Sry markus wegen die beiden vorherigen Post :(
Ich hatte ein Gefühl das zerstört mein Laptop!
Aber es ist nichts passiert!
Hier ist der schöne Log!
Combofix Logfile: Code:
ComboFix 13-06-15.01 - Timm 15.06.2013 18:49:42.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.3561.2513 [GMT 2:00]
ausgeführt von:: c:\users\Timm\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\windows\IsUn0407.exe
c:\windows\SysWow64\frapsvid.dll
c:\windows\XSxS
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-05-15 bis 2013-06-15 ))))))))))))))))))))))))))))))
.
.
2013-06-14 17:56 . 2013-06-14 18:06 -------- d-----w- C:\_OTL
2013-06-12 19:23 . 2013-05-17 01:25 817664 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2013-06-12 19:23 . 2013-05-17 00:58 1084928 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-06-12 19:23 . 2013-05-17 00:58 53248 ----a-w- c:\windows\system32\jsproxy.dll
2013-06-12 19:23 . 2013-05-17 01:25 1767936 ----a-w- c:\windows\SysWow64\wininet.dll
2013-06-12 19:23 . 2013-05-17 00:59 2241024 ----a-w- c:\windows\system32\wininet.dll
2013-06-12 19:23 . 2013-05-17 00:58 15404544 ----a-w- c:\windows\system32\ieframe.dll
2013-06-12 19:23 . 2013-05-17 00:58 19233792 ----a-w- c:\windows\system32\mshtml.dll
2013-06-12 17:53 . 2013-05-08 06:39 1910632 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-06-10 16:20 . 2013-06-10 16:21 -------- d-----w- c:\program files (x86)\Starship Corporation
2013-06-10 15:48 . 2013-06-14 17:56 -------- d-----w- c:\users\Timm\AppData\Roaming\Leky
2013-06-09 19:02 . 2013-06-12 18:15 -------- d-----w- c:\program files (x86)\Kebarl Space Program
2013-06-03 15:13 . 2013-06-03 15:33 -------- d-----w- c:\windows\SysWow64\Adobe
2013-05-29 12:12 . 2013-05-29 12:12 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-05-26 14:23 . 2013-05-26 14:23 -------- d-----w- c:\program files (x86)\7-Zip
2013-05-23 19:26 . 2013-05-23 19:26 -------- d-----w- c:\windows\SysWow64\BrowserProtect
2013-05-23 06:02 . 2013-05-23 06:02 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi
2013-05-20 07:21 . 2013-05-20 07:21 -------- d-----w- c:\users\Bugla\AppData\Roaming\Thunderbird
2013-05-20 07:21 . 2013-05-20 07:21 -------- d-----w- c:\users\Bugla\AppData\Local\Thunderbird
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-12 19:24 . 2012-05-03 12:25 75825640 ----a-w- c:\windows\system32\MRT.exe
2013-06-12 18:48 . 2012-04-30 15:07 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-06-12 18:48 . 2011-10-14 20:00 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-17 13:41 . 2011-03-28 16:36 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-02 09:23 . 2013-05-02 09:23 83160 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2013-04-13 05:49 . 2013-05-15 14:22 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-15 14:22 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-15 14:22 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-15 14:22 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-15 14:22 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-15 14:22 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-04-12 14:45 . 2013-04-24 12:35 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-10 05:24 . 2013-05-15 14:14 983912 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-04-10 05:24 . 2013-05-15 14:14 265064 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2013-04-10 03:30 . 2013-05-15 14:07 3153920 ----a-w- c:\windows\system32\win32k.sys
2013-04-04 03:36 . 2012-05-04 13:39 866720 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2013-04-04 03:35 . 2012-05-04 13:39 788896 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-04-02 19:35 . 2013-04-02 19:35 719360 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-04-02 19:35 . 2013-04-02 19:35 523264 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-04-02 19:35 . 2013-04-02 19:35 226304 ----a-w- c:\windows\system32\elshyph.dll
2013-04-02 19:35 . 2013-04-02 19:35 185344 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-04-02 19:35 . 2013-04-02 19:35 158720 ----a-w- c:\windows\SysWow64\msls31.dll
2013-04-02 19:35 . 2013-04-02 19:35 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-04-02 19:35 . 2013-04-02 19:35 138752 ----a-w- c:\windows\SysWow64\wextract.exe
2013-04-02 19:35 . 2013-04-02 19:35 1054720 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-04-02 19:35 . 2013-04-02 19:35 73728 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-04-02 19:35 . 2013-04-02 19:35 61952 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-04-02 19:35 . 2013-04-02 19:35 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-04-02 19:35 . 2013-04-02 19:35 38400 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-04-02 19:35 . 2013-04-02 19:35 361984 ----a-w- c:\windows\SysWow64\html.iec
2013-04-02 19:35 . 2013-04-02 19:35 137216 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-04-02 19:35 . 2013-04-02 19:35 12800 ----a-w- c:\windows\SysWow64\mshta.exe
2013-04-02 19:35 . 2013-04-02 19:35 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-04-02 19:35 . 2013-04-02 19:35 97280 ----a-w- c:\windows\system32\mshtmled.dll
2013-04-02 19:35 . 2013-04-02 19:35 905728 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-04-02 19:35 . 2013-04-02 19:35 81408 ----a-w- c:\windows\system32\icardie.dll
2013-04-02 19:35 . 2013-04-02 19:35 762368 ----a-w- c:\windows\system32\ieapfltr.dll
2013-04-02 19:35 . 2013-04-02 19:35 599552 ----a-w- c:\windows\system32\vbscript.dll
2013-04-02 19:35 . 2013-04-02 19:35 452096 ----a-w- c:\windows\system32\dxtmsft.dll
2013-04-02 19:35 . 2013-04-02 19:35 441856 ----a-w- c:\windows\system32\html.iec
2013-04-02 19:35 . 2013-04-02 19:35 281600 ----a-w- c:\windows\system32\dxtrans.dll
2013-04-02 19:35 . 2013-04-02 19:35 27648 ----a-w- c:\windows\system32\licmgr10.dll
2013-04-02 19:35 . 2013-04-02 19:35 270848 ----a-w- c:\windows\system32\iedkcs32.dll
2013-04-02 19:35 . 2013-04-02 19:35 247296 ----a-w- c:\windows\system32\webcheck.dll
2013-04-02 19:35 . 2013-04-02 19:35 235008 ----a-w- c:\windows\system32\url.dll
2013-04-02 19:35 . 2013-04-02 19:35 23040 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-04-02 19:35 . 2013-04-02 19:35 216064 ----a-w- c:\windows\system32\msls31.dll
2013-04-02 19:35 . 2013-04-02 19:35 197120 ----a-w- c:\windows\system32\msrating.dll
2013-04-02 19:35 . 2013-04-02 19:35 173568 ----a-w- c:\windows\system32\ieUnatt.exe
2013-04-02 19:35 . 2013-04-02 19:35 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-04-02 19:35 . 2013-04-02 19:35 1509376 ----a-w- c:\windows\system32\inetcpl.cpl
2013-04-02 19:35 . 2013-04-02 19:35 144896 ----a-w- c:\windows\system32\wextract.exe
2013-04-02 19:35 . 2013-04-02 19:35 1441280 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2013-04-02 19:35 . 2013-04-02 19:35 1400416 ----a-w- c:\windows\system32\ieapfltr.dat
2013-04-02 19:35 . 2013-04-02 19:35 102912 ----a-w- c:\windows\system32\inseng.dll
2013-04-02 19:35 . 2013-04-02 19:35 92160 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-04-02 19:35 . 2013-04-02 19:35 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-04-02 19:35 . 2013-04-02 19:35 62976 ----a-w- c:\windows\system32\pngfilt.dll
2013-04-02 19:35 . 2013-04-02 19:35 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-04-02 19:35 . 2013-04-02 19:35 51200 ----a-w- c:\windows\system32\imgutil.dll
2013-04-02 19:35 . 2013-04-02 19:35 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-04-02 19:35 . 2013-04-02 19:35 149504 ----a-w- c:\windows\system32\occache.dll
2013-04-02 19:35 . 2013-04-02 19:35 13824 ----a-w- c:\windows\system32\mshta.exe
2013-04-02 19:35 . 2013-04-02 19:35 136192 ----a-w- c:\windows\system32\iepeers.dll
2013-04-02 19:35 . 2013-04-02 19:35 135680 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-04-02 19:35 . 2013-04-02 19:35 12800 ----a-w- c:\windows\system32\msfeedssync.exe
2013-03-27 12:39 . 2013-03-27 12:39 466456 ----a-w- c:\windows\system32\wrap_oal.dll
2013-03-27 12:39 . 2013-03-27 12:39 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2013-03-27 12:39 . 2013-03-27 12:39 122904 ----a-w- c:\windows\system32\OpenAL32.dll
2013-03-27 12:39 . 2013-03-27 12:39 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2013-03-21 12:27 . 2013-03-21 12:27 28600 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2013-03-21 12:27 . 2013-03-21 12:27 130016 ----a-w- c:\windows\system32\drivers\avipbb.sys
2013-03-21 12:27 . 2013-03-21 12:27 100712 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2013-03-19 06:04 . 2013-04-10 13:47 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-19 05:53 . 2013-05-15 14:07 48640 ----a-w- c:\windows\system32\wwanprotdim.dll
2013-03-19 05:53 . 2013-05-15 14:07 230400 ----a-w- c:\windows\system32\wwansvc.dll
2013-03-19 05:46 . 2013-04-10 13:47 43520 ----a-w- c:\windows\system32\csrsrv.dll
2013-03-19 05:04 . 2013-04-10 13:47 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04 . 2013-04-10 13:47 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47 . 2013-04-10 13:47 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2013-03-19 03:06 . 2013-04-10 13:47 112640 ----a-w- c:\windows\system32\smss.exe
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}]
2013-01-23 12:24 247704 ----a-w- c:\program files (x86)\Delta\delta\1.8.10.0\bh\delta.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{82E1477C-B154-48D3-9891-33D83C26BCD3}"= "c:\program files (x86)\Delta\delta\1.8.10.0\deltaTlbr.dll" [2013-01-23 321944]
.
[HKEY_CLASSES_ROOT\clsid\{82e1477c-b154-48d3-9891-33d83c26bcd3}]
[HKEY_CLASSES_ROOT\delta.deltadskBnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}]
[HKEY_CLASSES_ROOT\delta.deltadskBnd]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Raptr"="c:\progra~2\Raptr\raptrstub.exe" [2013-03-22 55360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-09-28 343168]
"HPQuickWebProxy"="c:\program files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe" [2011-10-08 169528]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"HPOSD"="c:\program files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe" [2011-08-19 379960]
"Easybits Recovery"="c:\program files (x86)\EasyBits For Kids\ezRecover.exe" [2011-09-15 61112]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-05-02 345312]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-10-11 59280]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2013-05-15 2255184]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2012-03-05 578944]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~3\browse~1\261339~1.144\{c16c1~1\browse~1.dll c:\progra~3\browse~1\261339~1.144\{c16c1~1\browserprotect.dll
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
R2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Freemake Improver;Freemake Improver;c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe;c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [x]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 X6va008;X6va008;c:\windows\SysWOW64\Drivers\X6va008;c:\windows\SysWOW64\Drivers\X6va008 [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 BrowserProtect;BrowserProtect;c:\programdata\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe;c:\programdata\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe;c:\windows\SYSNATIVE\ezSharedSvcHost.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [x]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [x]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [x]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S2 ogmservice;Online Games Manager;c:\program files (x86)\Online Games Manager\ogmservice.exe;c:\program files (x86)\Online Games Manager\ogmservice.exe [x]
S2 SearchAnonymizer;SearchAnonymizer;c:\users\Timm\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe;c:\users\Timm\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 SpyroService;Spyro Portal Service;c:\program files (x86)\FS\Spyro Portal\FlashPortal.exe;c:\program files (x86)\FS\Spyro Portal\FlashPortal.exe [x]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;c:\windows\system32\DRIVERS\rtl8192Ce.sys;c:\windows\SYSNATIVE\DRIVERS\rtl8192Ce.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2013-06-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-30 18:48]
.
2013-06-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-04 19:14]
.
2013-06-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-04 19:14]
.
2013-06-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2434292891-1991117707-1313040686-1002Core.job
- c:\users\Timm\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-30 17:21]
.
2013-06-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2434292891-1991117707-1313040686-1002UA.job
- c:\users\Timm\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-30 17:21]
.
2013-06-05 c:\windows\Tasks\HPCeeScheduleForTimm.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 02:43]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-05-27 1128448]
"SetDefault"="c:\program files\Hewlett-Packard\HP LaunchBox\SetDefault.exe" [2011-09-30 43320]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]
"Ocs_SM"="c:\users\Timm\AppData\Roaming\OCS\SM\SearchAnonymizer.exe" [2013-03-22 106496]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.delta-search.com/?affID=119828&babsrc=HP_ss&mntrId=BCAC20107A25638E
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM_Wow6432Node-ActiveSetup-{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} - msiexec
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Cheat Engine 6.2_is1 - c:\users\Timm\Desktop\Cheategine\Cheat Engine 6.2\unins000.exe
AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe
AddRemove-S4Uninst - c:\windows\IsUn0407.exe
AddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - c:\program files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va008]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va008"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-2434292891-1991117707-1313040686-1002\Software\SecuROM\License information*]
"datasecu"=hex:c7,cb,3b,8f,ae,ce,b1,6d,0d,ac,21,41,e4,31,f6,52,34,35,e8,d8,55,
00,1d,47,db,bb,47,7e,8b,8b,55,29,50,a4,6b,e1,c8,a8,2b,ef,69,ad,4e,54,41,56,\
"rkeysecu"=hex:64,b6,bd,e1,3e,80,9e,c4,40,b4,90,83,87,8e,33,49
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-06-15 19:05:28
ComboFix-quarantined-files.txt 2013-06-15 17:05
.
Vor Suchlauf: 14 Verzeichnis(se), 306.093.555.712 Bytes frei
Nach Suchlauf: 22 Verzeichnis(se), 305.688.674.304 Bytes frei
.
- - End Of File - - 1DC7CBC9FBA588D0FE49599BDEE9966A
--- --- ---
A36C5E4F47E84449FF07ED3517B43A31
[/QUOTE] |
TDSSKiller.exe und speichere diese Datei auf dem Desktop
Textbox. 
WARNUNG an die MITLESER: