Trojaner-Board - Unmengen an Upload -> Virus/Trojaner ?

Code:
ComboFix 11-04-12.02 - BalloS 13.04.2011  15:40:38.1.4 - x64

Microsoft Windows 7 Ultimate   6.1.7601.1.1252.49.1031.18.8190.6376 [GMT 2:00]

ausgeführt von:: c:\users\BalloS\Desktop\cofi.exe

AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}

SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

.

(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

-------\Service_Serv-U

.

.

(((((((((((((((((((((((   Dateien erstellt von 2011-03-13 bis 2011-04-13  ))))))))))))))))))))))))))))))

.

.

2011-04-13 13:43 . 2011-04-13 13:43        --------        d-----w-        c:\users\Default\AppData\Local\temp

2011-04-13 12:45 . 2011-04-13 12:45        --------        d-----w-        C:\_OTL

2011-04-13 10:41 . 2011-04-13 10:41        --------        d-----w-        c:\users\BalloS\AppData\Roaming\Malwarebytes

2011-04-13 10:41 . 2010-12-20 16:09        38224        ----a-w-        c:\windows\SysWow64\drivers\mbamswissarmy.sys

2011-04-13 10:41 . 2011-04-13 10:41        --------        d-----w-        c:\programdata\Malwarebytes

2011-04-13 10:41 . 2011-04-13 10:41        --------        d-----w-        c:\program files (x86)\Malwarebytes' Anti-Malware

2011-04-13 10:41 . 2010-12-20 16:08        24152        ----a-w-        c:\windows\system32\drivers\mbam.sys

2011-04-13 08:42 . 2011-03-23 08:11        8424784        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{DB538A5C-6270-4302-9370-BB849DACE9B6}\mpengine.dll

2011-04-13 08:36 . 2011-02-12 11:34        267776        ----a-w-        c:\windows\system32\FXSCOVER.exe

2011-04-13 06:47 . 2011-04-13 06:48        --------        d-----w-        c:\program files (x86)\ERUNT

2011-04-12 17:11 . 2011-04-12 17:11        --------        d-----w-        c:\programdata\Hagel Technologies

2011-04-12 17:11 . 2011-04-12 17:12        --------        d-----w-        c:\program files (x86)\DU Meter

2011-04-12 16:02 . 2011-04-12 16:07        --------        d-----w-        c:\users\BalloS\AppData\Roaming\TrafficMonitor

2011-04-12 16:02 . 2011-04-12 16:02        --------        d-----w-        c:\programdata\TrafficMonitor

2011-04-12 16:02 . 2007-12-11 12:00        330336        ----a-w-        c:\windows\TraffUn.EXE

2011-04-12 16:02 . 2011-04-12 16:02        --------        d-----w-        c:\program files (x86)\TrafficMonitor

2011-04-12 16:01 . 2011-04-12 16:01        --------        d-----w-        c:\users\BalloS\AppData\Roaming\Wireshark

2011-04-12 15:51 . 2011-04-12 15:53        --------        d-----w-        c:\program files\Wireshark

2011-04-11 08:25 . 2011-04-11 08:25        55456        ----a-w-        c:\windows\SysWow64\drivers\ArgusMonitor.sys

2011-04-04 15:40 . 2011-04-04 15:40        --------        d-----w-        c:\program files (x86)\BDSokobanYASC

2011-04-02 11:15 . 2011-04-12 15:53        --------        d-----w-        c:\program files (x86)\WinPcap

2011-04-02 11:15 . 2011-04-02 11:26        --------        d-----w-        c:\program files (x86)\NetGear

2011-03-27 18:14 . 2011-03-27 18:14        --------        d-----w-        c:\users\BalloS\AppData\Local\Nero

2011-03-22 09:16 . 2011-03-10 15:14        346112        ----a-w-        c:\temp\setup.exe

2011-03-22 08:07 . 2011-03-22 08:09        --------        d-----w-        c:\program files (x86)\Common Files\Nero

2011-03-22 08:07 . 2011-03-22 08:12        --------        d-----w-        c:\program files (x86)\Nero

2011-03-22 08:06 . 2011-03-22 08:06        --------        d-----w-        c:\program files (x86)\Microsoft Silverlight

2011-03-20 12:00 . 2011-03-20 12:00        --------        d-----w-        c:\program files (x86)\AviSynth 2.5

2011-03-20 12:00 . 2011-03-20 12:00        --------        d-----w-        c:\program files (x86)\Gabest

2011-03-20 12:00 . 2011-03-20 12:00        --------        d-----w-        c:\program files (x86)\AutoGK

2011-03-19 15:44 . 2011-04-13 06:05        --------        d-----w-        c:\program files\CCleaner

2011-03-19 15:24 . 2011-03-19 15:33        --------        d-----w-        c:\windows\system32\appmgmt

2011-03-16 08:01 . 2011-03-16 08:08        --------        d-----w-        c:\users\BalloS\AppData\Roaming\GHISLER

2011-03-16 08:01 . 2010-12-17 06:56        545        ----a-w-        c:\windows\UC.PIF

2011-03-16 08:01 . 2010-12-17 06:56        545        ----a-w-        c:\windows\RAR.PIF

2011-03-16 08:01 . 2010-12-17 06:56        545        ----a-w-        c:\windows\PKZIP.PIF

2011-03-16 08:01 . 2010-12-17 06:56        545        ----a-w-        c:\windows\PKUNZIP.PIF

2011-03-16 08:01 . 2010-12-17 06:56        545        ----a-w-        c:\windows\NOCLOSE.PIF

2011-03-16 08:01 . 2010-12-17 06:56        545        ----a-w-        c:\windows\LHA.PIF

2011-03-16 08:01 . 2010-12-17 06:56        545        ----a-w-        c:\windows\ARJ.PIF

2011-03-16 07:27 . 2011-03-16 07:27        --------        d-----w-        c:\users\BalloS\AppData\Roaming\Avira

2011-03-15 17:57 . 2011-03-15 18:00        --------        d-----w-        c:\users\BalloS\AppData\Roaming\FastCopy

2011-03-15 17:57 . 2011-03-15 17:57        --------        d-----w-        c:\program files\FastCopy

2011-03-15 17:41 . 2011-04-13 13:38        --------        d-----w-        c:\users\BalloS\AppData\Roaming\TeraCopy

2011-03-15 17:41 . 2011-03-15 17:41        --------        d-----w-        c:\program files\TeraCopy

.

.

((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-02-26 18:13 . 2009-07-14 02:36        175616        ----a-w-        c:\windows\system32\msclmd.dll

2011-02-26 18:13 . 2009-07-14 02:36        152576        ----a-w-        c:\windows\SysWow64\msclmd.dll

2011-02-26 11:31 . 2011-02-26 11:31        119808        ----a-r-        c:\users\BalloS\AppData\Roaming\Microsoft\Installer\{CCF298AF-9CE1-4B26-B251-486E98A34789}\icons.exe

2011-02-14 15:15 . 2011-02-14 15:15        695578        ----a-w-        c:\windows\unins000.exe

2011-02-02 16:11 . 2010-10-09 12:56        270720        ------w-        c:\windows\system32\MpSigStub.exe

2011-01-20 10:21 . 2011-01-20 10:21        262144        ----a-w-        c:\windows\SysWow64\wrap_oal.dll

2011-01-20 10:21 . 2011-01-20 10:21        86016        ----a-w-        c:\windows\SysWow64\OpenAL32.dll

.

.

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))

.

.

*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Argus Monitor"="c:\program files (x86)\ArgusMonitor\ArgusMonitor.exe" [2011-04-11 1613984]

"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]

"Steam"="d:\steam\steam.exe" [2011-01-04 1242448]

"DU Meter"="c:\program files (x86)\DU Meter\DUMeter.exe" [2011-01-14 2942856]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"NUSB3MON"="c:\program files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-01-22 106496]

"ATICustomerCare"="c:\program files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-03-04 311296]

"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2010-11-04 281768]

"Copperhead"="c:\program files (x86)\Razer\Copperhead\razerhid.exe" [2009-11-19 135168]

"Tarantula"="c:\program files (x86)\Razer\Tarantula\razerhid.exe" [2007-05-07 159744]

"openvpn-gui"="c:\program files (x86)\Astaro\Astaro SSL VPN Client\bin\openvpn-gui.exe" [2010-03-17 264704]

"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]

"WinampAgent"="c:\program files (x86)\Winamp\winampa.exe" [2010-07-12 74752]

"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-10 932288]

"Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [2010-10-25 36760]

"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2010-10-25 821144]

"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-01-04 336384]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]

"NBAgent"="c:\program files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" [2010-09-03 1406248]

"TrafficMonitor"="c:\progra~2\TRAFFICMONITOR\TRAFFICMONITOR.EXE" [2007-12-11 4681728]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Printkey2000.lnk - c:\program files (x86)\PrintKey2000\Printkey2000.exe [2010-12-18 869376]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 0 (0x0)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

"PromptOnSecureDesktop"= 0 (0x0)

"EnableLinkedConnections"= 1 (0x1)

.

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-05-04 503080]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]

R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]

R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]

R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]

S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]

S1 raddrvv3;raddrvv3;c:\windows\SysWOW64\rserver30\raddrvv3.sys [2010-04-21 68680]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]

S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-01-04 354304]

S2 AMD Reservation Manager;AMD Reservation Manager;c:\program files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [2010-06-17 194496]

S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2010-11-04 135336]

S2 DUMeterSvc;DU Meter Service;c:\program files (x86)\DU Meter\DUMeterSvc.exe [2011-01-14 1412488]

S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [x]

S2 RServer3;Radmin Server V3;c:\windows\SysWOW64\rserver30\RServer3.exe [2010-04-21 1242480]

S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-03-01 2296696]

S2 TMPService;TrafficMonitor Packettreiber Initialisierung;c:\program files (x86)\TrafficMonitor\TMPacketServiceInit.exe [2007-12-11 692808]

S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [x]

S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]

S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]

S3 ArgusMonitor;ArgusMonitor kernel mode driver;SysWOW64\drivers\ArgusMonitor.sys [x]

S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]

S3 copperhd;Razer Copperhead Driver;c:\windows\system32\drivers\copperhd.sys [x]

S3 DUMeterDrv;Hagel Technologies DU Meter traffic accounting driver;c:\program files (x86)\DU Meter\DUMETR64.SYS [2011-01-14 19088]

S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]

S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]

S3 TarFltr;Razer Tarantula USB Keyboard;c:\windows\system32\drivers\UsbFltr.sys [x]

S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [x]

S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [x]

S3 VMfilt;VMfilt;c:\windows\system32\drivers\VMfilt64.sys [x]

S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]

.

.

.

--------- x86-64 -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"combofix"="c:\cofi\CF3736.cfxxe" [X]

"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-09-16 497648]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"LoadAppInit_DLLs"=0x0

.

------- Zusätzlicher Suchlauf -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://start.icq.com/

mLocal Page = c:\windows\SysWOW64\blank.htm

IE: add to &BOM - c:\\PROGRA~2\\BIET-O~1\\\\AddToBOM.hta

IE: An vorhandene PDF-Datei anfügen - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html

IE: In Adobe PDF konvertieren - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html

IE: Linkziel an vorhandene PDF-Datei anhängen - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: Linkziel in Adobe PDF konvertieren - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000

FF - ProfilePath - c:\users\BalloS\AppData\Roaming\Mozilla\Firefox\Profiles\kj9yini8.default\

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/

FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.7&q=

FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}

FF - Ext: NoScript: {73a6fe31-595d-460b-a920-fcc0f8843232} - %profile%\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}

FF - Ext: Fasterfox Lite: FasterFox_Lite@BigRedBrent - %profile%\extensions\FasterFox_Lite@BigRedBrent

FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}

FF - Ext: Download Statusbar: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389} - %profile%\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}

FF - Ext: Bundeskampf Toolbar: bundeskampftoolbar@spielwerk.gmbh - %profile%\extensions\bundeskampftoolbar@spielwerk.gmbh

FF - Ext: Biet-O-Matic Firefox Erweiterung: {B0D70E72-2FC1-4b9f-A3D4-5921C854D906} - %profile%\extensions\{B0D70E72-2FC1-4b9f-A3D4-5921C854D906}

FF - Ext: German Dictionary: de-DE@dictionaries.addons.mozilla.org - %profile%\extensions\de-DE@dictionaries.addons.mozilla.org

FF - Ext: Adobe Acrobat - Create PDF: web2pdfextension@web2pdf.adobedotcom - c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn

.

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\DUMeterSvc]

"ImagePath"="c:\program files (x86)\DU Meter\DUMeterSvc.exe /startedbyscm:E1F6D4BE-40E33354-DUMeterService"

.

--------------------- Gesperrte Registrierungsschluessel ---------------------

.

[HKEY_USERS\S-1-5-21-1482606663-542685413-3536200757-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]

@Allowed: (Read) (RestrictedCode)

.

[HKEY_USERS\S-1-5-21-1482606663-542685413-3536200757-1000\Software\SecuROM\License information*]

"datasecu"=hex:99,00,d7,09,6f,6c,06,6b,86,0d,6d,22,b0,4a,cc,3c,2d,3c,60,0b,7a,

   a4,d3,9b,62,f9,32,77,17,fe,91,ab,a9,02,b3,8b,8e,b9,97,96,e2,68,bb,0b,eb,44,\

"rkeysecu"=hex:41,a0,db,d6,d4,3e,40,29,93,13,ca,b2,c3,64,79,02

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.10"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Weitere laufende Prozesse ------------------------

.

c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe

c:\program files (x86)\TeamViewer\Version6\TeamViewer.exe

c:\progra~2\DU Meter\DUMeter.exe

c:\windows\SysWOW64\rserver30\FamItrfc.Exe

c:\windows\SysWOW64\rserver30\FamItrfc.Exe

c:\program files (x86)\Razer\Copperhead\razertra.exe

c:\program files (x86)\Razer\Copperhead\razerofa.exe

c:\program files (x86)\Razer\Tarantula\razertra.exe

.

**************************************************************************

.

Zeit der Fertigstellung: 2011-04-13  15:48:03 - PC wurde neu gestartet

ComboFix-quarantined-files.txt  2011-04-13 13:48

.

Vor Suchlauf: 11 Verzeichnis(se), 40.529.248.256 Bytes frei

Nach Suchlauf: 16 Verzeichnis(se), 39.964.368.896 Bytes frei

.

- - End Of File - - 6D633CC2A69F974E4A22D94876528E82