Musik im Hintergrund; PC bleibt hängen und lässt kein Antivirusprogramm runterzuladen

cosinus · 24.01.2015, 21:19

Hallo und

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!

Zudem bitte auch ein Log mit Farbars Tool machen:

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

karisha · 25.01.2015, 10:49

Also, anscheinend habe ich gar kein Antivirenprogramm auf meinem PC mehr. Ich hatte Avira vorher, jetzt, wenn ich drauf klicke steht. "Das Programm wurde von dem Systemrichtlinie blockiert", versucht man das wieder runterzuladen, erscheint: " Nicht genügend Systemressoursen um den augeforderten Dienst auszuführen". Das alles auf Laufwerk "C". Aus diesem Grund, kann ich leider nichts anderes, also kein Fund sehen.

Kronos60 · 25.01.2015, 12:37

Poste mal die angefordreten Logs, sonst wird man dir nicht helfen können.

karisha · 25.01.2015, 22:14

Ich habe versucht mit dem FRST64 zu scannen, aber dann kommt eine Meldung: "Line 11703 (File "C

"Error: Variable used without being declared." Ich kann deswegen keine Logs posten. Was soll ich machen?

karisha · 26.01.2015, 10:36

Zitat:

Zitat von Kronos60

Poste mal die angefordreten Logs, sonst wird man dir nicht helfen können.

Ich habe versucht mit dem FRST64 zu scannen, aber dann kommt eine Meldung: "Line 11703 (File "C Error: Variable used without being declared." Ich kann deswegen keine Logs posten.

Zitat:

Zitat von cosinus

1.) Was ist mit meiner Frage nach bisherigen Virenfunden und den Logs dazu?
2.) FRST neu runterladen auf den Desktop, nochmal probieren.

Ich habe mehrere male versucht FRST runterzuladen, das klappt nicht. Wie ich schon sagte ich kann keine Funde posten, weil mein Antivirusprogramm blockiert wird. Wie kann ich anders vorgehen?

karisha · 26.01.2015, 11:46

Code:

ATTFilter

ComboFix 15-01-22.02 - Karisha 26.01.2015  11:02:28.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.3758.1796 [GMT 1:00]
ausgeführt von:: c:\users\Karisha\Downloads\ComboFix.exe
AV: Avira Desktop *Enabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Desktop *Enabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\374311380
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\smartbar_3312014.exe.lnk
c:\users\Karisha\AppData\Local\Microsoft\WinU
c:\users\Karisha\AppData\Local\Microsoft\WinU\~emcivph.exe
c:\users\Karisha\AppData\Local\Microsoft\WinU\~pqrhqlg.exe
c:\users\Karisha\AppData\Local\Microsoft\WinU\~rbicged.exe
c:\users\Karisha\AppData\Local\Microsoft\WinU\~twwwrms.exe
c:\users\Karisha\AppData\Local\Microsoft\WinU\~ujfcmod.exe
c:\users\Karisha\AppData\Local\Microsoft\WinU\~yyqthha.exe
c:\users\Karisha\AppData\Local\Microsoft\WinU\~zkolmek.exe
c:\users\Karisha\AppData\Local\Microsoft\WinU\main\current_conf.ini
c:\users\Karisha\AppData\Local\Microsoft\WinU\main\lastExecuted
c:\users\Karisha\AppData\Local\Microsoft\WinU\main\r_current_conf.ini
c:\users\Karisha\AppData\Local\Microsoft\WinU\main\r_lastExecuted
c:\users\Karisha\AppData\Local\Microsoft\WinU\Wmain\base_conf.ini
c:\users\Karisha\AppData\Local\Microsoft\WinU\Wmain\current_conf.ini
c:\users\Karisha\AppData\Local\Microsoft\WinU\Wmain\data.ini
c:\users\Karisha\AppData\Local\Microsoft\WinU\Wmain\lastExecuted
c:\users\Karisha\AppData\Local\Microsoft\WinU\Wmain\r_current_conf.ini
c:\users\Karisha\AppData\Local\Microsoft\WinU\Wmain\r_lastExecuted
c:\users\Karisha\AppData\Local\nsl6FD2.tmp
c:\users\Karisha\AppData\Local\nslF8D1.tmp
c:\users\Karisha\AppData\Local\nsx2D3C.tmp
c:\users\Karisha\AppData\Roaming\BBAE322F
c:\users\Karisha\AppData\Roaming\BBAE322F\BBAE322F.srv
c:\users\Karisha\AppData\Roaming\Microsoft\~tmbgoqf.exe
c:\users\Karisha\AppData\Roaming\winservices
c:\users\Karisha\AppData\Roaming\winservices\current_conf.ini
c:\users\Karisha\AppData\Roaming\Zona
c:\users\Karisha\AppData\Roaming\Zona\init.xml
c:\windows\msdownld.tmp
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-12-26 bis 2015-01-26  ))))))))))))))))))))))))))))))
.
.
2015-01-23 21:00 . 2015-01-26 10:04	75888	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{4CFBCBB0-95D7-42DB-9A0F-916585F3F19E}\offreg.dll
2015-01-23 11:04 . 2014-12-02 10:26	11870360	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{4CFBCBB0-95D7-42DB-9A0F-916585F3F19E}\mpengine.dll
2015-01-21 20:05 . 2015-01-21 20:05	--------	dc----w-	c:\users\Karisha\AppData\Roaming\JCdyPOQ
2015-01-21 20:04 . 2015-01-21 20:05	--------	dc----w-	c:\users\Karisha\AppData\Roaming\DPFThlk
2015-01-13 23:07 . 2015-01-13 23:08	--------	dc----w-	C:\3d08587709e0f4fb723e6bf48492
2015-01-09 15:19 . 2015-01-26 08:55	--------	dc----w-	c:\users\Karisha\AppData\Roaming\Compatibility Verifier
2015-01-07 11:24 . 2015-01-07 11:24	--------	dc----w-	c:\program files (x86)\Hewlett-Packard
2015-01-07 11:24 . 2015-01-07 11:24	--------	dc----w-	c:\program files (x86)\HP Photo Creations
2015-01-07 11:24 . 2015-01-07 11:24	--------	dc----w-	c:\programdata\Visan
2015-01-07 11:24 . 2015-01-07 11:24	--------	dc----w-	c:\programdata\HP Photo Creations
2015-01-07 11:23 . 2015-01-14 17:41	--------	dc----w-	c:\users\Karisha\AppData\Roaming\HpUpdate
2015-01-07 11:23 . 2014-03-06 11:51	763912	-c----w-	c:\windows\system32\HPDiscoPMC211.dll
2015-01-07 11:22 . 2015-01-07 11:22	--------	dc----w-	c:\programdata\HP
2015-01-07 11:22 . 2015-01-07 11:23	--------	dc----w-	c:\program files (x86)\HP
2015-01-07 11:22 . 2015-01-07 11:22	--------	dc----w-	c:\program files\HP
2015-01-07 11:18 . 2015-01-07 11:24	--------	dc----w-	c:\users\Karisha\AppData\Local\HP
2015-01-02 23:07 . 2015-01-02 23:07	--------	dc----w-	c:\users\Karisha\AppData\Local\PDF24
2015-01-02 23:06 . 2015-01-02 23:07	--------	dc----w-	c:\program files (x86)\PDF24
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-01-13 23:08 . 2010-10-30 22:15	113365784	-c--a-w-	c:\windows\system32\MRT.exe
2015-01-08 08:55 . 2011-01-27 21:59	298120	-c----w-	c:\windows\system32\MpSigStub.exe
2014-12-29 05:56 . 2014-10-19 12:21	13792	-c--a-w-	c:\windows\system32\drivers\semav6thermal64ro.sys
2014-12-18 18:18 . 2014-12-18 12:41	115712	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2014-12-18 18:18 . 2014-12-18 12:41	144384	----a-w-	c:\windows\system32\ieUnatt.exe
2014-12-09 18:58 . 2014-12-09 18:14	1232040	----a-w-	c:\windows\system32\aitstatic.exe
2014-12-09 18:58 . 2014-12-09 18:14	830976	----a-w-	c:\windows\system32\appraiser.dll
2014-12-09 18:58 . 2014-12-09 18:14	741376	----a-w-	c:\windows\system32\invagent.dll
2014-12-09 18:58 . 2014-12-09 18:14	413184	----a-w-	c:\windows\system32\generaltel.dll
2014-12-09 18:58 . 2014-12-09 18:14	396800	----a-w-	c:\windows\system32\devinv.dll
2014-12-09 18:58 . 2014-12-09 18:14	192000	----a-w-	c:\windows\system32\aepic.dll
2014-12-09 18:58 . 2014-12-09 18:14	1083392	----a-w-	c:\windows\system32\aeinv.dll
2014-12-09 18:58 . 2014-12-09 18:14	227328	----a-w-	c:\windows\system32\aepdu.dll
2014-12-09 18:46 . 2014-12-09 18:14	1424384	----a-w-	c:\windows\system32\WindowsCodecs.dll
2014-12-09 18:46 . 2014-12-09 18:14	1230336	----a-w-	c:\windows\SysWow64\WindowsCodecs.dll
2014-12-09 18:45 . 2014-12-09 18:14	119296	----a-w-	c:\windows\system32\drivers\tdx.sys
2014-12-09 18:44 . 2014-12-09 18:16	2052096	----a-w-	c:\windows\SysWow64\inetcpl.cpl
2014-12-09 18:44 . 2014-12-09 18:16	633856	----a-w-	c:\windows\system32\ieui.dll
2014-12-09 18:44 . 2014-12-09 18:16	14412800	----a-w-	c:\windows\system32\ieframe.dll
2014-12-09 18:44 . 2014-12-09 18:16	2724864	----a-w-	c:\windows\system32\mshtml.tlb
2014-12-09 18:44 . 2014-12-09 18:16	77824	----a-w-	c:\windows\system32\JavaScriptCollectionAgent.dll
2014-12-09 18:44 . 2014-12-09 18:16	2724864	----a-w-	c:\windows\SysWow64\mshtml.tlb
2014-12-09 18:44 . 2014-12-09 18:16	62464	----a-w-	c:\windows\SysWow64\iesetup.dll
2014-12-09 18:44 . 2014-12-09 18:16	1548288	----a-w-	c:\windows\system32\urlmon.dll
2014-12-09 18:44 . 2014-12-09 18:16	620032	----a-w-	c:\windows\SysWow64\jscript9diag.dll
2014-12-09 18:44 . 2014-12-09 18:16	800768	----a-w-	c:\windows\system32\ieapfltr.dll
2014-12-09 18:44 . 2014-12-09 18:16	2125312	----a-w-	c:\windows\system32\inetcpl.cpl
2014-12-09 18:44 . 2014-12-09 18:16	4299264	----a-w-	c:\windows\SysWow64\jscript9.dll
2014-12-09 18:44 . 2014-12-09 18:16	54784	----a-w-	c:\windows\system32\jsproxy.dll
2014-12-09 18:44 . 2014-12-09 18:16	1888256	----a-w-	c:\windows\SysWow64\wininet.dll
2014-12-09 18:44 . 2014-12-09 18:16	1359360	----a-w-	c:\windows\system32\mshtmlmedia.dll
2014-12-09 18:44 . 2014-12-09 18:16	814080	----a-w-	c:\windows\system32\jscript9diag.dll
2014-12-09 18:44 . 2014-12-09 18:16	6039552	----a-w-	c:\windows\system32\jscript9.dll
2014-12-09 18:44 . 2014-12-09 18:16	2358272	----a-w-	c:\windows\system32\wininet.dll
2014-12-09 18:44 . 2014-12-09 18:16	25059840	----a-w-	c:\windows\system32\mshtml.dll
2014-12-09 18:44 . 2014-12-09 18:16	48640	----a-w-	c:\windows\system32\ieetwproxystub.dll
2014-12-09 18:44 . 2014-12-09 18:16	47616	----a-w-	c:\windows\SysWow64\ieetwproxystub.dll
2014-12-09 18:44 . 2014-12-09 18:16	114688	----a-w-	c:\windows\system32\ieetwcollector.exe
2014-12-09 18:44 . 2014-12-09 18:16	718848	----a-w-	c:\windows\system32\ie4uinit.exe
2014-12-09 18:44 . 2014-12-09 18:16	60416	----a-w-	c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-12-09 18:44 . 2014-12-09 18:16	34304	----a-w-	c:\windows\system32\iernonce.dll
2014-12-09 18:44 . 2014-12-09 18:16	389296	----a-w-	c:\windows\system32\iedkcs32.dll
2014-12-09 18:44 . 2014-12-09 18:16	4096	----a-w-	c:\windows\system32\ieetwcollectorres.dll
2014-12-09 18:44 . 2014-12-09 18:16	968704	----a-w-	c:\windows\system32\MsSpellCheckingFacility.exe
2014-12-09 18:44 . 2014-12-09 18:16	800768	----a-w-	c:\windows\system32\msfeeds.dll
2014-12-09 18:44 . 2014-12-09 18:16	316928	----a-w-	c:\windows\system32\dxtrans.dll
2014-12-09 18:44 . 2014-12-09 18:16	66560	----a-w-	c:\windows\system32\iesetup.dll
2014-12-09 18:44 . 2014-12-09 18:16	2885120	----a-w-	c:\windows\system32\iertutil.dll
2014-12-09 18:44 . 2014-12-09 18:16	1155072	----a-w-	c:\windows\SysWow64\mshtmlmedia.dll
2014-12-09 18:44 . 2014-12-09 18:16	501248	----a-w-	c:\windows\SysWow64\vbscript.dll
2014-12-09 18:44 . 2014-12-09 18:16	64000	----a-w-	c:\windows\SysWow64\MshtmlDac.dll
2014-12-09 18:44 . 2014-12-09 18:16	490496	----a-w-	c:\windows\system32\dxtmsft.dll
2014-12-09 18:44 . 2014-12-09 18:16	92160	----a-w-	c:\windows\system32\mshtmled.dll
2014-12-09 18:44 . 2014-12-09 18:16	580096	----a-w-	c:\windows\system32\vbscript.dll
2014-12-09 18:44 . 2014-12-09 18:16	88064	----a-w-	c:\windows\system32\MshtmlDac.dll
2014-12-09 18:44 . 2014-12-09 18:16	199680	----a-w-	c:\windows\system32\msrating.dll
2014-12-09 18:44 . 2014-12-09 18:44	3209728	----a-w-	c:\windows\SysWow64\mf.dll
2014-12-09 18:44 . 2014-12-09 18:44	4121600	----a-w-	c:\windows\system32\mf.dll
2014-12-09 18:43 . 2014-12-09 18:14	165888	----a-w-	c:\windows\system32\charmap.exe
2014-12-09 18:43 . 2014-12-09 18:14	155136	----a-w-	c:\windows\SysWow64\charmap.exe
2014-12-09 18:43 . 2014-12-09 18:13	346624	----a-w-	c:\windows\system32\WSManMigrationPlugin.dll
2014-12-09 18:43 . 2014-12-09 18:13	310272	----a-w-	c:\windows\system32\WsmWmiPl.dll
2014-12-09 18:43 . 2014-12-09 18:13	266240	----a-w-	c:\windows\system32\WSManHTTPConfig.exe
2014-12-09 18:43 . 2014-12-09 18:13	2020352	----a-w-	c:\windows\system32\WsmSvc.dll
2014-12-09 18:43 . 2014-12-09 18:13	1177088	----a-w-	c:\windows\SysWow64\WsmSvc.dll
2014-12-09 18:43 . 2014-12-09 18:13	181248	----a-w-	c:\windows\system32\WsmAuto.dll
2014-12-09 18:43 . 2014-12-09 18:13	248832	----a-w-	c:\windows\SysWow64\WSManMigrationPlugin.dll
2014-12-09 18:43 . 2014-12-09 18:13	214016	----a-w-	c:\windows\SysWow64\WsmWmiPl.dll
2014-12-09 18:43 . 2014-12-09 18:13	198656	----a-w-	c:\windows\SysWow64\WSManHTTPConfig.exe
2014-12-09 18:43 . 2014-12-09 18:13	145920	----a-w-	c:\windows\SysWow64\WsmAuto.dll
2014-12-09 18:42 . 2014-12-09 18:13	2048	----a-w-	c:\windows\system32\tzres.dll
2014-12-09 18:42 . 2014-12-09 18:13	2048	----a-w-	c:\windows\SysWow64\tzres.dll
2014-11-27 17:12 . 2014-11-27 17:12	82432	-c--a-w-	c:\users\Karisha\AppData\Roaming\Microsoft\MSXML2\msxml4r.dll
2014-11-27 17:12 . 2014-11-27 17:12	44544	-c--a-w-	c:\users\Karisha\AppData\Roaming\Microsoft\MSXML2\msxml4a.dll
2014-11-27 17:12 . 2014-11-27 17:12	1275392	-c--a-w-	c:\users\Karisha\AppData\Roaming\Microsoft\MSXML2\msxml4.dll
2014-11-19 23:12 . 2014-11-19 22:08	728064	----a-w-	c:\windows\system32\kerberos.dll
2014-11-19 23:12 . 2014-11-19 22:08	550912	----a-w-	c:\windows\SysWow64\kerberos.dll
2014-11-19 23:12 . 2014-11-19 22:08	241152	----a-w-	c:\windows\system32\pku2u.dll
2014-11-19 23:12 . 2014-11-19 22:08	186880	----a-w-	c:\windows\SysWow64\pku2u.dll
2014-11-12 08:39 . 2014-11-12 08:06	683520	----a-w-	c:\windows\system32\termsrv.dll
2014-11-12 08:39 . 2014-11-12 08:06	681984	----a-w-	c:\windows\SysWow64\adtschema.dll
2014-11-12 08:39 . 2014-11-12 08:06	681984	----a-w-	c:\windows\system32\adtschema.dll
2014-11-12 08:39 . 2014-11-12 08:06	146432	----a-w-	c:\windows\SysWow64\msaudite.dll
2014-11-12 08:39 . 2014-11-12 08:06	146432	----a-w-	c:\windows\system32\msaudite.dll
2014-11-12 08:39 . 2014-11-12 08:06	155064	----a-w-	c:\windows\system32\drivers\ksecpkg.sys
2014-11-12 08:39 . 2014-11-12 08:06	1460736	----a-w-	c:\windows\system32\lsasrv.dll
2014-11-12 08:39 . 2014-11-12 08:06	96768	----a-w-	c:\windows\SysWow64\sspicli.dll
2014-11-12 08:39 . 2014-11-12 08:06	22016	----a-w-	c:\windows\SysWow64\secur32.dll
2014-11-12 08:36 . 2014-11-12 08:04	2048	----a-w-	c:\windows\SysWow64\msxml3r.dll
2014-11-12 08:36 . 2014-11-12 08:04	2048	----a-w-	c:\windows\system32\msxml3r.dll
2014-11-12 08:36 . 2014-11-12 08:04	1882624	----a-w-	c:\windows\system32\msxml3.dll
2014-11-12 08:36 . 2014-11-12 08:04	1237504	----a-w-	c:\windows\SysWow64\msxml3.dll
2014-11-12 08:36 . 2014-11-12 08:04	878080	----a-w-	c:\windows\system32\IMJP10K.DLL
2014-11-12 08:36 . 2014-11-12 08:04	701440	----a-w-	c:\windows\SysWow64\IMJP10K.DLL
2014-11-12 08:36 . 2014-11-12 08:04	680960	----a-w-	c:\windows\system32\audiosrv.dll
2014-11-12 08:36 . 2014-11-12 08:04	500224	----a-w-	c:\windows\system32\AUDIOKSE.dll
2014-11-12 08:36 . 2014-11-12 08:04	442880	----a-w-	c:\windows\SysWow64\AUDIOKSE.dll
2014-11-12 08:36 . 2014-11-12 08:04	440832	----a-w-	c:\windows\system32\AudioEng.dll
2014-11-12 08:36 . 2014-11-12 08:04	284672	----a-w-	c:\windows\system32\EncDump.dll
2014-11-12 08:36 . 2014-11-12 08:04	374784	----a-w-	c:\windows\SysWow64\AudioEng.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{70C53538-9F82-42BC-A327-74F7A46E700C}]
2014-09-30 15:17	386560	-c--a-w-	c:\program files (x86)\WinServices\ScriptHost.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}]
2014-07-21 18:58	320512	-c--a-w-	c:\program files (x86)\{5DB6774A-6D74-4B34-90F7-D8ED9C81D9C6}\{A1C35263-468B-468E-806A-AC4E79ECA978}.bin
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{ccb24e92-62c4-4c53-95d2-65f9eed476bc}]
2014-11-12 21:32	114952	-c--a-w-	c:\program files (x86)\mystarttb\mystartDx.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{ccb24e92-62c4-4c53-95d2-65f9eed476bc}"= "c:\program files (x86)\mystarttb\mystartDx.dll" [2014-11-12 114952]
.
[HKEY_CLASSES_ROOT\clsid\{ccb24e92-62c4-4c53-95d2-65f9eed476bc}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Elbserver"="c:\program files (x86)\Sony\Media Gallery\ElbServer.exe" [2009-10-15 72192]
"Bubble Dock"="c:\users\Karisha\AppData\Roaming\Nosibay\Bubble Dock\LBubble Dock.exe" [2014-11-27 666384]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-12-11 30877280]
"GoogleChromeAutoLaunch_AC63ACD39F92D9EFD98123C4FCC1E38F"="c:\program files (x86)\Google\Chrome\Application\chrome.exe" [2015-01-21 843592]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2009-11-20 284696]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"Download Protect"="c:\programdata\dlprotect.exe" [2014-06-09 12800]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2014-12-17 702768]
"PDFPrint"="c:\program files (x86)\PDF24\pdf24.exe" [2014-11-28 193568]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2013-05-30 96056]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-12-19 1022152]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"="c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_15_0_0_189_Plugin.exe" [2014-10-27 854704]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2009-12-01 20:03	98304	-c----w-	c:\windows\System32\VESWinlogon.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe"
"MarketingTools"=c:\program files (x86)\Sony\Marketing Tools\MarketingTools.exe
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 ESRV_SVC;Energy Server Service;c:\program files\Sony\VAIO Care\ESRV\esrv_svc.exe --AUTO_START --start --address 127.0.0.1;c:\program files\Sony\VAIO Care\ESRV\esrv_svc.exe --AUTO_START --start --address 127.0.0.1 [x]
R2 Roxio Upnp Server 10;Roxio Upnp Server 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe;c:\program files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [x]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys;c:\windows\SYSNATIVE\drivers\btusbflt.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
R3 cmnsusbser;Mobile Connector USB Device for Legacy Serial Communication LCT2053s;c:\windows\system32\DRIVERS\cmnsusbser.sys;c:\windows\SYSNATIVE\DRIVERS\cmnsusbser.sys [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]
R3 ewusbmbb;HUAWEI USB-WWAN miniport;c:\windows\system32\DRIVERS\ewusbwwan.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbwwan.sys [x]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbnet.sys [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys;c:\windows\SYSNATIVE\DRIVERS\ggflt.sys [x]
R3 globalUpdatem;globalUpdate Update Service (globalUpdatem);c:\program files (x86)\globalUpdate\Update\GoogleUpdate.exe;c:\program files (x86)\globalUpdate\Update\GoogleUpdate.exe [x]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbdev.sys [x]
R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys;c:\windows\SYSNATIVE\drivers\massfilter.sys [x]
R3 McComponentHostServiceSony;McAfee Security Scan Component Host Service for Sony;c:\program files (x86)\Sony\MSS\3.8.130\McCHSvc.exe;c:\program files (x86)\Sony\MSS\3.8.130\McCHSvc.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe;c:\program files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [x]
R3 rsvcdwdr;rsvcdwdr;c:\windows\system32\DRIVERS\rsvcdwdr.sys;c:\windows\SYSNATIVE\DRIVERS\rsvcdwdr.sys [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [x]
R3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe;c:\program files\Sony\VAIO Care\VCService.exe [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 {9a9157bb-003e-4fef-8bd1-c09bc4586a28}w64;{9a9157bb-003e-4fef-8bd1-c09bc4586a28}w64;c:\windows\system32\drivers\{9a9157bb-003e-4fef-8bd1-c09bc4586a28}w64.sys;c:\windows\SYSNATIVE\drivers\{9a9157bb-003e-4fef-8bd1-c09bc4586a28}w64.sys [x]
S1 {e63d9559-e4c3-499e-867a-a3c9d0a21400}Gw64;{e63d9559-e4c3-499e-867a-a3c9d0a21400}Gw64;c:\windows\system32\drivers\{e63d9559-e4c3-499e-867a-a3c9d0a21400}Gw64.sys;c:\windows\SYSNATIVE\drivers\{e63d9559-e4c3-499e-867a-a3c9d0a21400}Gw64.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 netfilter64;netfilter64;c:\windows\system32\drivers\netfilter64.sys;c:\windows\SYSNATIVE\drivers\netfilter64.sys [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [x]
S2 rimspci;rimspci;c:\windows\system32\drivers\rimssne64.sys;c:\windows\SYSNATIVE\drivers\rimssne64.sys [x]
S2 risdsnpe;risdsnpe;c:\windows\system32\drivers\risdsne64.sys;c:\windows\SYSNATIVE\drivers\risdsne64.sys [x]
S2 rqpbhevlkc64;rqpbhevlkc64;c:\program files\004\rqpbhevlkc64.exe run options=01100010040000000000000000000000 sourceguid=A6ADCE5D-859A-4E7E-B0B2-D07F8AB9237E;c:\program files\004\rqpbhevlkc64.exe run options=01100010040000000000000000000000 sourceguid=A6ADCE5D-859A-4E7E-B0B2-D07F8AB9237E [x]
S2 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [x]
S2 SOHDBSvr;VAIO Media plus Database Manager;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [x]
S2 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [x]
S2 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [x]
S2 SOHPlMgr;VAIO Media plus Playlist Manager;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [x]
S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [x]
S2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [x]
S2 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [x]
S2 Verifies and fixes application compatibility issues;Compatibility Verify;c:\users\Karisha\AppData\Roaming\Compatibility Verifier\compatibilitychecksvc.exe;c:\users\Karisha\AppData\Roaming\Compatibility Verifier\compatibilitychecksvc.exe [x]
S2 vpnagent;Cisco AnyConnect VPN Agent;c:\program files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe;c:\program files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe [x]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe;c:\program files\Sony\VAIO Smart Network\VSNService.exe [x]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys;c:\windows\SYSNATIVE\DRIVERS\ArcSoftKsUFilter.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys;c:\windows\SYSNATIVE\drivers\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys;c:\windows\SYSNATIVE\drivers\SFEP.sys [x]
S3 USER_ESRV_SVC;User Energy Server Service;c:\program files\Sony\VAIO Care\ESRV\esrv_svc.exe;c:\program files\Sony\VAIO Care\ESRV\esrv_svc.exe [x]
S3 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe;c:\program files\Sony\VAIO Power Management\SPMService.exe [x]
S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update\vuagent.exe;c:\program files\Sony\VAIO Update\vuagent.exe [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-01-25 09:37	1086280	-c--a-w-	c:\program files (x86)\Google\Chrome\Application\40.0.2214.91\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2015-01-26 c:\windows\Tasks\345d3c72-b21e-4eb7-9074-20e283560ca4-1.job
- c:\program files (x86)\winservice86\winservice86-codedownloader.exe [2014-09-25 17:49]
.
2015-01-26 c:\windows\Tasks\345d3c72-b21e-4eb7-9074-20e283560ca4-2.job
- c:\program files (x86)\winservice86\345d3c72-b21e-4eb7-9074-20e283560ca4-2.exe [2014-09-30 17:49]
.
2015-01-26 c:\windows\Tasks\345d3c72-b21e-4eb7-9074-20e283560ca4-4.job
- c:\program files (x86)\winservice86\345d3c72-b21e-4eb7-9074-20e283560ca4-4.exe [2014-09-30 17:48]
.
2015-01-26 c:\windows\Tasks\345d3c72-b21e-4eb7-9074-20e283560ca4-5.job
- c:\program files (x86)\winservice86\345d3c72-b21e-4eb7-9074-20e283560ca4-5.exe [2014-09-30 17:50]
.
2015-01-26 c:\windows\Tasks\345d3c72-b21e-4eb7-9074-20e283560ca4-5_user.job
- c:\program files (x86)\winservice86\345d3c72-b21e-4eb7-9074-20e283560ca4-5.exe [2014-09-30 17:50]
.
2015-01-26 c:\windows\Tasks\781f295f-63c1-4fda-8623-f47508e43407-1.job
- c:\program files (x86)\winservice86\winservice86-codedownloader.exe [2014-09-25 17:49]
.
2015-01-26 c:\windows\Tasks\781f295f-63c1-4fda-8623-f47508e43407-2.job
- c:\program files (x86)\winservice86\781f295f-63c1-4fda-8623-f47508e43407-2.exe [2014-09-25 17:31]
.
2015-01-26 c:\windows\Tasks\781f295f-63c1-4fda-8623-f47508e43407-4.job
- c:\program files (x86)\winservice86\781f295f-63c1-4fda-8623-f47508e43407-4.exe [2014-09-25 17:30]
.
2015-01-26 c:\windows\Tasks\781f295f-63c1-4fda-8623-f47508e43407-5.job
- c:\program files (x86)\winservice86\781f295f-63c1-4fda-8623-f47508e43407-5.exe [2014-09-25 17:32]
.
2015-01-26 c:\windows\Tasks\781f295f-63c1-4fda-8623-f47508e43407-5_user.job
- c:\program files (x86)\winservice86\781f295f-63c1-4fda-8623-f47508e43407-5.exe [2014-09-25 17:32]
.
2015-01-26 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-11 16:31]
.
2015-01-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-11-30 20:29]
.
2015-01-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-11-30 20:29]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}]
2014-07-21 18:58	397312	-c--a-w-	c:\program files\{7A48E61E-03C8-4310-8D67-7E605828BBA8}\{E08F28F3-626E-4FC0-AB7A-82527213D645}.bin
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{ccb24e92-62c4-4c53-95d2-65f9eed476bc}"= "c:\program files (x86)\mystarttb\mystartDx64.dll" [2014-11-12 127240]
.
[HKEY_CLASSES_ROOT\CLSID\{ccb24e92-62c4-4c53-95d2-65f9eed476bc}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-08-21 166424]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-08-21 390680]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-08-21 410136]
"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2014-05-13 1387376]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2014-10-14 557768]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.mystart.com/?pr=kreap&id=mystarttb&v=5_4&ent=hp_5290&src=5290
mDefault_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1402658470&from=tugs&uid=SAMSUNGXHM321HI_S26YJDRZ423724&q={searchTerms}
mDefault_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1402658470&from=tugs&uid=SAMSUNGXHM321HI_S26YJDRZ423724
mStart Page = hxxp://start.mysearchdial.com/?f=1&a=cmi_14_25_ie&cd=2XzuyEtN2Y1L1QzuyB0E0D0DtDzz0DyCzz0B0EtCtA0EyDtBtN0D0Tzu0SzytDtDtN1L2XzutBtFtBtCtFyEtFtCtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyByCtCyE0Azz0CzytGtCyByB0EtGyE0CtAyEtGyEzytDtCtGtDzzyE0CyCtCyByB0A0E0F0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCyBtD0CzzyC0B0AtG0E0DtC0DtGyB0AtBtBtGtCyCyCzztGtAzy0ByCtD0A0DzztAzy0D0B2Q&cr=488409988&ir=
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1402658470&from=tugs&uid=SAMSUNGXHM321HI_S26YJDRZ423724&q={searchTerms}
uInternet Settings,ProxyOverride = <-loopback>
uSearchAssistant = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StK2q0U14moCf-ET1EM4uw4GigvFB13oDfsPU-0fo0C6mkviRT6qDh5cejnfO690ctH2HhMtCUglAqub2HbOd7ci4DkkJIKp7UIKlzv2gvhYoIoB-G1vCAYfkhftlZlB-YSUz5REN-egFHaxEf3g0ZyTGjMokC1QlpquI2IEeR5sxWxD6HdgMOUJhKrZyrIKWFTXjqHyicQVtT2Q,,&q={searchTerms}
IE: An OneNote s&enden - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Nach Microsoft &Excel exportieren - c:\progra~2\MICROS~1\Office10\EXCEL.EXE/3000
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.178.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKCU-Run-OgucoHideq - (no file)
Wow6432Node-HKCU-Run-WindApp - c:\users\Karisha\AppData\Roaming\Store\WindApp\WindApp.exe
Wow6432Node-HKLM-Run-ConvertAd - c:\users\Karisha\AppData\Local\ConvertAd\ConvertAd.exe
Wow6432Node-HKLM-Run-fst_de_35 - (no file)
Wow6432Node-HKLM-Run-fst_de_40 - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)
HKLM-Run-Apoint - c:\program files (x86)\Apoint\Apoint.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-3543711794-1013096970-3546453479-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.download\UserChoice]
@Denied: (2) (S-1-5-21-3543711794-1013096970-3546453479-1000)
@Denied: (2) (LocalSystem)
"Progid"="SafariDownload"
.
[HKEY_USERS\S-1-5-21-3543711794-1013096970-3546453479-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (S-1-5-21-3543711794-1013096970-3546453479-1000)
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-3543711794-1013096970-3546453479-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (S-1-5-21-3543711794-1013096970-3546453479-1000)
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-3543711794-1013096970-3546453479-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.safariextz\UserChoice]
@Denied: (2) (S-1-5-21-3543711794-1013096970-3546453479-1000)
@Denied: (2) (LocalSystem)
"Progid"="SafariExtension"
.
[HKEY_USERS\S-1-5-21-3543711794-1013096970-3546453479-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (S-1-5-21-3543711794-1013096970-3546453479-1000)
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-3543711794-1013096970-3546453479-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.svg\UserChoice]
@Denied: (2) (S-1-5-21-3543711794-1013096970-3546453479-1000)
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\S-1-5-21-3543711794-1013096970-3546453479-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.webarchive\UserChoice]
@Denied: (2) (S-1-5-21-3543711794-1013096970-3546453479-1000)
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\S-1-5-21-3543711794-1013096970-3546453479-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (S-1-5-21-3543711794-1013096970-3546453479-1000)
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-3543711794-1013096970-3546453479-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (S-1-5-21-3543711794-1013096970-3546453479-1000)
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-3543711794-1013096970-3546453479-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xml\UserChoice]
@Denied: (2) (S-1-5-21-3543711794-1013096970-3546453479-1000)
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_189_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_189_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_189_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_189_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_189.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.15"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_189.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_189.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_189.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\SONY\VAIO Event Service\VESMgr.exe
c:\windows\SysWOW64\DllHost.exe
c:\program files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
c:\program files (x86)\SONY\VAIO Event Service\VESMgrSub.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-01-26  11:33:20 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2015-01-26 10:33
.
Vor Suchlauf: 21 Verzeichnis(se), 52.596.965.376 Bytes frei
Nach Suchlauf: 26 Verzeichnis(se), 53.583.384.576 Bytes frei
.
- - End Of File - - 24C0A0FFD438D9203CB6A66FA5C337B0

Musik im Hintergrund; PC bleibt hängen und lässt kein Antivirusprogramm runterzuladen

Antiviren-, Firewall- und andere Schutzprogramme: Musik im Hintergrund; PC bleibt hängen und lässt kein Antivirusprogramm runterzuladen