Oh tut mir leid :S
ist dir bis jetzt irgendwas unnartürliches aufgefallen? Code:
ComboFix 13-09-02.02 - Michael 03.09.2013 16:50:09.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.4061.2689 [GMT 2:00]
ausgeführt von:: c:\users\Michael\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Michael\AppData\Roaming\dclogs
c:\users\Michael\AppData\Roaming\dclogs\2013-02-27-4.dc
c:\windows\IsUn0407.exe
c:\windows\security\Database\tmp.edb
c:\windows\SysWow64\frapsvid.dll
.
.
((((((((((((((((((((((((((((((((((((((( Treiber/Dienste )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_DCService.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-08-03 bis 2013-09-03 ))))))))))))))))))))))))))))))
.
.
2013-09-03 15:03 . 2013-09-03 15:03 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-09-03 15:03 . 2013-09-03 15:03 -------- d-----w- c:\users\Gast\AppData\Local\temp
2013-09-03 15:03 . 2013-09-03 15:03 -------- d-----w- c:\users\DefaultAppPool\AppData\Local\temp
2013-09-03 15:03 . 2013-09-03 15:03 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-09-03 14:20 . 2013-09-03 14:29 -------- d-----w- C:\AdwCleaner
2013-09-03 12:59 . 2013-09-03 12:59 -------- d-----w- C:\FRST
2013-09-03 07:35 . 2013-08-06 08:58 9515512 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A6CA06A0-32CD-4EE0-AE65-155DF090746D}\mpengine.dll
2013-09-01 17:32 . 2013-09-01 17:32 -------- d-----w- c:\users\Michael\AppData\Local\ElevatedDiagnostics
2013-08-29 17:23 . 2013-08-29 17:23 -------- d-----w- c:\users\Michael\AppData\Roaming\MW2 FoV Changer
2013-08-18 12:57 . 2013-08-18 12:59 -------- d-----w- C:\ArcTemp
2013-08-18 12:10 . 2013-08-18 12:10 -------- d-----w- c:\program files (x86)\Perfect World Entertainment
2013-08-16 08:36 . 2013-08-16 08:31 447752 ----a-w- c:\windows\SysWow64\vp6vfw.dll
2013-08-15 19:21 . 2013-08-15 19:21 -------- d-----w- c:\users\Michael\AppData\Local\Criterion Games
2013-08-15 12:20 . 2013-08-18 15:18 -------- d-----w- c:\program files (x86)\Origin Games
2013-08-15 12:01 . 2013-08-15 12:20 -------- d-----w- c:\users\Michael\AppData\Local\Origin
2013-08-14 15:53 . 2013-08-14 15:53 -------- d-----w- c:\program files (x86)\CrossHair
2013-08-14 15:31 . 2013-08-14 15:31 -------- d-----w- c:\program files\AutoHotkey
2013-08-14 11:46 . 2013-08-14 11:46 -------- d-----w- c:\programdata\Blizzard
2013-08-14 08:52 . 2013-07-09 02:49 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-08-14 08:52 . 2013-07-09 02:49 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-08-14 08:52 . 2013-07-09 02:49 2048 ----a-w- c:\windows\SysWow64\user.exe
2013-08-14 08:52 . 2013-06-15 04:32 39936 ----a-w- c:\windows\system32\drivers\tssecsrv.sys
2013-08-14 08:52 . 2013-07-06 06:03 1910208 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-08-10 15:54 . 2013-08-10 15:55 -------- d-----w- c:\users\Michael\AppData\Local\Risen
2013-08-09 17:06 . 2013-08-09 17:06 -------- d-----w- c:\users\Michael\AppData\Roaming\OBS
2013-08-05 12:48 . 2013-08-05 12:48 -------- d-----w- c:\users\Michael\AppData\Roaming\Avira
2013-08-05 12:43 . 2013-08-05 12:43 -------- d-----w- c:\programdata\AskPartnerNetwork
2013-08-05 12:43 . 2013-08-05 12:43 -------- d-----w- c:\program files (x86)\AskPartnerNetwork
2013-08-05 12:43 . 2013-08-20 08:45 81112 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2013-08-05 12:43 . 2013-08-05 12:43 -------- d-----w- c:\programdata\APN
2013-08-05 12:42 . 2013-09-02 13:36 105344 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2013-08-05 12:42 . 2013-08-20 08:45 132088 ----a-w- c:\windows\system32\drivers\avipbb.sys
2013-08-05 12:42 . 2013-08-05 12:32 28600 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2013-08-05 12:41 . 2013-08-05 12:42 -------- d-----w- c:\programdata\Avira
2013-08-05 12:41 . 2013-08-05 12:41 -------- d-----w- c:\program files (x86)\Avira
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-08-15 09:06 . 2010-12-30 09:03 78161360 ----a-w- c:\windows\system32\MRT.exe
2013-08-12 14:11 . 2012-07-13 13:05 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-08-12 14:11 . 2012-01-01 16:00 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-07-27 19:37 . 2011-02-25 21:09 564824 ----a-w- c:\windows\system32\drivers\sptd.sys
2013-07-21 13:32 . 2013-07-21 13:32 0 ----a-w- c:\windows\SysWow64\sho5433.tmp
2013-07-09 04:45 . 2013-08-14 08:53 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-07-01 17:41 . 2011-02-12 06:07 290776 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-07-01 17:41 . 2011-02-12 01:14 290776 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-07-01 17:23 . 2011-02-12 01:14 281288 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2013-07-01 17:18 . 2011-02-12 01:14 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2013-06-23 15:45 . 2013-06-23 15:45 715038 ----a-w- c:\windows\unins000.exe
2013-06-21 12:06 . 2013-07-12 13:43 61216 ----a-w- c:\windows\system32\OpenCL.dll
2013-06-21 12:06 . 2013-07-12 13:43 53024 ----a-w- c:\windows\SysWow64\OpenCL.dll
2013-06-21 12:06 . 2013-07-12 13:30 27781920 ----a-w- c:\windows\system32\nvoglv64.dll
2013-06-21 12:06 . 2013-07-12 13:30 21102368 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2013-06-21 12:06 . 2013-07-12 13:30 15920536 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-06-21 12:06 . 2013-07-12 13:30 13411896 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2013-06-21 12:06 . 2013-07-12 13:30 11235104 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2013-06-21 12:06 . 2013-07-12 13:30 9239344 ----a-w- c:\windows\system32\nvcuda.dll
2013-06-21 12:06 . 2013-07-12 13:30 7687592 ----a-w- c:\windows\SysWow64\nvcuda.dll
2013-06-21 12:06 . 2013-07-12 13:30 2953504 ----a-w- c:\windows\system32\nvcuvid.dll
2013-06-21 12:06 . 2013-07-12 13:30 2936208 ----a-w- c:\windows\system32\nvapi64.dll
2013-06-21 12:06 . 2013-07-12 13:30 2777888 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2013-06-21 12:06 . 2013-07-12 13:30 2597856 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-06-21 12:06 . 2013-07-12 13:30 2363680 ----a-w- c:\windows\system32\nvcuvenc.dll
2013-06-21 12:06 . 2013-07-12 13:30 2002720 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2013-06-21 12:06 . 2013-07-12 13:30 15144928 ----a-w- c:\windows\system32\nvd3dumx.dll
2013-06-21 12:06 . 2013-07-12 13:30 12427240 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2013-06-21 12:06 . 2013-07-12 13:20 7641832 ----a-w- c:\windows\system32\nvopencl.dll
2013-06-21 12:06 . 2013-07-12 13:20 6324360 ----a-w- c:\windows\SysWow64\nvopencl.dll
2013-06-21 12:06 . 2013-07-12 13:20 572704 ----a-w- c:\windows\system32\NvFBC64.dll
2013-06-21 12:06 . 2013-07-12 13:20 570656 ----a-w- c:\windows\system32\NvIFR64.dll
2013-06-21 12:06 . 2013-07-12 13:20 467232 ----a-w- c:\windows\SysWow64\NvIFR.dll
2013-06-21 12:06 . 2013-07-12 13:20 465184 ----a-w- c:\windows\SysWow64\NvFBC.dll
2013-06-21 12:06 . 2013-07-12 13:20 1832224 ----a-w- c:\windows\system32\nvdispco6432049.dll
2013-06-21 12:06 . 2013-07-12 13:20 1511712 ----a-w- c:\windows\system32\nvdispgenco6432049.dll
2013-06-21 12:06 . 2013-07-12 13:19 25256224 ----a-w- c:\windows\system32\nvcompiler.dll
2013-06-21 12:06 . 2013-07-12 13:19 17560352 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2013-06-21 10:23 . 2013-07-12 13:44 6496544 ----a-w- c:\windows\system32\nvcpl.dll
2013-06-21 10:23 . 2013-07-12 13:44 3514656 ----a-w- c:\windows\system32\nvsvc64.dll
2013-06-21 10:23 . 2013-07-12 13:44 884512 ----a-w- c:\windows\system32\nvvsvc.exe
2013-06-21 10:23 . 2013-07-12 13:44 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-06-21 10:23 . 2013-07-12 13:44 2555680 ----a-w- c:\windows\system32\nvsvcr.dll
2013-06-21 10:23 . 2013-07-12 13:44 237856 ----a-w- c:\windows\system32\nvmctray.dll
2013-06-12 07:48 . 2013-06-12 07:48 32688 ----a-w- c:\windows\system32\drivers\nlndis.sys
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{41564952-412D-5637-00A7-7A786E7484D7}"= "c:\program files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll" [2013-07-26 12240]
.
[HKEY_CLASSES_ROOT\clsid\{41564952-412d-5637-00a7-7a786e7484d7}]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-03-19 12:35 220632 ----a-w- c:\users\Michael\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-03-19 12:35 220632 ----a-w- c:\users\Michael\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-03-19 12:35 220632 ----a-w- c:\users\Michael\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"="c:\users\Michael\AppData\Local\Akamai\netsession_win.exe" [2012-08-10 4440896]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2009-09-24 825864]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-08-20 347192]
"ApnTBMon"="c:\program files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" [2013-07-26 1558480]
.
c:\users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Michael\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-5-25 27776968]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 ArcService;Arc Service;c:\program files (x86)\Perfect World Entertainment\Arc\ArcService.exe;c:\program files (x86)\Perfect World Entertainment\Arc\ArcService.exe [x]
R3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x]
R3 DCamUSBVM;Lenovo Q350 USB PC Camera;c:\windows\system32\Drivers\usbVM31b.sys;c:\windows\SYSNATIVE\Drivers\usbVM31b.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 DrvAgent64;DrvAgent64;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS [x]
R3 dump_wmimmc;dump_wmimmc;c:\program files (x86)\eFusion\BlackShot\system\GameGuard\dump_wmimmc.sys;c:\program files (x86)\eFusion\BlackShot\system\GameGuard\dump_wmimmc.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 FairplayKD;FairplayKD;c:\programdata\MTA San Andreas All\1.3\temp\FairplayKD.sys;c:\programdata\MTA San Andreas All\1.3\temp\FairplayKD.sys [x]
R3 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbdev.sys [x]
R3 NLNdisPT;NetLimiter Ndis Protocol Service;c:\windows\system32\DRIVERS\nlndis.sys;c:\windows\SYSNATIVE\DRIVERS\nlndis.sys [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des;c:\windows\SYSNATIVE\GameMon.des [x]
R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys;c:\windows\SYSNATIVE\DRIVERS\RTL8192su.sys [x]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys;c:\windows\SYSNATIVE\DRIVERS\Rts516xIR.sys [x]
R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]
R3 TelekomNM6;Telekom Netzmanager Packet Filter Driver;c:\program files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys;c:\program files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 VASDeviceDrm;Virtual Audio Streaming with Drm (WDM);c:\windows\system32\drivers\vasdDev.sys;c:\windows\SYSNATIVE\drivers\vasdDev.sys [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\users\Michael\Meiner\Programme\GameBooster\Game Booster 3\Driver\WinRing0x64.sys;c:\users\Michael\Meiner\Programme\GameBooster\Game Booster 3\Driver\WinRing0x64.sys [x]
R3 X6va005;X6va005;c:\users\Michael\AppData\Local\Temp\005B274.tmp;c:\users\Michael\AppData\Local\Temp\005B274.tmp [x]
R4 AntiVirWebService;Avira Browser-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [x]
R4 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
R4 Netzmanager Service;Netzmanager Infrastruktur Informationssystem Dienst;c:\program files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe ;c:\program files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [x]
R4 OverwolfUpdaterService;Overwolf Updater Service;c:\program files (x86)\Overwolf\OverwolfUpdater.exe;c:\program files (x86)\Overwolf\OverwolfUpdater.exe [x]
R4 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S0 BMLoad;Bytemobile Boot Time Load Driver;c:\windows\system32\drivers\BMLoad.sys;c:\windows\SYSNATIVE\drivers\BMLoad.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 nltdi;nltdi;c:\program files\NetLimiter 3\nltdi.sys;c:\program files\NetLimiter 3\nltdi.sys [x]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 APNMCP;Ask Aktualisierungsdienst;c:\program files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe;c:\program files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [x]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe;c:\program files (x86)\Acer\Registration\GREGsvc.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [x]
S2 RS_Service;Raw Socket Service;c:\program files (x86)\Acer\Acer VCM\RS_Service.exe;c:\program files (x86)\Acer\Acer VCM\RS_Service.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 NLNdisMP;NLNdisMP;c:\windows\system32\DRIVERS\nlndis.sys;c:\windows\SYSNATIVE\DRIVERS\nlndis.sys [x]
S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
S3 ScreamBAudioSvc;ScreamBee Audio;c:\windows\system32\drivers\ScreamingBAudio64.sys;c:\windows\SYSNATIVE\drivers\ScreamingBAudio64.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
iissvcs REG_MULTI_SZ w3svc was
apphost REG_MULTI_SZ apphostsvc
.
Inhalt des "geplante Tasks" Ordners
.
2013-08-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-13 14:11]
.
2013-08-16 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3110421983-1093417609-3306756475-1000Core.job
- c:\users\Michael\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-07-05 14:55]
.
2013-08-17 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3110421983-1093417609-3306756475-1000UA.job
- c:\users\Michael\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-07-05 14:55]
.
2013-08-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-03 15:05]
.
2013-08-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-03 15:05]
.
2013-08-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3110421983-1093417609-3306756475-1000Core.job
- c:\users\Michael\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-05 21:47]
.
2013-08-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3110421983-1093417609-3306756475-1000UA.job
- c:\users\Michael\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-05 21:47]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-03-19 12:35 244696 ----a-w- c:\users\Michael\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-03-19 12:35 244696 ----a-w- c:\users\Michael\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-03-19 12:35 244696 ----a-w- c:\users\Michael\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2009-07-20 503864]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-02-26 818720]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2010-07-21 2327952]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
uInternet Settings,ProxyServer = 127.0.0.1:3128
uSearchAssistant = hxxp://www.google.com
mSearchAssistant = hxxp://www.google.com
IE: Free YouTube Download - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
IE: Free YouTube to Mp3 Converter - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
LSP: c:\program files (x86)\Avira\AntiVir Desktop\avsda.dll
FF - ProfilePath - c:\users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\qgag6n9j.Michael1\
FF - prefs.js: browser.startup.homepage -
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Driver Genius Professional Edition_is1 - c:\program files (x86)\Driver-Soft\DriverGenius\unins000.exe
AddRemove-Herrscher des Olymp - Zeus - c:\windows\IsUn0407.exe
AddRemove-BitTorrent - c:\users\Michael\AppData\Roaming\BitTorrent\BitTorrent.exe
AddRemove-{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4} - c:\users\Michael\Desktop\ea\uninstaller.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Akamai]
"ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va005]
"ImagePath"="\??\c:\users\Michael\AppData\Local\Temp\005B274.tmp"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{9D81AF43-DE53-48D0-A199-42C2A226B24C}"=hex:51,66,7a,6c,4c,1d,38,12,2d,ac,92,
99,61,90,be,0d,de,8f,01,82,a7,78,f6,58
"{872B5B88-9DB5-4310-BDD0-AC189557E5F5}"=hex:51,66,7a,6c,4c,1d,38,12,e6,58,38,
83,87,d3,7e,06,c2,c6,ef,58,90,09,a1,e1
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"=hex:51,66,7a,6c,4c,1d,38,12,50,d3,52,
34,79,b3,8e,01,c8,54,6e,db,8d,6e,1b,8c
"{8DBB6D8E-E4A6-4E3B-9753-AF78B226441C}"=hex:51,66,7a,6c,4c,1d,38,12,e0,6e,a8,
89,94,aa,55,0b,e8,45,ec,38,b7,78,00,08
"{F0381DBD-E018-4E07-AE40-D96AB15083F0}"=hex:51,66,7a,6c,4c,1d,38,12,d3,1e,2b,
f4,2a,ae,69,0b,d1,56,9a,2a,b4,0e,c7,e4
"{0BDA0769-FD72-49F4-9266-E1FB004F4D8F}"=hex:51,66,7a,6c,4c,1d,38,12,07,04,c9,
0f,40,b3,9a,0c,ed,70,a2,bb,05,11,09,9b
"{1D8566BD-F06F-4029-A3BE-BA80AF5A09F3}"=hex:51,66,7a,6c,4c,1d,38,12,d3,65,96,
19,5d,be,47,05,dc,a8,f9,c0,aa,04,4d,e7
"{AE07101B-46D4-4A98-AF68-0333EA26E113}"=hex:51,66,7a,6c,4c,1d,38,12,75,13,14,
aa,e6,08,f6,0f,d0,7e,40,73,ef,78,a5,07
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{201F27D4-3704-41D6-89C1-AA35E39143ED}"=hex:51,66,7a,6c,4c,1d,38,12,ba,24,0c,
24,36,79,b8,04,f6,d7,e9,75,e6,cf,07,f9
"{31AD400D-1B06-4E33-A59A-90C2C140CBA0}"=hex:51,66,7a,6c,4c,1d,38,12,63,43,be,
35,34,55,5d,0b,da,8c,d3,82,c4,1e,8f,b4
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,
72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}"=hex:51,66,7a,6c,4c,1d,38,12,27,28,80,
ea,f2,9b,77,08,dc,cc,8d,48,4c,7b,c9,f2
"{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}"=hex:51,66,7a,6c,4c,1d,38,12,3a,a3,f7,
fd,83,a7,ad,0e,fc,b5,35,e1,ab,2d,25,64
"{B0DE3308-5D5A-470D-81B9-634FC078393B}"=hex:51,66,7a,6c,4c,1d,38,12,66,30,cd,
b4,68,13,63,02,fe,af,20,0f,c5,26,7d,2f
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:c9,a8,a1,f9,e8,44,ce,01
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,ab,f3,db,c1,73,20,81,41,b5,a0,3c,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,ab,f3,db,c1,73,20,81,41,b5,a0,3c,\
.
[HKEY_USERS\S-1-5-21-3110421983-1093417609-3306756475-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-3110421983-1093417609-3306756475-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_USERS\S-1-5-21-3110421983-1093417609-3306756475-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7330A830-C84C-D9E3-7CE5-4ACDE4C65541}*]
"hanbkdplljhabhfe"=hex:6b,61,63,64,6d,6e,6f,6d,6c,6a,6f,68,67,6e,6a,6f,62,70,
69,61,64,6f,00,00
"iahcegfonmpkibbnan"=hex:6a,61,64,64,70,6e,62,64,63,63,65,64,6d,6d,6e,69,65,63,
6f,6b,00,00
.
[HKEY_USERS\S-1-5-21-3110421983-1093417609-3306756475-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:27,de,55,ad,29,ce,64,8a,59,d8,52,34,5b,93,5a,24,f5,9c,c1,54,2e,e8,fd,
72,b2,f3,b5,4b,ab,81,3d,55,bd,41,8b,33,6e,c6,33,b1,d8,69,01,d5,d9,d2,8e,00,\
"??"=hex:8d,d6,fc,fe,4d,4d,b2,c9,63,e3,a8,fb,ca,f9,cd,9d
.
[HKEY_USERS\S-1-5-21-3110421983-1093417609-3306756475-1000\Software\SecuROM\License information*]
"datasecu"=hex:7d,cb,2f,d1,e1,bf,bb,0a,11,a2,ef,64,eb,59,76,cd,7a,59,d0,d0,bf,
4e,13,70,fd,ce,22,61,a7,d5,d7,ef,c5,16,f8,d3,3e,40,a0,67,2f,c2,fd,e8,59,72,\
"rkeysecu"=hex:77,47,39,2e,21,48,7f,c5,64,a4,38,72,13,b8,de,1b
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-09-03 17:12:47 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2013-09-03 15:12
.
Vor Suchlauf: 15 Verzeichnis(se), 155.825.295.360 Bytes frei
Nach Suchlauf: 24 Verzeichnis(se), 155.378.380.800 Bytes frei
.
- - End Of File - - DA9E95D143738DA5671EC5D8D6FE4E4B |