Danke für die erneute Antwort!
Ja, sfBot ist ein mir bekanntes Tool, welches ich eine Zeit lang verwendet habe. Die Quelle erscheint mir selbst vertrauenswürdig, da unter anderem eine große Zahl von Nutzern dieses Tool nutzt ohne Probleme gemeldet zu haben (siehe www.sfbot.de).
ComboFix ist durchgelaufen, beim Erstellen des Wiederherstellungspunktes gab es die Meldung mit dem Registrierungsschlüssel zur Exe vom Internet Explorer, ansonsten nichts auffälliges beim Scan.
Hier der Log: Code:
ComboFix 13-10-15.02 - 42 15.10.2013 12:33:46.1.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.8174.5665 [GMT 2:00]
ausgeführt von:: c:\users\42\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: avast! Internet Security *Disabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\users\42\AppData\Local\assembly\tmp
c:\users\42\AppData\Roaming\inst.exe
c:\users\42\AppData\Roaming\mIRC\logs\status.log
c:\users\42\AppData\Roaming\siw_sdk.dll
c:\windows\apppatch\AppLoc.exe
c:\windows\apppatch\AppLocA.exe
c:\windows\AppPatch\Custom\{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb
c:\windows\apppatch\unins000.dat
c:\windows\apppatch\unins000.exe
c:\windows\SysWow64\DEBUG.log
c:\windows\SysWow64\frapsvid.dll
c:\windows\SysWow64\uxtheme.dll.tmp
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-09-15 bis 2013-10-15 ))))))))))))))))))))))))))))))
.
.
2013-10-15 10:53 . 2013-10-15 10:53 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-10-14 19:35 . 2013-10-14 19:52 -------- d-----w- c:\users\42\AppData\Local\LogicCircuit
2013-10-14 19:10 . 2013-10-14 19:10 -------- d-----w- c:\users\42\AppData\Local\Yenka
2013-10-14 19:05 . 2013-10-14 19:07 -------- d-----w- c:\program files (x86)\Yenka
2013-10-14 17:23 . 2013-10-14 17:23 -------- d-----w- C:\FRST
2013-10-11 13:33 . 2013-08-28 01:12 461312 ----a-w- c:\windows\system32\scavengeui.dll
2013-10-11 13:09 . 2013-09-04 12:11 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-10-11 13:09 . 2013-09-04 12:11 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-10-11 13:09 . 2013-09-04 12:11 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2013-10-11 13:09 . 2013-09-04 12:12 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2013-10-11 13:09 . 2013-09-04 12:11 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
2013-10-11 13:09 . 2013-09-04 12:11 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2013-10-11 13:09 . 2013-09-04 12:11 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2013-10-11 00:12 . 2013-10-11 01:05 -------- d-----w- c:\program files (x86)\Magic Workstation
2013-10-10 17:59 . 2013-10-10 17:59 -------- d-----w- C:\found.003
2013-10-10 11:20 . 2013-10-10 11:20 -------- d-----w- c:\users\42\AppData\Local\LogMeIn
2013-10-10 11:20 . 2013-10-10 11:20 -------- d-----w- c:\programdata\LogMeIn
2013-10-09 21:36 . 2013-10-10 00:36 17813896 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2013-10-09 14:38 . 2013-10-10 11:34 -------- d-----w- c:\program files (x86)\One Finger Death Punch
2013-10-02 20:22 . 2013-10-02 20:23 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi
2013-10-02 00:24 . 2013-08-10 03:17 2706432 ----a-w- c:\windows\system32\mshtml.tlb
2013-10-02 00:24 . 2013-08-10 03:07 2706432 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-10-02 00:24 . 2013-08-10 05:20 526336 ----a-w- c:\windows\system32\ieui.dll
2013-10-02 00:24 . 2013-08-10 05:20 356864 ----a-w- c:\program files\Internet Explorer\IEShims.dll
2013-10-02 00:24 . 2013-08-10 03:58 257536 ----a-w- c:\program files (x86)\Internet Explorer\ieproxy.dll
2013-10-01 22:25 . 2013-08-02 01:59 3968960 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-10-01 22:24 . 2013-08-02 02:12 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-27 16:03 . 2013-09-27 16:03 -------- d-----w- c:\users\42\AppData\Roaming\Guild Wars 2
2013-09-26 12:00 . 2013-09-26 18:31 -------- d-----w- c:\programdata\GFACE
2013-09-21 03:27 . 2013-09-21 03:27 -------- d-----w- c:\program files (x86)\Duty Calls
2013-09-21 00:33 . 2013-09-21 00:33 -------- d-----w- c:\program files (x86)\Hex-Editor MX
2013-09-17 15:41 . 2013-09-23 14:07 -------- d-----w- c:\program files (x86)\osu!
2013-09-15 13:14 . 2013-09-15 13:14 -------- d-----w- c:\users\42\AppData\Roaming\MP3SkypeRecorder
2013-09-15 13:14 . 2013-09-15 13:14 -------- d-----w- c:\users\42\AppData\Local\Alexander_Nikiforov
2013-09-15 13:14 . 2013-09-15 13:14 -------- d-----w- c:\program files (x86)\MP3 Skype Recorder
2013-09-15 13:03 . 2013-09-15 13:03 -------- d-----w- c:\program files (x86)\CyberLink
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-11 13:41 . 2011-10-15 09:27 80541720 ----a-w- c:\windows\system32\MRT.exe
2013-10-10 00:36 . 2012-03-30 08:56 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-10-10 00:36 . 2011-09-26 12:20 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-25 19:59 . 2011-10-26 20:34 165232 ---ha-w- c:\users\42\AppData\Roaming\Microsoft\Virtual PC\VPCKeyboard.dll
2013-09-13 22:56 . 2013-09-13 22:56 231376 ----a-w- c:\windows\system32\drivers\truecrypt.sys
2013-08-31 00:14 . 2013-08-31 00:14 78432 ----a-w- c:\windows\system32\atimpc64.dll
2013-08-31 00:14 . 2013-08-31 00:14 78432 ----a-w- c:\windows\system32\amdpcom64.dll
2013-08-31 00:14 . 2013-08-31 00:14 71704 ----a-w- c:\windows\SysWow64\atimpc32.dll
2013-08-31 00:14 . 2013-08-31 00:14 71704 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2013-08-31 00:14 . 2013-03-29 02:37 142792 ----a-w- c:\windows\system32\atiuxp64.dll
2013-08-31 00:14 . 2013-03-29 02:37 125824 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2013-08-31 00:13 . 2013-03-29 02:37 97984 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2013-08-31 00:13 . 2013-03-29 02:37 114488 ----a-w- c:\windows\system32\atiu9p64.dll
2013-08-31 00:13 . 2011-10-10 08:56 1233080 ----a-w- c:\windows\system32\aticfx64.dll
2013-08-31 00:13 . 2013-03-29 02:37 1027544 ----a-w- c:\windows\SysWow64\aticfx32.dll
2013-08-31 00:13 . 2012-03-09 04:45 9464840 ----a-w- c:\windows\system32\atidxx64.dll
2013-08-31 00:13 . 2013-03-29 02:36 8215992 ----a-w- c:\windows\SysWow64\atidxx32.dll
2013-08-31 00:13 . 2013-03-29 02:36 6176008 ----a-w- c:\windows\SysWow64\atiumdva.dll
2013-08-31 00:13 . 2013-03-29 02:36 6189416 ----a-w- c:\windows\SysWow64\atiumdag.dll
2013-08-31 00:13 . 2013-03-29 02:36 6767240 ----a-w- c:\windows\system32\atiumd6a.dll
2013-08-31 00:13 . 2013-03-29 02:36 7256496 ----a-w- c:\windows\system32\atiumd64.dll
2013-08-31 00:11 . 2013-08-31 00:11 12528640 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2013-08-30 23:48 . 2013-08-30 23:48 127488 ----a-w- c:\windows\system32\coinst_13.152.dll
2013-08-30 23:48 . 2013-08-30 23:48 229376 ----a-w- c:\windows\system32\clinfo.exe
2013-08-30 23:47 . 2013-08-30 23:47 98816 ----a-w- c:\windows\system32\OpenVideo64.dll
2013-08-30 23:47 . 2013-08-30 23:47 83456 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2013-08-30 23:47 . 2013-08-30 23:47 86528 ----a-w- c:\windows\system32\OVDecode64.dll
2013-08-30 23:47 . 2013-08-30 23:47 73216 ----a-w- c:\windows\SysWow64\OVDecode.dll
2013-08-30 23:47 . 2013-08-30 23:47 28192256 ----a-w- c:\windows\system32\amdocl64.dll
2013-08-30 23:45 . 2013-08-30 23:45 23760896 ----a-w- c:\windows\SysWow64\amdocl.dll
2013-08-30 23:43 . 2013-08-30 23:43 63488 ----a-w- c:\windows\system32\OpenCL.dll
2013-08-30 23:43 . 2013-08-30 23:43 57344 ----a-w- c:\windows\SysWow64\OpenCL.dll
2013-08-30 23:35 . 2013-08-30 23:35 25387520 ----a-w- c:\windows\system32\atio6axx.dll
2013-08-30 23:18 . 2013-08-30 23:18 368640 ----a-w- c:\windows\system32\atiapfxx.exe
2013-08-30 23:18 . 2013-08-30 23:18 62464 ----a-w- c:\windows\system32\aticalrt64.dll
2013-08-30 23:18 . 2013-08-30 23:18 52224 ----a-w- c:\windows\SysWow64\aticalrt.dll
2013-08-30 23:18 . 2013-08-30 23:18 55808 ----a-w- c:\windows\system32\aticalcl64.dll
2013-08-30 23:18 . 2013-08-30 23:18 49152 ----a-w- c:\windows\SysWow64\aticalcl.dll
2013-08-30 23:17 . 2013-08-30 23:17 15716352 ----a-w- c:\windows\system32\aticaldd64.dll
2013-08-30 23:14 . 2013-08-30 23:14 14302208 ----a-w- c:\windows\SysWow64\aticaldd.dll
2013-08-30 23:13 . 2013-08-30 23:13 21400064 ----a-w- c:\windows\SysWow64\atioglxx.dll
2013-08-30 22:59 . 2013-03-29 01:35 442368 ----a-w- c:\windows\system32\atidemgy.dll
2013-08-30 22:58 . 2013-08-30 22:58 26112 ----a-w- c:\windows\system32\atimuixx.dll
2013-08-30 22:58 . 2013-08-30 22:58 571904 ----a-w- c:\windows\system32\atieclxx.exe
2013-08-30 22:57 . 2013-08-30 22:57 239616 ----a-w- c:\windows\system32\atiesrxx.exe
2013-08-30 22:56 . 2013-08-30 22:56 190976 ----a-w- c:\windows\system32\atitmm64.dll
2013-08-30 22:33 . 2013-03-29 01:10 784384 ----a-w- c:\windows\system32\atiadlxx.dll
2013-08-30 22:33 . 2013-08-30 22:33 594944 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2013-08-30 22:33 . 2013-08-30 22:33 43520 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2013-08-30 22:32 . 2013-08-30 22:32 75264 ----a-w- c:\windows\system32\atig6pxx.dll
2013-08-30 22:32 . 2013-08-30 22:32 69632 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2013-08-30 22:32 . 2013-08-30 22:32 69632 ----a-w- c:\windows\system32\atiglpxx.dll
2013-08-30 22:32 . 2013-08-30 22:32 100352 ----a-w- c:\windows\system32\atig6txx.dll
2013-08-30 22:32 . 2013-08-30 22:32 96768 ----a-w- c:\windows\SysWow64\atigktxx.dll
2013-08-30 22:32 . 2013-08-30 22:32 618496 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2013-08-30 17:58 . 2013-08-30 17:58 51200 ----a-w- c:\windows\system32\kdbsdk64.dll
2013-08-30 17:53 . 2013-08-30 17:53 38912 ----a-w- c:\windows\SysWow64\kdbsdk32.dll
2013-08-30 07:48 . 2013-03-03 08:41 65336 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-08-30 07:48 . 2013-03-03 08:41 204880 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-08-30 07:48 . 2012-03-22 17:10 378944 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-08-30 07:48 . 2012-03-22 17:10 72016 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-08-30 07:48 . 2012-03-22 17:10 64288 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-08-30 07:48 . 2012-03-22 17:09 1030952 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-08-30 07:48 . 2012-03-22 17:10 33400 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-08-30 07:48 . 2012-03-22 17:09 80816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-08-30 07:47 . 2012-03-22 17:09 41664 ----a-w- c:\windows\avastSS.scr
2013-08-30 07:47 . 2012-03-22 17:09 287840 ----a-w- c:\windows\system32\aswBoot.exe
2013-08-14 18:00 . 2013-08-28 19:49 127488 ----a-w- c:\windows\system32\ff_vfw.dll
2013-08-14 18:00 . 2013-08-28 19:49 112640 ----a-w- c:\windows\SysWow64\ff_vfw.dll
2013-08-02 17:29 . 2013-08-28 19:49 256088 ----a-w- c:\windows\system32\unrar64.dll
2013-08-02 17:29 . 2012-08-05 23:51 217176 ----a-w- c:\windows\SysWow64\unrar.dll
2013-08-02 01:48 . 2013-10-01 22:25 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-07-29 10:32 . 2013-07-29 10:32 108968 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2013-07-29 10:32 . 2013-07-29 10:33 312232 ----a-w- c:\windows\system32\javaws.exe
2013-07-29 10:32 . 2012-12-24 15:38 189352 ----a-w- c:\windows\system32\javaw.exe
2013-07-29 10:32 . 2012-12-24 15:38 188840 ----a-w- c:\windows\system32\java.exe
2013-07-29 10:32 . 2012-12-24 15:42 1093032 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-07-29 10:32 . 2011-09-26 12:27 972712 ----a-w- c:\windows\system32\deployJava1.dll
2013-07-25 09:25 . 2013-08-28 20:09 1888768 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-07-25 08:57 . 2013-08-28 20:09 1620992 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2013-07-24 18:36 . 2013-07-24 18:36 66728 ----a-w- c:\windows\system32\drivers\vrtaucbl.sys
2013-07-19 01:58 . 2013-08-28 20:08 2048 ----a-w- c:\windows\system32\tzres.dll
2013-07-19 01:41 . 2013-08-28 20:08 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-01-24 11:50 . 2012-04-14 00:39 168864 ----a-w- c:\program files\Common Files\WireHelpSvc.exe
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Raptr"="c:\progra~2\Raptr\raptrstub.exe" [2013-09-27 55360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-08-30 4858968]
"MGSysCtrl"="c:\program files (x86)\System Control Manager\MGSysCtrl.exe" [2009-12-04 2244608]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2013-08-30 766208]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2013-10-01 2345296]
.
c:\users\42\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Rainmeter.lnk - c:\program files\Rainmeter\Rainmeter.exe [2013-10-13 38072]
sfBot.lnk - c:\bin\Spiele\SFBot_v2.1.0\sfBot.exe [2011-11-16 20237824]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
LOLRecorder.lnk - c:\program files (x86)\LOLReplay\LOLRecorder.exe -minimize [2013-9-13 526336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\persistentroutes]
"178.63.49.78,255.255.255.255,192.168.0.143,1"=""
"188.138.106.112,255.255.255.255,192.168.0.143,1"=""
"79.110.87.198,255.255.255.255,192.168.0.143,1"=""
"80.84.58.203,255.255.255.255,192.168.0.143,1"=""
"94.102.0.108,255.255.255.255,192.168.0.143,1"=""
"176.9.9.227,255.255.255.255,192.168.0.143,1"=""
"199.27.135.167,255.255.255.255,192.168.0.143,1"=""
"199.27.134.167,255.255.255.255,192.168.0.143,1"=""
"176.227.199.194,255.255.255.255,192.168.0.143,1"=""
"184.22.200.176,255.255.255.255,192.168.0.143,1"=""
"184.173.197.241,255.255.255.255,192.168.0.143,1"=""
"46.252.196.1,255.255.255.255,192.168.0.143,1"=""
"85.153.48.2,255.255.255.255,192.168.0.143,1"=""
"188.72.213.65,255.255.255.255,192.168.0.143,1"=""
"80.190.202.44,255.255.255.255,192.168.0.143,1"=""
"188.72.201.254,255.255.255.255,192.168.0.143,1"=""
"91.227.4.115,255.255.255.255,192.168.0.143,1"=""
"80.190.202.43,255.255.255.255,192.168.0.143,1"=""
"31.170.162.61,255.255.255.255,192.168.0.143,1"=""
"173.245.60.150,255.255.255.255,192.168.0.143,1"=""
"199.27.134.58,255.255.255.255,192.168.0.143,1"=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 ALSysIO;ALSysIO;c:\users\42\AppData\Local\Temp\ALSysIO64.sys;c:\users\42\AppData\Local\Temp\ALSysIO64.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
R3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
R3 connctfy;Connectify Service;c:\windows\system32\DRIVERS\connctfy.sys;c:\windows\SYSNATIVE\DRIVERS\connctfy.sys [x]
R3 connctfyMP;connctfyMP;c:\windows\system32\DRIVERS\connctfy.sys;c:\windows\SYSNATIVE\DRIVERS\connctfy.sys [x]
R3 dc3d;Microsoft-Hardware – Geräteerkennungstreiber;c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 ESLvnic1;ESLvnic Virtual Network 64 Bit;c:\windows\system32\DRIVERS\ESLvnic.sys;c:\windows\SYSNATIVE\DRIVERS\ESLvnic.sys [x]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [x]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
R3 mod7764;Tv Tuner device;c:\windows\system32\DRIVERS\mod77-64.sys;c:\windows\SYSNATIVE\DRIVERS\mod77-64.sys [x]
R3 nmwcdnsucx64;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsucx64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsucx64.sys [x]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsux64.sys [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des;c:\windows\SYSNATIVE\GameMon.des [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SCL01164;SCL011 Contactless Reader;c:\windows\system32\DRIVERS\SCL01164.sys;c:\windows\SYSNATIVE\DRIVERS\SCL01164.sys [x]
R3 slb;slb;c:\bin\Spiele\AeriaGames\ScarletBlade\avital\scarlb64.sys;c:\bin\Spiele\AeriaGames\ScarletBlade\avital\scarlb64.sys [x]
R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.6;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 USBAU;USB Audio Device Interface;c:\windows\system32\drivers\CM10264.sys;c:\windows\SYSNATIVE\drivers\CM10264.sys [x]
R3 wacmoumonitor;Wacom Mode Helper;c:\windows\system32\DRIVERS\wacmoumonitor.sys;c:\windows\SYSNATIVE\DRIVERS\wacmoumonitor.sys [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [x]
R3 X6va005;X6va005;c:\users\42\AppData\Local\Temp\00560D.tmp;c:\users\42\AppData\Local\Temp\00560D.tmp [x]
R3 X6va006;X6va006;c:\users\42\AppData\Local\Temp\00656EB.tmp;c:\users\42\AppData\Local\Temp\00656EB.tmp [x]
R3 XENfiltv;XENfiltv;c:\windows\system32\drivers\XENfiltv.sys;c:\windows\SYSNATIVE\drivers\XENfiltv.sys [x]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S0 johci;JMicron 1394 Filter Driver;c:\windows\system32\DRIVERS\johci.sys;c:\windows\SYSNATIVE\DRIVERS\johci.sys [x]
S0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\DRIVERS\NBVol.sys;c:\windows\SYSNATIVE\DRIVERS\NBVol.sys [x]
S0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\DRIVERS\NBVolUp.sys;c:\windows\SYSNATIVE\DRIVERS\NBVolUp.sys [x]
S1 aswKbd;aswKbd; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Micro Star SCM;Micro Star SCM;c:\program files (x86)\System Control Manager\MSIService.exe;c:\program files (x86)\System Control Manager\MSIService.exe [x]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys;c:\windows\SYSNATIVE\drivers\npf.sys [x]
S2 TabletServicePen;TabletServicePen;c:\program files\Tablet\Pen\Pen_Tablet.exe;c:\program files\Tablet\Pen\Pen_Tablet.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S2 TouchServicePen;Wacom Consumer Touch Service;c:\program files\Tablet\Pen\Pen_TouchService.exe;c:\program files\Tablet\Pen\Pen_TouchService.exe [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 EuMusDesignVirtualAudioCableWdm;Virtual Audio Cable (WDM);c:\windows\system32\DRIVERS\vrtaucbl.sys;c:\windows\SYSNATIVE\DRIVERS\vrtaucbl.sys [x]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys;c:\windows\SYSNATIVE\Drivers\pcouffin.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys;c:\windows\SYSNATIVE\DRIVERS\rtl8192se.sys [x]
S3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\DRIVERS\teamviewervpn.sys;c:\windows\SYSNATIVE\DRIVERS\teamviewervpn.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2013-10-15 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 00:36]
.
2013-10-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-06 15:44]
.
2013-10-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-06 15:44]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-08-30 07:47 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2013-03-22 36352]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2013-03-29 13513288]
"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2013-03-08 1278024]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\persistentroutes]
"178.63.49.78,255.255.255.255,192.168.0.143,1"=""
"188.138.106.112,255.255.255.255,192.168.0.143,1"=""
"79.110.87.198,255.255.255.255,192.168.0.143,1"=""
"80.84.58.203,255.255.255.255,192.168.0.143,1"=""
"94.102.0.108,255.255.255.255,192.168.0.143,1"=""
"176.9.9.227,255.255.255.255,192.168.0.143,1"=""
"199.27.135.167,255.255.255.255,192.168.0.143,1"=""
"199.27.134.167,255.255.255.255,192.168.0.143,1"=""
"176.227.199.194,255.255.255.255,192.168.0.143,1"=""
"184.22.200.176,255.255.255.255,192.168.0.143,1"=""
"184.173.197.241,255.255.255.255,192.168.0.143,1"=""
"46.252.196.1,255.255.255.255,192.168.0.143,1"=""
"85.153.48.2,255.255.255.255,192.168.0.143,1"=""
"188.72.213.65,255.255.255.255,192.168.0.143,1"=""
"80.190.202.44,255.255.255.255,192.168.0.143,1"=""
"188.72.201.254,255.255.255.255,192.168.0.143,1"=""
"91.227.4.115,255.255.255.255,192.168.0.143,1"=""
"80.190.202.43,255.255.255.255,192.168.0.143,1"=""
"31.170.162.61,255.255.255.255,192.168.0.143,1"=""
"173.245.60.150,255.255.255.255,192.168.0.143,1"=""
"199.27.134.58,255.255.255.255,192.168.0.143,1"=""
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.bing.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = local
IE: Bild an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Free YouTube Download - c:\users\42\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - c:\users\42\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Seite an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Sothink Flash Downloader For IE - c:\program files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
Trusted Zone: aeriagames.com
TCP: DhcpNameServer = 192.168.1.1 192.168.1.1
DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKCU-Run-Akamai NetSession Interface - c:\users\42\AppData\Local\Akamai\netsession_win.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-snp2std - c:\windows\vsnp2std.exe
AddRemove-{9143B17E-BBDE-4EA7-A4E3-20D384D9C8A5}_is1 - c:\windows\AppPatch\unins000.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va005]
"ImagePath"="\??\c:\users\42\AppData\Local\Temp\00560D.tmp"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va006]
"ImagePath"="\??\c:\users\42\AppData\Local\Temp\00656EB.tmp"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1664565104-910828770-3124941875-1001\Software\SecuROM\License information*]
"datasecu"=hex:40,f9,f1,a3,fb,ec,94,c7,1e,5b,c9,ba,bb,e2,b4,34,98,3c,51,38,e9,
b0,00,da,42,a5,71,8b,eb,f2,d6,f0,a8,30,e1,c2,6e,a4,a6,3f,3a,59,7a,20,b2,21,\
"rkeysecu"=hex:4d,46,8f,c2,ef,4a,08,0d,2c,78,0a,a4,d5,70,88,3a
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-10-15 13:07:15
ComboFix-quarantined-files.txt 2013-10-15 11:07
.
Vor Suchlauf: 20 Verzeichnis(se), 16.506.654.720 Bytes frei
Nach Suchlauf: 29 Verzeichnis(se), 17.271.988.224 Bytes frei
.
- - End Of File - - 488485AB88525EA755B1862B5866416C
A36C5E4F47E84449FF07ED3517B43A31 Gruß,
Midrask |