chrome adblocker

marmeladelow · 01.08.2013, 12:05

Code:

ATTFilter

ComboFix 13-07-27.01 - Sebastian 01.08.2013  12:38:24.2.4 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1252.49.1031.18.8191.6564 [GMT 2:00]
ausgeführt von:: c:\users\Sebastian Normal\Downloads\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\windows\SysWow64\frapsvid.dll
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_BrowserDefendert
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-07-01 bis 2013-08-01  ))))))))))))))))))))))))))))))
.
.
2013-08-01 10:49 . 2013-08-01 10:55	--------	d-----w-	c:\users\Sebastian\AppData\Local\temp
2013-08-01 10:49 . 2013-08-01 10:49	--------	d-----w-	c:\users\Public\AppData\Local\temp
2013-08-01 10:49 . 2013-08-01 10:49	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-08-01 10:49 . 2013-08-01 10:49	--------	d-----w-	c:\users\AppData\AppData\Local\temp
2013-07-31 21:07 . 2013-07-31 21:08	--------	d-----w-	c:\programdata\regid.1986-12.com.adobe
2013-07-31 20:52 . 2013-07-31 20:52	--------	d-----w-	c:\program files\Adobe
2013-07-31 20:52 . 2013-07-31 20:53	--------	d-----w-	c:\program files\Common Files\Adobe
2013-07-31 20:52 . 2012-04-24 01:01	11376	------w-	c:\windows\system32\drivers\cdralw2k.sys
2013-07-31 20:52 . 2012-04-24 01:01	10864	------w-	c:\windows\system32\drivers\cdr4_xp.sys
2013-07-31 20:52 . 2013-07-31 20:52	--------	d-----w-	c:\program files (x86)\Common Files\Sonic Shared
2013-07-31 20:52 . 2013-07-31 20:52	--------	d-----w-	c:\program files (x86)\Common Files\PX Storage Engine
2013-07-31 20:52 . 2012-06-22 01:01	56336	------w-	c:\windows\system32\drivers\PxHlpa64.sys
2013-07-31 20:52 . 2013-07-31 20:52	--------	d-----w-	c:\program files (x86)\My Company Name
2013-07-31 09:20 . 2013-07-31 09:20	--------	d-----w-	c:\users\Sebastian\AppData\Roaming\WindSolutions
2013-07-27 17:20 . 2013-07-27 17:20	--------	d-----w-	C:\FRST
2013-07-25 20:56 . 2013-07-25 20:58	--------	d-----w-	c:\windows\system32\MRT
2013-07-10 11:43 . 2013-04-10 05:48	1732608	----a-w-	c:\program files\Windows Journal\NBDoc.DLL
2013-07-10 11:43 . 2013-04-10 05:46	1402880	----a-w-	c:\program files\Windows Journal\JNWDRV.dll
2013-07-10 11:43 . 2013-04-10 05:46	1393152	----a-w-	c:\program files\Windows Journal\JNTFiltr.dll
2013-07-10 11:43 . 2013-04-10 05:46	1367040	----a-w-	c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2013-07-10 11:43 . 2013-04-10 05:03	936448	----a-w-	c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2013-07-10 11:38 . 2013-05-27 05:50	1011712	----a-w-	c:\program files\Windows Defender\MpSvc.dll
2013-07-10 11:38 . 2013-05-27 05:50	571904	----a-w-	c:\program files\Windows Defender\MpClient.dll
2013-07-10 11:38 . 2013-05-27 05:50	314880	----a-w-	c:\program files\Windows Defender\MpCommu.dll
2013-07-10 11:38 . 2013-05-27 04:57	4608	----a-w-	c:\program files (x86)\Windows Defender\MsMpLics.dll
2013-07-10 11:38 . 2013-05-27 04:57	54784	----a-w-	c:\program files (x86)\Windows Defender\MpOAV.dll
2013-07-10 11:38 . 2013-05-27 04:57	392704	----a-w-	c:\program files (x86)\Windows Defender\MpClient.dll
2013-07-10 11:38 . 2013-05-27 03:15	9216	----a-w-	c:\program files (x86)\Windows Defender\MpAsDesc.dll
2013-07-10 11:38 . 2013-06-04 06:00	624128	----a-w-	c:\windows\system32\qedit.dll
2013-07-10 11:38 . 2013-06-04 04:53	509440	----a-w-	c:\windows\SysWow64\qedit.dll
2013-07-10 11:38 . 2013-05-06 06:03	1887744	----a-w-	c:\windows\system32\WMVDECOD.DLL
2013-07-10 11:38 . 2013-05-06 04:56	1620480	----a-w-	c:\windows\SysWow64\WMVDECOD.DLL
2013-07-10 11:30 . 2013-06-05 03:34	3153920	----a-w-	c:\windows\system32\win32k.sys
2013-07-10 11:18 . 2013-04-09 23:34	1247744	----a-w-	c:\windows\SysWow64\DWrite.dll
2013-07-10 11:18 . 2013-04-02 22:51	1643520	----a-w-	c:\windows\system32\DWrite.dll
2013-07-02 14:01 . 2013-07-02 14:01	--------	d-----w-	c:\program files (x86)\LogMeIn Hamachi
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-13 12:52 . 2010-09-16 20:08	282296	----a-w-	c:\windows\SysWow64\PnkBstrB.xtr
2013-07-13 12:52 . 2010-09-16 19:56	282296	----a-w-	c:\windows\SysWow64\PnkBstrB.exe
2013-07-13 12:51 . 2010-09-16 19:56	215128	----a-w-	c:\windows\SysWow64\PnkBstrB.ex0
2013-06-25 09:08 . 2013-05-06 11:22	83672	----a-w-	c:\windows\system32\drivers\avnetflt.sys
2013-06-23 22:57 . 2010-10-31 22:51	78277128	----a-w-	c:\windows\system32\MRT.exe
2013-06-04 19:25 . 2013-06-04 19:25	9728	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-06-04 19:25 . 2013-06-04 19:25	9728	---ha-w-	c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-06-04 19:25 . 2013-06-04 19:25	5632	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-06-04 19:25 . 2013-06-04 19:25	5632	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-06-04 19:25 . 2013-06-04 19:25	5632	---ha-w-	c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-06-04 19:25 . 2013-06-04 19:25	5632	---ha-w-	c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-06-04 19:25 . 2013-06-04 19:25	522752	----a-w-	c:\windows\system32\XpsGdiConverter.dll
2013-06-04 19:25 . 2013-06-04 19:25	465920	----a-w-	c:\windows\system32\WMPhoto.dll
2013-06-04 19:25 . 2013-06-04 19:25	4096	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-06-04 19:25 . 2013-06-04 19:25	4096	---ha-w-	c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-06-04 19:25 . 2013-06-04 19:25	364544	----a-w-	c:\windows\SysWow64\XpsGdiConverter.dll
2013-06-04 19:25 . 2013-06-04 19:25	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-06-04 19:25 . 2013-06-04 19:25	3584	---ha-w-	c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-06-04 19:25 . 2013-06-04 19:25	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-06-04 19:25 . 2013-06-04 19:25	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-06-04 19:25 . 2013-06-04 19:25	3072	---ha-w-	c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-06-04 19:25 . 2013-06-04 19:25	3072	---ha-w-	c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-06-04 19:25 . 2013-06-04 19:25	2776576	----a-w-	c:\windows\system32\msmpeg2vdec.dll
2013-06-04 19:25 . 2013-06-04 19:25	2560	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-06-04 19:25 . 2013-06-04 19:25	2560	---ha-w-	c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-06-04 19:25 . 2013-06-04 19:25	2284544	----a-w-	c:\windows\SysWow64\msmpeg2vdec.dll
2013-06-04 19:25 . 2013-06-04 19:25	1682432	----a-w-	c:\windows\system32\XpsPrint.dll
2013-06-04 19:25 . 2013-06-04 19:25	1158144	----a-w-	c:\windows\SysWow64\XpsPrint.dll
2013-06-04 19:25 . 2013-06-04 19:25	10752	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-06-04 19:25 . 2013-06-04 19:25	10752	---ha-w-	c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-06-04 19:25 . 2013-06-04 19:25	648192	----a-w-	c:\windows\system32\d3d10level9.dll
2013-06-04 19:25 . 2013-06-04 19:25	604160	----a-w-	c:\windows\SysWow64\d3d10level9.dll
2013-06-04 19:25 . 2013-06-04 19:25	417792	----a-w-	c:\windows\SysWow64\WMPhoto.dll
2013-06-04 19:25 . 2013-06-04 19:25	3928064	----a-w-	c:\windows\system32\d2d1.dll
2013-06-04 19:25 . 2013-06-04 19:25	363008	----a-w-	c:\windows\system32\dxgi.dll
2013-06-04 19:25 . 2013-06-04 19:25	3419136	----a-w-	c:\windows\SysWow64\d2d1.dll
2013-06-04 19:25 . 2013-06-04 19:25	333312	----a-w-	c:\windows\system32\d3d10_1core.dll
2013-06-04 19:25 . 2013-06-04 19:25	296960	----a-w-	c:\windows\system32\d3d10core.dll
2013-06-04 19:25 . 2013-06-04 19:25	293376	----a-w-	c:\windows\SysWow64\dxgi.dll
2013-06-04 19:25 . 2013-06-04 19:25	2565120	----a-w-	c:\windows\system32\d3d10warp.dll
2013-06-04 19:25 . 2013-06-04 19:25	249856	----a-w-	c:\windows\SysWow64\d3d10_1core.dll
2013-06-04 19:25 . 2013-06-04 19:25	245248	----a-w-	c:\windows\system32\WindowsCodecsExt.dll
2013-06-04 19:25 . 2013-06-04 19:25	221184	----a-w-	c:\windows\system32\UIAnimation.dll
2013-06-04 19:25 . 2013-06-04 19:25	220160	----a-w-	c:\windows\SysWow64\d3d10core.dll
2013-06-04 19:25 . 2013-06-04 19:25	207872	----a-w-	c:\windows\SysWow64\WindowsCodecsExt.dll
2013-06-04 19:25 . 2013-06-04 19:25	1988096	----a-w-	c:\windows\SysWow64\d3d10warp.dll
2013-06-04 19:25 . 2013-06-04 19:25	194560	----a-w-	c:\windows\system32\d3d10_1.dll
2013-06-04 19:25 . 2013-06-04 19:25	187392	----a-w-	c:\windows\SysWow64\UIAnimation.dll
2013-06-04 19:25 . 2013-06-04 19:25	161792	----a-w-	c:\windows\SysWow64\d3d10_1.dll
2013-06-04 19:25 . 2013-06-04 19:25	1238528	----a-w-	c:\windows\system32\d3d10.dll
2013-06-04 19:25 . 2013-06-04 19:25	1175552	----a-w-	c:\windows\system32\FntCache.dll
2013-06-04 19:25 . 2013-06-04 19:25	1080832	----a-w-	c:\windows\SysWow64\d3d10.dll
2013-05-25 18:03 . 2009-08-18 10:49	564632	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\wlidui.dll
2013-05-25 18:03 . 2009-08-18 09:24	22240	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-13 05:51 . 2013-06-12 11:31	184320	----a-w-	c:\windows\system32\cryptsvc.dll
2013-05-13 05:51 . 2013-06-12 11:31	1464320	----a-w-	c:\windows\system32\crypt32.dll
2013-05-13 05:51 . 2013-06-12 11:31	139776	----a-w-	c:\windows\system32\cryptnet.dll
2013-05-13 05:50 . 2013-06-12 11:31	52224	----a-w-	c:\windows\system32\certenc.dll
2013-05-13 04:45 . 2013-06-12 11:31	140288	----a-w-	c:\windows\SysWow64\cryptsvc.dll
2013-05-13 04:45 . 2013-06-12 11:31	1160192	----a-w-	c:\windows\SysWow64\crypt32.dll
2013-05-13 04:45 . 2013-06-12 11:31	103936	----a-w-	c:\windows\SysWow64\cryptnet.dll
2013-05-13 03:43 . 2013-06-12 11:31	1192448	----a-w-	c:\windows\system32\certutil.exe
2013-05-13 03:08 . 2013-06-12 11:31	903168	----a-w-	c:\windows\SysWow64\certutil.exe
2013-05-13 03:08 . 2013-06-12 11:31	43008	----a-w-	c:\windows\SysWow64\certenc.dll
2013-05-10 05:49 . 2013-06-12 11:32	30720	----a-w-	c:\windows\system32\cryptdlg.dll
2013-05-10 03:20 . 2013-06-12 11:32	24576	----a-w-	c:\windows\SysWow64\cryptdlg.dll
2013-05-08 06:39 . 2013-06-12 11:37	1910632	----a-w-	c:\windows\system32\drivers\tcpip.sys
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}]
2013-05-20 10:02	295832	----a-w-	c:\program files (x86)\Delta\delta\1.8.21.5\bh\delta.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-05-21 10:17	1233288	----a-w-	c:\program files (x86)\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2010-05-21 1233288]
"{82E1477C-B154-48D3-9891-33D83C26BCD3}"= "c:\program files (x86)\Delta\delta\1.8.21.5\deltaTlbr.dll" [2013-05-20 284056]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CLASSES_ROOT\clsid\{82e1477c-b154-48d3-9891-33d83c26bcd3}]
[HKEY_CLASSES_ROOT\delta.deltadskBnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}]
[HKEY_CLASSES_ROOT\delta.deltadskBnd]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"SandboxieControl"="c:\program files\Sandboxie\SbieCtrl.exe" [2012-12-16 765200]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-06-25 345144]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2013-06-28 2255184]
"Adobe Creative Cloud"="c:\program files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" [2013-07-12 2236816]
.
c:\users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-12-16 1324384]
.
c:\users\Sebastian Normal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-12-16 1324384]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe /firstrun [2009-12-16 1324384]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\progra~3\BROWSE~1\261339~1.144\{C16C1~1\BrowserDefender.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbnet.sys [x]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbdev.sys [x]
R3 hxctlflt;hxctlflt;c:\windows\system32\DRIVERS\hxctlflt.sys;c:\windows\SYSNATIVE\DRIVERS\hxctlflt.sys [x]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsux64.sys [x]
R3 ScreamBAudioSvc;ScreamBee Audio;c:\windows\system32\drivers\ScreamingBAudio64.sys;c:\windows\SYSNATIVE\drivers\ScreamingBAudio64.sys [x]
R3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.2);c:\windows\system32\DRIVERS\RtTeam60.sys;c:\windows\SYSNATIVE\DRIVERS\RtTeam60.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 X6va005;X6va005;c:\users\SEBAST~1\AppData\Local\Temp\005B037.tmp;c:\users\SEBAST~1\AppData\Local\Temp\005B037.tmp [x]
R3 X6va006;X6va006;c:\users\SEBAST~1\AppData\Local\Temp\006DE8D.tmp;c:\users\SEBAST~1\AppData\Local\Temp\006DE8D.tmp [x]
R4 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
R4 Apache2.2;Apache2.2;c:\xampp\apache\bin\httpd.exe;c:\xampp\apache\bin\httpd.exe [x]
R4 DAUpdaterSvc;Dragon Age: Origins - Inhaltsupdater;c:\program files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe;c:\program files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [x]
R4 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe;c:\program files\Dell\DellDock\DockLogin.exe [x]
R4 lxdn_device;lxdn_device;c:\windows\system32\lxdncoms.exe;c:\windows\SYSNATIVE\lxdncoms.exe [x]
R4 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [x]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;c:\windows\system32\DRIVERS\LGSHidFilt.Sys;c:\windows\SYSNATIVE\DRIVERS\LGSHidFilt.Sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys;c:\windows\SYSNATIVE\DRIVERS\seehcri.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Akamai	REG_MULTI_SZ   	Akamai
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-08-01 07:27	1173456	----a-w-	c:\program files (x86)\Google\Chrome\Application\28.0.1500.95\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-08-01 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-14 13:23]
.
2013-08-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-07-27 16:22]
.
2013-08-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-07-27 16:22]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]
@="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"
[HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]
2013-06-19 22:45	3317616	----a-w-	c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]
@="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"
[HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]
2013-06-19 22:45	3317616	----a-w-	c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]
@="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"
[HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]
2013-06-19 22:45	3317616	----a-w-	c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-10-21 8306208]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2013-06-03 472984]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://search.babylon.com/?affID=121232&babsrc=HP_ss_sps&mntrId=EAB900256489B9D5
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
mSearchAssistant = hxxp://www.google.com
IE: Free YouTube to MP3 Converter - c:\users\Sebastian\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - c:\program files (x86)\ICQ7.4\ICQ.exe
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files (x86)\ICQ7.5\ICQ.exe
IE: {{7644E42D-B096-457F-8B5B-901238FC81AE} - c:\program files (x86)\ICQ7.6\ICQ.exe
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{22543460-A7FD-4930-905C-CD25A9BEA382}: NameServer = 193.189.244.206 193.189.244.225
TCP: Interfaces\{8B1B21F4-04A4-4483-BB04-CFDE8B4126B4}: NameServer = 193.189.244.225 193.189.244.206
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
c:\users\Sebastian Normal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk - c:\program files (x86)\DSL-Manager\DslMgr.exe
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk - c:\program files (x86)\DSL-Manager\DslMgr.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Akamai]
"ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va005]
"ImagePath"="\??\c:\users\SEBAST~1\AppData\Local\Temp\005B037.tmp"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va006]
"ImagePath"="\??\c:\users\SEBAST~1\AppData\Local\Temp\006DE8D.tmp"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1627265003-3986830729-1591313232-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:b6,3c,73,4b,b5,14,16,f0,b4,61,c9,80,8f,84,3d,b9,9c,42,fc,d0,ae,90,ef,
   b0,ab,c4,d9,67,84,40,89,87,27,77,68,0d,c1,1e,9b,1c,b5,c3,51,1d,e4,7f,4d,64,\
"??"=hex:13,3d,5e,91,e2,27,e1,84,d7,1d,bc,f7,b0,37,bc,55
.
[HKEY_USERS\S-1-5-21-1627265003-3986830729-1591313232-1001\Software\SecuROM\License information*]
"datasecu"=hex:7b,03,eb,62,04,0d,5e,c7,85,41,90,37,72,71,e8,cd,a4,e9,b0,40,63,
   5e,33,33,83,ec,8d,dc,2b,69,3c,18,37,34,8e,b9,6a,2c,8c,bd,3e,87,08,13,ec,2f,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
[HKEY_USERS\S-1-5-21-1627265003-3986830729-1591313232-1010\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:2f,7f,e3,8f,43,c5,ec,d8,78,8a,9f,df,fb,6b,bb,a0,49,d2,14,82,90,44,62,
   b3,bf,6f,98,ed,75,ed,b0,7f,0d,e3,22,c6,27,36,e9,4e,f1,89,80,86,93,02,5d,13,\
"??"=hex:56,08,b3,22,72,d5,25,79,a4,df,6d,b4,fa,08,ad,fb
.
[HKEY_USERS\S-1-5-21-1627265003-3986830729-1591313232-1010\Software\SecuROM\License information*]
"datasecu"=hex:61,52,9e,76,57,61,a7,38,d6,ee,64,3b,ac,a1,40,3c,6a,02,ec,0f,b7,
   ec,3a,16,91,7e,d1,eb,3b,eb,96,ab,5b,65,aa,13,be,6d,2b,8a,6e,0f,09,6a,68,05,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
c:\program files (x86)\Windows Media Player\wmplayer.exe
c:\program files (x86)\Google\Chrome\Application\chrome.exe
c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
c:\program files (x86)\Google\Chrome\Application\chrome.exe
c:\program files (x86)\Google\Chrome\Application\chrome.exe
c:\program files (x86)\avira\antivir desktop\ipmGui.exe
c:\program files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-08-01  13:01:51 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2013-08-01 11:01
ComboFix2.txt  2013-01-09 19:52
.
Vor Suchlauf: 32 Verzeichnis(se), 588.447.313.920 Bytes frei
Nach Suchlauf: 34 Verzeichnis(se), 588.704.591.872 Bytes frei
.
- - End Of File - - 51C57CA880072659468E01E81A6BF7C5
A36C5E4F47E84449FF07ED3517B43A31

chrome adblocker

Plagegeister aller Art und deren Bekämpfung: chrome adblocker

chrome adblocker

Ähnliche Themen: chrome adblocker