ComboFix 12-04-16.02 - Admin 17.04.2012  13:10:00.2.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.4007.2771 [GMT 2:00]
ausgeführt von:: c:\users\PC\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Vorheriger Suchlauf -------
.
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-03-17 bis 2012-04-17  ))))))))))))))))))))))))))))))
.
.
2012-04-17 11:13 . 2012-04-17 11:16	--------	d-----w-	c:\users\Admin\AppData\Local\temp
2012-04-17 11:13 . 2012-04-17 11:13	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-04-15 11:57 . 2011-06-21 04:09	200976	----a-w-	c:\windows\SysWow64\drivers\tmcomm.sys
2012-04-14 12:02 . 2012-04-14 12:02	--------	d-----w-	c:\users\Admin\AppData\Local\Secunia PSI (BETA)
2012-04-14 11:36 . 2012-03-14 03:27	8669240	------w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{E1EF19E2-3F3D-4127-BFA2-625AED128688}\mpengine.dll
2012-04-13 12:45 . 2012-04-13 12:45	--------	d-----w-	c:\users\PC\AppData\Roaming\Malwarebytes
2012-04-13 12:44 . 2012-04-13 12:44	--------	d-----w-	c:\users\Admin\AppData\Roaming\Malwarebytes
2012-04-13 12:44 . 2012-04-13 12:44	--------	d-----w-	c:\programdata\Malwarebytes
2012-04-13 12:44 . 2012-04-13 12:44	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2012-04-13 12:44 . 2012-04-04 13:56	24904	----a-w-	c:\windows\system32\drivers\mbam.sys
2012-04-12 08:36 . 2012-03-06 06:53	5559152	----a-w-	c:\windows\system32\ntoskrnl.exe
2012-04-12 08:36 . 2012-03-06 05:59	3968368	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2012-04-12 08:36 . 2012-03-06 05:59	3913072	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2012-04-12 08:35 . 2012-03-01 06:46	23408	----a-w-	c:\windows\system32\drivers\fs_rec.sys
2012-04-12 08:35 . 2012-03-01 06:33	81408	----a-w-	c:\windows\system32\imagehlp.dll
2012-04-12 08:35 . 2012-03-01 05:33	159232	----a-w-	c:\windows\SysWow64\imagehlp.dll
2012-04-12 08:35 . 2012-03-01 06:38	220672	----a-w-	c:\windows\system32\wintrust.dll
2012-04-12 08:35 . 2012-03-01 06:28	5120	----a-w-	c:\windows\system32\wmi.dll
2012-04-12 08:35 . 2012-03-01 05:37	172544	----a-w-	c:\windows\SysWow64\wintrust.dll
2012-04-12 08:35 . 2012-03-01 05:29	5120	----a-w-	c:\windows\SysWow64\wmi.dll
2012-04-08 20:30 . 2012-04-08 20:38	--------	d--h--w-	c:\program files (x86)\Zero G Registry
2012-04-08 20:29 . 2012-04-08 20:29	--------	d--h--w-	c:\users\Admin\InstallAnywhere
2012-04-02 14:30 . 2012-04-02 14:30	--------	d-----w-	c:\users\Admin\AppData\Local\Opera
2012-04-02 14:30 . 2012-04-02 14:30	--------	d-----w-	c:\program files (x86)\Opera
2012-03-30 14:53 . 2012-03-30 14:56	418464	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2012-03-28 16:06 . 2012-03-28 16:10	--------	d-----w-	c:\program files\Core Temp
2012-03-28 15:47 . 2012-03-28 15:47	--------	d-----w-	c:\program files (x86)\SIW
2012-03-26 00:05 . 2012-03-26 00:05	--------	d-----w-	c:\program files (x86)\EASEUS
2012-03-25 23:13 . 2012-03-25 23:13	--------	d-----w-	c:\program files (x86)\Runtime Software
2012-03-25 22:58 . 2012-04-14 16:45	--------	d-----w-	c:\users\PC\AppData\Local\VirtualStore
2012-03-25 22:33 . 2012-03-25 22:33	--------	d-----w-	c:\program files (x86)\Western Digital Corporation
2012-03-25 22:33 . 2012-03-25 22:33	971360	----a-w-	c:\windows\system32\drivers\timntr.sys
2012-03-25 22:33 . 2012-03-25 22:33	210016	----a-w-	c:\windows\system32\drivers\vididr.sys
2012-03-25 22:33 . 2012-03-25 22:33	141920	----a-w-	c:\windows\system32\drivers\vsflt53.sys
2012-03-25 22:33 . 2012-03-25 22:33	--------	d-----w-	c:\program files (x86)\Acronis
2012-03-25 22:33 . 2012-03-25 22:33	--------	d-----w-	c:\program files (x86)\Common Files\Acronis
2012-03-25 22:26 . 1998-06-17 22:00	89360	----a-w-	c:\windows\SysWow64\VB5DB.DLL
2012-03-25 18:01 . 2012-03-25 18:01	--------	d-----w-	c:\program files\Recuva
2012-03-23 12:33 . 2012-03-23 12:33	--------	d-----w-	c:\program files (x86)\Lavalys
2012-03-23 12:33 . 2012-03-23 13:12	--------	d-----w-	c:\program files (x86)\SpeedFan
2012-03-22 16:35 . 2012-03-22 16:35	--------	d-----w-	c:\users\PC\AppData\Local\Opera
2012-03-22 16:35 . 2012-03-22 16:35	--------	d-----w-	c:\users\PC\AppData\Local\Programs
2012-03-21 16:04 . 2012-03-21 16:25	--------	d-----w-	c:\users\Admin\AppData\Roaming\vlc
2012-03-19 01:11 . 2012-03-20 13:09	--------	d-----w-	c:\users\PC\AppData\Local\Microsoft Games
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-30 14:56 . 2012-01-13 13:34	70304	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-03-25 22:33 . 2012-02-25 22:17	275552	----a-w-	c:\windows\system32\drivers\snapman.sys
2012-03-07 00:15 . 2012-02-23 12:02	41184	----a-w-	c:\windows\avastSS.scr
2012-03-07 00:15 . 2012-02-23 12:02	201352	----a-w-	c:\windows\SysWow64\aswBoot.exe
2012-03-07 00:15 . 2012-02-23 12:02	258520	----a-w-	c:\windows\system32\aswBoot.exe
2012-03-07 00:04 . 2012-02-23 12:02	819032	----a-w-	c:\windows\system32\drivers\aswSnx.sys
2012-03-07 00:04 . 2012-02-23 12:02	337240	----a-w-	c:\windows\system32\drivers\aswSP.sys
2012-03-07 00:02 . 2012-02-23 17:40	53080	----a-w-	c:\windows\system32\drivers\aswRdr2.sys
2012-03-07 00:01 . 2012-02-23 12:02	59224	----a-w-	c:\windows\system32\drivers\aswTdi.sys
2012-03-07 00:01 . 2012-02-23 12:02	69976	----a-w-	c:\windows\system32\drivers\aswMonFlt.sys
2012-03-07 00:01 . 2012-02-23 12:02	24408	----a-w-	c:\windows\system32\drivers\aswFsBlk.sys
2012-02-25 22:17 . 2012-02-25 22:17	81952	----a-w-	c:\windows\system32\drivers\tifsfilt.sys
2012-02-25 22:17 . 2012-02-25 22:17	593952	----a-w-	c:\windows\system32\drivers\tdrpman.sys
2012-02-23 13:01 . 2012-01-13 13:35	637848	----a-w-	c:\windows\SysWow64\npdeployJava1.dll
2012-02-23 13:01 . 2012-01-13 13:35	567696	----a-w-	c:\windows\SysWow64\deployJava1.dll
2012-02-23 12:58 . 2012-01-13 13:35	750488	----a-w-	c:\windows\system32\npdeployJava1.dll
2012-02-23 12:58 . 2012-01-13 13:35	660368	----a-w-	c:\windows\system32\deployJava1.dll
2012-02-23 08:18 . 2010-11-21 03:27	279656	------w-	c:\windows\system32\MpSigStub.exe
2012-02-17 06:38 . 2012-03-14 15:06	1031680	----a-w-	c:\windows\system32\rdpcore.dll
2012-02-17 05:34 . 2012-03-14 15:06	826880	----a-w-	c:\windows\SysWow64\rdpcore.dll
2012-02-17 04:58 . 2012-03-14 15:06	210944	----a-w-	c:\windows\system32\drivers\rdpwd.sys
2012-02-17 04:57 . 2012-03-14 15:06	23552	----a-w-	c:\windows\system32\drivers\tdtcp.sys
2012-02-10 06:36 . 2012-03-16 14:52	1544192	----a-w-	c:\windows\system32\DWrite.dll
2012-02-10 05:38 . 2012-03-16 14:52	1077248	----a-w-	c:\windows\SysWow64\DWrite.dll
2012-02-03 04:34 . 2012-03-16 14:52	3145728	----a-w-	c:\windows\system32\win32k.sys
2012-01-25 06:38 . 2012-03-14 15:06	77312	----a-w-	c:\windows\system32\rdpwsx.dll
2012-01-25 06:38 . 2012-03-14 15:06	149504	----a-w-	c:\windows\system32\rdpcorekmts.dll
2012-01-25 06:33 . 2012-03-14 15:06	9216	----a-w-	c:\windows\system32\rdrmemptylst.exe
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SandboxieControl"="c:\program files\Sandboxie\SbieCtrl.exe" [2012-04-10 668944]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-10-17 284440]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-03-07 4241512]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
"DiscWizardMonitor.exe"="c:\program files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe" [2009-11-10 1352480]
"AcronisTimounterMonitor"="c:\program files (x86)\Seagate\DiscWizard\TimounterMonitor.exe" [2009-11-10 906912]
"TrueImageMonitor.exe"="c:\program files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe" [2011-06-22 2637824]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Secunia PSI Tray.lnk - c:\program files (x86)\Secunia\PSI\psi_tray.exe [2012-3-30 562232]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages	REG_MULTI_SZ   	kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [x]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 253600]
R3 ALSysIO;ALSysIO;c:\users\Admin\AppData\Local\Temp\ALSysIO64.sys [x]
R3 amdhub30;AMD USB 3.0 Hub Driver;c:\windows\system32\drivers\amdhub30.sys [x]
R3 amdxhc;AMD USB 3.0 Host Controller Driver;c:\windows\system32\drivers\amdxhc.sys [x]
R3 AthDfu;Atheros Valkyrie USB BootROM;c:\windows\System32\Drivers\AthDfu.sys [x]
R3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\drivers\btath_bus.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\drivers\btath_hcrp.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\drivers\btath_rcp.sys [x]
R3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys [x]
R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [x]
R3 mv91cons;mv91cons;c:\windows\system32\drivers\mv91cons.sys [x]
R3 mvs91xx;mvs91xx;c:\windows\system32\drivers\mvs91xx.sys [x]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys [x]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys [x]
R3 rusb3hub;Renesas Electronics USB 3.0 Hub Driver (Version 3.0);c:\windows\system32\drivers\rusb3hub.sys [x]
R3 rusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver (Version 3.0);c:\windows\system32\drivers\rusb3xhc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 vididr;Acronis Virtual Disk;c:\windows\system32\DRIVERS\vididr.sys [x]
S0 vidsflt53;Acronis Disk Storage Filter (53);c:\windows\system32\DRIVERS\vsflt53.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-10-17 13592]
S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe [2012-03-30 1295416]
S2 SgtSch2Svc;Seagate Scheduler2 Service;c:\program files (x86)\Common Files\Seagate\Schedule2\schedul2.exe [2009-11-10 606048]
S2 Windows7FirewallService;Windows7FirewallService;c:\program files\Windows7FirewallControl\Windows7FirewallService.exe [2011-04-06 610816]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\drivers\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\drivers\asmtxhci.sys [x]
S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2012-04-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 14:56]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-03-07 00:15	135408	----a-w-	c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-01-10 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-01-10 392984]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-01-10 417560]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2011-12-12 7560296]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2009-10-19 2185032]
"CanonSolutionMenu"="c:\program files (x86)\Canon\SolutionMenu\CNSLMAIN.exe" [2009-09-04 767312]
"Windows7FirewallControl"="c:\program files\Windows7FirewallControl\Windows7FirewallControl.exe" [2011-04-06 1172480]
"Seagate Scheduler2 Service"="c:\program files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe" [2009-11-10 136544]
"Acronis Scheduler2 Service"="c:\program files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" [2011-06-22 395392]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 217.0.43.97 217.0.43.113
TCP: Interfaces\{E4CE61E6-7C3F-47E9-A69F-9359700546CB}: DhcpNameServer = 217.0.43.97 217.0.43.113
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_228_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_228_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-04-17  13:18:45 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2012-04-17 11:18
.
Vor Suchlauf: 9 Verzeichnis(se), 234.546.814.976 Bytes frei
Nach Suchlauf: 13 Verzeichnis(se), 234.413.383.680 Bytes frei
.
- - End Of File - - D0061D8BAF6921C06D4208873A8872D5