 2012-04-05 09:19 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-06-12 19:37 . 2011-07-28 20:14 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-12 19:37 . 2013-05-15 16:40 9089416 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2013-06-07 13:40 . 2011-08-30 18:29 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2013-05-13 05:51 . 2013-06-12 09:34 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2013-05-13 05:51 . 2013-06-12 09:34 1464320 ----a-w- c:\windows\system32\crypt32.dll
2013-05-13 05:51 . 2013-06-12 09:34 139776 ----a-w- c:\windows\system32\cryptnet.dll
2013-05-13 05:50 . 2013-06-12 09:34 52224 ----a-w- c:\windows\system32\certenc.dll
2013-05-13 04:45 . 2013-06-12 09:34 1160192 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-05-13 04:45 . 2013-06-12 09:34 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2013-05-13 04:45 . 2013-06-12 09:34 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2013-05-13 03:43 . 2013-06-12 09:34 1192448 ----a-w- c:\windows\system32\certutil.exe
2013-05-13 03:08 . 2013-06-12 09:34 903168 ----a-w- c:\windows\SysWow64\certutil.exe
2013-05-13 03:08 . 2013-06-12 09:34 43008 ----a-w- c:\windows\SysWow64\certenc.dll
2013-05-12 19:42 . 2010-06-24 18:33 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-10 05:49 . 2013-06-12 09:34 30720 ----a-w- c:\windows\system32\cryptdlg.dll
2013-05-10 03:20 . 2013-06-12 09:34 24576 ----a-w- c:\windows\SysWow64\cryptdlg.dll
2013-05-09 08:59 . 2013-03-22 20:46 65336 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-05-09 08:59 . 2012-02-26 20:23 72016 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-05-09 08:59 . 2011-09-26 14:51 64288 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-05-09 08:59 . 2011-09-26 14:51 33400 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-05-09 08:59 . 2011-09-26 14:51 80816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-05-09 08:58 . 2011-09-26 14:50 41664 ----a-w- c:\windows\avastSS.scr
2013-05-09 08:58 . 2011-09-26 14:50 287840 ----a-w- c:\windows\system32\aswBoot.exe
2013-05-08 06:39 . 2013-06-12 09:34 1910632 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-05-02 00:06 . 2011-09-26 16:34 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-04-30 19:45 . 2013-04-30 19:45 97280 ----a-w- c:\windows\system32\mshtmled.dll
2013-04-30 19:45 . 2013-04-30 19:45 92160 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-04-30 19:45 . 2013-04-30 19:45 905728 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-04-30 19:45 . 2013-04-30 19:45 81408 ----a-w- c:\windows\system32\icardie.dll
2013-04-30 19:45 . 2013-04-30 19:45 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-04-30 19:45 . 2013-04-30 19:45 762368 ----a-w- c:\windows\system32\ieapfltr.dll
2013-04-30 19:45 . 2013-04-30 19:45 73728 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-04-30 19:45 . 2013-04-30 19:45 719360 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-04-30 19:45 . 2013-04-30 19:45 62976 ----a-w- c:\windows\system32\pngfilt.dll
2013-04-30 19:45 . 2013-04-30 19:45 61952 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-04-30 19:45 . 2013-04-30 19:45 599552 ----a-w- c:\windows\system32\vbscript.dll
2013-04-30 19:45 . 2013-04-30 19:45 523264 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-04-30 19:45 . 2013-04-30 19:45 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-04-30 19:45 . 2013-04-30 19:45 51200 ----a-w- c:\windows\system32\imgutil.dll
2013-04-30 19:45 . 2013-04-30 19:45 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-04-30 19:45 . 2013-04-30 19:45 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-04-30 19:45 . 2013-04-30 19:45 452096 ----a-w- c:\windows\system32\dxtmsft.dll
2013-04-30 19:45 . 2013-04-30 19:45 441856 ----a-w- c:\windows\system32\html.iec
2013-04-30 19:45 . 2013-04-30 19:45 38400 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-04-30 19:45 . 2013-04-30 19:45 361984 ----a-w- c:\windows\SysWow64\html.iec
2013-04-30 19:45 . 2013-04-30 19:45 281600 ----a-w- c:\windows\system32\dxtrans.dll
2013-04-30 19:45 . 2013-04-30 19:45 27648 ----a-w- c:\windows\system32\licmgr10.dll
2013-04-30 19:45 . 2013-04-30 19:45 270848 ----a-w- c:\windows\system32\iedkcs32.dll
2013-04-30 19:45 . 2013-04-30 19:45 247296 ----a-w- c:\windows\system32\webcheck.dll
2013-04-30 19:45 . 2013-04-30 19:45 235008 ----a-w- c:\windows\system32\url.dll
2013-04-30 19:45 . 2013-04-30 19:45 23040 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-04-30 19:45 . 2013-04-30 19:45 226304 ----a-w- c:\windows\system32\elshyph.dll
2013-04-30 19:45 . 2013-04-30 19:45 216064 ----a-w- c:\windows\system32\msls31.dll
2013-04-30 19:45 . 2013-04-30 19:45 197120 ----a-w- c:\windows\system32\msrating.dll
2013-04-30 19:45 . 2013-04-30 19:45 185344 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-04-30 19:45 . 2013-04-30 19:45 173568 ----a-w- c:\windows\system32\ieUnatt.exe
2013-04-30 19:45 . 2013-04-30 19:45 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-04-30 19:45 . 2013-04-30 19:45 158720 ----a-w- c:\windows\SysWow64\msls31.dll
2013-04-30 19:45 . 2013-04-30 19:45 1509376 ----a-w- c:\windows\system32\inetcpl.cpl
2013-04-30 19:45 . 2013-04-30 19:45 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-04-30 19:45 . 2013-04-30 19:45 149504 ----a-w- c:\windows\system32\occache.dll
2013-04-30 19:45 . 2013-04-30 19:45 144896 ----a-w- c:\windows\system32\wextract.exe
2013-04-30 19:45 . 2013-04-30 19:45 1441280 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2013-04-30 19:45 . 2013-04-30 19:45 1400416 ----a-w- c:\windows\system32\ieapfltr.dat
2013-04-30 19:45 . 2013-04-30 19:45 138752 ----a-w- c:\windows\SysWow64\wextract.exe
2013-04-30 19:45 . 2013-04-30 19:45 13824 ----a-w- c:\windows\system32\mshta.exe
2013-04-30 19:45 . 2013-04-30 19:45 137216 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-04-30 19:45 . 2013-04-30 19:45 136192 ----a-w- c:\windows\system32\iepeers.dll
2013-04-30 19:45 . 2013-04-30 19:45 135680 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-04-30 19:45 . 2013-04-30 19:45 12800 ----a-w- c:\windows\SysWow64\mshta.exe
2013-04-30 19:45 . 2013-04-30 19:45 12800 ----a-w- c:\windows\system32\msfeedssync.exe
2013-04-30 19:45 . 2013-04-30 19:45 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-04-30 19:45 . 2013-04-30 19:45 1054720 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-04-30 19:45 . 2013-04-30 19:45 102912 ----a-w- c:\windows\system32\inseng.dll
2013-04-26 05:51 . 2013-06-12 09:31 751104 ----a-w- c:\windows\system32\win32spl.dll
2013-04-26 04:55 . 2013-06-12 09:31 492544 ----a-w- c:\windows\SysWow64\win32spl.dll
2013-04-25 23:30 . 2013-06-12 09:34 1505280 ----a-w- c:\windows\SysWow64\d3d11.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{20a0be68-8fd9-4539-8712-ce3d1c1fdfc6}]
2012-01-17 19:28 262312 ----a-w- c:\program files (x86)\blekkotb\auxi\blekkoAu.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{26c9e18c-3717-4be1-a225-04e4471f5b6e}]
2012-01-17 19:28 86696 ----a-w- c:\program files (x86)\blekkotb\blekkoDx.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
2012-07-04 13:03 1310040 ----a-r- c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{26c9e18c-3717-4be1-a225-04e4471f5b6e}"= "c:\program files (x86)\blekkotb\blekkoDx.dll" [2012-01-17 86696]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2012-07-04 1310040]
.
[HKEY_CLASSES_ROOT\clsid\{26c9e18c-3717-4be1-a225-04e4471f5b6e}]
.
[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SSync"="c:\users\Theo Hulok\AppData\Roaming\SSync\SSync.exe" [2013-04-09 36864]
"DataMgr"="c:\users\Theo Hulok\AppData\Roaming\DataMgr\DataMgr.exe" [2013-06-26 168848]
"SCheck"="c:\users\Theo Hulok\AppData\Roaming\SCheck\SCheck.exe" [2013-04-09 36864]
"Snoozer"="c:\users\Theo Hulok\AppData\Roaming\Snz\Snz.exe" [2013-07-21 1137673]
"Intermediate"="c:\users\Theo Hulok\AppData\Roaming\Intermediate\Intermediate.exe" [2013-04-09 36864]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BATINDICATOR"="c:\program files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe" [2009-05-08 2068992]
"LaunchHPOSIAPP"="c:\program files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\LaunchApp.exe" [2009-04-04 385024]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-10-17 284440]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-27 59280]
"adm_tray.exe"="e:\drivemonitor\adm_tray.exe" [2011-02-24 470120]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2013-03-28 642656]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="c:\windows\system32\userinit.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"HP Software Update"=c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"PDF Complete"=c:\program files (x86)\PDF Complete\pdfsty.exe
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
"Norton Online Backup"=c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
"AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
"AMD AVT"=Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "c:\program files (x86)\AMD AVT\bin\kdbsync.exe" aml
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
"Sweetpacks Communicator"=c:\program files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys;c:\windows\SYSNATIVE\DRIVERS\htcnprot.sys [x]
R3 ScreamBAudioSvc;ScreamBee Audio;c:\windows\system32\drivers\ScreamingBAudio64.sys;c:\windows\SYSNATIVE\drivers\ScreamingBAudio64.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TelekomNM6;Telekom Netzmanager Packet Filter Driver;c:\program files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys;c:\program files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 GS In-Game Service;GS In-Game Service;c:\program files (x86)\GameTracker\GSInGameService.exe;c:\program files (x86)\GameTracker\GSInGameService.exe [x]
R4 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
R4 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
R4 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [x]
R4 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S1 aswKbd;aswKbd; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe;c:\program files\IDT\WDM\AESTSr64.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe;c:\windows\SYSNATIVE\ezSharedSvcHost.exe [x]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Netzmanager Service;Netzmanager Infrastruktur Informationssystem Dienst;c:\program files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe ;c:\program files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [x]
S2 OS Selector;Acronis OS Selector Activator;c:\program files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe;c:\program files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe [x]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe;c:\program files (x86)\PDF Complete\pdfsvc.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 KovaPlusFltr;ROCCAT Kova[+] Mouse;c:\windows\system32\drivers\KovaPlusFltr.sys;c:\windows\SYSNATIVE\drivers\KovaPlusFltr.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [x]
S3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-07-13 09:07 1173456 ----a-w- c:\program files (x86)\Google\Chrome\Application\28.0.1500.72\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-07-23 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-05 19:37]
.
2013-07-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-28 23:09]
.
2013-07-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-28 23:09]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BeatsOSDApp"="c:\program files\IDT\WDM\beats64.exe" [2010-08-15 37888]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-09-27 489472]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-03-15 499608]
"Acronis Scheduler2 Service"="c:\program files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" [2011-02-12 462400]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{1984DD45-52CF-49cd-AB77-18F378FEA264}"= "c:\program files (x86)\Stardock\Fences\FencesMenu64.dll" [2010-06-22 253288]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=59b6da75-794e-48a1-938d-8e7baa0095f2&searchtype=hp&installDate=14/06/2013
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=59b6da75-794e-48a1-938d-8e7baa0095f2&searchtype=ds&q={searchTerms}&installDate=14/06/2013
IE: {{7644E42D-B096-457F-8B5B-901238FC81AE} - c:\program files (x86)\ICQ7.6\ICQ.exe
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.0.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{26C9E18C-3717-4BE1-A225-04E4471F5B6E}"=hex:51,66,7a,6c,4c,1d,38,12,e2,e2,da,
22,25,79,8f,0e,dd,33,47,a4,42,41,1f,7a
"{8E5E2654-AD2D-48BF-AC2D-D17F00898D06}"=hex:51,66,7a,6c,4c,1d,38,12,3a,25,4d,
8a,1f,e3,d1,0d,d3,3b,92,3f,05,d7,c9,12
"{EEE6C35B-6118-11DC-9C72-001320C79847}"=hex:51,66,7a,6c,4c,1d,38,12,35,c0,f5,
ea,2a,2f,b2,54,e3,64,43,53,25,99,dc,53
"{AE07101B-46D4-4A98-AF68-0333EA26E113}"=hex:51,66,7a,6c,4c,1d,38,12,75,13,14,
aa,e6,08,f6,0f,d0,7e,40,73,ef,78,a5,07
"{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}"=hex:51,66,7a,6c,4c,1d,38,12,15,21,99,
35,ad,10,d3,00,f6,8f,3c,cf,15,94,08,e1
"{20A0BE68-8FD9-4539-8712-CE3D1C1FDFC6}"=hex:51,66,7a,6c,4c,1d,38,12,06,bd,b3,
24,eb,c1,57,00,f8,04,8d,7d,19,41,9b,d2
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,
72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}"=hex:51,66,7a,6c,4c,1d,38,12,07,5b,93,
aa,6e,60,ba,0b,f0,6d,b2,b7,80,44,00,83
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{EEE6C35C-6118-11DC-9C72-001320C79847}"=hex:51,66,7a,6c,4c,1d,38,12,32,c0,f5,
ea,2a,2f,b2,54,e3,64,43,53,25,99,dc,53
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:a9,07,62,fc,02,78,ce,01
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,b5,19,20,e0,19,80,68,4c,83,1c,53,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,b5,19,20,e0,19,80,68,4c,83,1c,53,\
.
[HKEY_USERS\S-1-5-21-1201534454-2380176246-3172034216-1000\Software\SecuROM\License information*]
"datasecu"=hex:01,56,92,c7,7b,88,e5,34,d0,50,ec,76,dc,ab,3c,49,57,8a,18,75,46,
73,40,1f,d3,c9,ab,bc,f5,3f,8a,7d,de,00,3c,f6,d5,98,cf,60,a4,d4,aa,b8,98,cf,\
"rkeysecu"=hex:b6,ea,c8,71,98,ec,08,1d,8d,63,e1,14,62,f5,34,44
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-07-23 17:04:49
ComboFix-quarantined-files.txt 2013-07-23 15:04
.
Vor Suchlauf: 21 Verzeichnis(se), 268.223.148.032 Bytes frei
Nach Suchlauf: 27 Verzeichnis(se), 267.818.168.320 Bytes frei
.
- - End Of File - - 099B708D0D1BB0A18FB38AAFA38C1835
D41D8CD98F00B204E9800998ECF8427E
|
FRST 32-Bit | FRST 64-Bit
So funktioniert es:
AdwCleaner auf deinen Desktop.
SecurityCheck und:
