| WasserBüffel | 26.10.2013 22:47 |
Here is the Comobfix log: Code:
ComboFix 13-10-26.01 - Frederick 26/10/2013 23:08:58.1.4 - x64
Microsoft Windows 8 Pro 6.2.9200.0.1252.44.2057.18.8106.7022 [GMT 3.5:30]
Running from: c:\users\Frederick\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Outdated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Disabled/Outdated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
.
.
((((((((((((((((((((((((( Files Created from 2013-09-26 to 2013-10-26 )))))))))))))))))))))))))))))))
.
.
2013-10-25 19:31 . 2013-10-25 19:31 -------- d-----w- C:\FRST
2013-10-25 13:53 . 2013-10-26 19:24 -------- d-----w- c:\users\Frederick\AppData\Roaming\Thunderbird
2013-10-24 15:37 . 2013-10-24 15:37 -------- d-----w- c:\programdata\ALM
2013-10-13 02:59 . 2013-08-10 03:58 356352 ----a-w- c:\windows\SysWow64\SettingSync.dll
2013-10-13 02:59 . 2013-07-24 23:10 158208 ----a-w- c:\windows\SysWow64\mbsmsapi.dll
2013-10-13 02:59 . 2013-07-24 23:06 225280 ----a-w- c:\windows\system32\mbsmsapi.dll
2013-10-13 02:59 . 2013-08-10 05:21 128512 ----a-w- c:\windows\system32\SettingSyncInfo.dll
2013-10-13 02:54 . 2013-08-03 06:40 462336 ----a-w- c:\windows\system32\sysmon.ocx
2013-10-13 02:54 . 2013-08-03 06:40 566784 ----a-w- c:\windows\system32\wvc.dll
2013-10-13 02:54 . 2013-08-03 06:40 1374208 ----a-w- c:\windows\system32\wdc.dll
2013-10-13 02:54 . 2013-08-03 05:13 1245696 ----a-w- c:\windows\SysWow64\wdc.dll
2013-10-13 02:54 . 2013-08-03 05:14 399360 ----a-w- c:\windows\SysWow64\sysmon.ocx
2013-10-13 02:54 . 2013-08-03 05:13 437248 ----a-w- c:\windows\SysWow64\wvc.dll
2013-10-10 00:58 . 2013-09-22 22:54 3959296 ----a-w- c:\windows\system32\jscript9.dll
2013-10-10 00:58 . 2013-09-22 23:27 2876928 ----a-w- c:\windows\SysWow64\jscript9.dll
2013-10-10 00:58 . 2013-09-22 22:54 2647552 ----a-w- c:\windows\system32\iertutil.dll
2013-10-10 00:58 . 2013-04-28 22:30 108032 ----a-w- c:\program files (x86)\Internet Explorer\jsdebuggeride.dll
2013-10-10 00:41 . 2013-07-06 00:15 652288 ----a-w- c:\windows\system32\comctl32.dll
2013-10-10 00:41 . 2013-07-04 02:13 541696 ----a-w- c:\windows\SysWow64\comctl32.dll
2013-10-10 00:33 . 2013-06-22 05:45 785624 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2013-10-10 00:33 . 2013-06-22 05:45 54488 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2013-10-10 00:33 . 2013-07-01 22:14 25600 ----a-w- c:\windows\system32\drivers\usbprint.sys
2013-10-10 00:33 . 2013-06-29 03:08 32768 ----a-w- c:\windows\system32\drivers\hidparse.sys
2013-10-10 00:33 . 2013-06-29 03:07 83968 ----a-w- c:\windows\system32\drivers\hidclass.sys
2013-10-10 00:33 . 2013-07-05 22:01 210560 ----a-w- c:\windows\system32\drivers\usbvideo.sys
2013-10-10 00:33 . 2013-07-05 22:02 99328 ----a-w- c:\windows\system32\drivers\usbcir.sys
2013-10-10 00:33 . 2013-05-26 23:17 35328 ----a-w- c:\windows\SysWow64\atmlib.dll
2013-10-10 00:33 . 2013-05-26 22:59 46080 ----a-w- c:\windows\system32\atmlib.dll
2013-10-10 00:33 . 2013-05-25 03:15 362496 ----a-w- c:\windows\system32\atmfd.dll
2013-10-10 00:33 . 2013-05-25 02:32 300032 ----a-w- c:\windows\SysWow64\atmfd.dll
2013-10-10 00:33 . 2013-08-23 05:11 4040192 ----a-w- c:\windows\system32\win32k.sys
2013-10-10 00:30 . 2013-07-01 01:42 623448 ----a-w- c:\windows\system32\drivers\usbhub.sys
2013-10-10 00:30 . 2013-07-01 01:42 79192 ----a-w- c:\windows\system32\drivers\usbehci.sys
2013-10-10 00:30 . 2013-07-01 01:42 498008 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-10-10 00:30 . 2013-07-01 01:42 21848 ----a-w- c:\windows\system32\drivers\usbd.sys
2013-10-10 00:30 . 2013-06-29 03:07 32256 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2013-10-10 00:30 . 2013-06-29 03:06 120832 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-10-10 00:30 . 2013-07-19 22:13 124112 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 00:30 . 2013-07-19 22:13 102608 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 00:30 . 2013-07-02 01:41 447320 ----a-w- c:\windows\system32\drivers\USBHUB3.SYS
2013-10-10 00:30 . 2013-07-02 01:41 337752 ----a-w- c:\windows\system32\drivers\USBXHCI.SYS
2013-10-10 00:30 . 2013-07-02 01:41 213336 ----a-w- c:\windows\system32\drivers\UCX01000.SYS
2013-10-05 23:34 . 2013-10-05 23:34 -------- d-----w- c:\windows\SysWow64\Hotspot Shield
2013-10-03 22:30 . 2013-10-13 19:27 -------- d-----w- c:\windows\rescache
2013-10-03 21:38 . 2013-08-07 05:15 144896 ----a-w- c:\windows\system32\tssdisai.dll
2013-10-03 21:26 . 2013-10-02 01:38 78296 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-10-03 21:26 . 2013-10-02 01:38 694232 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-09-30 08:33 . 2013-10-10 00:41 -------- d-----w- c:\windows\system32\MRT
2013-09-29 10:47 . 2013-04-09 04:51 14267904 ----a-w- c:\windows\system32\wmp.dll
2013-09-29 10:47 . 2013-04-09 04:51 3552768 ----a-w- c:\windows\system32\tquery.dll
2013-09-29 10:47 . 2013-04-09 04:50 2107904 ----a-w- c:\windows\system32\mssrch.dll
2013-09-29 10:47 . 2013-04-08 21:51 2767360 ----a-w- c:\windows\SysWow64\tquery.dll
2013-09-29 10:47 . 2013-04-08 21:51 1593344 ----a-w- c:\windows\SysWow64\mssrch.dll
2013-09-29 10:47 . 2013-04-09 05:17 1829408 ----a-w- c:\windows\system32\ntdll.dll
2013-09-29 10:41 . 2013-05-04 06:59 13644288 ----a-w- c:\windows\system32\Windows.UI.Xaml.dll
2013-09-29 10:41 . 2013-05-04 04:57 10788864 ----a-w- c:\windows\SysWow64\Windows.UI.Xaml.dll
2013-09-29 10:41 . 2013-05-04 06:58 1332736 ----a-w- c:\windows\system32\sysmain.dll
2013-09-29 10:41 . 2013-05-04 06:57 1131520 ----a-w- c:\windows\system32\AppXDeploymentServer.dll
2013-09-29 10:41 . 2013-05-04 06:59 1483776 ----a-w- c:\windows\system32\VSSVC.exe
2013-09-29 10:41 . 2013-05-04 06:58 328192 ----a-w- c:\windows\system32\ubpm.dll
2013-09-29 10:41 . 2013-05-04 04:47 427520 ----a-w- c:\windows\system32\drivers\rdbss.sys
2013-09-29 10:41 . 2013-05-04 06:57 389120 ----a-w- c:\windows\system32\BCP47Langs.dll
2013-09-29 10:41 . 2013-05-04 06:58 1820672 ----a-w- c:\program files\Windows Photo Viewer\PhotoViewer.dll
2013-09-29 10:41 . 2013-05-04 06:58 470528 ----a-w- c:\windows\system32\netprofmsvc.dll
2013-09-29 10:41 . 2013-05-04 04:57 247296 ----a-w- c:\windows\SysWow64\ubpm.dll
2013-09-29 10:41 . 2013-05-04 04:56 309760 ----a-w- c:\windows\SysWow64\BCP47Langs.dll
2013-09-29 10:41 . 2013-05-04 06:57 820736 ----a-w- c:\windows\system32\gpprefcl.dll
2013-09-29 10:35 . 2013-06-01 11:26 6987008 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-09-29 10:24 . 2013-05-15 02:25 888320 ----a-w- c:\windows\system32\autochk.exe
2013-09-29 10:24 . 2013-05-15 02:25 542208 ----a-w- c:\windows\system32\untfs.dll
2013-09-29 10:24 . 2013-05-15 02:24 793088 ----a-w- c:\windows\SysWow64\autochk.exe
2013-09-29 10:24 . 2013-05-15 02:24 482816 ----a-w- c:\windows\SysWow64\untfs.dll
2013-09-29 10:14 . 2013-06-16 22:41 997632 ----a-w- c:\windows\system32\drivers\ndis.sys
2013-09-29 10:04 . 2013-05-30 23:24 1257472 ----a-w- c:\windows\system32\kernel32.dll
2013-09-29 09:15 . 2013-08-16 05:22 4917760 ----a-w- c:\windows\system32\sppsvc.exe
2013-09-29 00:38 . 2013-04-10 22:35 2035200 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\InkObj.dll
2013-09-29 00:38 . 2013-04-10 22:35 1272320 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2013-09-29 00:38 . 2013-04-10 22:35 1617920 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2013-09-29 00:38 . 2013-04-10 22:35 1318912 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2013-09-29 00:38 . 2013-04-10 22:35 1306112 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2013-09-29 00:38 . 2013-04-11 04:12 1029632 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Ink\journal.dll
2013-09-29 00:38 . 2013-04-11 04:12 1413632 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Ink\InkObj.dll
2013-09-29 00:36 . 2013-04-16 02:34 1455368 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-09-29 00:18 . 2013-05-23 23:02 1314816 ----a-w- c:\windows\system32\rpcrt4.dll
2013-09-29 00:18 . 2013-05-23 22:25 694272 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2013-09-29 00:14 . 2013-04-23 23:13 1013248 ----a-w- c:\windows\SysWow64\certutil.exe
2013-09-29 00:14 . 2013-04-23 22:56 1255936 ----a-w- c:\windows\system32\certutil.exe
2013-09-29 00:14 . 2013-04-23 22:55 141312 ----a-w- c:\windows\system32\cryptnet.dll
2013-09-29 00:14 . 2013-04-23 23:12 109056 ----a-w- c:\windows\SysWow64\cryptnet.dll
2013-09-29 00:14 . 2013-03-02 09:59 411880 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2013-09-29 00:10 . 2013-04-11 22:22 1838080 ----a-w- c:\windows\system32\DWrite.dll
2013-09-29 00:10 . 2013-04-11 22:30 1421312 ----a-w- c:\windows\SysWow64\DWrite.dll
2013-09-29 00:10 . 2013-06-01 09:25 496640 ----a-w- c:\windows\SysWow64\qedit.dll
2013-09-29 00:10 . 2013-06-01 09:21 595968 ----a-w- c:\windows\system32\qedit.dll
2013-09-29 00:10 . 2013-03-06 07:10 112872 ----a-w- c:\windows\system32\consent.exe
2013-09-29 00:10 . 2013-03-06 06:29 70144 ----a-w- c:\windows\system32\appinfo.dll
2013-09-29 00:08 . 2013-04-27 05:20 733184 ----a-w- c:\windows\system32\win32spl.dll
2013-09-29 00:08 . 2013-05-04 06:59 2842112 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-09-29 00:08 . 2013-05-04 04:57 2620928 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2013-09-29 00:08 . 2013-07-13 06:16 1889280 ----a-w- c:\windows\system32\crypt32.dll
2013-09-29 00:08 . 2013-07-13 06:18 337408 ----a-w- c:\windows\system32\wintrust.dll
2013-09-29 00:08 . 2013-07-13 04:24 261120 ----a-w- c:\windows\SysWow64\wintrust.dll
2013-09-29 00:08 . 2013-07-13 04:23 1568256 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-09-29 00:08 . 2013-07-13 06:16 68096 ----a-w- c:\windows\system32\cryptsvc.dll
2013-09-29 00:08 . 2013-07-13 06:15 98304 ----a-w- c:\windows\system32\apprepsync.dll
2013-09-29 00:08 . 2013-07-13 06:15 124416 ----a-w- c:\windows\system32\apprepapi.dll
2013-09-29 00:08 . 2013-07-13 04:23 87040 ----a-w- c:\windows\SysWow64\apprepapi.dll
2013-09-29 00:08 . 2013-07-13 04:23 74240 ----a-w- c:\windows\SysWow64\apprepsync.dll
2013-09-29 00:03 . 2013-03-15 00:17 861184 ----a-w- c:\windows\system32\drivers\http.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-10 00:38 . 2012-12-13 12:48 80541720 ----a-w- c:\windows\system32\MRT.exe
2013-08-12 23:10 . 2013-08-12 23:10 42184 ----a-w- c:\windows\system32\drivers\taphss6.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1EldosIconOverlay]
@="{746335FC-76B0-48CE-9F62-6E8E8510C19D}"
[HKEY_CLASSES_ROOT\CLSID\{746335FC-76B0-48CE-9F62-6E8E8510C19D}]
2012-04-09 15:27 158224 ----a-w- c:\windows\SysWOW64\CbFsMntNtf3.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19 94208 ----a-w- c:\users\Frederick\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19 94208 ----a-w- c:\users\Frederick\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19 94208 ----a-w- c:\users\Frederick\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EldosIconOverlay]
@="{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}"
[HKEY_CLASSES_ROOT\CLSID\{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}]
2012-04-09 15:27 158224 ----a-w- c:\windows\SysWOW64\CbFsMntNtf3.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BrowserChoice"="c:\windows\BrowserChoice\browserchoice.exe" [2012-08-15 86696]
"SugarSync"="c:\program files (x86)\SugarSync\SugarSyncManager.exe" [2012-09-21 10855544]
"SandboxieControl"="c:\program files\Sandboxie\SbieCtrl.exe" [2012-08-25 765200]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
"BlueStacks Agent"="c:\program files (x86)\BlueStacks\HD-Agent.exe" [2013-06-10 601928]
.
c:\users\Frederick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Frederick\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-8-27 26924984]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\StartUp\
Spyder3Utility.lnk - c:\program files (x86)\Datacolor\Spyder3Pro\Utility\Spyder3Utility.exe [2010-7-27 7667970]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"PromptOnSecureDesktop"= 0 (0x0)
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
.
R2 BstHdAndroidSvc;BlueStacks Android Service;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
R3 Spyder3;Datacolor Spyder3;c:\windows\System32\drivers\Spyder3.sys;c:\windows\SYSNATIVE\drivers\Spyder3.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]
R3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 cbfs3;cbfs3;c:\windows\system32\drivers\cbfs3.sys;c:\windows\SYSNATIVE\drivers\cbfs3.sys [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 BstHdDrv;BlueStacks Hypervisor;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [x]
S2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe [x]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
S3 BazisVirtualCDBus;WinCDEmu Virtual Bus Driver;c:\windows\System32\drivers\BazisVirtualCDBus.sys;c:\windows\SYSNATIVE\drivers\BazisVirtualCDBus.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\l1c51x64.sys;c:\windows\SYSNATIVE\DRIVERS\l1c51x64.sys [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2013-10-26 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-02 17:10]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\0WualaOverlayIcon1]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2012-05-02 12:10 1721856 ----a-w- c:\program files (x86)\Wuala OverlayIcons\OverlayIcon.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\0WualaOverlayIcon2]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2012-05-02 12:10 1721856 ----a-w- c:\program files (x86)\Wuala OverlayIcons\OverlayIcon.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\0WualaOverlayIcon3]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2012-05-02 12:10 1721856 ----a-w- c:\program files (x86)\Wuala OverlayIcons\OverlayIcon.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\0WualaOverlayIcon4]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2012-05-02 12:10 1721856 ----a-w- c:\program files (x86)\Wuala OverlayIcons\OverlayIcon.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1EldosIconOverlay]
@="{746335FC-76B0-48CE-9F62-6E8E8510C19D}"
[HKEY_CLASSES_ROOT\CLSID\{746335FC-76B0-48CE-9F62-6E8E8510C19D}]
2012-04-09 15:27 190480 ----a-w- c:\windows\System32\CbFsMntNtf3.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19 97792 ----a-w- c:\users\Frederick\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19 97792 ----a-w- c:\users\Frederick\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19 97792 ----a-w- c:\users\Frederick\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19 97792 ----a-w- c:\users\Frederick\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EldosIconOverlay]
@="{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}"
[HKEY_CLASSES_ROOT\CLSID\{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}]
2012-04-09 15:27 190480 ----a-w- c:\windows\System32\CbFsMntNtf3.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncBackedUp]
@="{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}"
[HKEY_CLASSES_ROOT\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}]
2012-09-21 17:40 480888 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncPending]
@="{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}"
[HKEY_CLASSES_ROOT\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}]
2012-09-21 17:40 480888 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncRoot]
@="{A759AFF6-5851-457D-A540-F4ECED148351}"
[HKEY_CLASSES_ROOT\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351}]
2012-09-21 17:40 480888 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncShared]
@="{1574C9EF-7D58-488F-B358-8B78C1538F51}"
[HKEY_CLASSES_ROOT\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51}]
2012-09-21 17:40 480888 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-08-03 170304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-08-03 398656]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-08-03 440640]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{64A788D3-9F37-48EC-BA73-3301B5B1328C}: NameServer = 208.67.220.220,208.67.220.222
TCP: Interfaces\{64A788D3-9F37-48EC-BA73-3301B5B1328C}\4505D2C494E4B4F5337313839303: NameServer = 208.67.220.220,208.67.220.222
TCP: Interfaces\{64A788D3-9F37-48EC-BA73-3301B5B1328C}\E616679646: NameServer = 208.67.220.220,208.67.220.222
TCP: Interfaces\{64A788D3-9F37-48EC-BA73-3301B5B1328C}\E633F6: NameServer = 208.67.220.220,208.67.220.222
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\BlueStacks]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
Completion time: 2013-10-26 23:19:15
ComboFix-quarantined-files.txt 2013-10-26 19:49
.
Pre-Run: 4,817,797,120 bytes free
Post-Run: 7,341,051,904 bytes free
.
- - End Of File - - 71066D4EAEDC40B6B4CC5047E03E4482
5FB38429D5D77768867C76DCBDB35194
|
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
SecurityCheck und:
