|
Alles rund um Windows: Nach Deinstallation von Comodo Internet Security - Netzwerk defektWindows 7 Hilfe zu allen Windows-Betriebssystemen: Windows XP, Windows Vista, Windows 7, Windows 8(.1) und Windows 10 / Windows 11- als auch zu sämtlicher Windows-Software. Alles zu Windows 10 ist auch gerne willkommen. Bitte benenne etwaige Fehler oder Bluescreens unter Windows mit dem Wortlaut der Fehlermeldung und Fehlercode. Erste Schritte für Hilfe unter Windows. |
02.04.2014, 20:03 | #1 |
| Problem: Nach Deinstallation von Comodo Internet Security - Netzwerk defekt Hallo Zusammen, ich hoffe ihr könnt mir helfen Ich bin Nutzer von Windows Vista Business 64Bit Nachdem mein installiertes Comodo Internet Security zum wiederholten Mal seine Aktivierung verloren hatte wollte ich es deinstallieren. Der Versuch klappte eher schlecht. Im Internet fand ich ein Deinstallationstool. Nachdem es so aus sah das Alles in Ordnung wäre hat mein Netztwerk nach einem Neustart versagt. Im DeviceManager sind sämtliche Netzwerkkarten mit einem ! gekennzeichnet und können nicht gestartet werden. zur besseren Auswertung hier das Farbar Log: Code:
ATTFilter Farbar Service Scanner Version: 25-02-2014 Ran by Mike (administrator) on 02-04-2014 at 20:17:29 Running from "D:\" Microsoft® Windows Vista™ Business Service Pack 2 (X64) Boot Mode: Minimal **************************************************************** Internet Services: ============ Dnscache Service is not running. Checking service configuration: The start type of Dnscache service is OK. The ImagePath of Dnscache service is OK. The ServiceDll of Dnscache service is OK. Dhcp Service is not running. Checking service configuration: The start type of Dhcp service is OK. The ImagePath of Dhcp service is OK. The ServiceDll of Dhcp service is OK. Nsi Service is not running. Checking service configuration: The start type of Nsi service is OK. The ImagePath of Nsi service is OK. The ServiceDll of Nsi service is OK. Checking LEGACY_Nsi: ATTENTION!=====> Unable to open LEGACY_Nsi\0000 registry key. The key does not exist. nsiproxy Service is not running. Checking service configuration: The start type of nsiproxy service is OK. The ImagePath of nsiproxy service is OK. tdx Service is not running. Checking service configuration: The start type of tdx service is OK. The ImagePath of tdx service is OK. afd Service is not running. Checking service configuration: The start type of afd service is OK. The ImagePath of afd service is OK. Connection Status: ============== Attempt to access Local Host IP returned error: Localhost is blocked: Other errors LAN connected. Attempt to access Google IP returned error. Other errors Attempt to access Google.com returned error: Other errors Attempt to access Yahoo.com returned error: Other errors IE proxy is enabled. Windows Firewall: ============= mpsdrv Service is not running. Checking service configuration: The start type of mpsdrv service is OK. The ImagePath of mpsdrv service is OK. MpsSvc Service is not running. Checking service configuration: The start type of MpsSvc service is OK. The ImagePath of MpsSvc service is OK. The ServiceDll of MpsSvc service is OK. bfe Service is not running. Checking service configuration: The start type of bfe service is OK. The ImagePath of bfe service is OK. The ServiceDll of bfe service is OK. Checking LEGACY_bfe: ATTENTION!=====> Unable to open LEGACY_bfe\0000 registry key. The key does not exist. Firewall Disabled Policy: ================== System Restore: ============ SDRSVC Service is not running. Checking service configuration: The start type of SDRSVC service is OK. The ImagePath of SDRSVC service is OK. The ServiceDll of SDRSVC service is OK. Checking LEGACY_SDRSVC: ATTENTION!=====> Unable to open LEGACY_SDRSVC\0000 registry key. The key does not exist. VSS Service is not running. Checking service configuration: The start type of VSS service is OK. The ImagePath of VSS service is OK. System Restore Disabled Policy: ======================== Security Center: ============ wscsvc Service is not running. Checking service configuration: The start type of wscsvc service is OK. The ImagePath of wscsvc service is OK. The ServiceDll of wscsvc service is OK. Checking LEGACY_wscsvc: ATTENTION!=====> Unable to open LEGACY_wscsvc\0000 registry key. The key does not exist. Windows Update: ============ wuauserv Service is not running. Checking service configuration: The start type of wuauserv service is OK. The ImagePath of wuauserv service is OK. The ServiceDll of wuauserv service is OK. BITS Service is not running. Checking service configuration: The start type of BITS service is OK. The ImagePath of BITS service is OK. The ServiceDll of BITS service is OK. Checking LEGACY_BITS: ATTENTION!=====> Unable to open LEGACY_BITS\0000 registry key. The key does not exist. EventSystem Service is not running. Checking service configuration: The start type of EventSystem service is OK. The ImagePath of EventSystem service is OK. The ServiceDll of EventSystem service is OK. Windows Autoupdate Disabled Policy: ============================ Windows Defender: ============== WinDefend Service is not running. Checking service configuration: The start type of WinDefend service is set to Demand. The default start type is Auto. The ImagePath of WinDefend service is OK. The ServiceDll of WinDefend service is OK. Windows Defender Disabled Policy: ========================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender] "DisableAntiSpyware"=DWORD:1 Other Services: ============== File Check: ======== C:\Windows\System32\nsisvc.dll => MD5 is legit C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit C:\Windows\System32\dhcpcsvc.dll => MD5 is legit C:\Windows\System32\drivers\afd.sys [2013-11-13 08:10] - [2013-09-04 04:31] - 0404992 ____A (Microsoft Corporation) 2BA159E1F9FD75F6A496742B20F1D9CF C:\Windows\System32\drivers\tdx.sys => MD5 is legit C:\Windows\System32\Drivers\tcpip.sys [2013-08-13 23:02] - [2013-07-05 06:45] - 1423808 ____A (Microsoft Corporation) C2CB949645C299E23FBFD26CAD3FC96E C:\Windows\System32\dnsrslvr.dll => MD5 is legit C:\Windows\System32\mpssvc.dll => MD5 is legit C:\Windows\System32\bfe.dll => MD5 is legit C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit C:\Windows\System32\SDRSVC.dll => MD5 is legit C:\Windows\System32\vssvc.exe => MD5 is legit C:\Windows\System32\wscsvc.dll => MD5 is legit C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit C:\Windows\System32\wuaueng.dll => MD5 is legit C:\Windows\System32\qmgr.dll => MD5 is legit C:\Windows\System32\es.dll => MD5 is legit C:\Windows\System32\cryptsvc.dll => MD5 is legit C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit C:\Windows\System32\ipnathlp.dll => MD5 is legit C:\Windows\System32\iphlpsvc.dll => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit **** End of log **** Code:
ATTFilter ComboFix 14-03-24.01 - Mike 02.04.2014 20:40:29.1.2 - x64 Microsoft® Windows Vista™ Business 6.0.6002.2.1252.49.1031.18.4094.1976 [GMT 2:00] ausgeführt von:: c:\users\Internet\Desktop\ComboFix.exe AV: avast! Antivirus *Enabled/Outdated* {17AD7D40-BA12-9C46-7131-94903A54AD8B} SP: avast! Antivirus *Enabled/Outdated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} * Neuer Wiederherstellungspunkt wurde erstellt . - REDUZIERTER FUNKTIONALITÄTSMODUS - . ADS - Windows: deleted 24 bytes in 1 streams. . (((((((((((((((((((((((((((((((((((( Weitere Löschungen )))))))))))))))))))))))))))))))))))))))))))))))) . . C:\prefs.js c:\program files (x86)\facemoods.com c:\program files (x86)\facemoods.com\facemoods\1.4.17.11\bh\facemoods.dll c:\program files (x86)\facemoods.com\facemoods\1.4.17.11\facemoods.crx c:\program files (x86)\facemoods.com\facemoods\1.4.17.11\facemoods.png c:\program files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodsApp.dll c:\program files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodsEng.dll c:\program files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe c:\program files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodsTlbr.dll c:\program files (x86)\facemoods.com\facemoods\1.4.17.11\uninstall.exe c:\program files (x86)\kikin c:\program files (x86)\kikin\default_settings.xml c:\program files (x86)\kikin\file_list.txt c:\program files (x86)\kikin\ie_kikin.dll c:\program files (x86)\kikin\kikin.ico c:\program files (x86)\kikin\KikinBroker.exe c:\program files (x86)\kikin\uninst.exe c:\program files (x86)\OnScreen c:\program files (x86)\OnScreen\Bin\Interop.OSH.dll c:\program files (x86)\OnScreen\Bin\Interop.ProgDVB.dll c:\program files (x86)\OnScreen\Bin\Osh.Common.dll c:\program files (x86)\OnScreen\Bin\OSH.dll c:\program files (x86)\OnScreen\Bin\OSHCmd.exe c:\program files (x86)\OnScreen\Bin\OSHHost.exe c:\program files (x86)\OnScreen\Bin\OSHMixer.dll c:\program files (x86)\OnScreen\Bin\OSHMixer.ini c:\program files (x86)\OnScreen\Bin\OSHPDVB.dll c:\program files (x86)\OnScreen\Bin\SimpleGrabber.dll c:\program files (x86)\OnScreen\Data\Logos\Channels\ById\130.318.14.russia_today_tv.gif c:\program files (x86)\OnScreen\Data\Logos\Channels\ById\130.318.8204.bbc_world.gif c:\program files (x86)\OnScreen\Data\Logos\Channels\ById\130.318.8209.cnn_international.gif c:\program files (x86)\OnScreen\Data\Logos\Channels\ByName\BBC World.gif c:\program files (x86)\OnScreen\Data\Logos\Channels\ByName\CNNI.gif c:\program files (x86)\OnScreen\Data\Logos\Channels\ByName\Russia Today.gif c:\program files (x86)\OnScreen\Data\Logos\Channels\NotFound.gif c:\program files (x86)\OnScreen\Data\OSH.mdb c:\program files (x86)\OnScreen\GPL.txt c:\program files (x86)\OnScreen\Html\App_Code\Configuration.cs c:\program files (x86)\OnScreen\Html\App_Code\Constants.cs c:\program files (x86)\OnScreen\Html\App_Code\Global.cs c:\program files (x86)\OnScreen\Html\App_Code\Utils.cs c:\program files (x86)\OnScreen\Html\Bin\Interop.OSH.dll c:\program files (x86)\OnScreen\Html\Bin\Interop.ProgDVB.dll c:\program files (x86)\OnScreen\Html\Bin\Osh.Common.dll c:\program files (x86)\OnScreen\Html\ChannelLogo.ashx c:\program files (x86)\OnScreen\Html\Code\Common.js c:\program files (x86)\OnScreen\Html\Code\Main.js c:\program files (x86)\OnScreen\Html\Code\MediaPlayer.js c:\program files (x86)\OnScreen\Html\Code\OSH.js c:\program files (x86)\OnScreen\Html\Code\ProgDVB.js c:\program files (x86)\OnScreen\Html\Code\Teletext.js c:\program files (x86)\OnScreen\Html\Code\ZoomPlayer.js c:\program files (x86)\OnScreen\Html\Console\console.html c:\program files (x86)\OnScreen\Html\Console\Firebug\firebug.css c:\program files (x86)\OnScreen\Html\Console\Firebug\firebug.html c:\program files (x86)\OnScreen\Html\Console\Firebug\firebug.js c:\program files (x86)\OnScreen\Html\Controls\Clock.htc c:\program files (x86)\OnScreen\Html\Controls\EPG.htc c:\program files (x86)\OnScreen\Html\Controls\MenuItem.htc c:\program files (x86)\OnScreen\Html\Controls\QuickInfoChannel.htc c:\program files (x86)\OnScreen\Html\Controls\QuickInfoProgram.htc c:\program files (x86)\OnScreen\Html\Controls\QuickInfoProgramPreview.htc c:\program files (x86)\OnScreen\Html\Controls\QuickInfoRecording.htc c:\program files (x86)\OnScreen\Html\Controls\QuickInfoTimeline.htc c:\program files (x86)\OnScreen\Html\Controls\QuickInfoVideoFile.htc c:\program files (x86)\OnScreen\Html\Controls\TeletextPage.htc c:\program files (x86)\OnScreen\Html\default.aspx c:\program files (x86)\OnScreen\Html\default.aspx.cs c:\program files (x86)\OnScreen\Html\Global.asax c:\program files (x86)\OnScreen\Html\Log\log.html c:\program files (x86)\OnScreen\Html\OSH.config c:\program files (x86)\OnScreen\Html\Plugins\Index.html c:\program files (x86)\OnScreen\Html\Plugins\MediaController.htc c:\program files (x86)\OnScreen\Html\Plugins\SubtitlesController.htc c:\program files (x86)\OnScreen\Html\Plugins\VolumeController.htc c:\program files (x86)\OnScreen\Html\ProgramScreenshot.ashx c:\program files (x86)\OnScreen\Html\Screens\ChannelNumber.html c:\program files (x86)\OnScreen\Html\Screens\EPG.html c:\program files (x86)\OnScreen\Html\Screens\Home.html c:\program files (x86)\OnScreen\Html\Screens\QuickInfo.html c:\program files (x86)\OnScreen\Html\Screens\Record.html c:\program files (x86)\OnScreen\Html\Screens\ScreenMasterPage.master c:\program files (x86)\OnScreen\Html\Screens\ScreenMasterPage.master.cs c:\program files (x86)\OnScreen\Html\Screens\Subtitles.html c:\program files (x86)\OnScreen\Html\Screens\Teletext.html c:\program files (x86)\OnScreen\Html\Screens\Weather.html c:\program files (x86)\OnScreen\Html\Themes\Common\Controls\ChannelInfo.htc c:\program files (x86)\OnScreen\Html\Themes\Common\Controls\ChannelNumberInput.htc c:\program files (x86)\OnScreen\Html\Themes\Common\Controls\DateTime.htc c:\program files (x86)\OnScreen\Html\Themes\Common\Controls\EPGInfo.htc c:\program files (x86)\OnScreen\Html\Themes\Common\Controls\Menu.htc c:\program files (x86)\OnScreen\Html\Themes\Common\Controls\RecordingInfo.htc c:\program files (x86)\OnScreen\Html\Themes\Common\Controls\TunerInfo.htc c:\program files (x86)\OnScreen\Html\Themes\Common\Images\blank.gif c:\program files (x86)\OnScreen\Html\Themes\Common\Images\blank.png c:\program files (x86)\OnScreen\Html\Themes\Common\Images\errorIcon.png c:\program files (x86)\OnScreen\Html\Themes\Common\Images\gradient-RYG.gif c:\program files (x86)\OnScreen\Html\Themes\Common\Images\infoIcon.png c:\program files (x86)\OnScreen\Html\Themes\Common\Images\warningIcon.png c:\program files (x86)\OnScreen\Html\Themes\MCE\Controls\Clock.htc c:\program files (x86)\OnScreen\Html\Themes\MCE\Controls\MenuItem.htc c:\program files (x86)\OnScreen\Html\Themes\MCE\Controls\MenuSeparator.htc c:\program files (x86)\OnScreen\Html\Themes\MCE\Controls\QuickInfoChannel.htc c:\program files (x86)\OnScreen\Html\Themes\MCE\Controls\QuickInfoProgram.htc c:\program files (x86)\OnScreen\Html\Themes\MCE\Controls\QuickInfoProgramPreview.htc c:\program files (x86)\OnScreen\Html\Themes\MCE\Controls\QuickInfoRecording.htc c:\program files (x86)\OnScreen\Html\Themes\MCE\Controls\QuickInfoTimeline.htc c:\program files (x86)\OnScreen\Html\Themes\MCE\Controls\QuickInfoVideoFile.htc c:\program files (x86)\OnScreen\Html\Themes\MCE\Controls\TeletextPage.htc c:\program files (x86)\OnScreen\Html\Themes\MCE\Images\common.background.png c:\program files (x86)\OnScreen\Html\Themes\MCE\Images\common.button.green.focus.165x32.png c:\program files (x86)\OnScreen\Html\Themes\MCE\Images\common.button.green.nofocus.165x32.png c:\program files (x86)\OnScreen\Html\Themes\MCE\Images\epg.active.bg.png c:\program files (x86)\OnScreen\Html\Themes\MCE\Images\epg.active.left.png c:\program files (x86)\OnScreen\Html\Themes\MCE\Images\epg.active.right.png c:\program files (x86)\OnScreen\Html\Themes\MCE\Images\epg.channel.png c:\program files (x86)\OnScreen\Html\Themes\MCE\Images\epg.focus.bg.png c:\program files (x86)\OnScreen\Html\Themes\MCE\Images\epg.focus.left.png c:\program files (x86)\OnScreen\Html\Themes\MCE\Images\epg.focus.right.png c:\program files (x86)\OnScreen\Html\Themes\MCE\Images\epg.inactive.bg.png c:\program files (x86)\OnScreen\Html\Themes\MCE\Images\epg.inactive.left.png c:\program files (x86)\OnScreen\Html\Themes\MCE\Images\epg.inactive.right.png c:\program files (x86)\OnScreen\Html\Themes\MCE\Images\home.hover.epg.png c:\program files (x86)\OnScreen\Html\Themes\MCE\Images\home.hover.quickinfo.png c:\program files (x86)\OnScreen\Html\Themes\MCE\Images\home.hover.record.png c:\program files (x86)\OnScreen\Html\Themes\MCE\Images\home.hover.settings.png c:\program files (x86)\OnScreen\Html\Themes\MCE\Images\home.hover.weather.png c:\program files (x86)\OnScreen\Html\Themes\MCE\Styles.css c:\program files (x86)\OnScreen\Html\web.config c:\program files (x86)\OnScreen\Readme.en.txt c:\program files (x86)\OnScreen\Readme.ru.txt c:\program files (x86)\OnScreen\Samples\Data\CreateDatabase.js c:\program files (x86)\OnScreen\Samples\Data\CreateDatabase.sql c:\program files (x86)\OnScreen\Samples\Data\OSH.mdb c:\program files (x86)\OnScreen\Samples\Girder\OSH.gml c:\program files (x86)\OnScreen\Samples\Girder\ProgDVB.gml c:\program files (x86)\OnScreen\Samples\OSHHost\DumpChannelDatabase.js c:\program files (x86)\OnScreen\Samples\OSHHost\GetChannelEpg.js c:\program files (x86)\OnScreen\Samples\OSHHost\MakeScreenShot.js c:\program files (x86)\OnScreen\Samples\OSHHost\OSHMonitor.js c:\program files (x86)\OnScreen\Samples\ProgDVB\ProgDVBMonitor.js c:\program files (x86)\OnScreen\Samples\ProgDVB\SendCommand.js c:\users\Mike\AppData\Roaming\kikin c:\users\Mike\AppData\Roaming\kikin\ff_configuration.xml c:\users\Mike\AppData\Roaming\kikin\ff_kkes.xml c:\users\Mike\AppData\Roaming\kikin\ff_settings.xml c:\users\Mike\AppData\Roaming\kikin\ie_configuration.xml c:\users\Mike\AppData\Roaming\kikin\ie_kkes.xml c:\users\Mike\AppData\Roaming\kikin\ie_settings.xml c:\users\Mike\Desktop\Search.lnk c:\users\Mike\Desktop\Setup.exe c:\windows\iun6002.exe c:\windows\pkunzip.pif c:\windows\pkzip.pif . . ((((((((((((((((((((((( Dateien erstellt von 2014-03-02 bis 2014-04-02 )))))))))))))))))))))))))))))) . . 2014-04-02 18:31 . 2014-04-02 18:31 -------- d-----w- c:\users\Internet\AppData\Roaming\AVAST Software 2014-04-02 15:33 . 2014-04-02 15:44 -------- d-----w- c:\users\Internet\AppData\Roaming\Notepad++ 2014-04-02 15:24 . 2014-04-02 15:43 -------- d-----w- c:\program files (x86)\Driver Fusion 2014-04-01 16:27 . 2014-04-01 16:27 -------- d-----w- c:\program files (x86)\Marvell 2014-04-01 16:20 . 2014-04-01 16:20 -------- d-----w- c:\program files (x86)\D-Link 2014-04-01 15:43 . 2014-04-02 18:32 -------- d-----w- c:\windows\system32\wbem\repository 2014-03-26 17:42 . 2012-03-27 06:48 389920 ----a-w- c:\windows\system32\drivers\yk60x64.sys 2014-03-26 16:20 . 2014-03-26 16:20 -------- d-----w- c:\users\Mike\AppData\Roaming\GlarySoft 2014-03-25 05:28 . 2014-03-25 05:28 -------- d-----w- c:\users\Mike\AppData\Roaming\Uninstaller Tool(Comodo Forums) 2014-03-25 05:28 . 2014-03-25 05:29 -------- d-----w- c:\users\Mike\AppData\Roaming\Dropbox 2014-03-25 05:28 . 2014-03-25 05:28 -------- d-----w- c:\users\Mike\AppData\Roaming\AVAST Software 2014-03-25 05:26 . 2014-03-25 05:26 79184 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2014-03-25 05:26 . 2014-03-25 05:26 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys 2014-03-25 05:26 . 2014-03-25 05:26 65264 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2014-03-25 05:26 . 2014-03-25 05:26 423240 ----a-w- c:\windows\system32\drivers\aswSP.sys 2014-03-25 05:26 . 2014-03-25 05:26 208928 ----a-w- c:\windows\system32\drivers\aswVmm.sys 2014-03-25 05:26 . 2014-03-25 05:26 1039096 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2014-03-25 05:26 . 2014-03-25 05:26 64752 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2014-03-25 05:26 . 2014-03-25 05:26 334648 ----a-w- c:\windows\system32\aswBoot.exe 2014-03-25 05:26 . 2014-03-25 05:26 43152 ----a-w- c:\windows\avastSS.scr 2014-03-25 05:26 . 2014-03-25 05:26 -------- d-----w- c:\program files\AVAST Software 2014-03-25 05:23 . 2014-03-25 05:23 -------- d-----w- c:\programdata\AVAST Software 2014-03-15 20:01 . 2014-02-23 06:48 1347072 ----a-w- c:\windows\system32\urlmon.dll 2014-03-15 18:35 . 2014-02-07 12:11 2776064 ----a-w- c:\windows\system32\win32k.sys 2014-03-15 18:35 . 2014-01-30 10:12 1111040 ----a-w- c:\windows\system32\wer.dll 2014-03-15 18:35 . 2014-01-30 07:46 876032 ----a-w- c:\windows\SysWow64\wer.dll 2014-03-15 18:35 . 2013-11-13 01:54 2048 ----a-w- c:\windows\system32\tzres.dll 2014-03-15 18:35 . 2013-11-13 00:30 2048 ----a-w- c:\windows\SysWow64\tzres.dll 2014-03-15 18:35 . 2014-02-03 13:20 619008 ----a-w- c:\windows\system32\qedit.dll 2014-03-15 18:35 . 2014-02-03 10:37 505344 ----a-w- c:\windows\SysWow64\qedit.dll 2014-03-07 21:10 . 2014-03-07 21:10 -------- d-----w- c:\program files (x86)\Common Files\Skype . . . (((((((((((((((((((((((((((((((((((( Find3M Bericht )))))))))))))))))))))))))))))))))))))))))))))))))))))) . 2014-04-01 16:21 . 2010-03-23 06:01 25640 ----a-w- c:\windows\gdrv.sys 2014-03-18 21:26 . 2006-11-02 12:35 90015360 ----a-w- c:\windows\system32\mrt.exe 2014-02-22 09:11 . 2012-03-31 07:55 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2014-02-22 09:11 . 2011-05-13 15:25 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2014-01-06 19:23 . 2014-01-06 19:23 4558848 ----a-w- c:\windows\SysWow64\GPhotos.scr . . (((((((((((((((((((((((((((( Autostartpunkte der Registrierung )))))))))))))))))))))))))))))))))))))))) . . *Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0}] 2009-11-08 08:55 297808 ----a-w- c:\windows\System32\mscoree.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{6638A9DE-0745-4292-8A2E-AE530E7B9B3F}] 2009-05-03 17:37 277648 ----a-w- c:\program files (x86)\Kiwee Toolbar\2.8.167\KiweeIEToolbar.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{998A3C0C-8914-4D2A-AE36-BFA2E5AE6D5D}] 2011-04-02 07:10 676352 ----a-w- c:\program files (x86)\Digsby Donates\ShoppingBHO.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar] "{6638A9DE-0745-4292-8A2E-AE530E7B9B3F}"= "c:\program files (x86)\Kiwee Toolbar\2.8.167\KiweeIEToolbar.dll" [2009-05-03 277648] . [HKEY_CLASSES_ROOT\clsid\{6638a9de-0745-4292-8a2e-ae530e7b9b3f}] [HKEY_CLASSES_ROOT\KiweeIEToolbar.KiweeToolbar.1] [HKEY_CLASSES_ROOT\TypeLib\{259EEB17-79AA-44DF-8410-8E55F82A902A}] [HKEY_CLASSES_ROOT\KiweeIEToolbar.KiweeToolbar] . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Pando Media Booster"="c:\program files (x86)\Pando Networks\Media Booster\PMB.exe" [2012-12-15 3093624] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-03-25 3854640] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336] "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-01-26 336384] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888] "NI Update Service"="c:\program files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe" [2011-11-02 3004512] "LWS"="c:\program files (x86)\Logitech\LWS\Webcam Software\LWS.exe" [2011-03-01 190808] "LifeCam"="c:\program files (x86)\Microsoft LifeCam\LifeExp.exe" [2010-05-20 119152] "LexwareInfoService"="c:\program files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe" [2011-07-31 189808] "JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2010-01-19 43632] "FreePDF Assistant"="c:\program files (x86)\FreePDF_XP\fpassist.exe" [2009-09-05 385024] "DAEMON Tools"="c:\program files (x86)\DAEMON Tools\daemon.exe" [2006-11-12 157592] "D-Link AirPlus G"="c:\program files (x86)\D-Link\AirPlus G\AirGCFG.exe" [2005-11-23 1544192] "ContentTransferWMDetector.exe"="c:\program files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe" [2009-11-19 583016] "CloneCDTray"="c:\program files (x86)\SlySoft\CloneCD\CloneCDTray.exe" [2009-01-29 57344] "ATICustomerCare"="c:\program files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-05-04 311296] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720] "ANIWZCS2Service"="c:\program files (x86)\ANI\ANIWZCS2 Service\WZCSLDR2.exe" [2005-10-19 49152] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] @="Driver" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] @="Driver" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] @="Service" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] iissvcs REG_MULTI_SZ w3svc was apphost REG_MULTI_SZ apphostsvc . HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs Themes . [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{69baf7eb-8a46-11dd-bdcf-005056c00008}] \shell\AutoRun\command - N:\start.exe /checksection . [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{be6bf4b7-94c6-11de-9ed1-005056c00008}] \shell\AutoRun\command - M:\Menu.exe . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2007-05-15 15:08 452136 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe . Inhalt des "geplante Tasks" Ordners . 2014-04-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-18 06:01] . 2014-03-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-18 06:01] . 2014-03-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3182072358-3436669929-749226670-1000Core.job - c:\users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-29 10:20] . 2014-04-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3182072358-3436669929-749226670-1000UA.job - c:\users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-29 10:20] . 2014-03-26 c:\windows\Tasks\ROC_JAN2013_TB_rmv.job - c:\program files (x86)\AVG Secure Search\PostInstall\ROC.exe [2013-01-24 02:53] . 2010-12-16 c:\windows\Tasks\User_Feed_Synchronization-{1E6CA0E6-8A16-4460-98CB-567799F6AE2A}.job - c:\windows\system32\msfeedssync.exe [2011-05-18 05:47] . 2014-04-02 c:\windows\Tasks\User_Feed_Synchronization-{6C5A9156-7B63-4596-8EB9-7C198DCD898D}.job - c:\windows\system32\msfeedssync.exe [2011-05-18 05:47] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2014-03-25 05:26 290888 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}] 2014-01-30 14:05 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}" . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}] 2014-01-30 14:05 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}" . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}] 2014-01-30 14:05 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}] 2014-01-30 14:05 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}] 2014-01-30 14:05 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}] 2014-01-30 14:05 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\HardLinkMenu] @="{0A479751-02BC-11d3-A855-0004AC2568AA}" [HKEY_CLASSES_ROOT\CLSID\{0A479751-02BC-11d3-A855-0004AC2568AA}] 2010-11-21 21:00 366280 ----a-w- c:\program files\LinkShellExtension\HardlinkShellExt.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IconOverlayHardLink] @="{0A479751-02BC-11d3-A855-0004AC2568DD}" [HKEY_CLASSES_ROOT\CLSID\{0A479751-02BC-11d3-A855-0004AC2568DD}] 2010-11-21 21:00 366280 ----a-w- c:\program files\LinkShellExtension\HardlinkShellExt.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IconOverlaySymbolicLink] @="{0A479751-02BC-11d3-A855-0004AC2568EE}" [HKEY_CLASSES_ROOT\CLSID\{0A479751-02BC-11d3-A855-0004AC2568EE}] 2010-11-21 21:00 366280 ----a-w- c:\program files\LinkShellExtension\HardlinkShellExt.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-03-17 10134560] "IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-02-11 186904] "CDAServer"="c:\program files\Common Files\Common Desktop Agent\CDASrv.exe" [2010-12-17 438784] "BtcMaestro"="c:\program files\KMaestro\KMaestro64.exe" [2006-11-03 368640] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=c:\windows\System32\acaptuser64.dll . ------- Zusätzlicher Suchlauf ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = about:blank mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local uSearchAssistant = hxxp://feed.snap.do/?publisher=TightropeYB&dpid=TightropeYB&co=DE&userid=356a9d8c-2894-4c88-a0c4-5941e239bf3f&searchtype=ds&q={searchTerms}&installDate=05/04/2013 mSearchAssistant = hxxp://start.facemoods.com/?a=ironto&s={searchTerms}&f=4 IE: &Download by Orbit - f:\orbitdownloader\orbitmxt.dll/201 IE: &Grab video by Orbit - f:\orbitdownloader\orbitmxt.dll/204 IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: An vorhandene PDF-Datei anfügen - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html IE: An vorhandenes PDF anfügen - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html IE: Do&wnload selected by Orbit - f:\orbitdownloader\orbitmxt.dll/203 IE: Down&load all by Orbit - f:\orbitdownloader\orbitmxt.dll/202 IE: In Adobe PDF konvertieren - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html IE: Linkziel an vorhandene PDF-Datei anhängen - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Linkziel in Adobe PDF konvertieren - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Nach Microsoft E&xel exportieren - e:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000 IE: Verknüpfungsziel in Adobe PDF konvertieren - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: {{0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - {E601996F-E400-41CA-804B-CD6373A7EEE2} - c:\program files (x86)\kikin\ie_kikin.dll TCP: DhcpNameServer = 192.168.1.1 DPF: CabBuilder - hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab FF - ProfilePath - c:\users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\fw8j1ycl.Standard-Benutzer\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2319825&SearchSource=3&q={searchTerms} FF - prefs.js: browser.startup.homepage - hxxp://www.leecher.to/f335/|hxxp://mygully.com/forum/377-ebooks/|hxxp://ukulele.kaypaulus.de/links.htm|hxxp://iso4de.com/spielend-e-gitarre-lernen-doppel-dvd-die-ultimative-e-gitarrenschule-fur-ein-und-umsteiger/|hxxp://www.boox.to/?x=65f79439b5a72f31030e2cbf4d148594&k=c053ff674569008882d5d37999a97dd1&q=%22ungez%C3%A4hmte+Nacht%22&time=20131104|hxxp://de-mg42.mail.yahoo.com/neo/launch#mail|https://www.lotto-niedersachsen.de/s/play/ground/elv_pay.do|hxxp://www.xboxhacks.de/autogg_0_9_3_rev72.t53285.html|hxxp://www.youtube.com/watch?v=a-TY8nO0RpU|hxxp://www.fitness-future.de/fotos.html FF - prefs.js: keyword.URL - hxxp://feed.snap.do/?publisher=TightropeYB&dpid=TightropeYB&co=DE&userid=356a9d8c-2894-4c88-a0c4-5941e239bf3f&searchtype=ds&installDate=05/04/2013&q= FF - prefs.js: network.proxy.ftp - 120.85.140.99 FF - prefs.js: network.proxy.ftp_port - 77 FF - prefs.js: network.proxy.type - 0 FF - ExtSQL: !HIDDEN! 2009-07-23 20:15; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF - user.js: network.proxy.http - FF - user.js: network.proxy.http_port - 0 FF - user.js: network.proxy.ssl - FF - user.js: network.proxy.ssl_port - 0 FF - user.js: network.proxy.type - 0 FF - user.js: network.proxy.socks - FF - user.js: network.proxy.socks_port - 0 . . ------- Dateityp-Verknüpfung ------- . .txt=DigitalFotoMaker.6.txt . - - - - Entfernte verwaiste Registrierungseinträge - - - - . BHO-{64182481-4F71-486b-A045-B233BD0DA8FC} - c:\program files (x86)\facemoods.com\facemoods\1.4.17.11\bh\facemoods.dll BHO-{E601996F-E400-41CA-804B-CD6373A7EEE2} - c:\program files (x86)\kikin\ie_kikin.dll Toolbar-{DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - c:\program files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodsTlbr.dll c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk - c:\program files\COMODO\GeekBuddy\launcher.exe "unit_manager.exe" WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe AddRemove-facemoods - c:\program files (x86)\facemoods.com\facemoods\1.4.17.11\uninstall.exe AddRemove-RDPSoftware Core Components - c:\windows\system32\uninst.exe AddRemove-{E4A71A41-BCC8-480a-9E69-0DA29CBA7ECA} - N:\uninstall.exe AddRemove-FoxTab AVI Converter - c:\program files (x86)\FoxTabAVIConverter\Uninstall\Uninstall.exe AddRemove-FoxTab Music Converter - c:\program files (x86)\FoxTabMusicConverter\Uninstall\Uninstall.exe . . . --------------------- Gesperrte Registrierungsschluessel --------------------- . [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.alb\UserChoice] @Denied: (2) (LocalSystem) "Progid"="FotoManager10Deluxe.8.alb" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1171A62F-05D2-11D1-83FC-00A0C9089C5A}] @Denied: (A 2) (Everyone) @="FlashProp Class" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1171A62F-05D2-11D1-83FC-00A0C9089C5A}\InprocServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9b.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}] @Denied: (A 2) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0] @="Shockwave Flash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}] @Denied: (A 2) (Everyone) @="" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0] @="FlashBroker" . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows CE Services] "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\ . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes] "SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59, 00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\ . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Minnetonka Audio Software\SurCode Dolby Digital Premiere\Version*Version] "Version"=hex:58,91,8c,49,ab,f8,b9,22,42,81,0f,49,69,11,15,c6,54,45,1f,e7,80, 06,c7,a0,69,12,3d,0b,d3,10,c4,ce,47,f4,a0,4c,9f,34,07,f9,c1,95,5d,1e,8f,5f,\ . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Nico Mak Computing\WinZip] "SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\ . Zeit der Fertigstellung: 2014-04-02 20:51:00 ComboFix-quarantined-files.txt 2014-04-02 18:51 . Vor Suchlauf: 29 Verzeichnis(se), 10.357.964.800 Bytes frei Nach Suchlauf: 33 Verzeichnis(se), 10.535.358.464 Bytes frei . - - End Of File - - 476A0183F5C3282335B89BBFAA7E7486 könnt ihr helfen? |
02.04.2014, 22:22 | #2 | |
| Nach Deinstallation von Comodo Internet Security - Netzwerk defekt Anleitung / Hilfe Hallo computiger und ,
__________________Zitat:
Allerdings sehe ich schon als absoluter Laie auf dem Gebiet der Farbar und Combofix Logs zwei Dinge: 1) Die DNS-Auflösung ist falsch eingestellt 2) Hier fehlen eindeutig Registrierungsschlüssel zwar "sehe" ich auch noch ein wenig mehr, aber da hier der dringende Verdacht auf Malware besteht rate ich dir, hier einen neuen Thread zu erstellen: http://www.trojaner-board.de/newthre...=newthread&f=8 - ein Experte wird sich dann alsbald um dein Problem kümmern (bitte um etwas Geduld, ja?) Liebe Grüße, Alois
__________________ |
02.04.2014, 22:24 | #3 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Nach Deinstallation von Comodo Internet Security - Netzwerk defekt Details Hallo und
__________________
__________________ |
03.04.2014, 06:54 | #4 | |
| Lösung: Nach Deinstallation von Comodo Internet Security - Netzwerk defekt Hallo Alois, erstmal danke für deine Antwort Zitat:
Diesen Fall hatte ich kurz nach Installation von Comodo auch schon mal, hier half der Support von Comodo und behob das Problem. Zu Punkt 1. in diversen Forenberichten fand ich auch den Hinweis DNS Eintrag unter TCP IP Protokoll entfernen jedoch scheiterte der Versuch da ich keinen Zugriff auf die Eigenschaften habe Zu Punkt 2. in den entsprechenden Schlüsseln kann ich nicht auf Parameters zugreifen, der Zugriff wird verweigert, obwohl ich Als Administrator die Registry geöffnet habe Wenn ich die Registry jedoch von einer gestarteten Windows PE CD öffne (sprich den System Hive meines defekten Systemes lade) kann ich auf die Parameter zugreifen @cosinus auch dir danke für deine Antwort Punkt 1 es gab zu der Installationszeit kein Windows 7 Punkt 2 Business war bei meinem Computer einfach dabei Punkt 3 Ich war auf der suche nach einem neuen AntiVirenprogramm und in den von mir gelesenen Tests war es gut beurteilt worden. Hinterher ist man immer schlauer, ich werde es jedenfalls nicht mehr verwenden Avast habe ich erst im nachhinein installiert, nachdem Comodo entfernt war. Leider waren zur Installationszeit noch Fragmente von Comodo aktiv, zumindest was die Netzwerkfunktion anging, hatte ich nur zu spät bemerkt Punkt 4 ComboFix führte ich aus weil ich etwas hilflos war, war wohl auch etwas zu voreilig |
03.04.2014, 08:35 | #5 |
Wie Nach Deinstallation von Comodo Internet Security - Netzwerk defekt Wie gesagt, du solltest wie Alois schon versucht dir beizubringen in der Malwareabteilung einen Thread eröffnen. Du hast Unmengen von Adware und manch andere Abenteuer in den Logs. Von daher, neu aufsetzen oder bereinigen lassen, sonst wäre jede Hilfe überflüssig.
__________________ PC Betriebssystem: Microsoft Windows 8.1 Smartphone: Hardware: iPhone 5s | Betriebssystem: iOS 8.2 |
Themen zu Nach Deinstallation von Comodo Internet Security - Netzwerk defekt |
ads -, antivirus, autorun, avg, browser, combofix, converter, desktop, downloader, error, firefox, google, helper, hängen, internet, internet explorer, lws.exe, mozilla, netzwerk, realtek, registry, scan, secure search, security, software, svchost.exe, vista, windows |