virusbursters... againThema ist geschlossen! |
||
|---|---|---|
Thema ist geschlossen! |
||
| #0
| ||
|
20.11.2006, 22:02
...neu hier
Beiträge: 2 |
||
 
|
|
|
|
21.11.2006, 00:52
Ehrenmitglied
 Beiträge: 29434 |
#2
fgreber
Avenger http://virus-protect.org/artikel/tools/avenger.html kopiere rein Zitat Registry values to delete:Klicke die grüne Ampel das Script wird nun ausgeführt, dann wird der PC automatisch neustarten »» lösche das Backup vom Avenger unter C:\Avenger\backup.zip + leere den Papierkorb «« scanne mit smitfraudfix - Option 1 und 2 ( lasse auch die Registry mitreinigen) http://virus-protect.org/artikel/tools/smitfrautfix.html ----------- öffne das HijackThis -- Button "scan" -- vor diese Einträge Häkchen setzen -- Button "Fix checked" -- PC neustarten Zitat O2 - BHO: (no name) - {192c5b4a-3efd-40c7-9f99-c472deb8efc0} - C:\Programme\Perfect Codec\isaddon.dllPC neustarten __________ MfG Sabina rund um die PC-Sicherheit |
|
|
|
|
|
|
21.11.2006, 01:36
...neu hier
Themenstarter Beiträge: 2 |
#3
thank you so much. everything clean now
a donation will follow (when i'm back in schedule! *grrrr*) thank you so much |
|
|
|
|
|
Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!
bitte erst » hier kostenlos registrieren!!
Folgende Themen könnten Dich auch interessieren:
Seite(n): 1
Copyright © 2024, Protecus.de - Protecus Team - Impressum / Mediadaten
Need help! Following the Hijack Scan File:
THANKS
***********************
Logfile of HijackThis v1.99.1
Scan saved at 9:40:33 p.m., on 20/11/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Acer\eManager\anbmServ.exe
C:\Programme\Perfect Codec\isamonitor.exe
C:\Programme\Perfect Codec\pmsngr.exe
C:\Programme\Synaptics\SynTP\SynTPLpr.exe
C:\Programme\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Programme\Perfect Codec\pmmon.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Programme\Arcade\PCMService.exe
C:\Programme\AntiVir PersonalEdition Classic\sched.exe
C:\Programme\Perfect Codec\isamini.exe
C:\Programme\Java\jre1.5.0_06\bin\jusched.exe
C:\PROGRA~1\MCAFEE~1\MPFTRAY.EXE
C:\Programme\QuickTime\qttask.exe
C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe
C:\PROGRA~1\TREIBE~1\GNETMOUS.EXE
C:\Programme\matlab\webserver\bin\win32\matlabserver.exe
C:\PROGRA~1\MCAFEE~1\MPFSERVICE.exe
C:\PROGRA~1\MCAFEE~1\MPFAGENT.EXE
C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\system32\keyhook.exe
C:\Programme\Launch Manager\QtZgAcer.EXE
C:\WINDOWS\system32\sistray.exe
C:\Programme\acer\eRecovery\Monitor.exe
C:\WINDOWS\system32\wscntfy.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Programme\Hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.tiscali.de/web/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://clix.fh-konstanz.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.tiscali.de
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Tiscali
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {192c5b4a-3efd-40c7-9f99-c472deb8efc0} - C:\Programme\Perfect Codec\isaddon.dll
O2 - BHO: RXResultTracker Class - {59879FA4-4790-461c-A1CC-4EC4DE4CA483} - C:\Programme\RXToolBar\sfcont.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Protection Bar - {74a49269-9779-48b4-a0e6-3a5af2a3ade6} - C:\Programme\Perfect Codec\iesplugin.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [SynTPLpr] C:\Programme\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programme\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [PCMService] "C:\Programme\Arcade\PCMService.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [eRecoveryService] C:\Windows\System32\Check.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\MCAFEE~1\MPFTRAY.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SemanticInsight] C:\Programme\RXToolBar\Semantic Insight\SemanticInsight.exe
O4 - HKLM\..\Run: [avgnt] "C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [MMReminderService] C:\Programme\Mindjet\MindManager 6\MMReminderService.exe
O4 - HKLM\..\Run: [mouseElf] C:\PROGRA~1\TREIBE~1\GNETMOUS.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [CloneCDTray] "C:\Programme\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [LManager] C:\Programme\Launch Manager\QtZgAcer.EXE
O4 - HKCU\..\Run: [WhenUSave] "C:\Programme\Save\Save.exe"
O4 - HKCU\..\Run: [Skype] "C:\Programme\Skype\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [msnmsgr] "C:\Programme\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [googletalk] "C:\Programme\Google\Google Talk\googletalk.exe" /autostart
O4 - Startup: Adobe Gamma.lnk = C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O14 - IERESET.INF: START_PAGE_URL=http://www.tiscali.de
O16 - DPF: Microsoft WFC Forms Designer - file://E:\VJ98\wfcforms.cab
O16 - DPF: Visual Studio 6 Extensibility Libraries - file://E:\VJ98\vstudio6.cab
O16 - DPF: {001EE746-A1F9-460E-80AD-269E088D6A01} (Infotl Control) - http://site.ebrary.com.ezproxy.auckland.ac.nz/lib/auckland/support/plugins/ebraryRdr.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://fgreber.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B49C4597-8721-4789-9250-315DFBD9F525} (IWinAmpActiveX Class) - http://cdn.digitalcity.com/radio/ampx/ampx2.6.1.11_en_dl.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Filter: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - C:\Programme\RXToolBar\sfcont.dll
O21 - SSODL: gimmicks - {40dcff6e-af8d-4183-8ebe-a82270ac449e} - C:\WINDOWS\system32\dcvwaah.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) - AVIRA GmbH - C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\programme\gemeinsame dateien\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: Macromedia Licensing Service - Macromedia - C:\Programme\Gemeinsame Dateien\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: MATLAB Server (matlabserver) - Unknown owner - C:\Programme\matlab\webserver\bin\win32\matlabserver.exe
O23 - Service: McAfee.com Personal Firewall Service (MpfService) - McAfee.com Corporation - C:\PROGRA~1\MCAFEE~1\MPFSERVICE.exe
**********************************
and here the ComboFix.txt
**********************************
Florian - 06-11-20 22:04:48.95 Service Pack 2
ComboFix 06.11.19 - Running from: "C:\Dokumente und Einstellungen\Florian\Desktop"
((((((((((((((((((((((((((((((( Files Created from 2006-10-20 to 2006-11-20 ))))))))))))))))))))))))))))))))))
2006-11-20 21:40 <DIR> d-------- C:\Programme\Hijackthis
2006-11-20 21:18 77,824 --a------ C:\WINDOWS\system32\dcvwaah.dll
2006-11-20 21:18 <DIR> d-------- C:\Programme\Perfect Codec
2006-11-20 21:03 <DIR> d-------- C:\Programme\VideoConvert
2006-11-20 20:25 862,208 -ra------ C:\WINDOWS\system32\sisgrv.dll
2006-11-20 20:25 7,168 -ra------ C:\WINDOWS\InstFunc.dll
2006-11-20 20:25 49,152 -ra------ C:\WINDOWS\system32\SiSPower.dll
2006-11-20 20:25 49,152 -ra------ C:\WINDOWS\system32\SiSBase.dll
2006-11-20 20:25 331,776 --a------ C:\WINDOWS\system32\sistray.exe
2006-11-20 20:25 32,768 -ra------ C:\WINDOWS\InstFunc.exe
2006-11-20 20:25 32,768 --a------ C:\WINDOWS\system32\Keyhook.exe
2006-11-20 20:25 28,672 -ra------ C:\WINDOWS\system32\SiSPInst.dll
2006-11-20 20:25 28,672 --------- C:\WINDOWS\system32\SiSHook.dll
2006-11-20 20:25 258,048 -ra------ C:\WINDOWS\system32\SiSParse.dll
2006-11-20 20:25 20,480 --------- C:\WINDOWS\system32\LCDMode.exe
2006-11-20 20:25 184,320 -ra------ C:\WINDOWS\system32\SiSInst.dll
2006-11-20 20:25 176,128 --------- C:\WINDOWS\system32\SiSApCom.dll
2006-11-20 20:25 13,312 -ra------ C:\WINDOWS\system32\drivers\srvkp.sys
2006-11-20 20:25 110,592 --------- C:\WINDOWS\system32\TVMode.dll
2006-11-20 20:25 1,740,800 -ra------ C:\WINDOWS\system32\sisgl.dll
2006-11-20 20:25 <DIR> d-------- C:\Programme\SiS VGA Utilities V3.65f
2006-11-20 20:24 <DIR> d-------- C:\WINDOWS\system32\trayres
2006-11-20 18:56 <DIR> d-------- C:\Programme\videoconverter
2006-11-20 18:43 <DIR> d-------- C:\Programme\virtualdub
2006-11-20 18:18 <DIR> d-------- C:\Programme\Easy Video Converter
2006-11-19 23:10 <DIR> d--hs---- C:\FOUND.008
2006-11-19 13:06 148,480 --a------ C:\WINDOWS\system32\nwprovau.dll
2006-11-18 19:24 <DIR> d-------- C:\Recordings
2006-11-18 00:17 <DIR> d-------- C:\WINDOWS\SxsCaPendDel
2006-11-16 00:23 729,600 --a------ C:\WINDOWS\system32\lsasrv.dll
2006-11-16 00:23 132,096 --a------ C:\WINDOWS\system32\wkssvc.dll
2006-11-16 00:23 <DIR> d-------- C:\Programme\MSXML 4.0
2006-11-13 08:30 <DIR> d--hs---- C:\FOUND.007
2006-11-12 09:11 <DIR> d-------- C:\Movies
2006-11-11 02:30 <DIR> d-------- C:\Dokumente und Einstellungen\Florian\Anwendungsdaten\Opera
2006-11-11 02:26 <DIR> d-------- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Adobe Systems
2006-11-11 02:12 <DIR> d-------- C:\Programme\PhotoshopCS2
2006-11-04 14:14 1,245,696 --a------ C:\WINDOWS\system32\msxml4.dll
2006-10-24 01:30 69,632 --a------ C:\WINDOWS\system32\lfgif13n.dll
2006-10-24 01:30 57,344 --a------ C:\WINDOWS\system32\lfbmp13n.dll
2006-10-24 01:30 462,848 --a------ C:\WINDOWS\system32\ltkrn13n.dll
2006-10-24 01:30 450,560 --a------ C:\WINDOWS\system32\ltimg13n.dll
2006-10-24 01:30 401,408 --a------ C:\WINDOWS\system32\lfcmp13n.dll
2006-10-24 01:30 299,008 --a------ C:\WINDOWS\system32\ltdis13n.dll
2006-10-24 01:30 206,336 --a------ C:\WINDOWS\system32\ltefx13n.dll
2006-10-24 01:30 163,840 --a------ C:\WINDOWS\system32\ltfil13n.dll
2006-10-23 22:47 <DIR> d-------- C:\LOST
2006-10-20 19:03 <DIR> d--hs---- C:\FOUND.006
(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))
2006-10-17 16:55 223128 --a------ C:\WINDOWS\system32\drivers\vaxscsi.sys
2006-10-17 16:55 -------- d-------- C:\Programme\Alcohol_120
2006-10-17 16:48 96256 --a------ C:\WINDOWS\system32\drivers\sptddrv1.sys
2006-10-17 16:48 611064 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2006-10-07 12:48 -------- d-------- C:\Programme\Azureus
2006-10-07 12:48 -------- d-------- C:\Dokumente und Einstellungen\Florian\Anwendungsdaten\Azureus
2006-10-02 16:00 -------- d-------- C:\Programme\Gemeinsame Dateien\Vbox
2006-10-01 18:15 -------- d-------- C:\Programme\Slideshow pro
2006-10-01 17:38 -------- d-------- C:\Programme\mresreg
2006-09-29 20:28 11973 --a------ C:\WINDOWS\system32\drivers\secdrv.sys
2006-09-28 19:14 -------- d-------- C:\Programme\Nero
2006-09-28 18:20 85 ---hs---- C:\Dokumente und Einstellungen\Florian\Anwendungsdaten\.zreglib
2006-09-28 18:11 -------- d-------- C:\Programme\CloneDVD2
2006-09-26 09:59 -------- d-------- C:\Programme\Elaborate Bytes
2006-09-26 09:40 -------- d-------- C:\Programme\SlySoft
2006-09-24 12:52 4608 --a------ C:\WINDOWS\system32\w95inf32.dll
2006-09-24 12:52 2272 --a------ C:\WINDOWS\system32\w95inf16.dll
2006-09-13 07:02 1084416 --a------ C:\WINDOWS\system32\msxml3.dll
2006-08-25 17:46 617472 --a------ C:\WINDOWS\system32\comctl32.dll
2006-08-21 14:26 16896 --a------ C:\WINDOWS\system32\fltlib.dll
2006-08-21 11:14 23040 --a------ C:\WINDOWS\system32\fltMc.exe
(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries are not shown
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"WhenUSave"="\"C:\\Programme\\Save\\Save.exe\""
"Skype"="\"C:\\Programme\\Skype\\Skype.exe\" /nosplash /minimized"
"msnmsgr"="\"C:\\Programme\\MSN Messenger\\msnmsgr.exe\" /background"
"googletalk"="\"C:\\Programme\\Google\\Google Talk\\googletalk.exe\" /autostart"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"LaunchApp"="Alaunch"
"SynTPLpr"="C:\\Programme\\Synaptics\\SynTP\\SynTPLpr.exe"
"SynTPEnh"="C:\\Programme\\Synaptics\\SynTP\\SynTPEnh.exe"
"SoundMan"="SOUNDMAN.EXE"
"AGRSMMSG"="AGRSMMSG.exe"
"PCMService"="\"C:\\Programme\\Arcade\\PCMService.exe\""
"IMJPMIG8.1"="\"C:\\WINDOWS\\IME\\imjp8_1\\IMJPMIG.EXE\" /Spoil /RemAdvDef /Migration32"
"MSPY2002"="C:\\WINDOWS\\system32\\IME\\PINTLGNT\\ImScInst.exe /SYNC"
"PHIME2002ASync"="C:\\WINDOWS\\system32\\IME\\TINTLGNT\\TINTSETP.EXE /SYNC"
"PHIME2002A"="C:\\WINDOWS\\system32\\IME\\TINTLGNT\\TINTSETP.EXE /IMEName"
"eRecoveryService"="C:\\Windows\\System32\\Check.exe"
"SunJavaUpdateSched"="C:\\Programme\\Java\\jre1.5.0_06\\bin\\jusched.exe"
"MPFExe"="C:\\PROGRA~1\\MCAFEE~1\\MPFTRAY.EXE"
"QuickTime Task"="\"C:\\Programme\\QuickTime\\qttask.exe\" -atboottime"
"SemanticInsight"="C:\\Programme\\RXToolBar\\Semantic Insight\\SemanticInsight.exe"
"avgnt"="\"C:\\Programme\\AntiVir PersonalEdition Classic\\avgnt.exe\" /min"
"pdfSaver3"=""
"MMReminderService"="C:\\Programme\\Mindjet\\MindManager 6\\MMReminderService.exe"
"mouseElf"="C:\\PROGRA~1\\TREIBE~1\\GNETMOUS.EXE"
"TkBellExe"="\"C:\\Programme\\Gemeinsame Dateien\\Real\\Update_OB\\realsched.exe\" -osboot"
"KernelFaultCheck"=hex(2):25,73,79,73,74,65,6d,72,6f,6f,74,25,5c,73,79,73,74,\
65,6d,33,32,5c,64,75,6d,70,72,65,70,20,30,20,2d,6b,00
"LVCOMSX"="C:\\WINDOWS\\system32\\LVCOMSX.EXE"
"CloneCDTray"="\"C:\\Programme\\SlySoft\\CloneCD\\CloneCDTray.exe\" /s"
"NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe"
"SiSPower"="Rundll32.exe SiSPower.dll,ModeAgent"
"SiS Windows KeyHook"="C:\\WINDOWS\\system32\\keyhook.exe"
"LManager"="C:\\Programme\\Launch Manager\\QtZgAcer.EXE"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000001
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Die derzeitige Homepage"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,de,02,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,de,02,\
00,00,04,00,00,c0
"RestoredStateInfo"=hex:18,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,de,02,\
00,00,01,00,00,00
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"
"{40dcff6e-af8d-4183-8ebe-a82270ac449e}"="gimmicks"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000000
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run]
"isamonitor.exe"="C:\\Programme\\Perfect Codec\\isamonitor.exe"
"pmsngr.exe"="C:\\Programme\\Perfect Codec\\pmsngr.exe"
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
"gimmicks"="{40dcff6e-af8d-4183-8ebe-a82270ac449e}"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"
Completion time: 06-11-20 22:05:31.28
C:\ComboFix2.txt ... 06-11-20 21:38
C:\ComboFix.txt ... 06-11-20 22:05