![]() |
|
Log-Analyse und Auswertung: Win7 64bit / Diverse Virenfunde bei Malewarebytes. Google Chrome verweigert Downloads.Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
![]() |
|
![]() | #1 |
| ![]() Win7 64bit / Diverse Virenfunde bei Malewarebytes. Google Chrome verweigert Downloads. Ich muss leider alle Logs per Anhang anfügen, laut System dürfen nur 12000 Zeichen geschrieben werden, die Logs sind ingesamt etwa 14000 Zeichen lang. Das hat man davon, wenn der kleine Bruder sich die neuesten Minecraft Patches herunterladen will: ![]() Ich bedanke mich schonmal im Voraus und hoffe die angehängte .Zip Datei nervt nicht allzu sehr. Vielen Dank, MrComputer ![]() |
![]() | #2 | |
/// TB-Ausbilder ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() | ![]() Win7 64bit / Diverse Virenfunde bei Malewarebytes. Google Chrome verweigert Downloads.![]() Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags: ![]() Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Zitat:
![]() Scan mit Combofix
|
![]() | #3 |
| ![]() Win7 64bit / Diverse Virenfunde bei Malewarebytes. Google Chrome verweigert Downloads. Hallo,
__________________vielen Dank erst mal für deine Hilfe! Ich werde es heute wohl nicht schaffen Combofix auszuführen, weil ich noch auswärts bin. Mein kleiner Bruder kriegt das sicherlich nicht alleine hin, also werde ich das in den nächsten Tagen machen, ich hoffe das ist Ok? Viele Grüße, MrComputer! |
![]() | #4 | |
/// TB-Ausbilder ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() | ![]() Win7 64bit / Diverse Virenfunde bei Malewarebytes. Google Chrome verweigert Downloads.Zitat:
![]() |
![]() | #5 |
/// TB-Ausbilder ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() | ![]() Win7 64bit / Diverse Virenfunde bei Malewarebytes. Google Chrome verweigert Downloads. Fehlende Rückmeldung Dieses Thema wurde aus den Abos gelöscht. Somit bekomme ich keine Benachrichtigung über neue Antworten. PM an mich falls Du denoch weiter machen willst. Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist. Jeder andere bitte hier klicken und einen eigenen Thread erstellen! |
![]() | #6 |
| ![]() Win7 64bit / Diverse Virenfunde bei Malewarebytes. Google Chrome verweigert Downloads. Hab dir ne PM geschickt, dass ich doch weiter machen will, war ja nur die letzten Tage verhindert. Hier die Combofix Log Datei Code:
ATTFilter ComboFix 14-05-16.01 - ***** 18.05.2014 20:29:32.3.6 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.8191.6280 [GMT 2:00] ausgeführt von:: c:\users\*****\Desktop\ComboFix.exe AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859} SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Neuer Wiederherstellungspunkt wurde erstellt . . ((((((((((((((((((((((( Dateien erstellt von 2014-04-18 bis 2014-05-18 )))))))))))))))))))))))))))))) . . 2074-05-18 15:44 . 2008-03-21 12:46 607296 ----a-w- c:\program files (x86)\Microsoft Games\Age of Empires III\deformerdllyD.dll 2014-05-14 15:00 . 2014-05-14 15:00 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi 2014-05-13 15:45 . 2014-05-13 15:46 -------- d-----w- C:\FRST 2014-05-13 15:29 . 2014-05-13 15:29 -------- d-sh--w- c:\users\*****\AppData\Local\EmieUserList 2014-05-13 15:29 . 2014-05-13 15:29 -------- d-sh--w- c:\users\*****\AppData\Local\EmieSiteList 2014-05-13 13:27 . 2014-05-13 15:41 119512 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys 2014-05-13 13:27 . 2014-05-13 13:27 -------- d-----w- c:\program files (x86)\ Malwarebytes Anti-Malware 2014-05-13 13:27 . 2014-04-03 07:51 63192 ----a-w- c:\windows\system32\drivers\mwac.sys 2014-05-13 13:27 . 2014-04-03 07:51 88280 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys 2014-05-13 13:27 . 2014-04-03 07:50 25816 ----a-w- c:\windows\system32\drivers\mbam.sys 2014-05-10 21:45 . 2009-03-18 16:35 33856 ---ha-w- c:\windows\system32\hamachi.sys 2014-05-10 17:36 . 2014-04-24 10:33 61112 ----a-w- c:\windows\system32\drivers\{f64c1459-b911-4fd8-a74e-36a496bf26e3}Gw64.sys 2014-05-10 16:04 . 2014-05-18 18:57 -------- d-----w- c:\users\*****\AppData\Local\LogMeIn Hamachi 2014-05-10 16:04 . 2014-05-10 16:04 -------- d-----w- c:\users\*****\AppData\Local\LogMeIn 2014-05-10 16:04 . 2014-05-10 16:04 -------- d-----w- c:\programdata\LogMeIn 2014-05-10 16:03 . 2014-05-13 14:10 -------- d-----w- c:\users\*****\AppData\Roaming\VOPackage 2014-05-10 16:01 . 2014-05-10 16:01 -------- d-----w- c:\users\*****\AppData\Roaming\Paltalk 2014-05-10 16:01 . 2014-05-10 16:01 -------- d-----w- c:\program files (x86)\Paltalk Messenger 2014-05-10 16:01 . 2014-05-10 16:01 -------- d-----w- c:\program files\ZappAddon 2014-05-10 16:00 . 2014-05-13 14:10 -------- d-----w- c:\users\*****\AppData\Roaming\SimplyTech 2014-05-10 16:00 . 2014-05-10 16:00 -------- d-----w- c:\program files (x86)\ZappAddon 2014-05-10 16:00 . 2014-02-04 05:36 33864 ----a-w- c:\windows\Launcher.exe 2014-05-10 16:00 . 2014-05-10 16:00 -------- d-----w- c:\users\*****\AppData\Local\SearchProtect 2014-05-10 15:10 . 2014-05-10 15:11 -------- d--h--w- c:\programdata\CanonIJMIG 2014-05-07 17:52 . 2014-04-29 14:01 23547904 ----a-w- c:\windows\system32\mshtml.dll 2014-05-07 17:52 . 2014-04-29 13:40 2724864 ----a-w- c:\windows\system32\mshtml.tlb 2014-05-07 17:52 . 2014-04-29 12:34 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb 2014-05-06 18:37 . 2014-05-06 18:37 -------- d-s---w- c:\windows\system32\CompatTel 2014-05-06 13:57 . 2014-04-14 02:24 465408 ----a-w- c:\windows\system32\aepdu.dll 2014-05-06 13:57 . 2014-04-14 02:19 424448 ----a-w- c:\windows\system32\aeinv.dll 2014-05-04 11:54 . 2014-05-11 11:54 -------- d-----w- c:\users\*****\AppData\Roaming\Canon 2014-05-04 11:53 . 2014-05-04 11:53 -------- d--h--w- c:\programdata\CanonIJEGV 2014-05-04 11:52 . 2012-03-26 03:00 392192 ----a-w- c:\windows\system32\CNMXLMB9.DLL 2014-05-04 11:51 . 2012-02-08 14:34 320000 ----a-w- c:\windows\SysWow64\CNC_B9L.dll 2014-05-04 11:51 . 2012-01-16 12:21 103424 ----a-w- c:\windows\SysWow64\CNC_B9U.dll 2014-05-04 11:51 . 2008-08-25 16:02 15872 ----a-w- c:\windows\SysWow64\CNHMCA.dll 2014-05-04 11:50 . 2014-05-04 11:50 -------- d-----w- c:\program files\Common Files\CANON 2014-05-04 11:50 . 2014-05-04 11:50 -------- d-----w- c:\programdata\CanonIJWSpt 2014-05-04 11:48 . 2014-05-04 11:48 -------- d-----w- c:\program files\Canon 2014-05-04 11:47 . 2014-05-04 11:47 -------- d--h--w- c:\programdata\CanonBJ 2014-05-04 11:47 . 2012-03-26 03:00 30208 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNMPDB9.DLL 2014-05-04 11:47 . 2012-03-26 03:00 100352 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNMPPB9.DLL 2014-05-04 11:47 . 2014-05-04 11:47 -------- d--h--w- c:\windows\system32\CanonIJ Uninstaller Information 2014-05-04 11:47 . 2012-02-08 14:36 363520 ----a-w- c:\windows\system32\CNC_B9L.dll 2014-05-04 11:47 . 2012-01-16 12:21 287744 ----a-w- c:\windows\system32\CNC_B9C.dll 2014-05-04 11:47 . 2012-01-16 12:20 106496 ----a-w- c:\windows\system32\CNC_B9I.dll 2014-05-04 11:47 . 2008-08-25 16:02 17920 ----a-w- c:\windows\system32\CNHMCA6.dll 2014-05-04 11:46 . 2012-03-26 03:00 389120 ----a-w- c:\windows\system32\CNMLMB9.DLL 2014-05-04 11:46 . 2014-05-04 11:46 -------- d-----w- c:\windows\system32\STRING 2014-05-04 11:46 . 2012-03-28 17:01 39424 ----a-w- c:\windows\system32\CNMN6UI.DLL 2014-05-04 11:46 . 2012-03-28 17:01 359936 ----a-w- c:\windows\system32\CNMN6PPM.DLL 2014-05-04 11:45 . 2014-05-04 11:45 -------- d--h--w- c:\programdata\CanonIJETV 2014-05-04 11:45 . 2014-05-04 11:51 -------- d-----w- c:\program files (x86)\Canon . . . (((((((((((((((((((((((((((((((((((( Find3M Bericht )))))))))))))))))))))))))))))))))))))))))))))))))))))) . 2014-05-14 15:56 . 2012-04-10 15:59 692400 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2014-05-14 15:56 . 2011-05-15 09:16 70832 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2014-05-02 15:56 . 2011-04-30 17:47 214392 ----a-w- c:\windows\SysWow64\PnkBstrB.exe 2014-05-02 15:55 . 2011-04-30 17:47 214392 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0 2014-05-01 22:59 . 2011-04-30 20:07 280792 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr 2014-04-12 20:04 . 2011-05-19 12:32 90655440 ----a-w- c:\windows\system32\MRT.exe 2014-03-04 09:44 . 2014-04-12 16:32 362496 ----a-w- c:\windows\system32\wow64win.dll 2014-03-04 09:44 . 2014-04-12 16:32 243712 ----a-w- c:\windows\system32\wow64.dll 2014-03-04 09:44 . 2014-04-12 16:32 13312 ----a-w- c:\windows\system32\wow64cpu.dll 2014-03-04 09:44 . 2014-04-12 16:32 16384 ----a-w- c:\windows\system32\ntvdm64.dll 2014-03-04 09:44 . 2014-04-12 16:32 1163264 ----a-w- c:\windows\system32\kernel32.dll 2014-03-04 09:17 . 2014-04-12 16:32 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll 2014-03-04 09:17 . 2014-04-12 16:32 44032 ----a-w- c:\windows\apppatch\acwow64.dll 2014-03-04 09:16 . 2014-04-12 16:32 25600 ----a-w- c:\windows\SysWow64\setup16.exe 2014-03-04 09:16 . 2014-04-12 16:32 5120 ----a-w- c:\windows\SysWow64\wow32.dll 2014-03-04 08:09 . 2014-04-12 16:32 7680 ----a-w- c:\windows\SysWow64\instnm.exe 2014-03-04 08:09 . 2014-04-12 16:32 2048 ----a-w- c:\windows\SysWow64\user.exe 2014-03-03 18:54 . 2011-04-30 17:47 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe . . (((((((((((((((((((((((((((( Autostartpunkte der Registrierung )))))))))))))))))))))))))))))))))))))))) . . *Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{f1abf166-ad38-4bcf-9844-c22b50874909}] 2014-03-24 04:32 1103432 ----a-w- c:\program files (x86)\ZappAddon\IE\ZappAddon.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar] "{f1abf166-ad38-4bcf-9844-c22b50874909}"= "c:\program files (x86)\ZappAddon\IE\ZappAddon.dll" [2014-03-24 1103432] . [HKEY_CLASSES_ROOT\clsid\{f1abf166-ad38-4bcf-9844-c22b50874909}] [HKEY_CLASSES_ROOT\wtb.Band.1] [HKEY_CLASSES_ROOT\TypeLib\{93b3a696-a570-446b-afb9-1442b2e20003}] [HKEY_CLASSES_ROOT\wtb.Band] . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2013-09-10 23:54 131248 ----a-w- c:\users\*****\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2013-09-10 23:54 131248 ----a-w- c:\users\*****\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2013-09-10 23:54 131248 ----a-w- c:\users\*****\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2013-09-10 23:54 131248 ----a-w- c:\users\*****\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Steam"="c:\program files (x86)\Steam\steam.exe" [2014-04-23 1825984] "SandboxieControl"="c:\program files\Sandboxie\SbieCtrl.exe" [2011-11-23 652048] "HydraVisionDesktopManager"="c:\program files (x86)\ATI Technologies\HydraVision\HydraDM.exe" [2010-09-30 393216] "Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-02-10 20922016] "Spotify"="c:\users\*****\AppData\Roaming\Spotify\Spotify.exe" [2014-05-18 6170168] "Spotify Web Helper"="c:\users\*****\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2014-05-18 1176632] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Six Engine"="c:\program files (x86)\ASUS\EPU\EPU.exe" [2010-06-14 5309056] "NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-04-27 113288] "BrMfcWnd"="c:\program files (x86)\Brother\Brmfcmon\BrMfcWnd.exe" [2009-05-26 1159168] "ControlCenter3"="c:\program files (x86)\Brother\ControlCenter3\brctrcen.exe" [2008-12-24 114688] "Nikon Message Center 2"="c:\program files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe" [2010-05-25 619008] "ArcSoft Connection Service"="c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424] "AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992] "SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904] "AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-02-12 43848] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888] "avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2014-02-20 689744] "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2013-09-21 766208] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-02-21 152392] "CanonQuickMenu"="c:\program files (x86)\Canon\Quick Menu\CNQMMAIN.EXE" [2012-04-03 1273448] "LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2014-05-13 3814736] . c:\users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dropbox.lnk - c:\users\*****\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-4-18 33604728] PalTalk.lnk - c:\program files (x86)\Paltalk Messenger\paltalk.exe nas [2014-4-15 7952976] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.8.141\SSScheduler.exe [2014-1-16 329944] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) . R2 AODDriver4.01;AODDriver4.01;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x] R2 AODDriver4.2.0;AODDriver4.2.0;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R2 ISWKL;ZoneAlarm Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [x] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x] R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x] R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.8.141\McCHSvc.exe;c:\program files\McAfee Security Scan\3.8.141\McCHSvc.exe [x] R3 RTCore64;RTCore64;c:\program files (x86)\MSI Afterburner\RTCore64.sys;c:\program files (x86)\MSI Afterburner\RTCore64.sys [x] R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x] S1 {f64c1459-b911-4fd8-a74e-36a496bf26e3}Gw64;{f64c1459-b911-4fd8-a74e-36a496bf26e3}Gw64;c:\windows\system32\drivers\{f64c1459-b911-4fd8-a74e-36a496bf26e3}Gw64.sys;c:\windows\SYSNATIVE\drivers\{f64c1459-b911-4fd8-a74e-36a496bf26e3}Gw64.sys [x] S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x] S2 AdobeActiveFileMonitor10.0;Adobe Active File Monitor V10;c:\program files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe;c:\program files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [x] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x] S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x] S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x] S2 AntiVirWebService;Avira Browser-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [x] S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x64.sys;c:\windows\SYSNATIVE\drivers\cpuz135_x64.sys [x] S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x] S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [x] S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x] S2 PDF Architect Helper Service;PDF Architect Helper Service;c:\program files (x86)\PDF Architect\HelperService.exe;c:\program files (x86)\PDF Architect\HelperService.exe [x] S2 PDF Architect Service;PDF Architect Service;c:\program files (x86)\PDF Architect\ConversionService.exe;c:\program files (x86)\PDF Architect\ConversionService.exe [x] S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x] S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x] S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x] S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x] S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x] . . Inhalt des "geplante Tasks" Ordners . 2014-05-18 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-10 15:56] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{f1abf166-ad38-4bcf-9844-c22b50874909}] 2014-03-24 04:33 1431112 ----a-w- c:\program files\ZappAddon\IE\ZappAddon.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{f1abf166-ad38-4bcf-9844-c22b50874909}"= "c:\program files\ZappAddon\IE\ZappAddon.dll" [2014-03-24 1431112] . [HKEY_CLASSES_ROOT\CLSID\{f1abf166-ad38-4bcf-9844-c22b50874909}] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2013-09-10 23:54 164016 ----a-w- c:\users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2013-09-10 23:54 164016 ----a-w- c:\users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2013-09-10 23:54 164016 ----a-w- c:\users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2013-09-10 23:54 164016 ----a-w- c:\users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-09-20 444904] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-07-06 11057768] . ------- Zusätzlicher Suchlauf ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.com mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local uInternet Settings,ProxyServer = http=127.0.0.1:14160 IE: Free YouTube Download - c:\users\*****\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000 LSP: c:\program files (x86)\Avira\AntiVir Desktop\avsda.dll TCP: DhcpNameServer = 192.168.178.1 FF - ProfilePath - c:\users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\vym8tsne.default\ FF - prefs.js: browser.search.selectedEngine - Trovi search FF - prefs.js: network.proxy.type - 0 FF - ExtSQL: 2014-05-10 20:01; {c22c1a80-3af2-449c-a94e-e15e7686e0ed}; c:\users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\vym8tsne.default\extensions\{c22c1a80-3af2-449c-a94e-e15e7686e0ed} FF - user.js: extensions.autoDisableScopes - 0 FF - user.js: extensions.shownSelectionUI - true . - - - - Entfernte verwaiste Registrierungseinträge - - - - . HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start . . . --------------------- Gesperrte Registrierungsschluessel --------------------- . [HKEY_USERS\S-1-5-21-2714413572-685484061-1826461873-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{f1abf166-ad38-4bcf-9844-c22b50874909}] @Denied: (A 2) (Administrators) @Denied: (A 2) (S-1-5-21-2714413572-685484061-1826461873-1000) @Allowed: (Read) (S-1-15-3-4096) @Allowed: (Read) (RestrictedCode) "Flags"=dword:00000400 . [HKEY_USERS\S-1-5-21-2714413572-685484061-1826461873-1000\Software\SecuROM\License information*] "datasecu"=hex:06,cc,ee,96,e6,09,21,ac,19,88,c8,c8,7e,9d,4b,e1,50,c9,20,70,ac, 4f,9a,23,b7,ca,91,39,28,89,37,63,3f,f5,4c,aa,54,b2,f3,a7,b6,1c,85,95,37,72,\ "rkeysecu"=hex:70,49,b2,8c,ed,6e,b5,71,b8,de,28,04,75,85,e0,1b . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.13" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Zeit der Fertigstellung: 2014-05-18 21:08:08 ComboFix-quarantined-files.txt 2014-05-18 19:08 . Vor Suchlauf: 16 Verzeichnis(se), 1.614.306.635.776 Bytes frei Nach Suchlauf: 17 Verzeichnis(se), 1.616.065.851.392 Bytes frei . - - End Of File - - D4055B9E53EF667B0380276BC2ED7286 A36C5E4F47E84449FF07ED3517B43A31 ![]() |
![]() |
Themen zu Win7 64bit / Diverse Virenfunde bei Malewarebytes. Google Chrome verweigert Downloads. |
.zip datei, anderen, anhang, avira, bruder, chip, computer, datei, diverse, gelöscht, google, heute, kaufen, kleine, lange ladezeiten, neues, programm, programme, quarantäne, scan, schonmal, surfen, system, virenscan, win, win7, zeichen |