Overclocker | 10.01.2015 21:18 | Combofix Log: Code:
ComboFix 15-01-08.01 - Armin 10.01.2015 20:58:49.1.8 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.49.1031.18.8149.5066 [GMT 1:00]
ausgeführt von:: c:\users\Armin\Downloads\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\users\Armin\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
c:\windows\msdownld.tmp
c:\windows\SysWow64\tmp712B.tmp
c:\windows\SysWow64\tmp712C.tmp
.
.
((((((((((((((((((((((( Dateien erstellt von 2014-12-10 bis 2015-01-10 ))))))))))))))))))))))))))))))
.
.
2015-01-10 20:06 . 2015-01-10 20:06 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-01-10 18:46 . 2015-01-10 18:47 -------- d-----w- C:\FRST
2015-01-09 14:50 . 2013-09-20 09:49 21040 ----a-w- c:\windows\system32\sdnclean64.exe
2015-01-09 14:50 . 2015-01-09 16:24 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2015-01-09 14:50 . 2015-01-09 14:54 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2
2015-01-09 14:18 . 2015-01-09 14:18 129752 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-01-09 14:18 . 2015-01-09 14:18 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2015-01-09 14:18 . 2015-01-09 14:18 -------- d-----w- c:\programdata\Malwarebytes
2015-01-09 14:18 . 2014-11-21 05:14 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-01-09 14:18 . 2014-11-21 05:14 93400 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-01-09 14:18 . 2014-11-21 05:14 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-01-09 00:25 . 2015-01-09 00:25 -------- d-----w- c:\users\Armin\AppData\Local\backburner
2015-01-07 17:12 . 2015-01-07 17:12 -------- d-----w- c:\programdata\boost_interprocess
2015-01-07 17:00 . 2015-01-07 17:00 -------- d-----w- c:\programdata\FLEXnet
2015-01-07 17:00 . 2015-01-07 17:12 -------- d-----w- c:\users\Armin\AppData\Local\Autodesk
2015-01-07 16:30 . 2015-01-07 16:30 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2015-01-07 16:29 . 2015-01-07 16:30 -------- d-----w- c:\program files\Common Files\Autodesk Shared
2015-01-07 16:29 . 2015-01-07 16:31 -------- d-----w- c:\program files\Autodesk
2015-01-07 16:29 . 2015-01-07 16:29 -------- d-----w- c:\program files (x86)\Autodesk
2015-01-07 16:27 . 2015-01-07 16:30 -------- d-----w- c:\program files (x86)\Common Files\Autodesk Shared
2015-01-07 16:24 . 2015-01-07 17:11 -------- d-----w- c:\users\Armin\AppData\Roaming\Autodesk
2015-01-07 16:24 . 2015-01-07 17:11 -------- d-----w- c:\programdata\Autodesk
2015-01-07 16:21 . 2015-01-07 16:21 -------- d-----w- C:\Autodesk
2015-01-05 22:49 . 2015-01-05 23:02 -------- d-----w- c:\users\Armin\AppData\Roaming\Celemony Software GmbH
2015-01-05 22:48 . 2015-01-05 23:02 -------- d-----w- c:\programdata\Celemony Software GmbH
2015-01-05 22:48 . 2015-01-05 22:48 -------- d-----w- C:\Temp
2015-01-05 18:40 . 2014-06-04 14:17 34080 ----a-w- c:\windows\system32\SmartDefragBootTime.exe
2015-01-05 18:40 . 2015-01-05 18:40 -------- d-----w- c:\programdata\IObit
2015-01-05 18:40 . 2014-06-04 14:17 128288 ----a-w- c:\windows\system32\IObitSmartDefragExtension.dll
2015-01-05 18:39 . 2015-01-05 18:39 -------- d-----w- c:\users\Armin\AppData\Roaming\IObit
2015-01-04 23:38 . 2015-01-04 23:38 -------- d-----w- c:\users\Armin\AppData\Local\Overwolf
2014-12-30 17:24 . 2014-12-30 17:24 -------- d-----w- c:\users\Armin\AppData\Local\Rockstar Games
2014-12-29 22:09 . 2014-12-29 22:09 -------- d-----w- c:\program files\CCleaner
2014-12-23 13:25 . 2014-12-23 13:25 -------- d-sh--w- c:\users\Armin\AppData\Local\EmieBrowserModeList
2014-12-19 20:24 . 2013-05-10 05:56 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2014-12-19 20:24 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL
2014-12-19 20:24 . 2013-05-10 04:30 167424 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2014-12-19 20:24 . 2013-05-10 03:48 164864 ----a-w- c:\program files (x86)\Windows Media Player\wmplayer.exe
2014-12-19 20:24 . 2013-05-10 05:56 14631424 ----a-w- c:\windows\system32\wmp.dll
2014-12-19 20:13 . 2014-12-19 20:16 -------- d-----w- c:\windows\system32\MRT
2014-12-19 20:08 . 2012-07-26 07:46 2560 ----a-w- c:\windows\system32\drivers\de-DE\wdf01000.sys.mui
2014-12-19 20:06 . 2012-08-23 13:24 15360 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
2014-12-19 20:06 . 2012-08-23 14:12 29696 ----a-w- c:\windows\system32\drivers\terminpt.sys
2014-12-19 20:06 . 2012-08-23 14:10 19456 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys
2014-12-19 20:06 . 2012-08-23 14:08 30208 ----a-w- c:\windows\system32\drivers\TsUsbGD.sys
2014-12-19 20:06 . 2012-08-23 11:12 192000 ----a-w- c:\windows\SysWow64\rdpendp_winip.dll
2014-12-19 20:06 . 2012-08-23 14:13 243200 ----a-w- c:\windows\system32\rdpudd.dll
2014-12-19 20:06 . 2012-08-23 10:51 228864 ----a-w- c:\windows\system32\rdpendp_winip.dll
2014-12-19 20:06 . 2012-08-23 09:51 3174912 ----a-w- c:\windows\system32\rdpcorets.dll
2014-12-19 19:59 . 2014-10-18 02:05 4121600 ----a-w- c:\windows\system32\mf.dll
2014-12-19 19:59 . 2014-10-18 01:33 3209728 ----a-w- c:\windows\SysWow64\mf.dll
2014-12-19 19:59 . 2014-07-07 02:06 206848 ----a-w- c:\windows\system32\mfps.dll
2014-12-19 19:59 . 2014-07-07 02:06 55808 ----a-w- c:\windows\system32\rrinstaller.exe
2014-12-19 19:59 . 2014-07-07 02:06 24576 ----a-w- c:\windows\system32\mfpmp.exe
2014-12-19 19:59 . 2014-07-07 02:02 2048 ----a-w- c:\windows\system32\mferror.dll
2014-12-19 19:59 . 2014-07-07 01:40 103424 ----a-w- c:\windows\SysWow64\mfps.dll
2014-12-19 19:59 . 2014-07-07 01:39 50176 ----a-w- c:\windows\SysWow64\rrinstaller.exe
2014-12-19 19:59 . 2014-07-07 01:39 23040 ----a-w- c:\windows\SysWow64\mfpmp.exe
2014-12-19 19:59 . 2014-07-07 01:37 2048 ----a-w- c:\windows\SysWow64\mferror.dll
2014-12-19 19:58 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2014-12-19 19:58 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2014-12-19 19:58 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2014-12-19 19:58 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2014-12-19 19:58 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2014-12-19 19:58 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2014-12-19 19:58 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2014-12-19 19:53 . 2014-06-27 02:08 2777088 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2014-12-19 19:53 . 2014-06-27 01:45 2285056 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
2014-12-19 19:51 . 2014-10-14 02:13 683520 ----a-w- c:\windows\system32\termsrv.dll
2014-12-19 19:50 . 2014-07-09 02:03 7168 ----a-w- c:\windows\system32\KBDTAT.DLL
2014-12-19 19:49 . 2012-10-09 18:17 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2014-12-19 19:47 . 2011-12-30 06:26 515584 ----a-w- c:\windows\system32\timedate.cpl
2014-12-19 19:47 . 2011-12-30 05:27 478720 ----a-w- c:\windows\SysWow64\timedate.cpl
2014-12-19 19:47 . 2013-08-05 02:25 155584 ----a-w- c:\windows\system32\drivers\ataport.sys
2014-12-19 19:47 . 2013-01-24 06:01 223752 ----a-w- c:\windows\system32\drivers\fvevol.sys
2014-12-19 19:39 . 2014-10-18 02:05 861696 ----a-w- c:\windows\system32\oleaut32.dll
2014-12-19 19:39 . 2014-10-18 01:33 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2014-12-19 19:39 . 2013-08-28 01:12 461312 ----a-w- c:\windows\system32\scavengeui.dll
2014-12-14 08:57 . 2014-12-14 14:27 -------- d-----w- C:\xampp
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-01-10 20:06 . 2014-10-01 10:27 65536 ----a-w- c:\windows\system32\spu_storage.bin
2015-01-01 14:44 . 2014-10-01 17:53 348928 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2015-01-01 14:44 . 2014-10-01 17:49 348928 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2015-01-01 14:44 . 2014-10-01 17:49 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2014-12-03 18:07 . 2014-12-03 18:07 55872 ----a-w- c:\windows\system32\AdobePDF.dll
2014-12-03 18:06 . 2014-12-03 18:06 27208 ----a-w- c:\windows\system32\AdobePDFUI.dll
2014-12-02 12:52 . 2014-12-02 12:52 29184 ----a-w- c:\windows\system32\ssm4mlm.dll
2014-12-02 12:52 . 2014-12-02 12:52 686384 ----a-w- c:\windows\system32\eed_sl.exe
2014-12-02 12:52 . 2014-12-02 12:52 3141120 ----a-w- c:\windows\system32\eed_ec.dll
2014-11-29 18:16 . 2014-11-29 18:16 21712 ----a-w- c:\windows\SysWow64\drivers\DrvAgent64.SYS
2014-11-21 22:37 . 2014-11-21 22:37 76152 ----a-w- c:\windows\system32\PnkBstrA.exe
2014-11-21 02:44 . 2014-11-21 02:44 128384 ----a-w- c:\windows\system32\amdhcp64.dll
2014-11-21 02:44 . 2014-11-21 02:44 118096 ----a-w- c:\windows\SysWow64\amdhcp32.dll
2014-11-21 02:44 . 2014-11-21 02:44 78432 ----a-w- c:\windows\system32\atimpc64.dll
2014-11-21 02:44 . 2014-11-21 02:44 78432 ----a-w- c:\windows\system32\amdpcom64.dll
2014-11-21 02:44 . 2014-11-21 02:44 71704 ----a-w- c:\windows\SysWow64\atimpc32.dll
2014-11-21 02:44 . 2014-11-21 02:44 71704 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2014-11-21 02:44 . 2014-08-28 05:41 144328 ----a-w- c:\windows\system32\atiuxp64.dll
2014-11-21 02:44 . 2014-11-21 02:44 126848 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2014-11-21 02:44 . 2014-11-21 02:44 118096 ----a-w- c:\windows\system32\atiu9p64.dll
2014-11-21 02:44 . 2014-08-28 05:38 100032 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2014-11-21 02:44 . 2014-08-28 05:37 1348928 ----a-w- c:\windows\system32\aticfx64.dll
2014-11-21 02:44 . 2014-08-28 05:35 1127496 ----a-w- c:\windows\SysWow64\aticfx32.dll
2014-11-21 02:44 . 2014-08-28 05:34 11076784 ----a-w- c:\windows\system32\atidxx64.dll
2014-11-21 02:44 . 2014-11-21 02:44 9401480 ----a-w- c:\windows\SysWow64\atidxx32.dll
2014-11-21 02:43 . 2014-08-28 05:31 7558816 ----a-w- c:\windows\SysWow64\atiumdva.dll
2014-11-21 02:43 . 2014-08-28 05:30 7077776 ----a-w- c:\windows\SysWow64\atiumdag.dll
2014-11-21 02:43 . 2014-11-21 02:43 8379720 ----a-w- c:\windows\system32\atiumd6a.dll
2014-11-21 02:43 . 2014-11-21 02:43 8369408 ----a-w- c:\windows\system32\atiumd64.dll
2014-11-21 02:41 . 2014-11-21 02:41 294600 ----a-w- c:\windows\system32\drivers\amdacpksd.sys
2014-11-21 02:40 . 2014-11-21 02:40 18959360 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2014-11-21 02:33 . 2014-11-21 02:33 235008 ----a-w- c:\windows\system32\clinfo.exe
2014-11-21 02:33 . 2014-11-21 02:33 98816 ----a-w- c:\windows\system32\OpenVideo64.dll
2014-11-21 02:33 . 2014-11-21 02:33 83456 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2014-11-21 02:33 . 2014-11-21 02:33 86528 ----a-w- c:\windows\system32\OVDecode64.dll
2014-11-21 02:33 . 2014-11-21 02:33 73216 ----a-w- c:\windows\SysWow64\OVDecode.dll
2014-11-21 02:33 . 2014-11-21 02:33 47899136 ----a-w- c:\windows\system32\amdocl64.dll
2014-11-21 02:32 . 2014-11-21 02:32 40987136 ----a-w- c:\windows\SysWow64\amdocl.dll
2014-11-21 02:31 . 2014-11-21 02:31 65024 ----a-w- c:\windows\system32\OpenCL.dll
2014-11-21 02:31 . 2014-11-21 02:31 58880 ----a-w- c:\windows\SysWow64\OpenCL.dll
2014-11-21 02:29 . 2014-11-21 02:29 7915520 ----a-w- c:\windows\system32\amdhsasc64.dll
2014-11-21 02:29 . 2014-11-21 02:29 6375936 ----a-w- c:\windows\SysWow64\amdhsasc.dll
2014-11-21 02:24 . 2014-11-21 02:24 28354560 ----a-w- c:\windows\system32\atio6axx.dll
2014-11-21 02:19 . 2014-11-21 02:19 23621632 ----a-w- c:\windows\SysWow64\atioglxx.dll
2014-11-21 02:19 . 2014-11-21 02:19 49664 ----a-w- c:\windows\system32\amdmmcl6.dll
2014-11-21 02:19 . 2014-11-21 02:19 38912 ----a-w- c:\windows\SysWow64\amdmmcl.dll
2014-11-21 02:18 . 2014-11-21 02:18 127488 ----a-w- c:\windows\system32\mantle64.dll
2014-11-21 02:18 . 2014-11-21 02:18 113664 ----a-w- c:\windows\SysWow64\mantle32.dll
2014-11-21 02:18 . 2014-11-21 02:18 5837312 ----a-w- c:\windows\system32\amdmantle64.dll
2014-11-21 02:17 . 2014-11-21 02:17 367104 ----a-w- c:\windows\system32\atiapfxx.exe
2014-11-21 02:17 . 2014-11-21 02:17 62464 ----a-w- c:\windows\system32\aticalrt64.dll
2014-11-21 02:17 . 2014-11-21 02:17 52224 ----a-w- c:\windows\SysWow64\aticalrt.dll
2014-11-21 02:16 . 2014-11-21 02:16 55808 ----a-w- c:\windows\system32\aticalcl64.dll
2014-11-21 02:16 . 2014-11-21 02:16 49152 ----a-w- c:\windows\SysWow64\aticalcl.dll
2014-11-21 02:16 . 2014-11-21 02:16 15716352 ----a-w- c:\windows\system32\aticaldd64.dll
2014-11-21 02:16 . 2014-11-21 02:16 14302208 ----a-w- c:\windows\SysWow64\aticaldd.dll
2014-11-21 02:15 . 2014-11-21 02:15 4590592 ----a-w- c:\windows\SysWow64\amdmantle32.dll
2014-11-21 02:13 . 2014-11-21 02:13 91648 ----a-w- c:\windows\system32\mantleaxl64.dll
2014-11-21 02:13 . 2014-11-21 02:13 85504 ----a-w- c:\windows\SysWow64\mantleaxl32.dll
2014-11-21 02:12 . 2014-11-21 02:12 442368 ----a-w- c:\windows\system32\atidemgy.dll
2014-11-21 02:12 . 2014-11-21 02:12 31232 ----a-w- c:\windows\system32\atimuixx.dll
2014-11-21 02:12 . 2014-11-21 02:12 774656 ----a-w- c:\windows\system32\atieclxx.exe
2014-11-21 02:12 . 2014-11-21 02:12 244736 ----a-w- c:\windows\system32\atiesrxx.exe
2014-11-21 02:12 . 2014-11-21 02:12 190976 ----a-w- c:\windows\system32\atitmm64.dll
2014-11-21 02:10 . 2014-11-21 02:10 843776 ----a-w- c:\windows\system32\coinst_14.50.dll
2014-11-21 02:09 . 2014-11-21 02:09 95744 ----a-w- c:\windows\system32\amdave64.dll
2014-11-21 02:09 . 2014-11-21 02:09 90112 ----a-w- c:\windows\SysWow64\amdave32.dll
2014-11-21 02:09 . 2014-11-21 02:09 89088 ----a-w- c:\windows\system32\atisamu64.dll
2014-11-21 02:09 . 2014-11-21 02:09 80896 ----a-w- c:\windows\SysWow64\atisamu32.dll
2014-11-21 02:09 . 2014-11-21 02:09 1214976 ----a-w- c:\windows\system32\atiadlxx.dll
2014-11-21 02:09 . 2014-11-21 02:09 903168 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2014-11-21 02:09 . 2014-11-21 02:09 75264 ----a-w- c:\windows\system32\atig6pxx.dll
2014-11-21 02:09 . 2014-11-21 02:09 69632 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2014-11-21 02:09 . 2014-11-21 02:09 69632 ----a-w- c:\windows\system32\atiglpxx.dll
2014-11-21 02:08 . 2014-11-21 02:08 146944 ----a-w- c:\windows\system32\atig6txx.dll
2014-11-21 02:08 . 2014-11-21 02:08 133632 ----a-w- c:\windows\SysWow64\atigktxx.dll
2014-11-21 02:08 . 2014-11-21 02:08 589312 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2014-11-21 02:08 . 2014-11-21 02:08 43520 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2014-11-20 20:36 . 2014-11-20 20:36 51200 ----a-w- c:\windows\system32\kdbsdk64.dll
2014-11-20 20:35 . 2014-11-20 20:35 38912 ----a-w- c:\windows\SysWow64\kdbsdk32.dll
2014-11-20 20:18 . 2014-11-20 20:18 362496 ----a-w- c:\windows\system32\amdacpusl.dll
2014-11-20 20:18 . 2014-11-20 20:18 247296 ----a-w- c:\windows\SysWow64\amdacpusl.dll
2014-11-19 23:37 . 2014-10-01 17:49 75136 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2014-11-19 23:11 . 2014-11-19 23:20 2601752 ----a-w- c:\windows\SysWow64\pbsvc_moh.exe
2014-11-04 22:23 . 2014-11-04 22:23 466456 ----a-w- c:\windows\system32\wrap_oal.dll
2014-11-04 22:23 . 2014-11-04 22:23 122904 ----a-w- c:\windows\system32\OpenAL32.dll
2014-11-04 22:23 . 2014-11-04 22:23 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2014-11-04 22:23 . 2014-11-04 22:23 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2014-10-30 22:51 . 2014-10-30 22:51 1139360 ----a-w- c:\programdata\Microsoft\WDExpress\12.0\1031\ResourceCache.dll
2014-10-25 10:23 . 2014-10-25 10:23 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2014-10-22 21:20 . 2014-10-22 21:20 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-17 04:09 131480 ----a-w- c:\users\Armin\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-17 04:09 131480 ----a-w- c:\users\Armin\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-17 04:09 131480 ----a-w- c:\users\Armin\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-17 04:09 131480 ----a-w- c:\users\Armin\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-17 04:09 131480 ----a-w- c:\users\Armin\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-17 04:09 131480 ----a-w- c:\users\Armin\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-17 04:09 131480 ----a-w- c:\users\Armin\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-17 04:09 131480 ----a-w- c:\users\Armin\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"XFastUSB"="c:\program files (x86)\XFastUSB\XFastUsb.exe" [2014-09-21 6311104]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2014-12-09 702768]
"Skiller Pro"="c:\program files (x86)\Skiller Pro\Monitor.exe" [2014-02-26 475136]
"StartCCC"="c:\program files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2014-11-20 767176]
"Avira Systray"="c:\program files (x86)\Avira\My Avira\Avira.OE.Systray.exe" [2014-11-20 126200]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 DrvAgent64;DrvAgent64;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 FNETTBOH_305;FNETTBOH_305;c:\windows\system32\drivers\FNETTBOH_305.SYS;c:\windows\SYSNATIVE\drivers\FNETTBOH_305.SYS [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1;c:\windows\system32\drivers\libusb0.sys;c:\windows\SYSNATIVE\drivers\libusb0.sys [x]
R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys;c:\windows\SYSNATIVE\DRIVERS\MijXfilt.sys [x]
R3 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 VsEtwService120;Visual Studio ETW-Ereignisauflistungsdienst;c:\program files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe;c:\program files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [x]
R3 YMIDUSBW;Yamaha USB-MIDI Driver (WDM);c:\windows\system32\drivers\ymidusbx64.sys;c:\windows\SYSNATIVE\drivers\ymidusbx64.sys [x]
R4 hshld;Hotspot Shield Service;c:\program files (x86)\Hotspot Shield\bin\cmw_srv.exe;c:\program files (x86)\Hotspot Shield\bin\cmw_srv.exe [x]
R4 HssWd;Hotspot Shield Monitoring Service;c:\program files (x86)\Hotspot Shield\bin\hsswd.exe;c:\program files (x86)\Hotspot Shield\bin\hsswd.exe [x]
R4 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S0 AsrRamDisk;AsrRamDisk;c:\windows\system32\DRIVERS\AsrRamDisk.sys;c:\windows\SYSNATIVE\DRIVERS\AsrRamDisk.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 AsrAppCharger;AsrAppCharger;c:\windows\system32\DRIVERS\AsrAppCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AsrAppCharger.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 FNETURPX;FNETURPX;c:\windows\system32\drivers\FNETURPX.SYS;c:\windows\SYSNATIVE\drivers\FNETURPX.SYS [x]
S1 HssDRV6;Hotspot Shield Routing Driver 6;c:\windows\system32\DRIVERS\hssdrv6.sys;c:\windows\SYSNATIVE\DRIVERS\hssdrv6.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\AMD\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 amdacpksd;ACP Kernel Service Driver;c:\windows\system32\drivers\amdacpksd.sys;c:\windows\SYSNATIVE\drivers\amdacpksd.sys [x]
S2 amdacpusrsvc;ACP User Service;c:\program files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe;c:\program files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 AODDriver4.3;AODDriver4.3;c:\program files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 Avira.OE.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [x]
S2 mi-raysat_3dsmax2012_64;mental ray 3.9 Satellite for Autodesk 3ds Max Design 2012 64-bit - German 64-bit;c:\program files\Autodesk\3ds Max Design 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe;c:\program files\Autodesk\3ds Max Design 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe [x]
S2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [x]
S2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [x]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [x]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys;c:\windows\SYSNATIVE\Drivers\SSPORT.sys [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys;c:\windows\SYSNATIVE\Drivers\EtronHub3.sys [x]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys;c:\windows\SYSNATIVE\Drivers\EtronXHCI.sys [x]
S3 ffusb2audio;Focusrite USB 2.0 Audio Driver;c:\windows\system32\DRIVERS\ffusb2audio.sys;c:\windows\SYSNATIVE\DRIVERS\ffusb2audio.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 ScpVBus;Scp Virtual Bus Driver;c:\windows\system32\DRIVERS\ScpVBus.sys;c:\windows\SYSNATIVE\DRIVERS\ScpVBus.sys [x]
S3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-12-12 20:02 1087816 ----a-w- c:\program files (x86)\Google\Chrome\Application\39.0.2171.95\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2015-01-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-09-21 18:59]
.
2015-01-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-09-21 18:59]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-17 04:10 164760 ----a-w- c:\users\Armin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-17 04:10 164760 ----a-w- c:\users\Armin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-17 04:10 164760 ----a-w- c:\users\Armin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-17 04:10 164760 ----a-w- c:\users\Armin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-17 04:10 164760 ----a-w- c:\users\Armin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-17 04:10 164760 ----a-w- c:\users\Armin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-17 04:10 164760 ----a-w- c:\users\Armin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-17 04:10 164760 ----a-w- c:\users\Armin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mDefault_Search_URL = www.google.com
mDefault_Page_URL = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = www.google.com
TCP: DhcpNameServer = 192.168.178.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-ASRockXTU - (no file)
Wow6432Node-HKCU-Run-zASRockInstantBoot - (no file)
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Wow6432Node-HKLM-Run-MP3 File Size (Bitrate) Reduce Software.exe - (no file)
Notify-SDWinLogon - SDWinLogon.dll
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc_moh.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1380107733-3383246354-555724266-1000\Software\SecuROM\License information*]
"datasecu"=hex:01,1c,e3,71,79,46,c8,76,71,a9,6d,45,11,ab,d0,21,38,5a,ad,26,b0,
9d,ad,ac,74,7d,db,33,b1,86,e3,ac,4b,82,7c,5d,f1,db,f0,d9,4f,07,dd,17,46,6c,\
"rkeysecu"=hex:7e,47,fd,9b,b0,16,9f,c5,42,6e,ac,a0,f0,ee,d6,63
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BEB3C0C7-B648-4257-96D9-B5D024816E27}\Version*Version]
"Version"=hex:17,4c,a6,4f,14,5d,88,3a,49,b6,d4,ff,ab,e2,69,a3,a3,0a,1c,7d,ff,
fe,da,ec,c1,53,ec,3b,9a,63,30,8f,43,8d,f5,4f,3b,31,56,ec,de,4b,d4,6b,a5,6f,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Minnetonka Audio Software\SurCode Dolby Digital Premiere\Version*Version]
"Version"=hex:17,4c,a6,4f,14,5d,88,3a,49,b6,d4,ff,ab,e2,69,a3,a3,0a,1c,7d,ff,
fe,da,ec,c1,53,ec,3b,9a,63,30,8f,43,8d,f5,4f,3b,31,56,ec,de,4b,d4,6b,a5,6f,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\windows\system32\PnkBstrA.exe
c:\program files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-01-10 21:11:43 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2015-01-10 20:11
.
Vor Suchlauf: 14 Verzeichnis(se), 105.449.725.952 Bytes frei
Nach Suchlauf: 18 Verzeichnis(se), 105.223.770.112 Bytes frei
.
- - End Of File - - 0CC03F1C00F8590D0A62A2FB37C2556F
A36C5E4F47E84449FF07ED3517B43A31 |