Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Windows 7 64 / Google Chrome macht immer neue Werbeseiten auf / will Chrom oder Java Udaten

Windows 7 64 / Google Chrome macht immer neue Werbeseiten auf / will Chrom oder Java Udaten


Plagegeister aller Art und deren Bekämpfung: Windows 7 64 / Google Chrome macht immer neue Werbeseiten auf / will Chrom oder Java Udaten

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 29.12.2014, 16:01   #3
FlyingSascha
 
Windows 7 64 / Google Chrome macht immer neue Werbeseiten auf / will Chrom oder Java Udaten - Standard

Windows 7 64 / Google Chrome macht immer neue Werbeseiten auf / will Chrom oder Java Udaten


So , Programm lief ca. 1h 40min

Code:
ATTFilter
ComboFix 14-12-25.01 - FlyingSascha 29.12.2014  14:10:41.1.4 - x64
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.49.1031.18.8190.5084 [GMT 1:00]
ausgeführt von:: c:\users\FlyingSascha\Desktop\ComboFix.exe
AV: Bitdefender Antivirus *Disabled/Updated* {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
FW: Bitdefender Firewall *Disabled* {A23392FD-84B9-F933-2C71-81E751F6EF46}
SP: Bitdefender Spyware-Schutz *Disabled/Updated* {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\1395584028.bdinstall.bin
c:\programdata\1397813348.bdinstall.bin
c:\programdata\1397813388.bdinstall.bin
c:\programdata\1397813595.bdinstall.bin
c:\programdata\1398360755.bdinstall.bin
c:\programdata\1398361431.bdinstall.bin
c:\programdata\1398361564.bdinstall.bin
c:\users\FlyingSascha\AppData\Roaming\Origin
c:\users\FlyingSascha\AppData\Roaming\Origin\local.xml
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-11-28 bis 2014-12-29  ))))))))))))))))))))))))))))))
.
.
2014-12-29 14:53 . 2014-12-29 14:53	9310	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TEXTBOX.JS
2014-12-29 14:53 . 2014-12-29 14:53	8646	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TILEBOX.JS
2014-12-29 14:53 . 2014-12-29 14:53	8613	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\SAVEDUSER.JS
2014-12-29 14:53 . 2014-12-29 14:53	6910	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\NEWUSERCOMM.JS
2014-12-29 14:53 . 2014-12-29 14:53	6429	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\UICORE.JS
2014-12-29 14:53 . 2014-12-29 14:53	63115	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\USERTILE.JS
2014-12-29 14:53 . 2014-12-29 14:53	5927	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TEXT.JS
2014-12-29 14:53 . 2014-12-29 14:53	4599	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\UIRESOURCE.JS
2014-12-29 14:53 . 2014-12-29 14:53	1651	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\QUERYSTRING.JS
2014-12-29 14:52 . 2014-12-29 14:52	8288	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\IMAGE.JS
2014-12-29 14:52 . 2014-12-29 14:52	6208	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\LINK.JS
2014-12-29 14:52 . 2014-12-29 14:52	18541	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\LOCALIZATION.JS
2014-12-29 14:52 . 2014-12-29 14:52	8782	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\BUTTON.JS
2014-12-29 14:52 . 2014-12-29 14:52	7271	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\CHECKBOX.JS
2014-12-29 14:52 . 2014-12-29 14:52	51852	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\EXTERNALWRAPPER.JS
2014-12-29 14:52 . 2014-12-29 14:52	23327	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\COMBOBOX.JS
2014-12-29 14:52 . 2014-12-29 14:52	20719	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\DIVWRAPPER.JS
2014-12-29 11:58 . 2014-12-29 11:58	--------	d-----w-	c:\windows\ERUNT
2014-12-29 11:51 . 2014-12-29 11:51	--------	d-----w-	c:\program files (x86)\VS Revo Group
2014-12-29 11:36 . 2014-12-29 11:38	--------	d-----w-	C:\AdwCleaner
2014-12-29 11:31 . 2014-12-29 11:31	26528	----a-w-	c:\windows\SysWow64\drivers\HWiNFO64A.SYS
2014-12-29 11:31 . 2014-12-29 11:31	--------	d-----w-	c:\users\FlyingSascha\AppData\Roaming\ProductData
2014-12-29 11:30 . 2014-12-29 11:31	--------	d-----w-	c:\programdata\IObit
2014-12-29 11:30 . 2014-12-29 11:31	--------	d-----w-	c:\programdata\ProductData
2014-12-29 11:30 . 2014-12-29 11:46	--------	d-----w-	c:\program files (x86)\IObit
2014-12-29 11:30 . 2014-12-29 11:31	--------	d-----w-	c:\users\FlyingSascha\AppData\Roaming\IObit
2014-12-27 11:11 . 2014-12-27 11:11	--------	d-----w-	c:\users\FlyingSascha\AppData\Local\TeamViewer
2014-12-24 23:31 . 2014-12-29 14:53	129752	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-12-24 23:31 . 2014-12-24 23:31	--------	d-----w-	c:\program files (x86)\ Malwarebytes Anti-Malware 
2014-12-24 23:31 . 2014-12-24 23:31	--------	d-----w-	c:\programdata\Malwarebytes
2014-12-24 23:31 . 2014-11-21 05:14	63704	----a-w-	c:\windows\system32\drivers\mwac.sys
2014-12-24 23:31 . 2014-11-21 05:14	93400	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2014-12-24 23:31 . 2014-11-21 05:14	25816	----a-w-	c:\windows\system32\drivers\mbam.sys
2014-12-24 13:06 . 2014-12-24 13:06	--------	d-----w-	c:\program files (x86)\Enigma Software Group
2014-12-24 13:05 . 2014-12-24 23:28	--------	d-----w-	c:\windows\0028CB34D5D3460FB308A39A095A5E01.TMP
2014-12-24 12:20 . 2014-12-24 12:20	--------	d-----w-	c:\programdata\Licenses
2014-12-24 12:16 . 2014-12-24 12:16	--------	d-----w-	c:\programdata\Simply Super Software
2014-12-24 11:57 . 2014-12-24 11:57	--------	d-----w-	c:\programdata\NortonInstaller
2014-12-24 11:57 . 2014-12-24 12:20	--------	d-----w-	c:\users\FlyingSascha\AppData\Roaming\StormFall
2014-12-24 09:37 . 2014-12-29 12:47	--------	d-----w-	C:\FRST
2014-12-24 09:22 . 2014-12-24 09:22	--------	d-----w-	c:\users\FlyingSascha\AppData\Roaming\Ashampoo
2014-12-24 09:21 . 2014-12-24 09:22	--------	d-----w-	c:\users\FlyingSascha\AppData\Local\ashampoo
2014-12-24 09:14 . 2014-12-24 12:04	--------	d-----w-	c:\programdata\Ashampoo
2014-12-24 09:14 . 2014-12-24 12:16	--------	d-----w-	c:\program files (x86)\Ashampoo
2014-12-22 11:25 . 2014-12-22 11:44	--------	d-----w-	c:\programdata\TmForever
2014-12-22 11:22 . 2014-12-22 11:24	--------	d-----w-	c:\program files (x86)\TmNationsForever
2014-12-20 10:39 . 2014-12-20 10:41	--------	d-----w-	c:\programdata\BlueStacksSetup
2014-12-20 10:39 . 2014-12-20 10:39	--------	d-----w-	c:\users\FlyingFabian\AppData\Local\Bluestacks
2014-12-19 18:40 . 2014-12-19 18:40	--------	d-----w-	c:\users\FlyingFabian\AppData\Roaming\StunlockStudios
2014-12-17 18:24 . 2014-12-13 05:09	144384	----a-w-	c:\windows\system32\ieUnatt.exe
2014-12-17 18:24 . 2014-12-13 03:33	115712	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2014-12-17 15:07 . 2014-12-17 15:07	--------	d-----w-	c:\program files (x86)\LogMeIn Hamachi
2014-12-16 15:57 . 2014-12-16 15:57	--------	d-----w-	c:\programdata\gfhlpbbmhkonieglgegpgmgmgakhfcmi
2014-12-11 14:34 . 2014-11-12 20:46	615624	----a-w-	c:\windows\SysWow64\nvStreaming.exe
2014-12-11 14:28 . 2014-11-06 17:06	1715224	----a-w-	c:\windows\system32\nvspbridge64.dll
2014-12-11 14:28 . 2014-11-06 17:06	1291280	----a-w-	c:\windows\SysWow64\nvspbridge.dll
2014-12-11 14:28 . 2014-10-03 19:23	38216	----a-w-	c:\windows\system32\drivers\nvvad64v.sys
2014-12-11 14:28 . 2014-10-03 19:23	32584	----a-w-	c:\windows\SysWow64\nvaudcap32v.dll
2014-12-11 07:03 . 2014-12-11 07:03	--------	d-----w-	c:\windows\system32\appraiser
2014-12-11 06:41 . 2014-10-18 02:05	4121600	----a-w-	c:\windows\system32\mf.dll
2014-12-11 06:41 . 2014-10-18 01:33	3209728	----a-w-	c:\windows\SysWow64\mf.dll
2014-12-10 06:35 . 2014-11-11 03:09	1424384	----a-w-	c:\windows\system32\WindowsCodecs.dll
2014-12-10 06:34 . 2014-11-27 01:43	389296	----a-w-	c:\windows\system32\iedkcs32.dll
2014-12-07 09:31 . 2014-12-07 09:33	--------	d-----w-	c:\users\FlyingSascha\Microsoft
2014-12-04 18:04 . 2014-12-04 18:04	--------	d-sh--w-	c:\users\FlyingSascha\AppData\Local\EmieBrowserModeList
2014-12-04 17:33 . 2014-12-04 17:33	--------	d-----w-	c:\users\FlyingSascha\AppData\Roaming\Apple Computer
2014-12-04 17:12 . 2014-12-04 17:12	--------	d-----w-	c:\program files (x86)\Free Codec Pack
2014-12-04 17:12 . 2014-12-04 17:12	--------	d-----w-	c:\program files (x86)\Common Files\DVDVideoSoft
2014-12-04 17:00 . 2014-12-04 17:01	--------	d-----w-	c:\programdata\Apple
2014-11-30 14:11 . 2014-12-24 13:23	--------	d-----w-	C:\jAnrufmonitor
2014-11-30 14:08 . 2014-11-30 14:10	--------	d-----w-	c:\users\FlyingSascha\AppData\Roaming\JAM Software
2014-11-30 13:56 . 2014-11-30 14:00	--------	d-----w-	c:\users\FlyingSascha\AppData\Roaming\Fritz!Box Tray Tool
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-12-18 06:20 . 2014-03-23 11:32	71344	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-12-18 06:20 . 2014-03-23 11:32	701616	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-12-17 06:26 . 2014-11-21 06:25	4	----a-w-	c:\users\FlyingSascha\AppData\Roaming\appdataFr2.bin
2014-12-04 14:08 . 2014-11-21 14:07	4	----a-w-	c:\users\FlyingFabian\AppData\Roaming\appdataFr2.bin
2014-11-27 15:40 . 2014-03-23 11:21	112710672	----a-w-	c:\windows\system32\MRT.exe
2014-11-22 09:56 . 2014-04-12 08:19	281688	----a-w-	c:\windows\SysWow64\PnkBstrB.xtr
2014-11-22 09:56 . 2014-04-12 08:16	281688	----a-w-	c:\windows\SysWow64\PnkBstrB.exe
2014-11-21 17:45 . 2014-04-12 08:16	281688	----a-w-	c:\windows\SysWow64\PnkBstrB.ex0
2014-11-18 13:56 . 2014-11-18 13:56	1202848	----a-w-	c:\windows\SysWow64\FM20.DLL
2014-11-13 16:40 . 2014-04-24 17:46	647752	----a-w-	c:\windows\system32\drivers\avckf.sys
2014-11-13 16:40 . 2014-04-24 17:46	419616	----a-w-	c:\windows\system32\drivers\trufos.sys
2014-11-13 16:40 . 2014-03-23 14:13	84848	----a-w-	c:\windows\system32\bdsandboxuiskin.dll
2014-11-13 16:40 . 2014-03-23 14:13	34384	----a-w-	c:\windows\system32\bdsandboxuh.dll
2014-11-13 16:40 . 2014-04-24 17:46	1260120	----a-w-	c:\windows\system32\drivers\avc3.sys
2014-11-13 16:40 . 2014-03-23 14:13	74512	----a-w-	c:\windows\system32\bdsandboxuiskin32.dll
2014-11-13 00:20 . 2014-05-04 10:21	20986592	----a-w-	c:\windows\system32\nvwgf2umx.dll
2014-11-13 00:20 . 2014-03-23 11:57	19966344	----a-w-	c:\windows\system32\nvd3dumx.dll
2014-11-13 00:20 . 2014-03-23 11:57	16884632	----a-w-	c:\windows\SysWow64\nvd3dum.dll
2014-11-13 00:20 . 2014-03-23 11:57	2874456	----a-w-	c:\windows\SysWow64\nvapi.dll
2014-11-13 00:20 . 2014-03-23 11:43	74056	----a-w-	c:\windows\system32\OpenCL.dll
2014-11-13 00:20 . 2014-03-23 11:43	59592	----a-w-	c:\windows\SysWow64\OpenCL.dll
2014-11-13 00:20 . 2013-10-27 08:12	989056	----a-w-	c:\windows\system32\nvumdshimx.dll
2014-11-13 00:20 . 2013-10-27 08:12	3262784	----a-w-	c:\windows\system32\nvapi64.dll
2014-11-12 21:56 . 2014-03-23 11:43	6897352	----a-w-	c:\windows\system32\nvcpl.dll
2014-11-12 21:56 . 2014-03-23 11:43	3534152	----a-w-	c:\windows\system32\nvsvc64.dll
2014-11-12 21:56 . 2014-03-23 11:43	934032	----a-w-	c:\windows\system32\nvvsvc.exe
2014-11-12 21:56 . 2014-03-23 11:43	62608	----a-w-	c:\windows\system32\nvshext.dll
2014-11-12 21:56 . 2014-03-23 11:43	386368	----a-w-	c:\windows\system32\nvmctray.dll
2014-11-12 21:56 . 2014-03-23 11:43	2559808	----a-w-	c:\windows\system32\nvsvcr.dll
2014-11-11 10:29 . 2014-03-23 11:43	4100776	----a-w-	c:\windows\system32\nvcoproc.bin
2014-11-11 03:08 . 2014-11-19 06:29	241152	----a-w-	c:\windows\system32\pku2u.dll
2014-11-11 03:08 . 2014-11-19 06:29	728064	----a-w-	c:\windows\system32\kerberos.dll
2014-11-11 02:44 . 2014-11-19 06:29	186880	----a-w-	c:\windows\SysWow64\pku2u.dll
2014-11-11 02:44 . 2014-11-19 06:29	550912	----a-w-	c:\windows\SysWow64\kerberos.dll
2014-11-06 17:06 . 2014-03-23 12:02	2197680	----a-w-	c:\windows\SysWow64\nvspcap.dll
2014-11-06 17:06 . 2014-03-23 12:02	2800296	----a-w-	c:\windows\system32\nvspcap64.dll
2014-11-06 05:42 . 2014-11-06 05:42	341848	----a-w-	c:\windows\SysWow64\DivXControlPanelApplet.cpl
2014-11-05 00:18 . 2014-11-05 00:18	1462272	----a-w-	c:\windows\system32\CFHD.dll
2014-11-05 00:15 . 2014-11-05 00:15	1490944	----a-w-	c:\windows\SysWow64\CFHD.dll
2014-10-25 01:57 . 2014-11-12 06:35	77824	----a-w-	c:\windows\system32\packager.dll
2014-10-25 01:32 . 2014-11-12 06:35	67584	----a-w-	c:\windows\SysWow64\packager.dll
2014-10-20 09:22 . 2014-08-31 12:14	111016	----a-w-	c:\windows\system32\WindowsAccessBridge-64.dll
2014-10-20 09:22 . 2014-08-07 19:43	98216	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-10-18 02:05 . 2014-11-12 06:35	861696	----a-w-	c:\windows\system32\oleaut32.dll
2014-10-18 01:33 . 2014-11-12 06:35	571904	----a-w-	c:\windows\SysWow64\oleaut32.dll
2014-10-14 02:16 . 2014-11-12 06:35	155064	----a-w-	c:\windows\system32\drivers\ksecpkg.sys
2014-10-14 02:13 . 2014-11-12 06:35	683520	----a-w-	c:\windows\system32\termsrv.dll
2014-10-14 02:13 . 2014-11-19 17:22	3241984	----a-w-	c:\windows\system32\msi.dll
2014-10-14 02:12 . 2014-11-12 06:35	1460736	----a-w-	c:\windows\system32\lsasrv.dll
2014-10-14 02:09 . 2014-11-12 06:35	146432	----a-w-	c:\windows\system32\msaudite.dll
2014-10-14 02:07 . 2014-11-12 06:35	681984	----a-w-	c:\windows\system32\adtschema.dll
2014-10-14 01:50 . 2014-11-12 06:35	22016	----a-w-	c:\windows\SysWow64\secur32.dll
2014-10-14 01:50 . 2014-11-19 17:22	2363904	----a-w-	c:\windows\SysWow64\msi.dll
2014-10-14 01:49 . 2014-11-12 06:35	96768	----a-w-	c:\windows\SysWow64\sspicli.dll
2014-10-14 01:47 . 2014-11-12 06:35	146432	----a-w-	c:\windows\SysWow64\msaudite.dll
2014-10-14 01:46 . 2014-11-12 06:35	681984	----a-w-	c:\windows\SysWow64\adtschema.dll
2014-10-10 00:57 . 2014-11-12 06:35	3198976	----a-w-	c:\windows\system32\win32k.sys
2014-10-03 19:23 . 2014-03-23 11:57	35144	----a-w-	c:\windows\system32\nvaudcap64v.dll
2014-10-03 02:12 . 2014-11-12 06:35	500224	----a-w-	c:\windows\system32\AUDIOKSE.dll
2014-10-03 02:11 . 2014-11-12 06:35	284672	----a-w-	c:\windows\system32\EncDump.dll
2014-10-03 02:11 . 2014-11-12 06:35	680960	----a-w-	c:\windows\system32\audiosrv.dll
2014-10-03 02:11 . 2014-11-12 06:35	440832	----a-w-	c:\windows\system32\AudioEng.dll
2014-10-03 02:11 . 2014-11-12 06:35	296448	----a-w-	c:\windows\system32\AudioSes.dll
2014-10-03 01:44 . 2014-11-12 06:35	442880	----a-w-	c:\windows\SysWow64\AUDIOKSE.dll
2014-10-03 01:44 . 2014-11-12 06:35	374784	----a-w-	c:\windows\SysWow64\AudioEng.dll
2014-10-03 01:44 . 2014-11-12 06:35	195584	----a-w-	c:\windows\SysWow64\AudioSes.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04	131480	----a-w-	c:\users\FlyingSascha\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04	131480	----a-w-	c:\users\FlyingSascha\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04	131480	----a-w-	c:\users\FlyingSascha\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"Bitdefender-Geldbörse-Agent"="c:\program files\Bitdefender\Bitdefender\pmbxag.exe" [2014-12-24 568400]
"Bitdefender-Geldbörse"="c:\program files\Bitdefender\Bitdefender\pwdmanui.exe" [2014-12-24 1002048]
"Bitdefender-Geldbörse-Anwendungs-Agent"="c:\program files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe" [2014-12-24 615256]
"GoogleChromeAutoLaunch_131D18061BC64E225E32991C6F6AAD90"="c:\program files (x86)\Google\Chrome\Application\chrome.exe" [2014-11-25 856904]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2014-12-13 3838800]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"Bitdefender-Geldbörse-Agent"="c:\program files\Bitdefender\Bitdefender\pmbxag.exe" [2014-12-24 568400]
"Bitdefender-Geldbörse"="c:\program files\Bitdefender\Bitdefender\pwdmanui.exe" [2014-12-24 1002048]
"Bitdefender-Geldbörse-Anwendungs-Agent"="c:\program files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe" [2014-12-24 615256]
.
c:\users\FlyingSascha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\FlyingSascha\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-12-9 39207112]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
TwonkyServer.lnk - c:\program files (x86)\Twonky\TwonkyServer\twonkytray.exe [2012-2-22 631624]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 LiveUpdateSvc;LiveUpdate;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 bdfwfpf_pc;bdfwfpf_pc;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [x]
R3 BDSandBox;BDSandBox;c:\windows\system32\drivers\bdsandbox.sys;c:\windows\SYSNATIVE\drivers\bdsandbox.sys [x]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 esgiguard;esgiguard;c:\program files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys;c:\program files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 KLSMPAD;Klsmpad Device;c:\windows\system32\Drivers\KLSMPAD.sys;c:\windows\SYSNATIVE\Drivers\KLSMPAD.sys [x]
R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
R3 LVUVC64;Logitech QuickCam Pro 9000(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]
R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys;c:\windows\SYSNATIVE\DRIVERS\MijXfilt.sys [x]
R3 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SKYNETU;TechniSat DVB-PC TV Star USB;c:\windows\system32\DRIVERS\SkyNETU_AMD64.SYS;c:\windows\SYSNATIVE\DRIVERS\SkyNETU_AMD64.SYS [x]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VGPU;VGPU; [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 X6va017;X6va017; [x]
R4 BdDesktopParental;Bitdefender Desktop Parental Control;c:\program files\Bitdefender\Bitdefender\bdparentalservice.exe;c:\program files\Bitdefender\Bitdefender\bdparentalservice.exe [x]
S0 avc3;avc3;c:\windows\system32\DRIVERS\avc3.sys;c:\windows\SYSNATIVE\DRIVERS\avc3.sys [x]
S0 gzflt;gzflt;c:\windows\system32\DRIVERS\gzflt.sys;c:\windows\SYSNATIVE\DRIVERS\gzflt.sys [x]
S0 mv91xx;mv91xx;c:\windows\system32\DRIVERS\mv91xx.sys;c:\windows\SYSNATIVE\DRIVERS\mv91xx.sys [x]
S1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys;c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [x]
S1 bdfwfpf;bdfwfpf;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 HssDRV6;Hotspot Shield Routing Driver 6;c:\windows\system32\DRIVERS\hssdrv6.sys;c:\windows\SYSNATIVE\DRIVERS\hssdrv6.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TwonkyProxy;TwonkyProxy;c:\program files (x86)\Twonky\TwonkyServer\twonkyproxy.exe;c:\program files (x86)\Twonky\TwonkyServer\twonkyproxy.exe [x]
S2 TwonkyServer;TwonkyServer;c:\program files (x86)\Twonky\TwonkyServer\twonkystarter.exe;c:\program files (x86)\Twonky\TwonkyServer\twonkystarter.exe [x]
S2 TwonkyWebDav;TwonkyWebDav;c:\program files (x86)\Twonky\TwonkyServer\twonkywebdav.exe;c:\program files (x86)\Twonky\TwonkyServer\twonkywebdav.exe [x]
S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [x]
S2 UPDATESRV;Bitdefender Desktop Update Service;c:\program files\Bitdefender\Bitdefender\updatesrv.exe;c:\program files\Bitdefender\Bitdefender\updatesrv.exe [x]
S3 avchv;avchv Function Driver;c:\windows\system32\DRIVERS\avchv.sys;c:\windows\SYSNATIVE\DRIVERS\avchv.sys [x]
S3 avckf;avckf;c:\windows\system32\DRIVERS\avckf.sys;c:\windows\SYSNATIVE\DRIVERS\avckf.sys [x]
S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\DRIVERS\LEqdUsb.Sys;c:\windows\SYSNATIVE\DRIVERS\LEqdUsb.Sys [x]
S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\DRIVERS\LHidEqd.Sys;c:\windows\SYSNATIVE\DRIVERS\LHidEqd.Sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - MBAMSWISSARMY
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-12-04 18:22	1087304	----a-w-	c:\program files (x86)\Google\Chrome\Application\39.0.2171.71\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-12-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-23 06:20]
.
2014-12-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-12-04 18:07]
.
2014-12-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-12-04 18:07]
.
2014-12-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-71949653-2680169956-912045377-1001Core.job
- c:\users\FlyingSascha\AppData\Local\Google\Update\GoogleUpdate.exe [2014-11-30 10:57]
.
2014-12-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-71949653-2680169956-912045377-1001UA.job
- c:\users\FlyingSascha\AppData\Local\Google\Update\GoogleUpdate.exe [2014-11-30 10:57]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
2014-12-29 11:30	2471744	----a-w-	c:\program files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04	164760	----a-w-	c:\users\FlyingSascha\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04	164760	----a-w-	c:\users\FlyingSascha\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04	164760	----a-w-	c:\users\FlyingSascha\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04	164760	----a-w-	c:\users\FlyingSascha\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Bdagent"="c:\program files\Bitdefender\Bitdefender\bdagent.exe" [2014-11-13 1754424]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2014-05-19 3100440]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-11-06 2464072]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-11-06 2800296]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
mDefault_Page_URL = hxxp://www.google.com
uInternet Settings,ProxyServer = http=127.0.0.1:8555;https=127.0.0.1:8555
uInternet Settings,ProxyOverride = 127.0.0.1;localhost;10.*;192.168.*;127.0.0.1:895;127.0.0.1:896;<local>
uSearchAssistant = www.google.com
IE: An vorhandenes PDF anfügen - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: FRITZ!Box Dial - c:\program files\FRITZ!Box\AddOn (IE)\fb_addon_dial_ie.htm
IE: FRITZ!Box Dial\Contexts - 16 (0x10)
IE: FRITZ!Box Dial\Flags
IE: In Adobe PDF konvertieren - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Verknüpfungsziel in Adobe PDF konvertieren - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
.
.
------- Dateityp-Verknüpfung -------
.
inifile="%SystemRoot%\system32\NOTEPAD.EXE" %1
txtfile="%SystemRoot%\system32\NOTEPAD.EXE" %1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-MyFreeCodec - c:\program files (x86)\MyFree Codec\1.0b beta\uninstall.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_235_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_235_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_235_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_235_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.16"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Canon\IJPLM\IJPLMSVC.EXE
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files (x86)\TeamViewer\TeamViewer_Service.exe
c:\program files (x86)\Twonky\TwonkyServer\TwonkyServer.exe
c:\program files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
c:\program files (x86)\ Malwarebytes Anti-Malware \mbam.exe
c:\program files (x86)\TeamViewer\TeamViewer.exe
c:\program files (x86)\TeamViewer\tv_w32.exe
c:\users\FlyingSascha\AppData\Roaming\Dropbox\bin\Dropbox.exe
c:\program files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-12-29  15:56:16 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2014-12-29 14:56
.
Vor Suchlauf: 2.655.272.960 Bytes frei
Nach Suchlauf: 8.227.172.352 Bytes frei
.
- - End Of File - - D13E31C37C327BC305E08C5BE8488260
A36C5E4F47E84449FF07ED3517B43A31
__________________
 

Themen zu Windows 7 64 / Google Chrome macht immer neue Werbeseiten auf / will Chrom oder Java Udaten
antivirus, browser, canon, ccsetup, computer, converter, driver booster, dvdvideosoft ltd., excel, failed, fehler, flash player, google, helper, iexplore.exe, internet, kaspersky, lightning, mozilla, problem, registry, rundll, scan, security, software, super, svchost.exe, system, teamspeak, teredo, uplay, usb, windows


« nur Laptop sendet Dos Attacke Syn und UDP Flood an Router W921v | Dienst aus chinesichen Zeichen: Dienstname: 楗敳潂瑯獁楳瑳湡tǞ ;Anzeigename 楗敳䈠潯⁴獁楳瑳湡t »


Ähnliche Themen: Windows 7 64 / Google Chrome macht immer neue Werbeseiten auf / will Chrom oder Java Udaten


  1. Google Chrome leitet mich ständig auf Werbeseiten bzw "Windows-Repair-Seiten" weiter, Musik ploppt auf
    Log-Analyse und Auswertung - 15.10.2015 (11)
  2. Automatisches Öffnen von Werbeseiten bei Google Chrome
    Plagegeister aller Art und deren Bekämpfung - 11.10.2015 (18)
  3. Windows 8: Groß/Kleinschreibung vertauscht und Chrome öffnet immer neue Seiten.
    Plagegeister aller Art und deren Bekämpfung - 22.06.2015 (1)
  4. Windows 7: Ständig neue Werbeanzeigen sowie neue Fenster öffnen sich in Chrome
    Plagegeister aller Art und deren Bekämpfung - 12.03.2015 (15)
  5. Windows 7: Ständig neue Werbeanzeigen sowie neue Fenster öffnen sich in Chrome.
    Plagegeister aller Art und deren Bekämpfung - 13.01.2015 (10)
  6. Windows 7, Google Chrome, neue Tabs (Werbung) öffnet sich dauernd beim Surfen
    Log-Analyse und Auswertung - 11.12.2014 (1)
  7. Google Chrome, Mozilla, Virus oder Trojaner Fehlermeldung: Java Update erforderlich, Werbung, doppelt unterstrichene Wörter
    Plagegeister aller Art und deren Bekämpfung - 11.11.2014 (3)
  8. Google Chrome öffnet eigene Werbe-Tabs (marketittzer.net - Weiterleitung zu andere Werbeseiten)
    Plagegeister aller Art und deren Bekämpfung - 21.07.2014 (24)
  9. Windows 7, Google Chrome, neue Tabs (Werbung) öffnet sich dauernd beim Surfen
    Log-Analyse und Auswertung - 04.07.2014 (7)
  10. Windows 7: Java/Adobe Malware bei Google Chrome
    Log-Analyse und Auswertung - 20.05.2014 (1)
  11. Windows 7 Ultimate: Google Chrome öffnet von alleine neue Fenster mit Werbung oder neue Tabs
    Plagegeister aller Art und deren Bekämpfung - 28.04.2014 (19)
  12. Google Chrome stürzt seit Java Update immer ab
    Plagegeister aller Art und deren Bekämpfung - 06.03.2014 (19)
  13. Windows 7 Google Chrome Adware (fun2save) installiert sich immer wieder selbst
    Log-Analyse und Auswertung - 08.01.2014 (9)
  14. Windows 7 64bit Google Chrom Fenster Werbung und Tastatur Buchstabensalat
    Alles rund um Windows - 15.09.2013 (1)
  15. MyStart bei Google Chrom Windows XP
    Plagegeister aller Art und deren Bekämpfung - 12.07.2012 (1)
  16. Hilfe !!! Mein Laptop 64bit, Google Chrom, Windows 7 wird immer langsamer
    Plagegeister aller Art und deren Bekämpfung - 24.02.2011 (1)
  17. Firefox lädt immer neue Werbeseiten
    Log-Analyse und Auswertung - 23.12.2008 (44)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Windows 7 64 / Google Chrome macht immer neue Werbeseiten auf / will Chrom oder Java Udaten - So , Programm lief ca. 1h 40min Code: Alles auswählen Aufklappen ATTFilter ComboFix 14-12-25.01 - FlyingSascha 29.12.2014 14:10:41.1.4 - x64 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.49.1031.18.8190.5084 [GMT 1:00] ausgeführt von:: c:\users\FlyingSascha\Desktop\ComboFix.exe - Windows 7 64 / Google Chrome macht immer neue Werbeseiten auf / will Chrom oder Java Udaten...
Archiv
Du betrachtest: Windows 7 64 / Google Chrome macht immer neue Werbeseiten auf / will Chrom oder Java Udaten auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131