BKA/GVU-Virus vollständig entfernen

Jamal · 19.02.2013, 21:44

Code:

ATTFilter

ComboFix 13-02-15.01 - pc 19.02.2013  21:35:25.2.8 - x64
Microsoft Windows 7 Home Premium   6.1.7600.0.1252.49.1031.18.9207.7357 [GMT 1:00]
ausgeführt von:: c:\users\pc\Desktop\antivirusproggis\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\pc\AppData\Roaming\Abyhp
c:\users\pc\AppData\Roaming\Abyhp\rikui.asu
c:\users\pc\AppData\Roaming\Afhu
c:\users\pc\AppData\Roaming\Afhu\koqeg.exe
c:\users\pc\AppData\Roaming\Kaek
c:\users\pc\AppData\Roaming\Kaek\riexy.och
c:\users\pc\AppData\Roaming\kb3.exe
c:\users\pc\AppData\Roaming\Tuyf
c:\users\pc\AppData\Roaming\Tuyf\idfa.exe
c:\windows\msxml4-KB954430-enu.LOG
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-01-19 bis 2013-02-19  ))))))))))))))))))))))))))))))
.
.
2013-02-19 20:38 . 2013-02-19 20:38	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-02-18 16:42 . 2013-02-19 19:34	--------	d-----w-	c:\users\pc\AppData\Roaming\Ufyq
2013-02-18 16:42 . 2013-02-18 16:42	--------	d-----w-	c:\users\pc\AppData\Roaming\Siyhas
2013-02-17 20:07 . 2013-02-17 20:07	--------	d-----w-	c:\windows\SysWow64\wbem\en-US
2013-02-17 20:07 . 2013-02-17 20:07	--------	d-----w-	c:\windows\system32\wbem\en-US
2013-02-17 19:04 . 2010-09-14 06:45	367104	----a-w-	c:\windows\system32\wcncsvc.dll
2013-02-17 19:04 . 2010-09-14 06:07	276992	----a-w-	c:\windows\SysWow64\wcncsvc.dll
2013-02-17 18:46 . 2009-09-10 06:28	311808	----a-w-	c:\windows\system32\msv1_0.dll
2013-02-17 18:46 . 2009-09-10 05:52	257024	----a-w-	c:\windows\SysWow64\msv1_0.dll
2013-02-17 18:43 . 2013-02-04 21:49	70004024	----a-w-	c:\windows\system32\MRT.exe
2013-02-17 18:39 . 2012-07-26 07:46	2560	----a-w-	c:\windows\system32\drivers\de-DE\wdf01000.sys.mui
2013-02-17 18:39 . 2012-07-26 04:55	785512	----a-w-	c:\windows\system32\drivers\Wdf01000.sys
2013-02-17 18:39 . 2012-07-26 04:55	54376	----a-w-	c:\windows\system32\drivers\WdfLdr.sys
2013-02-17 18:39 . 2012-07-26 02:36	9728	----a-w-	c:\windows\system32\Wdfres.dll
2013-02-17 18:24 . 2009-11-25 11:47	99176	----a-w-	c:\windows\SysWow64\PresentationHostProxy.dll
2013-02-17 18:24 . 2009-11-25 11:47	49472	----a-w-	c:\windows\SysWow64\netfxperf.dll
2013-02-17 18:24 . 2009-11-25 11:47	48960	----a-w-	c:\windows\system32\netfxperf.dll
2013-02-17 18:24 . 2009-11-25 11:47	297808	----a-w-	c:\windows\SysWow64\mscoree.dll
2013-02-17 18:24 . 2009-11-25 11:47	295264	----a-w-	c:\windows\SysWow64\PresentationHost.exe
2013-02-17 18:24 . 2009-11-25 11:47	1130824	----a-w-	c:\windows\SysWow64\dfshim.dll
2013-02-17 18:24 . 2009-11-25 11:47	109912	----a-w-	c:\windows\system32\PresentationHostProxy.dll
2013-02-17 18:24 . 2009-11-25 11:47	444752	----a-w-	c:\windows\system32\mscoree.dll
2013-02-17 18:24 . 2009-11-25 11:47	320352	----a-w-	c:\windows\system32\PresentationHost.exe
2013-02-17 18:24 . 2009-11-25 11:47	1942856	----a-w-	c:\windows\system32\dfshim.dll
2013-02-17 18:22 . 2010-02-23 08:16	294912	----a-w-	c:\windows\system32\browserchoice.exe
2013-02-17 18:14 . 2013-02-17 18:14	--------	d-----w-	c:\users\UpdatusUser
2013-02-17 18:14 . 2013-02-17 18:14	--------	d-----w-	c:\program files (x86)\NVIDIA Corporation
2013-02-17 18:13 . 2012-10-02 19:50	2557800	----a-w-	c:\windows\system32\nvsvcr.dll
2013-02-17 18:07 . 2012-12-16 16:52	46080	----a-w-	c:\windows\system32\atmlib.dll
2013-02-17 18:07 . 2012-12-16 14:40	367616	----a-w-	c:\windows\system32\atmfd.dll
2013-02-17 18:07 . 2012-12-16 14:25	295424	----a-w-	c:\windows\SysWow64\atmfd.dll
2013-02-17 18:07 . 2012-12-16 14:25	34304	----a-w-	c:\windows\SysWow64\atmlib.dll
2013-02-17 18:07 . 2009-10-19 14:46	100864	----a-w-	c:\windows\system32\fontsub.dll
2013-02-17 18:07 . 2009-10-19 14:10	70656	----a-w-	c:\windows\SysWow64\fontsub.dll
2013-02-17 18:06 . 2012-07-26 03:08	229888	----a-w-	c:\windows\system32\WUDFHost.exe
2013-02-17 18:06 . 2012-07-26 03:08	84992	----a-w-	c:\windows\system32\WUDFSvc.dll
2013-02-17 18:06 . 2012-07-26 03:08	744448	----a-w-	c:\windows\system32\WUDFx.dll
2013-02-17 18:06 . 2012-07-26 03:08	45056	----a-w-	c:\windows\system32\WUDFCoinstaller.dll
2013-02-17 18:06 . 2012-07-26 03:08	194048	----a-w-	c:\windows\system32\WUDFPlatform.dll
2013-02-17 18:06 . 2012-07-26 02:26	87040	----a-w-	c:\windows\system32\drivers\WUDFPf.sys
2013-02-17 18:06 . 2012-07-26 02:26	198656	----a-w-	c:\windows\system32\drivers\WUDFRd.sys
2013-02-17 18:02 . 2012-03-01 06:54	22896	----a-w-	c:\windows\system32\drivers\fs_rec.sys
2013-02-17 18:02 . 2012-03-01 06:40	80896	----a-w-	c:\windows\system32\imagehlp.dll
2013-02-17 18:02 . 2012-03-01 06:35	5120	----a-w-	c:\windows\system32\wmi.dll
2013-02-17 18:02 . 2012-03-01 05:45	158720	----a-w-	c:\windows\SysWow64\imagehlp.dll
2013-02-17 18:02 . 2012-03-01 05:40	5120	----a-w-	c:\windows\SysWow64\wmi.dll
2013-02-17 18:00 . 2010-03-04 04:32	243712	----a-w-	c:\windows\system32\drivers\ks.sys
2013-02-17 17:58 . 2010-11-02 05:12	1133568	----a-w-	c:\windows\system32\FntCache.dll
2013-02-17 17:58 . 2011-01-26 06:53	982912	----a-w-	c:\windows\system32\drivers\dxgkrnl.sys
2013-02-17 17:58 . 2011-01-26 06:53	265088	----a-w-	c:\windows\system32\drivers\dxgmms1.sys
2013-02-17 17:58 . 2011-01-26 06:31	144384	----a-w-	c:\windows\system32\cdd.dll
2013-02-17 17:58 . 2010-11-02 05:18	229888	----a-w-	c:\windows\system32\XpsRasterService.dll
2013-02-17 17:58 . 2010-06-26 05:31	1863680	----a-w-	c:\windows\system32\ExplorerFrame.dll
2013-02-17 17:58 . 2010-06-26 05:14	1495040	----a-w-	c:\windows\SysWow64\ExplorerFrame.dll
2013-02-17 17:58 . 2010-11-02 04:41	135168	----a-w-	c:\windows\SysWow64\XpsRasterService.dll
2013-02-17 17:56 . 2011-03-12 11:31	442880	----a-w-	c:\windows\SysWow64\XpsPrint.dll
2013-02-17 17:55 . 2012-03-03 06:29	1837568	----a-w-	c:\windows\system32\d3d10warp.dll
2013-02-17 17:54 . 2012-11-02 05:27	478208	----a-w-	c:\windows\system32\dpnet.dll
2013-02-17 17:51 . 2011-04-27 02:57	102400	----a-w-	c:\windows\system32\drivers\dfsc.sys
2013-02-17 17:51 . 2009-09-03 07:36	1975296	----a-w-	c:\windows\system32\CertEnroll.dll
2013-02-17 17:51 . 2009-09-03 07:04	1320960	----a-w-	c:\windows\SysWow64\CertEnroll.dll
2013-02-17 17:50 . 2012-08-31 18:02	1656688	----a-w-	c:\windows\system32\drivers\ntfs.sys
2013-02-17 17:50 . 2013-01-05 05:57	5500776	----a-w-	c:\windows\system32\ntoskrnl.exe
2013-02-17 17:50 . 2013-01-05 05:02	3957608	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2013-02-17 17:50 . 2013-01-05 05:02	3902312	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2013-02-17 17:49 . 2010-08-31 04:32	954752	----a-w-	c:\windows\SysWow64\mfc40.dll
2013-02-17 17:49 . 2010-08-31 04:32	954288	----a-w-	c:\windows\SysWow64\mfc40u.dll
2013-02-17 17:49 . 2012-06-02 05:25	182272	----a-w-	c:\windows\system32\cryptsvc.dll
2013-02-17 17:49 . 2012-06-02 05:25	1462784	----a-w-	c:\windows\system32\crypt32.dll
2013-02-17 17:49 . 2012-06-02 05:25	140288	----a-w-	c:\windows\system32\cryptnet.dll
2013-02-17 17:49 . 2012-06-02 04:45	139264	----a-w-	c:\windows\SysWow64\cryptsvc.dll
2013-02-17 17:49 . 2012-06-02 04:45	1157632	----a-w-	c:\windows\SysWow64\crypt32.dll
2013-02-17 17:49 . 2012-06-02 04:45	103936	----a-w-	c:\windows\SysWow64\cryptnet.dll
2013-02-17 17:45 . 2010-09-01 05:21	14627840	----a-w-	c:\windows\system32\wmp.dll
2013-02-17 17:45 . 2010-09-01 05:14	167424	----a-w-	c:\program files\Windows Media Player\wmplayer.exe
2013-02-17 17:45 . 2010-09-01 04:26	164864	----a-w-	c:\program files (x86)\Windows Media Player\wmplayer.exe
2013-02-17 17:45 . 2010-09-01 05:12	12625920	----a-w-	c:\windows\system32\wmploc.DLL
2013-02-17 17:45 . 2010-09-01 04:23	12625408	----a-w-	c:\windows\SysWow64\wmploc.DLL
2013-02-17 17:45 . 2010-06-29 05:35	4582912	----a-w-	c:\program files\Windows NT\Accessories\wordpad.exe
2013-02-17 17:45 . 2010-06-29 05:39	2085376	----a-w-	c:\windows\system32\ole32.dll
2013-02-17 17:45 . 2010-06-29 05:02	1413632	----a-w-	c:\windows\SysWow64\ole32.dll
2013-02-17 17:45 . 2010-06-29 04:57	4247040	----a-w-	c:\program files (x86)\Windows NT\Accessories\wordpad.exe
2013-02-17 17:42 . 2010-08-26 05:27	148992	----a-w-	c:\windows\system32\t2embed.dll
2013-02-17 17:42 . 2010-08-26 04:39	109056	----a-w-	c:\windows\SysWow64\t2embed.dll
2013-02-17 17:42 . 2011-11-19 15:07	77312	----a-w-	c:\windows\system32\packager.dll
2013-02-17 17:42 . 2011-11-19 14:06	67072	----a-w-	c:\windows\SysWow64\packager.dll
2013-02-17 17:40 . 2009-10-28 06:24	389632	----a-w-	c:\windows\system32\winlogon.exe
2013-02-17 17:39 . 2013-02-17 17:39	--------	d-----w-	c:\users\pc\AppData\Roaming\Avira
2013-02-17 17:37 . 2012-06-02 22:19	2428952	----a-w-	c:\windows\system32\wuaueng.dll
2013-02-17 17:37 . 2012-06-02 22:19	57880	----a-w-	c:\windows\system32\wuauclt.exe
2013-02-17 17:37 . 2012-06-02 22:19	44056	----a-w-	c:\windows\system32\wups2.dll
2013-02-17 17:37 . 2012-06-02 22:15	2622464	----a-w-	c:\windows\system32\wucltux.dll
2013-02-17 17:37 . 2012-06-02 22:19	38424	----a-w-	c:\windows\system32\wups.dll
2013-02-17 17:37 . 2012-06-02 22:19	701976	----a-w-	c:\windows\system32\wuapi.dll
2013-02-17 17:37 . 2012-06-02 22:15	99840	----a-w-	c:\windows\system32\wudriver.dll
2013-02-17 17:37 . 2012-06-02 14:19	186752	----a-w-	c:\windows\system32\wuwebv.dll
2013-02-17 17:37 . 2012-06-02 14:15	36864	----a-w-	c:\windows\system32\wuapp.exe
2013-02-17 17:33 . 2013-02-17 17:29	27800	----a-w-	c:\windows\system32\drivers\avkmgr.sys
2013-02-17 17:33 . 2013-02-17 17:29	129216	----a-w-	c:\windows\system32\drivers\avipbb.sys
2013-02-17 17:33 . 2013-02-17 17:29	99912	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2013-02-17 17:33 . 2013-02-17 17:33	--------	d-----w-	c:\programdata\Avira
2013-02-17 17:33 . 2013-02-17 17:33	--------	d-----w-	c:\program files (x86)\Avira
2013-02-17 16:40 . 2013-02-17 16:40	--------	d-----w-	c:\users\pc\AppData\Roaming\Malwarebytes
2013-02-17 16:40 . 2013-02-17 16:40	--------	d-----w-	c:\programdata\Malwarebytes
2013-02-17 16:40 . 2013-02-17 16:40	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2013-02-17 16:40 . 2012-12-14 15:49	24176	----a-w-	c:\windows\system32\drivers\mbam.sys
2013-02-17 16:39 . 2013-02-17 16:39	--------	d-----w-	c:\users\pc\AppData\Local\Programs
2013-02-14 15:36 . 2013-02-17 15:25	--------	d-----w-	c:\users\pc\AppData\Roaming\Zuew
2013-02-01 11:36 . 2013-02-01 11:36	--------	d-----w-	c:\users\Public\CyberLink
2013-02-01 11:36 . 2013-02-01 11:36	--------	d-----w-	c:\users\pc\AppData\Local\Cyberlink
2013-02-01 11:35 . 2013-02-01 11:37	--------	d-----w-	c:\programdata\CyberLink
2013-02-01 11:35 . 2013-02-01 11:35	--------	d-----w-	c:\program files (x86)\Common Files\Nikon
2013-02-01 11:34 . 2013-02-01 11:34	--------	d-----w-	c:\program files (x86)\CyberLink
2013-02-01 11:33 . 2013-02-01 11:33	--------	d-----w-	c:\programdata\install_clap
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-04 04:43 . 2013-02-17 17:55	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2012-11-25 21:04 . 2012-06-13 21:43	697272	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2012-11-25 21:04 . 2011-12-06 15:54	73656	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-02-17 385248]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Wi-Fi MediaConnect.lnk - c:\program files (x86)\Philips\Wi-Fi MediaConnect\Wi-Fi MediaConnect.exe [2012-8-21 2345984]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R3 athur;Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athurx.sys [2010-09-16 1918976]
R4 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-06-26 834544]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2013-02-17 27800]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2013-02-17 86752]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824]
S3 e1yexpress;Intel(R) Gigabit-Netzwerkverbindungstreiber;c:\windows\system32\DRIVERS\e1y60x64.sys [2009-06-10 281088]
S3 WFMC_VAD;WFMCVAD (WDM);c:\windows\system32\DRIVERS\wfmcvad.sys [2010-02-08 24064]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 27589434
*Deregistered* - 27589434
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-02-04 17:10	1607120	----a-w-	c:\program files (x86)\Google\Chrome\Application\24.0.1312.57\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-02-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-25 21:05]
.
2013-02-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-25 21:05]
.
.
--------- X64 Entries -----------
.
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.de/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.178.1
.
.
------- Dateityp-Verknüpfung -------
.
JSEFile=%SystemRoot%\SysWow64\CScript.exe "%1" %*
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-Ysydyvagig - c:\users\pc\AppData\Roaming\Tuyf\idfa.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10e.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10e.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-02-19  21:39:43
ComboFix-quarantined-files.txt  2013-02-19 20:39
ComboFix2.txt  2013-02-17 17:03
.
Vor Suchlauf: 11 Verzeichnis(se), 737.753.116.672 Bytes frei
Nach Suchlauf: 12 Verzeichnis(se), 739.784.986.624 Bytes frei
.
- - End Of File - - C15FBE647D51778008F5FEC3A504EC16

BKA/GVU-Virus vollständig entfernen

Log-Analyse und Auswertung: BKA/GVU-Virus vollständig entfernen

BKA/GVU-Virus vollständig entfernen

Ähnliche Themen: BKA/GVU-Virus vollständig entfernen