Code:
ComboFix 11-07-07.02 - Tobias 07.07.2011 16:49:05.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.4095.3070 [GMT 2:00]
ausgeführt von:: c:\users\Tobias\Desktop\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Tobias\AppData\Local\uninstall.tmp
c:\users\Tobias\AppData\Roaming\Bilder
c:\users\Tobias\AppData\Roaming\Microsoft\Windows\Recent\desktop_62231484.ico
c:\users\Tobias\AppData\Roaming\Tobiaslog.dat
c:\users\Tobias\AppData\Roaming\Win32
c:\windows\IsUn0407.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2011-06-07 bis 2011-07-07 ))))))))))))))))))))))))))))))
.
.
2011-07-07 14:54 . 2011-07-07 14:54 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2011-07-07 14:54 . 2011-07-07 14:54 -------- d-----w- c:\users\Gast\AppData\Local\temp
2011-07-07 14:54 . 2011-07-07 14:54 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-07-07 11:50 . 2011-07-07 11:50 -------- d-----w- C:\_OTL
2011-07-04 20:04 . 2011-07-04 20:04 -------- d-----w- c:\users\Tobias\AppData\Roaming\Malwarebytes
2011-07-04 20:04 . 2011-05-29 07:11 39984 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-07-04 20:04 . 2011-07-04 20:04 -------- d-----w- c:\programdata\Malwarebytes
2011-07-04 20:04 . 2011-07-04 20:04 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-07-04 20:04 . 2011-05-29 07:11 25912 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-07-04 11:32 . 2011-07-04 11:32 388096 ----a-r- c:\users\Tobias\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-07-04 11:32 . 2011-07-04 11:32 -------- d-----w- c:\program files (x86)\Trend Micro
2011-07-04 04:27 . 2011-07-04 04:28 -------- d-----w- c:\windows\system32\SPReview
2011-07-04 04:26 . 2011-07-04 04:26 -------- d-----w- c:\windows\system32\EventProviders
2011-06-29 13:04 . 2011-05-24 11:42 404480 ----a-w- c:\windows\system32\umpnpmgr.dll
2011-06-28 18:56 . 2011-06-28 18:56 -------- d-----w- c:\programdata\Easy Driver Pro
2011-06-28 18:23 . 2011-06-28 18:23 -------- d-----w- c:\users\Tobias\AppData\Roaming\WildPackets
2011-06-28 13:50 . 2011-06-28 13:50 -------- d-----w- c:\program files (x86)\SecurityXploded
2011-06-28 09:45 . 2011-06-28 09:45 -------- d-----w- c:\users\Tobias\AppData\Roaming\gtk-2.0
2011-06-28 09:36 . 2011-06-30 13:14 -------- d-----w- c:\users\Tobias\AppData\Roaming\Wireshark
2011-06-28 09:10 . 2011-06-28 09:10 -------- d-----w- c:\program files\Wireshark
2011-06-28 01:10 . 2011-06-28 10:20 -------- d-----w- c:\program files (x86)\Tenable
2011-06-28 00:54 . 2011-06-28 08:25 53312 ----a-w- c:\windows\system32\drivers\pssdk42.sys
2011-06-28 00:53 . 2011-06-28 10:21 -------- d-----w- c:\program files\Tenable
2011-06-27 21:46 . 2011-06-29 13:47 -------- d-----w- c:\program files (x86)\CACE Technologies
2011-06-27 20:52 . 2011-06-30 13:16 -------- d-----w- c:\program files (x86)\WinPcap
2011-06-27 20:52 . 2011-07-06 15:09 -------- d-----w- c:\program files (x86)\Cain
2011-06-27 20:34 . 2011-06-29 13:50 -------- d-----w- c:\program files (x86)\Simple Port Forwarding
2011-06-27 12:36 . 2010-11-20 13:27 3650560 ----a-w- c:\windows\system32\MSVidCtl.dll
2011-06-27 12:35 . 2010-11-20 13:27 1727488 ----a-w- c:\program files\Windows Photo Viewer\PhotoViewer.dll
2011-06-27 12:34 . 2010-11-20 13:27 503296 ----a-w- c:\windows\system32\srcore.dll
2011-06-27 12:33 . 2010-11-20 13:07 3584 ----a-w- c:\windows\system32\drivers\de-DE\tsusbflt.sys.mui
2011-06-27 12:33 . 2010-11-20 13:00 2560 ----a-w- c:\windows\system32\drivers\de-DE\rdpwd.sys.mui
2011-06-27 12:33 . 2010-11-20 13:12 7168 ----a-w- c:\windows\system32\drivers\de-DE\msdsm.sys.mui
2011-06-27 12:33 . 2010-11-20 13:07 2560 ----a-w- c:\windows\system32\drivers\de-DE\disk.sys.mui
2011-06-27 12:33 . 2010-11-20 13:00 4608 ----a-w- c:\windows\system32\drivers\de-DE\vdrvroot.sys.mui
2011-06-27 12:33 . 2010-11-20 12:21 189952 ----a-w- c:\windows\SysWow64\wdscore.dll
2011-06-27 12:33 . 2010-11-20 12:17 209920 ----a-w- c:\windows\SysWow64\PkgMgr.exe
2011-06-27 12:33 . 2010-11-20 12:18 323072 ----a-w- c:\windows\SysWow64\drvstore.dll
2011-06-27 12:33 . 2010-11-20 12:18 257024 ----a-w- c:\windows\SysWow64\dpx.dll
2011-06-27 12:33 . 2010-11-20 12:21 363008 ----a-w- c:\windows\SysWow64\wbemcomn.dll
2011-06-27 12:33 . 2010-11-20 12:19 606208 ----a-w- c:\windows\SysWow64\wbem\fastprox.dll
2011-06-27 12:31 . 2010-11-20 13:27 524288 ----a-w- c:\windows\system32\wmicmiplugin.dll
2011-06-27 12:31 . 2010-11-20 13:27 529408 ----a-w- c:\windows\system32\wbemcomn.dll
2011-06-27 12:31 . 2010-11-20 13:27 1225216 ----a-w- c:\windows\system32\wbem\wbemcore.dll
2011-06-27 12:31 . 2010-11-20 13:27 933376 ----a-w- c:\windows\system32\SmiEngine.dll
2011-06-27 12:31 . 2010-11-20 13:25 199168 ----a-w- c:\windows\system32\PkgMgr.exe
2011-06-27 12:30 . 2010-11-20 13:26 422912 ----a-w- c:\windows\system32\drvstore.dll
2011-06-27 12:30 . 2010-11-20 13:26 399872 ----a-w- c:\windows\system32\dpx.dll
2011-06-26 17:21 . 2011-04-09 06:58 142336 ----a-w- c:\windows\system32\poqexec.exe
2011-06-26 17:21 . 2011-04-09 05:56 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
2011-06-26 17:19 . 2011-04-22 22:15 27520 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2011-06-23 15:43 . 2008-01-24 11:44 -------- d-----w- C:\eeepcfr
2011-06-17 16:13 . 2008-04-15 12:00 1384479 ----a-w- c:\windows\pcdoktor.DLL
2011-06-16 09:43 . 2011-06-16 09:43 272448 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-06-15 16:19 . 2011-06-15 16:19 526392 ----a-w- c:\windows\system32\drivers\sptd.sys
2011-06-15 16:19 . 2011-06-16 09:43 -------- d-----w- c:\program files (x86)\DAEMON Tools Pro
2011-06-15 16:17 . 2011-06-16 09:42 -------- d-----w- c:\users\Tobias\AppData\Roaming\DAEMON Tools Pro
2011-06-15 16:17 . 2011-06-15 16:19 -------- d-----w- c:\programdata\DAEMON Tools Pro
2011-06-15 12:52 . 2005-02-26 05:34 442368 ----a-r- c:\windows\SysWow64\vp6vfw.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-07 14:09 . 2010-03-24 18:26 234536 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2011-07-07 14:09 . 2010-03-24 18:26 234536 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2011-07-07 11:44 . 2010-03-13 09:03 45056 ----a-w- c:\windows\system32\acovcnt.exe
2011-07-04 04:38 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2011-07-04 04:38 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2011-05-21 06:01 . 2011-04-07 21:19 326760 ----a-w- c:\windows\system32\nvhotkey.dll
2011-05-21 06:01 . 2011-04-07 21:19 2560616 ----a-w- c:\windows\system32\nvsvcr.dll
2011-05-21 06:01 . 2011-04-07 21:19 117864 ----a-w- c:\windows\system32\nvmctray.dll
2011-05-21 06:01 . 2011-04-07 21:19 1016936 ----a-w- c:\windows\system32\nvvsvc.exe
2011-05-21 06:01 . 2011-04-07 21:19 739432 ----a-w- c:\windows\system32\easyupdatusapiu64.dll
2011-05-21 06:01 . 2011-04-07 21:19 6300776 ----a-w- c:\windows\system32\nvcpl.dll
2011-05-21 06:01 . 2011-04-07 21:18 3040872 ----a-w- c:\windows\system32\nvsvc64.dll
2011-05-21 06:01 . 2010-05-30 12:18 15223912 ----a-w- c:\windows\system32\nvd3dumx.dll
2011-05-21 06:01 . 2009-06-11 20:48 61544 ----a-w- c:\windows\system32\nvshext.dll
2011-05-21 06:01 . 2009-06-11 02:08 8863336 ----a-w- c:\windows\system32\nvwgf2umx.dll
2011-05-21 06:01 . 2009-06-11 02:08 2644584 ----a-w- c:\windows\system32\nvapi64.dll
2011-05-21 06:01 . 2009-06-11 02:08 11992680 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2011-05-20 20:35 . 2011-05-20 20:35 304744 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2011-05-10 09:41 . 2011-04-19 12:52 1426536 ----a-w- c:\windows\system32\nvhdagenco642040.dll
2011-04-28 20:34 . 2011-04-18 20:09 729088 ----a-w- c:\windows\iun6002.exe
2011-04-09 16:55 . 2011-04-09 16:55 15453336 ----a-w- c:\windows\SysWow64\xlive.dll
2011-04-09 16:55 . 2011-04-09 16:55 13642904 ----a-w- c:\windows\SysWow64\xlivefnt.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Pro Agent"="c:\program files (x86)\DAEMON Tools Pro\DTAgent.exe" [2011-03-17 842048]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HControlUser"="c:\program files (x86)\ASUS\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"ATKOSD2"="c:\program files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" [2009-07-07 8493624]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Media\DMedia.exe" [2009-04-20 159744]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"VirtualCloneDrive"="c:\program files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2009-06-17 85160]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
SRS Premium Sound.lnk - c:\windows\Installer\{D42F84B6-3709-4A50-8502-6719D16AE6C8}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe [2009-9-29 156880]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-04-04 05:42 36272 ----a-w- c:\program files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
2009-09-29 20:36 3054136 ----a-w- c:\windows\AsScrPro.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 1527900]
R3 nmwcdcmx64;Nokia USB Modem;c:\windows\system32\drivers\nmwcdcmx64.sys [x]
R3 nmwcdcx64;Nokia USB Generic;c:\windows\system32\drivers\ccdcmbox64.sys [x]
R3 nmwcdx64;Nokia USB Phone Parent;c:\windows\system32\drivers\nmwcdx64.sys [x]
R3 PSSDK42;PSSDK42;c:\windows\system32\Drivers\pssdk42.sys [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 UPnPService;UPnPService;c:\program files (x86)\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [2006-12-14 544768]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
S2 FastBootAgent;FastBootAgent;c:\windows\SysWOW64\Fast Boot\FastBootAgent.exe [2009-07-24 306232]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [x]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-05-21 2214504]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-05-20 378472]
S3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-06-12 619392]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-04-09 320000]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uStart Page =
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{B7F60165-FE54-4178-B3C6-76889482BA02}: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{B7F60165-FE54-4178-B3C6-76889482BA02}\64259445A51224F6870264F6E60275C414E40273234303: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\wvquvaoy.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine -
FF - prefs.js: browser.startup.homepage - google.de
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Zynga Community Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - %profile%\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
FF - user.js: yahoo.homepage.dontask - true
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
FF - user.js: network.http.max-persistent-connections-per-server - 4
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - (no file)
MSConfigStartUp-ADSMTray - c:\program files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
MSConfigStartUp-ASUS Camera ScreenSaver - c:\windows\AsScrProlog.exe
MSConfigStartUp-CLMLServer - c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1423413870-2881166571-2032735273-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:84,ae,3d,a9,cf,73,3a,d7,01,b0,a7,a4,fc,a2,5b,22,da,10,a2,92,79,20,0c,
29,4b,7d,34,58,02,03,dc,e3,8e,94,8d,08,de,47,ea,1f,20,6e,f6,6e,37,ad,16,bc,\
"??"=hex:34,33,4b,b6,8d,2f,86,c0,87,42,8e,21,36,fe,43,8d
.
[HKEY_USERS\S-1-5-21-1423413870-2881166571-2032735273-1001\Software\SecuROM\License information*]
"datasecu"=hex:9f,26,53,d8,db,da,5c,49,31,5d,55,ba,5e,dd,1c,9e,76,3f,e7,07,91,
c3,fd,af,6d,b2,6f,23,8b,5a,9b,74,4b,3c,e4,39,46,17,fa,d5,35,03,fb,de,53,5f,\
"rkeysecu"=hex:ad,d2,82,46,f4,ac,2c,e6,79,31,a3,ae,dd,0b,3d,a7
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2011-07-07 16:58:00
ComboFix-quarantined-files.txt 2011-07-07 14:58
.
Vor Suchlauf: 10 Verzeichnis(se), 13.226.782.720 Bytes frei
Nach Suchlauf: 15 Verzeichnis(se), 13.075.767.296 Bytes frei
.
- - End Of File - - 4486FE5526BC85E6311AC5CE09E5BEB0
DIE FIREWALL FUNZT WIEDER! :-):daumenhoc |
