Trojaner-Board - Der Computer ist für die Verletzung der Gesetze der Bundesrepublik Deutschland wurde blockiert

Code:
ComboFix 12-08-20.01 - Matze 20.08.2012   9:46.1.2 - x64

Microsoft Windows 7 Home Premium   6.1.7600.0.1252.49.1031.18.3959.2581 [GMT 2:00]

ausgeführt von:: c:\downloads\ComboFix.exe

AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}

SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

C:\prefs.js

c:\program files (x86)\facemoods.com

c:\program files (x86)\facemoods.com\facemoods\1.4.17.7\bh\facemoods.dll

c:\program files (x86)\facemoods.com\facemoods\1.4.17.7\facemoods.crx

c:\program files (x86)\facemoods.com\facemoods\1.4.17.7\facemoods.png

c:\program files (x86)\facemoods.com\facemoods\1.4.17.7\facemoodsApp.dll

c:\program files (x86)\facemoods.com\facemoods\1.4.17.7\facemoodsEng.dll

c:\program files (x86)\facemoods.com\facemoods\1.4.17.7\facemoodssrv.exe

c:\program files (x86)\facemoods.com\facemoods\1.4.17.7\facemoodsTlbr.dll

c:\program files (x86)\facemoods.com\facemoods\1.4.17.7\uninstall.exe

c:\program files (x86)\facemoods.com\sqlite3.dll

c:\users\Eva-Marie\AppData\Roaming\Ebqeny

c:\users\Eva-Marie\AppData\Roaming\Ebqeny\yhqu.tou

c:\users\Eva-Marie\AppData\Roaming\nmipki.dll

c:\users\Eva-Marie\AppData\Roaming\Ymfui

c:\users\Eva-Marie\AppData\Roaming\Ymfui\bigoi.exe

c:\users\Matze\AppData\Roaming\chrtmp

c:\windows\s.bat

.

.

(((((((((((((((((((((((   Dateien erstellt von 2012-07-20 bis 2012-08-20  ))))))))))))))))))))))))))))))

.

.

2012-08-18 21:51 . 2012-08-18 22:05        --------        d-----w-        C:\_OTL

2012-08-18 15:59 . 2012-08-18 15:59        --------        d-----w-        c:\users\Eva-Marie\AppData\Local\Adobe

2012-08-18 09:16 . 2012-07-06 19:58        552448        ----a-w-        c:\windows\system32\drivers\bthport.sys

2012-08-17 23:20 . 2012-08-17 23:20        --------        d-----w-        c:\users\Matze\AppData\Roaming\Malwarebytes

2012-08-17 23:20 . 2012-08-17 23:20        --------        d-----w-        c:\programdata\Malwarebytes

2012-08-17 23:20 . 2012-07-03 11:46        24904        ----a-w-        c:\windows\system32\drivers\mbam.sys

2012-08-17 23:20 . 2012-08-17 23:20        --------        d-----w-        c:\program files (x86)\Malwarebytes' Anti-Malware

2012-08-17 22:41 . 2012-08-18 15:08        --------        d-----w-        c:\users\Eva-Marie\AppData\Roaming\Byeby

2012-08-14 02:31 . 2012-08-14 02:31        --------        d-----w-        c:\users\Eva-Marie\AppData\Roaming\ProgSense

2012-08-14 02:31 . 2012-08-18 16:07        --------        d-----w-        c:\users\Eva-Marie\AppData\Roaming\Orbit

2012-08-14 02:24 . 2012-08-14 02:24        --------        d-----w-        c:\users\Matze\AppData\Roaming\hellomoto

2012-07-31 19:46 . 2012-07-31 19:46        --------        d-----w-        c:\users\Eva-Marie\AppData\Roaming\Avira

2012-07-31 11:14 . 2012-07-31 11:14        --------        d-----w-        c:\users\Matze\AppData\Local\FLT

2012-07-31 11:14 . 2012-07-31 11:14        --------        d-----w-        c:\users\Matze\AppData\Local\2012

2012-07-27 04:49 . 2012-07-27 04:49        --------        d-----w-        c:\users\Matze\AppData\Roaming\Avira

2012-07-27 04:42 . 2012-07-18 16:04        27760        ----a-w-        c:\windows\system32\drivers\avkmgr.sys

2012-07-27 04:42 . 2012-07-18 16:04        132832        ----a-w-        c:\windows\system32\drivers\avipbb.sys

2012-07-27 04:42 . 2012-07-18 16:04        98848        ----a-w-        c:\windows\system32\drivers\avgntflt.sys

2012-07-27 04:42 . 2012-07-27 04:42        --------        d-----w-        c:\programdata\Avira

2012-07-27 04:42 . 2012-07-27 04:42        --------        d-----w-        c:\program files (x86)\Avira

2012-07-24 20:37 . 2012-06-29 10:04        9133488        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{BE6DCDFB-4371-41D6-B2D5-285223767B94}\mpengine.dll

.

.

.

((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-08-17 22:23 . 2012-06-13 14:43        426184        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe

2012-08-17 22:23 . 2011-05-20 17:36        70344        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-06-09 05:30 . 2012-07-11 20:06        14165504        ----a-w-        c:\windows\system32\shell32.dll

2012-06-06 05:50 . 2012-07-11 20:06        2003968        ----a-w-        c:\windows\system32\msxml6.dll

2012-06-06 05:50 . 2012-07-11 20:06        1880064        ----a-w-        c:\windows\system32\msxml3.dll

2012-06-06 05:09 . 2012-07-11 20:06        1389568        ----a-w-        c:\windows\SysWow64\msxml6.dll

2012-06-06 05:09 . 2012-07-11 20:06        1236992        ----a-w-        c:\windows\SysWow64\msxml3.dll

2012-06-02 22:19 . 2012-06-29 19:31        38424        ----a-w-        c:\windows\system32\wups.dll

2012-06-02 22:19 . 2012-06-29 19:31        2428952        ----a-w-        c:\windows\system32\wuaueng.dll

2012-06-02 22:19 . 2012-06-29 19:31        57880        ----a-w-        c:\windows\system32\wuauclt.exe

2012-06-02 22:19 . 2012-06-29 19:31        44056        ----a-w-        c:\windows\system32\wups2.dll

2012-06-02 22:19 . 2012-06-29 19:31        701976        ----a-w-        c:\windows\system32\wuapi.dll

2012-06-02 22:15 . 2012-06-29 19:31        2622464        ----a-w-        c:\windows\system32\wucltux.dll

2012-06-02 22:15 . 2012-06-29 19:31        99840        ----a-w-        c:\windows\system32\wudriver.dll

2012-06-02 13:19 . 2012-06-29 19:31        186752        ----a-w-        c:\windows\system32\wuwebv.dll

2012-06-02 13:15 . 2012-06-29 19:31        36864        ----a-w-        c:\windows\system32\wuapp.exe

2012-06-02 05:38 . 2012-07-11 20:06        95088        ----a-w-        c:\windows\system32\drivers\ksecdd.sys

2012-06-02 05:38 . 2012-07-11 20:06        152432        ----a-w-        c:\windows\system32\drivers\ksecpkg.sys

2012-06-02 05:37 . 2012-07-11 20:06        459216        ----a-w-        c:\windows\system32\drivers\cng.sys

2012-06-02 05:27 . 2012-07-11 20:06        340992        ----a-w-        c:\windows\system32\schannel.dll

2012-06-02 05:27 . 2012-07-11 20:06        307200        ----a-w-        c:\windows\system32\ncrypt.dll

2012-06-02 04:48 . 2012-07-11 20:06        22016        ----a-w-        c:\windows\SysWow64\secur32.dll

2012-06-02 04:48 . 2012-07-11 20:06        225280        ----a-w-        c:\windows\SysWow64\schannel.dll

2012-06-02 04:47 . 2012-07-11 20:06        219136        ----a-w-        c:\windows\SysWow64\ncrypt.dll

2012-06-02 04:42 . 2012-07-11 20:06        96768        ----a-w-        c:\windows\SysWow64\sspicli.dll

2012-05-31 10:25 . 2011-05-19 19:36        279656        ------w-        c:\windows\system32\MpSigStub.exe

.

.

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))

.

.

*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 

REGEDIT4

.

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{7e111a5c-3d11-4f56-9463-5310c3c69025}"= "c:\program files (x86)\Freeware.de\prxtbFree.dll" [2011-05-09 176936]

.

[HKEY_CLASSES_ROOT\clsid\{7e111a5c-3d11-4f56-9463-5310c3c69025}]

.

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{7e111a5c-3d11-4f56-9463-5310c3c69025}]

2011-05-09 08:49        176936        ----a-w-        c:\program files (x86)\Freeware.de\prxtbFree.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]

"{7e111a5c-3d11-4f56-9463-5310c3c69025}"= "c:\program files (x86)\Freeware.de\prxtbFree.dll" [2011-05-09 176936]

.

[HKEY_CLASSES_ROOT\clsid\{7e111a5c-3d11-4f56-9463-5310c3c69025}]

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]

"Sidebar"="c:\program files (x86)\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]

"DS3 Tool"="c:\program files\MotioninJoy\ds3\DS3_Tool.exe" [2011-01-01 110352]

"ICQ"="c:\program files (x86)\ICQ7.5\ICQ.exe" [2011-08-01 124480]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-03 284696]

"331BigDog"="c:\program files (x86)\USB Camera\VM331_STI.EXE" [2010-01-15 536576]

"VeriFaceManager"="c:\program files (x86)\Lenovo\VeriFace\PManage.exe" [2010-09-24 3122528]

"UCam_Menu"="c:\program files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]

"YouCam Mirror Tray icon"="c:\program files (x86)\Lenovo\YouCam\YouCamTray.exe" [2009-12-22 167008]

"UpdateP2GShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-12-03 218408]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]

"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-06-07 421160]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]

"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]

"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-07-18 348664]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"WLStart"="c:\program files (x86)\Windows Live\Installer\wlstart.exe" [2009-07-26 786760]

.

c:\users\Matze\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

FILSHtray.lnk - c:\program files (x86)\FILSHtray\FILSHtray.exe [2012-4-18 594432]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"aux"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 ReadyComm.DirectRouter;ReadyComm.DirectRouter;c:\windows\System32\IgrsSvcs.exe [x]

R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-17 250056]

R3 Bridge0;Bridge0;c:\windows\system32\drivers\WDBridge.sys [2009-07-16 79376]

R3 BVRPMPR5a64;BVRPMPR5a64 NDIS Protocol Driver;c:\windows\system32\drivers\BVRPMPR5a64.SYS [2010-06-17 35840]

R3 IGRS;IGRS;c:\program files (x86)\Lenovo\ReadyComm\common\IGRS.exe [2009-07-14 38152]

R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2009-06-10 270848]

R3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc;c:\program files\Lenovo\ReadyComm\AppSvc.exe [2009-08-14 509192]

R3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc;c:\program files\Lenovo\ReadyComm\ConnSvc.exe [2009-09-22 579400]

R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys [2011-01-01 97040]

R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]

R3 PS_MDP;ReadyComm Presentation Space Helper Service;c:\windows\System32\IgrsSvcs.exe [x]

R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-03-12 242720]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2011-05-10 51712]

R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 121840]

S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2012-07-18 27760]

S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-05-28 254528]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]

S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]

S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-07-18 86224]

S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-03 13336]

S2 ICQ Service;ICQ Service;c:\program files (x86)\ICQ6Toolbar\ICQ Service.exe [2010-11-21 247608]

S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-12-09 2320920]

S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys [2009-10-19 28176]

S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2010-06-24 167816]

S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]

S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2010-01-28 86120]

S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [2011-07-11 82048]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-08-20 239616]

S3 vm331avs;Digital Camera 1;c:\windows\system32\Drivers\vm331avs.sys [2010-03-18 215168]

S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]

S3 wdmirror;wdmirror;c:\windows\system32\DRIVERS\WDMirror.sys [2009-07-16 11280]

.

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]

IgrsSvcs        REG_MULTI_SZ           ReadyComm.DirectRouter PS_MDP

.

Inhalt des "geplante Tasks" Ordners

.

2012-08-19 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-13 22:23]

.

2012-08-19 c:\windows\Tasks\Norton Security Scan for Matze.job

- c:\progra~2\NORTON~2\Engine\361~1.11\Nss.exe [2012-02-13 00:45]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VeriFace Enc]

@="{771C7324-DA80-49D3-8017-753B0AF60951}"

[HKEY_CLASSES_ROOT\CLSID\{771C7324-DA80-49D3-8017-753B0AF60951}]

2010-09-24 13:05        1502720        ----a-w-        c:\windows\System32\IcnOvrly.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-05-07 16416360]

"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2010-03-22 521272]

"OnekeyStudio"="c:\program files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe" [2009-12-19 776608]

"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\utility.exe" [2009-12-17 4367808]

"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2009-12-17 6988736]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"LoadAppInit_DLLs"=0x0

.

------- Zusätzlicher Suchlauf -------

.

uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2736476

uLocal Page = c:\windows\system32\blank.htm

mStart Page = hxxp://startsear.ch/?aff=1

mLocal Page = c:\windows\SysWOW64\blank.htm

IE: &Download by Orbit - c:\program files (x86)\Orbitdownloader\orbitmxt.dll/201

IE: &Grab video by Orbit - c:\program files (x86)\Orbitdownloader\orbitmxt.dll/204

IE: Do&wnload selected by Orbit - c:\program files (x86)\Orbitdownloader\orbitmxt.dll/203

IE: Down&load all by Orbit - c:\program files (x86)\Orbitdownloader\orbitmxt.dll/202

IE: Free YouTube to MP3 Converter - c:\users\Matze\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files (x86)\ICQ7.5\ICQ.exe

TCP: DhcpNameServer = 192.168.0.1

.

- - - - Entfernte verwaiste Registrierungseinträge - - - -

.

Toolbar-Locked - (no file)

Wow6432Node-HKLM-Run-facemoods - c:\program files (x86)\facemoods.com\facemoods\1.4.17.7\facemoodssrv.exe

Toolbar-Locked - (no file)

WebBrowser-{7E111A5C-3D11-4F56-9463-5310C3C69025} - (no file)

HKLM-Run-ETDWare - c:\program files (x86)\Elantech\ETDCtrl.exe

AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe

AddRemove-facemoods - c:\program files (x86)\facemoods.com\facemoods\1.4.17.7\uninstall.exe

AddRemove-{43B74FAB-FB58-447D-8D3A-5F638AF36FD1} - c:\programdata\{D8116CA6-DBDF-4415-AB4A-BE0CEFB71935}\Netzmanager1.050.1606_101110a.exe

.

.

.

--------------------- Gesperrte Registrierungsschluessel ---------------------

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\software\McAfee]

"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,

   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Zeit der Fertigstellung: 2012-08-20  10:12:36

ComboFix-quarantined-files.txt  2012-08-20 08:12

.

Vor Suchlauf: 15 Verzeichnis(se), 133.387.644.928 Bytes frei

Nach Suchlauf: 19 Verzeichnis(se), 133.042.393.088 Bytes frei

.

- - End Of File - - 7C05FE53A883D5B9D19E79C6EA9310BA