Hallo,
ich habe Avast noch mal scannen lassen.
Nun hat er zwei PDF Dateien als Virus erkannt.
Ich werde gleich das andere noch mal laufen lassen.
Hier ist der Log von ComboFix: Code:
ComboFix 13-11-16.01 - Stephan 16.11.2013 12:56:18.1.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.6092.3782 [GMT 1:00]
ausgeführt von:: c:\users\Stephan\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Stephan\AppData\Roaming\Microsoft\~DFK237436.tmp
c:\users\Stephan\AppData\Roaming\Microsoft\bass.dll
c:\users\Stephan\AppData\Roaming\Microsoft\engine_vx.dll
c:\users\Stephan\AppData\Roaming\Microsoft\kfgresk.dll
c:\users\Stephan\AppData\Roaming\Microsoft\peaadje.dll
c:\users\Stephan\AppData\Roaming\Microsoft\qwadjb.dll
c:\users\Stephan\AppData\Roaming\Microsoft\rsaadjd.dll
c:\users\Stephan\BIT6F3B.tmp
c:\windows\SysWow64\DEBUG.log
c:\windows\SysWow64\FlashPlayerApp.exe
c:\windows\SysWow64\tmpBCBF.tmp
c:\windows\SysWow64\tmpBCEE.tmp
c:\windows\wininit.ini
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-10-16 bis 2013-11-16 ))))))))))))))))))))))))))))))
.
.
2013-11-15 15:05 . 2013-11-15 15:05 -------- d-----w- C:\FRST
2013-11-14 19:32 . 2013-11-14 20:07 -------- d-----w- c:\users\Stephan\VirtualBox VMs
2013-11-14 19:20 . 2013-11-15 16:14 -------- d-----w- c:\users\Stephan\.VirtualBox
2013-11-14 19:20 . 2013-11-01 14:13 252688 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2013-11-14 19:20 . 2013-11-01 14:10 126736 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2013-11-14 15:50 . 2013-11-14 18:13 -------- d---a-w- C:\Kaspersky Rescue Disk 10.0
2013-11-13 19:53 . 2013-11-13 19:53 -------- d-----w- c:\programdata\ATI
2013-11-13 19:50 . 2013-11-13 19:50 0 ----a-w- c:\windows\ativpsrm.bin
2013-11-13 19:48 . 2013-11-13 19:48 -------- d-----w- c:\program files (x86)\AMD AVT
2013-11-13 19:48 . 2013-11-13 19:48 -------- d-----w- c:\program files (x86)\Common Files\ATI Technologies
2013-11-13 19:46 . 2013-11-13 19:46 -------- d-----w- c:\program files\Common Files\ATI Technologies
2013-11-13 19:45 . 2013-11-13 19:48 -------- d-----w- c:\program files (x86)\ATI Technologies
2013-11-13 19:44 . 2013-11-13 19:44 -------- d-----w- c:\program files\ATI
2013-11-13 19:44 . 2013-11-13 19:48 -------- d-----w- c:\program files\ATI Technologies
2013-11-13 17:31 . 2013-11-13 18:13 -------- d-----w- C:\Intel
2013-11-13 13:15 . 2013-10-13 14:36 96768 ----a-w- c:\windows\system32\mshtmled.dll
2013-11-13 13:15 . 2013-10-13 14:35 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2013-11-13 13:15 . 2013-10-13 10:49 149744 ----a-w- c:\program files (x86)\Internet Explorer\sqmapi.dll
2013-11-13 13:15 . 2013-10-13 09:25 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-11-13 13:11 . 2013-09-25 02:23 1030144 ----a-w- c:\windows\system32\TSWorkspace.dll
2013-11-10 13:29 . 2013-11-10 13:33 -------- d-----w- C:\AdwCleaner
2013-11-09 13:11 . 2013-11-09 13:13 -------- d-----w- c:\program files\Core Temp
2013-11-09 12:11 . 2013-11-09 12:11 -------- d-----w- c:\users\Stephan\AppData\Roaming\CyberLink
2013-11-08 15:23 . 2013-11-08 15:23 -------- d-----w- C:\dcboot
2013-11-08 15:23 . 2013-11-08 15:23 -------- d-----w- C:\Sources
2013-11-08 15:23 . 2013-11-08 15:23 -------- d-----w- c:\programdata\Farstone
2013-11-08 15:23 . 2013-11-08 15:23 -------- d-----w- c:\program files (x86)\FarStone Total Recovery
2013-11-08 14:59 . 2013-11-08 14:59 -------- d-----w- c:\users\Stephan\AppData\Local\fontconfig
2013-11-04 16:24 . 2013-08-22 17:09 256088 ----a-w- c:\windows\system32\unrar64.dll
2013-11-04 16:24 . 2013-11-04 16:24 -------- d-----w- c:\program files (x86)\K-Lite Codec Pack
2013-11-02 10:44 . 2013-11-02 10:44 -------- d-----w- c:\program files\Common Files\Sony Shared
2013-11-02 10:44 . 2013-11-02 10:44 -------- d-----w- c:\program files (x86)\Common Files\Sony Shared
2013-11-02 09:33 . 2013-11-02 09:33 -------- d-----w- c:\users\Stephan\AppData\Roaming\No Company Name
2013-11-01 14:10 . 2013-11-01 14:10 154896 ----a-w- c:\windows\system32\drivers\VBoxNetFlt.sys
2013-11-01 14:10 . 2013-11-01 14:10 140560 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
2013-11-01 14:07 . 2013-11-01 14:07 204048 ----a-w- c:\windows\system32\VBoxNetFltNobj.dll
2013-10-27 14:59 . 2013-10-27 14:59 -------- d-----w- c:\program files (x86)\Paragon Software
2013-10-26 19:37 . 2013-10-26 19:37 -------- d-----w- c:\users\Stephan\AppData\Local\stellarium
2013-10-26 16:05 . 2013-10-26 16:05 -------- d-----w- c:\program files\IDT
2013-10-26 12:11 . 2013-10-26 12:11 -------- d-----w- c:\users\Stephan\AppData\Local\AlbumArtDownloader
2013-10-26 12:10 . 2013-10-26 12:10 -------- d-----w- c:\program files\AlbumArtDownloader
2013-10-26 11:59 . 2013-10-26 11:59 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
2013-10-26 11:59 . 2013-10-26 11:59 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
2013-10-26 11:59 . 2013-10-26 11:59 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
2013-10-26 11:59 . 2013-10-26 11:59 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
2013-10-26 11:59 . 2013-10-26 11:59 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin.dll
2013-10-26 11:58 . 2013-10-26 11:59 -------- d-----w- c:\program files (x86)\QuickTime
2013-10-26 11:58 . 2013-10-26 11:58 -------- d-----w- c:\program files (x86)\Common Files\Apple
2013-10-26 11:57 . 2013-10-26 11:57 -------- d-----w- c:\program files (x86)\Apple Software Update
2013-10-26 11:57 . 2013-10-26 11:57 -------- d-----w- c:\programdata\Apple
2013-10-24 12:17 . 2013-10-24 12:17 -------- d-----w- c:\program files (x86)\Auslogics
2013-10-23 12:30 . 2013-10-11 12:59 38200 ----a-w- c:\windows\system32\uxtuneup.dll
2013-10-23 12:30 . 2013-10-11 12:59 30520 ----a-w- c:\windows\SysWow64\uxtuneup.dll
2013-10-20 12:11 . 2013-10-20 12:11 -------- d-----w- c:\program files (x86)\HD Tune
2013-10-20 10:53 . 2011-06-02 03:11 528384 ----a-w- c:\windows\system32\drivers\stwrt64.sys
2013-10-20 10:53 . 2011-06-02 03:11 654336 ------w- c:\windows\system32\stapi64.dll
2013-10-20 10:53 . 2011-06-02 03:11 431616 ----a-w- c:\windows\system32\stcplx64.dll
2013-10-20 10:53 . 2011-06-02 03:11 1965056 ----a-w- c:\windows\system32\stapo64.dll
2013-10-19 12:58 . 2010-04-01 12:11 162304 ----a-w- c:\windows\system32\AESTAC64.dll
2013-10-19 12:58 . 2009-10-09 22:45 442368 ----a-w- c:\windows\system32\AESTEC64.dll
2013-10-19 12:58 . 2009-03-02 23:58 68608 ----a-w- c:\windows\system32\AESTAR64.dll
2013-10-19 12:58 . 2011-05-02 12:27 3308376 ----a-w- c:\windows\system32\EEP64A.dll
2013-10-19 12:58 . 2011-05-02 12:27 118104 ----a-w- c:\windows\system32\EEA64A.dll
2013-10-19 12:58 . 2011-03-07 21:25 74072 ------w- c:\windows\system32\EEG64A.dll
2013-10-19 12:58 . 2011-03-07 21:25 426328 ------w- c:\windows\system32\EED64A.dll
2013-10-19 12:58 . 2011-03-07 21:25 136024 ------w- c:\windows\system32\EEL64A.dll
2013-10-19 12:58 . 2011-06-02 03:11 1523712 ----a-w- c:\windows\system32\IDTNC64.cpl
2013-10-19 12:58 . 2011-06-02 03:11 1128448 ----a-w- c:\windows\sttray64.exe
2013-10-19 12:58 . 2009-03-02 23:47 90624 ----a-w- c:\windows\system32\AESTCo64.dll
2013-10-19 12:58 . 2011-06-02 03:11 4779520 ----a-w- c:\windows\system32\stlang64.dll
2013-10-18 13:45 . 2013-10-20 11:11 -------- d-----w- C:\SWSetup
2013-10-17 12:04 . 2013-10-17 12:04 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-15 16:09 . 2013-02-19 16:18 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-11-13 13:12 . 2013-02-19 15:21 82896128 ----a-w- c:\windows\system32\MRT.exe
2013-11-12 12:51 . 2013-09-17 20:17 38984 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-11-12 12:51 . 2013-09-17 20:17 65264 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-11-12 12:51 . 2013-09-17 20:17 1032416 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-11-12 12:51 . 2013-09-17 20:17 84328 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-11-12 12:51 . 2013-09-17 20:17 43152 ----a-w- c:\windows\avastSS.scr
2013-11-12 12:51 . 2013-02-19 13:17 334648 ----a-w- c:\windows\system32\aswBoot.exe
2013-11-07 12:42 . 2013-09-17 20:17 409832 ----a-w- c:\windows\system32\drivers\aswsp.sys
2013-10-16 18:50 . 2013-09-17 20:17 205320 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-10-16 18:50 . 2013-09-17 20:17 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-10-16 18:50 . 2013-09-17 20:17 92544 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-10-14 17:00 . 2013-05-09 09:49 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2013-10-11 12:59 . 2013-02-19 18:22 35640 ----a-w- c:\windows\system32\TURegOpt.exe
2013-10-11 12:59 . 2013-02-19 18:22 26936 ----a-w- c:\windows\system32\authuitu.dll
2013-10-11 12:59 . 2013-02-19 18:22 22328 ----a-w- c:\windows\SysWow64\authuitu.dll
2013-10-07 20:07 . 2013-10-07 20:07 466456 ----a-w- c:\windows\system32\wrap_oal.dll
2013-10-07 20:07 . 2013-10-07 20:07 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2013-10-07 20:07 . 2013-10-07 20:07 121880 ----a-w- c:\windows\system32\OpenAL32.dll
2013-10-07 20:07 . 2013-10-07 20:07 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2013-09-30 15:59 . 2013-09-30 15:59 883928 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2013-09-30 15:59 . 2013-09-30 15:59 74456 ----a-w- c:\windows\system32\RtNicProp64.dll
2013-09-30 15:59 . 2013-02-18 21:19 108760 ----a-w- c:\windows\system32\RTNUninst64.dll
2013-09-10 13:20 . 2013-09-03 10:04 893552 ----a-w- c:\programdata\Microsoft\ehome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2013-09-10 13:20 . 2013-09-05 10:45 42776 ----a-w- c:\programdata\Microsoft\ehome\Packages\MCEClientUX\dSM-2\StartResources.dll
2013-09-09 17:59 . 2013-09-03 10:03 42776 ----a-w- c:\programdata\Microsoft\ehome\Packages\MCEClientUX\dSM\StartResources.dll
2013-09-08 02:30 . 2013-10-09 12:23 1903552 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-09-08 02:27 . 2013-10-09 12:23 327168 ----a-w- c:\windows\system32\mswsock.dll
2013-09-08 02:03 . 2013-10-09 12:23 231424 ----a-w- c:\windows\SysWow64\mswsock.dll
2013-09-05 10:45 . 2013-09-05 10:45 893552 ----a-w- c:\programdata\Microsoft\ehome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2013-09-04 12:12 . 2013-10-09 12:23 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2013-09-04 12:11 . 2013-10-09 12:23 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-09-04 12:11 . 2013-10-09 12:23 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-09-04 12:11 . 2013-10-09 12:23 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2013-09-04 12:11 . 2013-10-09 12:23 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2013-09-04 12:11 . 2013-10-09 12:23 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2013-09-04 12:11 . 2013-10-09 12:23 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
2013-09-04 12:01 . 2013-09-04 12:01 652344 ----a-w- c:\windows\system32\drivers\iaStorA.sys
2013-09-04 12:01 . 2013-09-04 12:01 28216 ----a-w- c:\windows\system32\drivers\iaStorF.sys
2013-09-03 16:03 . 2013-09-03 16:03 1093032 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-09-03 16:03 . 2011-06-21 10:16 972712 ----a-w- c:\windows\system32\deployJava1.dll
2013-09-03 09:01 . 2013-09-03 09:01 1236816 ----a-w- c:\programdata\Microsoft\ehome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2013-08-29 02:17 . 2013-10-09 12:23 5549504 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-08-29 02:16 . 2013-10-09 12:23 1732032 ----a-w- c:\windows\system32\ntdll.dll
2013-08-29 02:16 . 2013-10-09 12:23 243712 ----a-w- c:\windows\system32\wow64.dll
2013-08-29 02:16 . 2013-10-09 12:23 859648 ----a-w- c:\windows\system32\tdh.dll
2013-08-29 02:13 . 2013-10-09 12:23 878080 ----a-w- c:\windows\system32\advapi32.dll
2013-08-29 01:51 . 2013-10-09 12:23 3969472 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-08-29 01:51 . 2013-10-09 12:23 3914176 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-08-29 01:50 . 2013-10-09 12:23 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-08-29 01:50 . 2013-10-09 12:23 1292192 ----a-w- c:\windows\SysWow64\ntdll.dll
2013-08-29 01:50 . 2013-10-09 12:23 619520 ----a-w- c:\windows\SysWow64\tdh.dll
2013-08-29 01:48 . 2013-10-09 12:23 640512 ----a-w- c:\windows\SysWow64\advapi32.dll
2013-08-29 01:48 . 2013-10-09 12:23 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-08-29 00:49 . 2013-10-09 12:23 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-08-29 00:49 . 2013-10-09 12:23 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-08-29 00:49 . 2013-10-09 12:23 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-08-29 00:49 . 2013-10-09 12:23 2048 ----a-w- c:\windows\SysWow64\user.exe
2013-08-28 01:21 . 2013-10-09 12:23 3155968 ----a-w- c:\windows\system32\win32k.sys
2013-08-28 01:12 . 2013-10-09 12:23 461312 ----a-w- c:\windows\system32\scavengeui.dll
2013-08-22 17:09 . 2013-03-25 11:52 217176 ----a-w- c:\windows\SysWow64\unrar.dll
2013-08-20 05:02 . 2013-08-20 05:02 708168 ----a-w- c:\windows\system32\WinUSBCoInstaller.dll
2013-08-20 05:02 . 2013-08-20 05:02 1490656 ----a-w- c:\windows\system32\WdfCoInstaller01007.dll
2013-08-20 05:02 . 2013-08-20 05:02 204568 ----a-w- c:\windows\system32\drivers\ssudmdm.sys
2013-08-20 05:02 . 2013-08-20 05:02 103576 ----a-w- c:\windows\system32\drivers\ssudbus.sys
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Stephan\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Stephan\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Stephan\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"Spotify Web Helper"="c:\users\Stephan\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2013-11-15 1168896]
"KiesAirMessage"="c:\program files (x86)\Samsung\Kies\KiesAirMessage.exe" [2013-05-22 578560]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2013-11-12 3568312]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-05-20 284440]
"HPOSD"="c:\program files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe" [2011-08-19 379960]
"PMBVolumeWatcher"="c:\program files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe" [2013-10-29 2359832]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2013-10-28 311152]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2013-06-04 676608]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
c:\users\Stephan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Stephan\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-10-10 29768376]
Ross-Tech VCDS DRV Updater-DRV.lnk - c:\ross-tech\VCDS-DRV\VCDS.exe Update [2013-9-25 1436672]
TEST.lnk - c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.exe Start Load profilename="TEST" [2012-1-25 311296]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Secunia PSI Tray.lnk - c:\program files (x86)\Secunia\PSI\psi_tray.exe [2011-10-14 291896]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime
.
R1 Uim_VIM;UIM Virtual Image Plugin;c:\windows\system32\Drivers\uim_vimx64.sys;c:\windows\SYSNATIVE\Drivers\uim_vimx64.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Freemake Improver;Freemake Improver;c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe;c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [x]
R2 Megatech-Software-Protection;Megatech-Software-Protection;c:\megatech\MProtect\MPSERV.EXE;c:\megatech\MProtect\MPSERV.EXE [x]
R3 andnetadb;ADB Interface DriverNet;c:\windows\system32\Drivers\lgandnetadb.sys;c:\windows\SYSNATIVE\Drivers\lgandnetadb.sys [x]
R3 AndNetDiag;LGE AndroidNet USB Serial Port;c:\windows\system32\DRIVERS\lgandnetdiag64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandnetdiag64.sys [x]
R3 ANDNetModem;LGE AndroidNet USB Modem;c:\windows\system32\DRIVERS\lgandnetmodem64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandnetmodem64.sys [x]
R3 andnetndis;LGE AndroidNet NDIS Ethernet Adapter;c:\windows\system32\DRIVERS\lgandnetndis64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandnetndis64.sys [x]
R3 Apowersoft_AudioDevice;Apowersoft_AudioDevice;c:\windows\system32\drivers\Apowersoft_AudioDevice.sys;c:\windows\SYSNATIVE\drivers\Apowersoft_AudioDevice.sys [x]
R3 cpuz136;cpuz136;c:\users\Stephan\AppData\Local\Temp\cpuz136\cpuz136_x64.sys;c:\users\Stephan\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\DRIVERS\lgbtpt64.sys;c:\windows\SYSNATIVE\DRIVERS\lgbtpt64.sys [x]
R3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\DRIVERS\lgbtbs64.sys;c:\windows\SYSNATIVE\DRIVERS\lgbtbs64.sys [x]
R3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\DRIVERS\lgvmdm64.sys;c:\windows\SYSNATIVE\DRIVERS\lgvmdm64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SOHDs;Sony Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 usbrndis6;USB-RNDIS6-Adapter;c:\windows\system32\DRIVERS\usb80236.sys;c:\windows\SYSNATIVE\DRIVERS\usb80236.sys [x]
R3 VBoxUSB;VirtualBox USB;c:\windows\system32\Drivers\VBoxUSB.sys;c:\windows\SYSNATIVE\Drivers\VBoxUSB.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
R4 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [x]
R4 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [x]
R4 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
R4 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe;c:\program files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxDrv.sys [x]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxUSBMon.sys [x]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe;c:\program files\IDT\WDM\AESTSr64.exe [x]
S2 aksdf;aksdf;c:\windows\system32\drivers\aksdf.sys;c:\windows\SYSNATIVE\drivers\aksdf.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys;c:\windows\SYSNATIVE\drivers\aswFsBlk.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe;c:\windows\SYSNATIVE\ezSharedSvcHost.exe [x]
S2 FBAgent;File Backup Agent;c:\program files (x86)\FarStone Total Recovery\Client\EFB\FBPAgent.exe;c:\program files (x86)\FarStone Total Recovery\Client\EFB\FBPAgent.exe [x]
S2 hasplms;Sentinel Local License Manager;c:\windows\system32\hasplms.exe -run;c:\windows\SYSNATIVE\hasplms.exe -run [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe;c:\program files (x86)\Secunia\PSI\PSIA.exe [x]
S2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe;c:\program files (x86)\Secunia\PSI\sua.exe [x]
S2 SOHDms;Sony Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [x]
S2 Tran_Process_Proc;DCNTranProc;c:\program files (x86)\FarStone Total Recovery\Client\DCNTranProc.exe;c:\program files (x86)\FarStone Total Recovery\Client\DCNTranProc.exe [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 WinRing0_1_2_0;WinRing0_1_2_0;c:\users\Stephan\AppData\Local\Microsoft\Windows Sidebar\Gadgets\IntelCoreSeries25.gadget\WinRing0x64.sys;c:\users\Stephan\AppData\Local\Microsoft\Windows Sidebar\Gadgets\IntelCoreSeries25.gadget\WinRing0x64.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x]
S3 FARMNTIO;FARMNTIO;c:\windows\system32\drivers\farmntio.sys;c:\windows\SYSNATIVE\drivers\farmntio.sys [x]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys;c:\windows\SYSNATIVE\DRIVERS\igdpmd64.sys [x]
S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys;c:\windows\SYSNATIVE\DRIVERS\psi_mf.sys [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [x]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-11-15 12:57 1210320 ----a-w- c:\program files (x86)\Google\Chrome\Application\31.0.1650.57\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-11-15 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-19 16:09]
.
2013-11-16 c:\windows\Tasks\Driver Booster Update.job
- c:\program files (x86)\IObit\Driver Booster\AutoUpdate.exe [2013-10-05 09:12]
.
2013-11-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-11-10 10:52]
.
2013-11-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-11-10 10:52]
.
2013-09-24 c:\windows\Tasks\HPCeeScheduleForHP$.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13 20:15]
.
2013-09-24 c:\windows\Tasks\HPCeeScheduleForStephan.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13 20:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-11-12 12:51 326944 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Stephan\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Stephan\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Stephan\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Stephan\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-06-02 1128448]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-12-19 172168]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-12-19 400008]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-12-19 441992]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.bing.com/?PC=BNHP
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Free YouTube to MP3 Converter - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
IE: Nach Microsoft &Excel exportieren - c:\progra~2\MICROS~1\Office10\EXCEL.EXE/3000
Trusted Zone: secunia.com\psi
TCP: DhcpNameServer = 192.168.178.1
TCP: Interfaces\{9720819D-6CC1-4216-A109-45DCF3B40DB3}: NameServer = 8.26.56.26,156.154.70.22
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Virtual Router Manager.lnk - c:\windows\Installer\{BE905C46-2B34-4D73-AEE1-769ED138E0FF}\_118D1A4EFFA6998C3492EB.exe /min
SafeBoot-61809413.sys
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-{6F44AF95-3CDE-4513-AD3F-6D45F17BF324} - c:\program files (x86)\InstallShield Installation Information\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}\setup.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_152_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_152_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_152_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_152_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_152.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_152.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_152.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_152.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Minnetonka Audio Software\SurCode Dolby Digital Premiere\Version*Version]
"Version"=hex:62,81,7d,94,45,c9,ab,ab,3d,36,66,d0,83,ad,44,5b,f6,f3,11,ef,7d,
34,eb,33,a3,f8,2c,77,59,d9,6b,49,a0,aa,7d,2b,f9,e4,e9,e2,a2,2d,f7,be,da,54,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-11-16 13:03:13
ComboFix-quarantined-files.txt 2013-11-16 12:03
.
Vor Suchlauf: 23 Verzeichnis(se), 79.243.935.744 Bytes frei
Nach Suchlauf: 25 Verzeichnis(se), 79.387.901.952 Bytes frei
.
- - End Of File - - 3D4E044E543E9870CFC39ECE678B410F
Die beiden PDF Dateien sollen den Virus: "PDF:CVE-2013-3353 [Expl]" und "PDF:CVE-2013-3357 [Expl]" haben.
Ist mein Computer stark infiziert? Sollte ich diesen Computer noch verwenden?
MfG
Stephan |
FRST 32-Bit | FRST 64-Bit
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
SecurityCheck und:
