Re: Kontrola LOGU
Napsal: 11 srp 2014 19:50
ComboFix 14-08-06.02 - HP 11.08.2014 19:09:25.1.8 - x64
Microsoft Windows 8 6.2.9200.0.1252.41.1031.18.8124.6621 [GMT 2:00]
ausgeführt von:: c:\users\HP\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Treiber/Dienste )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_WiseBootAssistant
.
.
((((((((((((((((((((((( Dateien erstellt von 2014-07-11 bis 2014-08-11 ))))))))))))))))))))))))))))))
.
.
2014-08-11 17:16 . 2014-08-11 17:16 94656 ----a-w- c:\windows\system32\WPRO_41_2001woem.tmp
2014-08-11 17:14 . 2014-08-11 17:20 -------- d-----w- c:\users\HP\AppData\Local\temp
2014-08-11 17:14 . 2014-08-11 17:14 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2014-08-10 12:35 . 2014-08-11 07:17 30312 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2014-08-10 12:35 . 2014-08-10 12:35 -------- d-----w- c:\programdata\RogueKiller
2014-08-10 12:13 . 2014-08-10 12:13 -------- d-----w- c:\windows\ERUNT
2014-08-09 13:54 . 2014-08-11 08:19 -------- d-----w- c:\users\HP\AppData\Roaming\Wise Care 365
2014-08-09 13:53 . 2014-08-09 13:53 -------- d-----w- c:\program files (x86)\Wise
2014-08-09 13:50 . 2014-08-10 14:18 -------- d-----w- c:\users\HP\AppData\Roaming\uTorrent
2014-08-09 13:02 . 2014-07-15 22:51 71168 ----a-w- c:\windows\system32\drivers\hdaudbus.sys
2014-08-09 13:01 . 2014-05-03 06:34 6974808 ----a-w- c:\windows\system32\ntoskrnl.exe
2014-08-09 13:01 . 2014-05-03 06:33 1824808 ----a-w- c:\windows\system32\ntdll.dll
2014-08-09 13:01 . 2014-05-03 04:51 1408976 ----a-w- c:\windows\SysWow64\ntdll.dll
2014-08-09 13:01 . 2014-05-01 22:37 1023488 ----a-w- c:\windows\system32\localspl.dll
2014-08-09 13:01 . 2014-04-29 22:32 126464 ----a-w- c:\windows\system32\Robocopy.exe
2014-08-09 13:01 . 2014-04-29 22:32 106496 ----a-w- c:\windows\SysWow64\Robocopy.exe
2014-08-09 13:01 . 2014-04-23 23:51 566784 ----a-w- c:\windows\SysWow64\WSShared.dll
2014-08-09 13:01 . 2014-04-23 23:51 124928 ----a-w- c:\windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-08-09 13:01 . 2014-04-23 23:38 693760 ----a-w- c:\windows\system32\WSShared.dll
2014-08-09 13:01 . 2014-04-23 23:38 163840 ----a-w- c:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-08-09 13:01 . 2014-05-29 04:04 94552 ----a-w- c:\windows\system32\drivers\mountmgr.sys
2014-08-09 13:01 . 2014-05-08 01:34 328024 ----a-w- c:\windows\system32\drivers\Classpnp.sys
2014-08-09 12:39 . 2014-08-11 16:51 122584 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-08-09 12:39 . 2014-05-12 05:26 64216 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-08-09 12:39 . 2014-05-12 05:26 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-08-09 12:39 . 2014-05-12 05:25 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-08-09 12:39 . 2014-08-09 12:39 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2014-08-09 12:39 . 2014-08-09 12:39 -------- d-----w- c:\programdata\Malwarebytes
2014-08-09 12:35 . 2010-08-30 06:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll
2014-08-09 12:34 . 2014-08-09 20:39 -------- d-----w- C:\AdwCleaner
2014-08-08 22:04 . 2014-08-09 13:47 -------- d-----w- C:\Downloads
2014-08-08 21:01 . 2009-03-16 12:18 235352 ----a-w- c:\windows\SysWow64\xactengine3_4.dll
2014-08-08 15:42 . 2006-11-29 11:06 440080 ----a-w- c:\windows\SysWow64\d3dx10.dll
2014-08-08 14:54 . 2014-08-08 14:56 -------- d-----w- c:\program files (x86)\Origin Games
2014-08-08 14:53 . 2014-08-09 14:04 -------- d-----w- c:\users\HP\AppData\Roaming\Origin
2014-08-08 14:53 . 2014-08-08 21:15 -------- d-----w- c:\users\HP\AppData\Local\Origin
2014-08-08 14:49 . 2014-08-10 14:01 -------- d-----w- c:\programdata\Origin
2014-08-08 14:49 . 2014-08-08 21:15 -------- d-----w- c:\programdata\Electronic Arts
2014-08-08 14:49 . 2014-08-10 13:13 -------- d-----w- c:\program files (x86)\Origin
2014-08-08 14:19 . 2014-08-08 14:19 -------- d-----w- c:\users\HP\AppData\Roaming\CyberLink
2014-08-08 14:19 . 2014-08-08 14:19 -------- d-----w- c:\users\HP\AppData\Local\CyberLink
2014-08-08 13:17 . 2014-08-08 13:17 -------- d-----w- c:\program files\CCleaner
2014-08-08 13:06 . 2014-08-08 13:06 -------- d-----w- c:\users\HP\AppData\Local\VS Revo Group
2014-08-08 13:06 . 2014-08-08 13:06 -------- d-----w- c:\programdata\VS Revo Group
2014-08-08 13:06 . 2009-12-30 09:21 31800 ----a-w- c:\windows\system32\drivers\revoflt.sys
2014-08-08 13:06 . 2014-08-08 13:06 -------- d-----w- c:\program files\VS Revo Group
2014-08-08 13:06 . 2014-08-08 13:06 -------- d-----w- c:\users\HP\AppData\Local\Programs
2014-08-08 12:30 . 2014-08-08 12:30 257704 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10243.bin
2014-08-08 12:13 . 2014-08-08 14:03 -------- d-----w- c:\users\HP\AppData\Local\CrashDumps
2014-08-07 20:11 . 2014-08-08 14:31 -------- d-----w- c:\programdata\Avira
2014-08-07 19:15 . 2013-06-01 09:20 2219520 ----a-w- c:\windows\system32\dwmcore.dll
2014-08-07 19:14 . 2013-11-01 01:16 22615040 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2014-08-07 19:09 . 2014-04-03 03:44 619008 ----a-w- c:\windows\system32\drivers\srv2.sys
2014-08-07 19:08 . 2013-07-24 23:07 13661696 ----a-w- c:\windows\system32\Windows.UI.Xaml.dll
2014-08-07 19:06 . 2014-08-07 19:06 -------- d-----w- c:\users\HP\AppData\Roaming\Unity
2014-08-07 19:05 . 2014-08-07 19:05 -------- d-----w- c:\users\HP\AppData\Roaming\.mono
2014-08-07 19:04 . 2014-08-07 19:04 -------- d-----w- c:\users\HP\AppData\Local\Unity
2014-08-07 19:01 . 2014-08-07 19:01 -------- d-----w- c:\users\HP\AppData\Local\Intel_Corporation
2014-08-07 18:58 . 2014-08-07 18:58 -------- d-----w- c:\users\HP\AppData\Roaming\AVAST Software
2014-08-07 18:56 . 2014-08-07 18:56 92008 ----a-w- c:\windows\system32\drivers\aswStm.sys
2014-08-07 18:56 . 2014-08-07 18:56 224896 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-08-07 18:56 . 2014-08-07 18:56 1041168 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-08-07 18:56 . 2014-08-07 18:57 427360 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-08-07 18:56 . 2014-08-07 18:56 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-08-07 18:56 . 2014-08-07 18:56 79184 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-08-07 18:56 . 2014-08-07 18:56 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-08-07 18:56 . 2014-08-07 18:56 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-08-07 18:56 . 2014-08-07 18:56 307344 ----a-w- c:\windows\system32\aswBoot.exe
2014-08-07 18:56 . 2014-08-07 18:56 43152 ----a-w- c:\windows\avastSS.scr
2014-08-07 18:54 . 2014-08-07 18:54 -------- d-----w- c:\program files\AVAST Software
2014-08-07 18:53 . 2014-08-07 18:54 -------- d-----w- c:\programdata\AVAST Software
2014-08-07 18:40 . 2014-08-07 18:40 -------- d-----w- c:\users\HP\AppData\Roaming\IDT
2014-08-07 18:26 . 2014-08-07 18:31 -------- d-----w- c:\program files (x86)\Google
2014-08-07 18:26 . 2014-08-07 18:32 -------- d-----w- c:\users\HP\AppData\Local\Google
2014-08-07 18:26 . 2014-08-07 18:26 -------- d-----w- c:\users\HP\AppData\Local\Deployment
2014-08-07 18:26 . 2014-08-07 18:26 -------- d-----w- c:\users\HP\AppData\Local\Apps
2014-08-07 18:21 . 2014-03-01 09:47 1258496 ----a-w- c:\windows\system32\kernel32.dll
2014-08-07 18:21 . 2014-03-01 09:47 1120768 ----a-w- c:\windows\system32\gpedit.dll
2014-08-07 18:21 . 2014-03-01 08:07 1075200 ----a-w- c:\windows\SysWow64\gpedit.dll
2014-08-07 18:21 . 2014-02-26 23:18 370688 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2014-08-07 18:21 . 2014-02-26 23:18 247808 ----a-w- c:\windows\system32\drivers\srvnet.sys
2014-08-07 18:21 . 2014-02-26 23:18 215040 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2014-08-07 18:21 . 2014-02-15 04:15 78336 ----a-w- c:\windows\system32\drivers\IPMIDrv.sys
2014-08-07 18:21 . 2013-11-25 23:17 83968 ----a-w- c:\windows\system32\drivers\hidclass.sys
2014-08-07 09:00 . 2014-08-07 09:00 50784 ----a-w- c:\programdata\Microsoft\windowsfiltering\Sqm\Manifest\Sqm3.bin
2014-08-07 09:00 . 2014-08-07 09:00 17536 ----a-w- c:\programdata\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
2014-08-07 08:30 . 2014-08-07 20:06 -------- d-----w- c:\program files (x86)\Common Files\Symantec Shared
2014-08-07 08:04 . 2014-08-11 17:16 -------- d-----w- c:\windows\SysWow64\NV
2014-08-07 08:04 . 2014-08-11 17:16 -------- d-----w- c:\windows\system32\NV
2014-08-07 07:37 . 2014-08-07 07:37 -------- d-----w- c:\windows\SysWow64\en
2014-08-07 07:37 . 2014-08-07 07:37 -------- d-----w- c:\windows\SysWow64\0409
2014-08-07 07:37 . 2014-08-07 07:37 -------- d-----w- c:\windows\SysWow64\drivers\UMDF\en-US
2014-08-07 07:37 . 2014-08-07 07:37 -------- d-----w- c:\windows\SysWow64\drivers\sk-SK
2014-08-07 07:36 . 2014-08-07 07:36 -------- d-----w- c:\windows\SysWow64\wbem\sk-SK
2014-08-07 07:36 . 2014-08-07 07:36 -------- d-----w- c:\windows\SysWow64\wbem\en-US
2014-08-07 07:36 . 2014-08-07 07:36 -------- d-----w- c:\windows\sk-SK
2014-08-07 07:36 . 2014-08-07 07:36 -------- d-----w- c:\windows\system32\sk
2014-08-07 07:36 . 2014-08-07 07:36 -------- d-----w- c:\windows\system32\en
2014-08-07 07:36 . 2014-08-07 07:36 -------- d-----w- c:\windows\system32\0409
2014-08-07 07:36 . 2014-08-07 07:36 -------- d-----w- c:\windows\system32\drivers\sk-SK
2014-08-07 07:36 . 2014-08-07 07:36 -------- d-----w- c:\windows\system32\drivers\UMDF\en-US
2014-08-07 07:36 . 2014-08-07 07:36 -------- d-----w- c:\windows\system32\drivers\en-US
2014-08-07 07:36 . 2014-08-07 07:36 -------- d-----w- c:\windows\system32\wbem\sk-SK
2014-08-07 07:36 . 2014-08-07 07:36 -------- d-----w- c:\windows\system32\wbem\en-US
2014-08-07 07:22 . 2014-06-26 20:53 703968 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-08-07 07:22 . 2014-06-26 20:53 105440 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-08-07 07:18 . 2014-08-07 07:18 -------- d-s---w- c:\windows\system32\CompatTel
2014-08-07 07:17 . 2014-08-07 07:25 -------- d-----r- c:\windows\BrowserChoice
2014-08-07 00:37 . 2014-08-07 00:39 -------- d-----w- c:\windows\system32\MRT
2014-08-07 00:09 . 2014-06-11 04:18 4038144 ----a-w- c:\windows\system32\win32k.sys
2014-08-07 00:08 . 2013-04-09 04:51 3552768 ----a-w- c:\windows\system32\tquery.dll
2014-08-07 00:07 . 2013-04-23 22:56 1255936 ----a-w- c:\windows\system32\certutil.exe
2014-08-07 00:06 . 2013-03-06 07:10 112872 ----a-w- c:\windows\system32\consent.exe
2014-08-07 00:05 . 2014-01-12 23:30 2238976 ----a-w- c:\windows\system32\d3d10warp.dll
2014-08-07 00:04 . 2014-05-29 22:24 576512 ----a-w- c:\windows\system32\drivers\afd.sys
2014-08-07 00:03 . 2014-06-06 14:06 596480 ----a-w- c:\windows\system32\qedit.dll
2014-08-07 00:03 . 2014-06-06 10:17 497152 ----a-w- c:\windows\SysWow64\qedit.dll
2014-08-07 00:03 . 2013-09-28 03:35 288768 ----a-w- c:\windows\system32\drivers\portcls.sys
2014-08-07 00:03 . 2013-10-10 09:32 115712 ----a-w- c:\windows\SysWow64\cscript.exe
2014-08-07 00:03 . 2013-10-10 09:30 162304 ----a-w- c:\windows\SysWow64\scrobj.dll
2014-08-07 00:03 . 2013-10-10 09:30 156160 ----a-w- c:\windows\SysWow64\scrrun.dll
2014-08-07 00:03 . 2013-10-10 09:24 143872 ----a-w- c:\windows\system32\wshom.ocx
2014-08-07 00:03 . 2013-10-10 09:23 146944 ----a-w- c:\windows\system32\cscript.exe
2014-08-07 00:03 . 2013-10-10 09:22 222720 ----a-w- c:\windows\system32\scrobj.dll
2014-08-07 00:03 . 2013-10-10 09:22 194048 ----a-w- c:\windows\system32\scrrun.dll
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-08-11 17:16 . 2013-07-08 13:35 34752 ----a-w- c:\windows\system32\drivers\WPRO_41_2001.sys
2014-08-06 21:54 . 2012-07-26 08:13 23256 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BtTray"="c:\program files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe" [2013-01-10 379904]
"AccelerometerSysTrayApplet"="c:\program files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe" [2013-03-01 77088]
"RemoteControl10"="c:\program files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" [2012-07-13 93296]
"HPMessageService"="c:\program files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe" [2013-02-25 1045304]
"HP CoolSense"="c:\program files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe" [2012-11-05 1343904]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-08-07 4085896]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\StartUp\
iSCTsysTray.lnk - c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe [2013-2-13 249320]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
R3 IntcDAud;Intel(R) Zvuk pre obrazovky;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys;c:\windows\SYSNATIVE\DRIVERS\revoflt.sys [x]
R3 SmbDrv;SmbDrv;c:\windows\System32\drivers\Smb_driver_AMDASF.sys;c:\windows\SYSNATIVE\drivers\Smb_driver_AMDASF.sys [x]
R3 TrueService;TrueAPI Service component;c:\program files\Common Files\AuthenTec\TrueService.exe;c:\program files\Common Files\AuthenTec\TrueService.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 CLVirtualDrive;CLVirtualDrive;c:\windows\system32\DRIVERS\CLVirtualDrive.sys;c:\windows\SYSNATIVE\DRIVERS\CLVirtualDrive.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 FPLService;TrueSuiteService;c:\program files (x86)\HP SimplePass\TrueSuiteService.exe;c:\program files (x86)\HP SimplePass\TrueSuiteService.exe [x]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe;c:\program files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 ISCTAgent;Intel(R) Smart Connect Technology Agent;c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe ;c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S3 BtAudioBusSrv;Ralink Bluetooth Audio Bus Service;c:\windows\System32\Drivers\BtAudioBus.sys;c:\windows\SYSNATIVE\Drivers\BtAudioBus.sys [x]
S3 BthL2caScoIfSrv;Bluetooth Profile Interface Driver Service;c:\windows\System32\Drivers\BtL2caScoIf.sys;c:\windows\SYSNATIVE\Drivers\BtL2caScoIf.sys [x]
S3 BthLEEnum;Bluetooth Low Energy Driver;c:\windows\system32\DRIVERS\BthLEEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthLEEnum.sys [x]
S3 btUrbFilterDrv;IVT URB Bluetooth Filter Driver Service;c:\windows\System32\Drivers\IvtUrbBtFlt.sys;c:\windows\SYSNATIVE\Drivers\IvtUrbBtFlt.sys [x]
S3 ikbevent;Intel Upper keyboard Class Filter Driver;c:\windows\system32\DRIVERS\ikbevent.sys;c:\windows\SYSNATIVE\DRIVERS\ikbevent.sys [x]
S3 imsevent;Intel Upper Mouse Class Filter Driver;c:\windows\system32\DRIVERS\imsevent.sys;c:\windows\SYSNATIVE\DRIVERS\imsevent.sys [x]
S3 ISCT;Intel(R) Smart Connect Technology Device Driver;c:\windows\System32\drivers\ISCTD64.sys;c:\windows\SYSNATIVE\drivers\ISCTD64.sys [x]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
S3 rtbth;RTBTH Bluetooth Device Driver;c:\windows\System32\drivers\rtbth.sys;c:\windows\SYSNATIVE\drivers\rtbth.sys [x]
S3 RTL8168;Realtek 8168 NT Driver;c:\windows\system32\DRIVERS\Rt630x64.sys;c:\windows\SYSNATIVE\DRIVERS\Rt630x64.sys [x]
S3 RTSPER;Realtek PCIE Card Reader - PER;c:\windows\system32\DRIVERS\RtsPer.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPer.sys [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
apphost REG_MULTI_SZ apphostsvc
iissvcs REG_MULTI_SZ w3svc was
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-08-07 18:31 1104200 ----a-w- c:\program files (x86)\Google\Chrome\Application\36.0.1985.125\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-08-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-08-07 18:26]
.
2014-08-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-08-07 18:26]
.
2014-08-09 c:\windows\Tasks\Wise Care 365 PC Checkup Task.job
- c:\program files (x86)\Wise\Wise Care 365\WiseCare365.exe [2014-08-09 13:52]
.
2014-08-09 c:\windows\Tasks\Wise Turbo Checker.job
- c:\program files (x86)\Wise\Wise Care 365\WiseTurbo.exe [2014-08-09 12:38]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-08-07 18:56 634872 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2013-03-22 165872]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2013-03-22 407536]
"Persistence"="c:\windows\system32\igfxpers.exe" [2013-03-22 441840]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 213.202.32.3 195.162.161.182
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
ShellIconOverlayIdentifiers-{F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
ShellIconOverlayIdentifiers-{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
ShellIconOverlayIdentifiers-{BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
ShellIconOverlayIdentifiers-{F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
ShellIconOverlayIdentifiers-{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
ShellIconOverlayIdentifiers-{BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
c:\program files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\program files (x86)\HP SimplePass\IEWebSiteLogon.exe
c:\program files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
c:\program files (x86)\CyberLink\YouCam\YCMMirage.exe
c:\program files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-08-11 19:25:48 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2014-08-11 17:25
.
Vor Suchlauf: 898 586 025 984 bytes free
Nach Suchlauf: 897 481 560 064 bytes free
.
- - End Of File - - 7E313D6590E596DF2FB9EA4F9A32BDE1
5FB38429D5D77768867C76DCBDB35194
Microsoft Windows 8 6.2.9200.0.1252.41.1031.18.8124.6621 [GMT 2:00]
ausgeführt von:: c:\users\HP\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Treiber/Dienste )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_WiseBootAssistant
.
.
((((((((((((((((((((((( Dateien erstellt von 2014-07-11 bis 2014-08-11 ))))))))))))))))))))))))))))))
.
.
2014-08-11 17:16 . 2014-08-11 17:16 94656 ----a-w- c:\windows\system32\WPRO_41_2001woem.tmp
2014-08-11 17:14 . 2014-08-11 17:20 -------- d-----w- c:\users\HP\AppData\Local\temp
2014-08-11 17:14 . 2014-08-11 17:14 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2014-08-10 12:35 . 2014-08-11 07:17 30312 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2014-08-10 12:35 . 2014-08-10 12:35 -------- d-----w- c:\programdata\RogueKiller
2014-08-10 12:13 . 2014-08-10 12:13 -------- d-----w- c:\windows\ERUNT
2014-08-09 13:54 . 2014-08-11 08:19 -------- d-----w- c:\users\HP\AppData\Roaming\Wise Care 365
2014-08-09 13:53 . 2014-08-09 13:53 -------- d-----w- c:\program files (x86)\Wise
2014-08-09 13:50 . 2014-08-10 14:18 -------- d-----w- c:\users\HP\AppData\Roaming\uTorrent
2014-08-09 13:02 . 2014-07-15 22:51 71168 ----a-w- c:\windows\system32\drivers\hdaudbus.sys
2014-08-09 13:01 . 2014-05-03 06:34 6974808 ----a-w- c:\windows\system32\ntoskrnl.exe
2014-08-09 13:01 . 2014-05-03 06:33 1824808 ----a-w- c:\windows\system32\ntdll.dll
2014-08-09 13:01 . 2014-05-03 04:51 1408976 ----a-w- c:\windows\SysWow64\ntdll.dll
2014-08-09 13:01 . 2014-05-01 22:37 1023488 ----a-w- c:\windows\system32\localspl.dll
2014-08-09 13:01 . 2014-04-29 22:32 126464 ----a-w- c:\windows\system32\Robocopy.exe
2014-08-09 13:01 . 2014-04-29 22:32 106496 ----a-w- c:\windows\SysWow64\Robocopy.exe
2014-08-09 13:01 . 2014-04-23 23:51 566784 ----a-w- c:\windows\SysWow64\WSShared.dll
2014-08-09 13:01 . 2014-04-23 23:51 124928 ----a-w- c:\windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-08-09 13:01 . 2014-04-23 23:38 693760 ----a-w- c:\windows\system32\WSShared.dll
2014-08-09 13:01 . 2014-04-23 23:38 163840 ----a-w- c:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-08-09 13:01 . 2014-05-29 04:04 94552 ----a-w- c:\windows\system32\drivers\mountmgr.sys
2014-08-09 13:01 . 2014-05-08 01:34 328024 ----a-w- c:\windows\system32\drivers\Classpnp.sys
2014-08-09 12:39 . 2014-08-11 16:51 122584 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-08-09 12:39 . 2014-05-12 05:26 64216 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-08-09 12:39 . 2014-05-12 05:26 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-08-09 12:39 . 2014-05-12 05:25 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-08-09 12:39 . 2014-08-09 12:39 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2014-08-09 12:39 . 2014-08-09 12:39 -------- d-----w- c:\programdata\Malwarebytes
2014-08-09 12:35 . 2010-08-30 06:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll
2014-08-09 12:34 . 2014-08-09 20:39 -------- d-----w- C:\AdwCleaner
2014-08-08 22:04 . 2014-08-09 13:47 -------- d-----w- C:\Downloads
2014-08-08 21:01 . 2009-03-16 12:18 235352 ----a-w- c:\windows\SysWow64\xactengine3_4.dll
2014-08-08 15:42 . 2006-11-29 11:06 440080 ----a-w- c:\windows\SysWow64\d3dx10.dll
2014-08-08 14:54 . 2014-08-08 14:56 -------- d-----w- c:\program files (x86)\Origin Games
2014-08-08 14:53 . 2014-08-09 14:04 -------- d-----w- c:\users\HP\AppData\Roaming\Origin
2014-08-08 14:53 . 2014-08-08 21:15 -------- d-----w- c:\users\HP\AppData\Local\Origin
2014-08-08 14:49 . 2014-08-10 14:01 -------- d-----w- c:\programdata\Origin
2014-08-08 14:49 . 2014-08-08 21:15 -------- d-----w- c:\programdata\Electronic Arts
2014-08-08 14:49 . 2014-08-10 13:13 -------- d-----w- c:\program files (x86)\Origin
2014-08-08 14:19 . 2014-08-08 14:19 -------- d-----w- c:\users\HP\AppData\Roaming\CyberLink
2014-08-08 14:19 . 2014-08-08 14:19 -------- d-----w- c:\users\HP\AppData\Local\CyberLink
2014-08-08 13:17 . 2014-08-08 13:17 -------- d-----w- c:\program files\CCleaner
2014-08-08 13:06 . 2014-08-08 13:06 -------- d-----w- c:\users\HP\AppData\Local\VS Revo Group
2014-08-08 13:06 . 2014-08-08 13:06 -------- d-----w- c:\programdata\VS Revo Group
2014-08-08 13:06 . 2009-12-30 09:21 31800 ----a-w- c:\windows\system32\drivers\revoflt.sys
2014-08-08 13:06 . 2014-08-08 13:06 -------- d-----w- c:\program files\VS Revo Group
2014-08-08 13:06 . 2014-08-08 13:06 -------- d-----w- c:\users\HP\AppData\Local\Programs
2014-08-08 12:30 . 2014-08-08 12:30 257704 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10243.bin
2014-08-08 12:13 . 2014-08-08 14:03 -------- d-----w- c:\users\HP\AppData\Local\CrashDumps
2014-08-07 20:11 . 2014-08-08 14:31 -------- d-----w- c:\programdata\Avira
2014-08-07 19:15 . 2013-06-01 09:20 2219520 ----a-w- c:\windows\system32\dwmcore.dll
2014-08-07 19:14 . 2013-11-01 01:16 22615040 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2014-08-07 19:09 . 2014-04-03 03:44 619008 ----a-w- c:\windows\system32\drivers\srv2.sys
2014-08-07 19:08 . 2013-07-24 23:07 13661696 ----a-w- c:\windows\system32\Windows.UI.Xaml.dll
2014-08-07 19:06 . 2014-08-07 19:06 -------- d-----w- c:\users\HP\AppData\Roaming\Unity
2014-08-07 19:05 . 2014-08-07 19:05 -------- d-----w- c:\users\HP\AppData\Roaming\.mono
2014-08-07 19:04 . 2014-08-07 19:04 -------- d-----w- c:\users\HP\AppData\Local\Unity
2014-08-07 19:01 . 2014-08-07 19:01 -------- d-----w- c:\users\HP\AppData\Local\Intel_Corporation
2014-08-07 18:58 . 2014-08-07 18:58 -------- d-----w- c:\users\HP\AppData\Roaming\AVAST Software
2014-08-07 18:56 . 2014-08-07 18:56 92008 ----a-w- c:\windows\system32\drivers\aswStm.sys
2014-08-07 18:56 . 2014-08-07 18:56 224896 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-08-07 18:56 . 2014-08-07 18:56 1041168 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-08-07 18:56 . 2014-08-07 18:57 427360 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-08-07 18:56 . 2014-08-07 18:56 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-08-07 18:56 . 2014-08-07 18:56 79184 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-08-07 18:56 . 2014-08-07 18:56 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-08-07 18:56 . 2014-08-07 18:56 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-08-07 18:56 . 2014-08-07 18:56 307344 ----a-w- c:\windows\system32\aswBoot.exe
2014-08-07 18:56 . 2014-08-07 18:56 43152 ----a-w- c:\windows\avastSS.scr
2014-08-07 18:54 . 2014-08-07 18:54 -------- d-----w- c:\program files\AVAST Software
2014-08-07 18:53 . 2014-08-07 18:54 -------- d-----w- c:\programdata\AVAST Software
2014-08-07 18:40 . 2014-08-07 18:40 -------- d-----w- c:\users\HP\AppData\Roaming\IDT
2014-08-07 18:26 . 2014-08-07 18:31 -------- d-----w- c:\program files (x86)\Google
2014-08-07 18:26 . 2014-08-07 18:32 -------- d-----w- c:\users\HP\AppData\Local\Google
2014-08-07 18:26 . 2014-08-07 18:26 -------- d-----w- c:\users\HP\AppData\Local\Deployment
2014-08-07 18:26 . 2014-08-07 18:26 -------- d-----w- c:\users\HP\AppData\Local\Apps
2014-08-07 18:21 . 2014-03-01 09:47 1258496 ----a-w- c:\windows\system32\kernel32.dll
2014-08-07 18:21 . 2014-03-01 09:47 1120768 ----a-w- c:\windows\system32\gpedit.dll
2014-08-07 18:21 . 2014-03-01 08:07 1075200 ----a-w- c:\windows\SysWow64\gpedit.dll
2014-08-07 18:21 . 2014-02-26 23:18 370688 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2014-08-07 18:21 . 2014-02-26 23:18 247808 ----a-w- c:\windows\system32\drivers\srvnet.sys
2014-08-07 18:21 . 2014-02-26 23:18 215040 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2014-08-07 18:21 . 2014-02-15 04:15 78336 ----a-w- c:\windows\system32\drivers\IPMIDrv.sys
2014-08-07 18:21 . 2013-11-25 23:17 83968 ----a-w- c:\windows\system32\drivers\hidclass.sys
2014-08-07 09:00 . 2014-08-07 09:00 50784 ----a-w- c:\programdata\Microsoft\windowsfiltering\Sqm\Manifest\Sqm3.bin
2014-08-07 09:00 . 2014-08-07 09:00 17536 ----a-w- c:\programdata\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
2014-08-07 08:30 . 2014-08-07 20:06 -------- d-----w- c:\program files (x86)\Common Files\Symantec Shared
2014-08-07 08:04 . 2014-08-11 17:16 -------- d-----w- c:\windows\SysWow64\NV
2014-08-07 08:04 . 2014-08-11 17:16 -------- d-----w- c:\windows\system32\NV
2014-08-07 07:37 . 2014-08-07 07:37 -------- d-----w- c:\windows\SysWow64\en
2014-08-07 07:37 . 2014-08-07 07:37 -------- d-----w- c:\windows\SysWow64\0409
2014-08-07 07:37 . 2014-08-07 07:37 -------- d-----w- c:\windows\SysWow64\drivers\UMDF\en-US
2014-08-07 07:37 . 2014-08-07 07:37 -------- d-----w- c:\windows\SysWow64\drivers\sk-SK
2014-08-07 07:36 . 2014-08-07 07:36 -------- d-----w- c:\windows\SysWow64\wbem\sk-SK
2014-08-07 07:36 . 2014-08-07 07:36 -------- d-----w- c:\windows\SysWow64\wbem\en-US
2014-08-07 07:36 . 2014-08-07 07:36 -------- d-----w- c:\windows\sk-SK
2014-08-07 07:36 . 2014-08-07 07:36 -------- d-----w- c:\windows\system32\sk
2014-08-07 07:36 . 2014-08-07 07:36 -------- d-----w- c:\windows\system32\en
2014-08-07 07:36 . 2014-08-07 07:36 -------- d-----w- c:\windows\system32\0409
2014-08-07 07:36 . 2014-08-07 07:36 -------- d-----w- c:\windows\system32\drivers\sk-SK
2014-08-07 07:36 . 2014-08-07 07:36 -------- d-----w- c:\windows\system32\drivers\UMDF\en-US
2014-08-07 07:36 . 2014-08-07 07:36 -------- d-----w- c:\windows\system32\drivers\en-US
2014-08-07 07:36 . 2014-08-07 07:36 -------- d-----w- c:\windows\system32\wbem\sk-SK
2014-08-07 07:36 . 2014-08-07 07:36 -------- d-----w- c:\windows\system32\wbem\en-US
2014-08-07 07:22 . 2014-06-26 20:53 703968 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-08-07 07:22 . 2014-06-26 20:53 105440 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-08-07 07:18 . 2014-08-07 07:18 -------- d-s---w- c:\windows\system32\CompatTel
2014-08-07 07:17 . 2014-08-07 07:25 -------- d-----r- c:\windows\BrowserChoice
2014-08-07 00:37 . 2014-08-07 00:39 -------- d-----w- c:\windows\system32\MRT
2014-08-07 00:09 . 2014-06-11 04:18 4038144 ----a-w- c:\windows\system32\win32k.sys
2014-08-07 00:08 . 2013-04-09 04:51 3552768 ----a-w- c:\windows\system32\tquery.dll
2014-08-07 00:07 . 2013-04-23 22:56 1255936 ----a-w- c:\windows\system32\certutil.exe
2014-08-07 00:06 . 2013-03-06 07:10 112872 ----a-w- c:\windows\system32\consent.exe
2014-08-07 00:05 . 2014-01-12 23:30 2238976 ----a-w- c:\windows\system32\d3d10warp.dll
2014-08-07 00:04 . 2014-05-29 22:24 576512 ----a-w- c:\windows\system32\drivers\afd.sys
2014-08-07 00:03 . 2014-06-06 14:06 596480 ----a-w- c:\windows\system32\qedit.dll
2014-08-07 00:03 . 2014-06-06 10:17 497152 ----a-w- c:\windows\SysWow64\qedit.dll
2014-08-07 00:03 . 2013-09-28 03:35 288768 ----a-w- c:\windows\system32\drivers\portcls.sys
2014-08-07 00:03 . 2013-10-10 09:32 115712 ----a-w- c:\windows\SysWow64\cscript.exe
2014-08-07 00:03 . 2013-10-10 09:30 162304 ----a-w- c:\windows\SysWow64\scrobj.dll
2014-08-07 00:03 . 2013-10-10 09:30 156160 ----a-w- c:\windows\SysWow64\scrrun.dll
2014-08-07 00:03 . 2013-10-10 09:24 143872 ----a-w- c:\windows\system32\wshom.ocx
2014-08-07 00:03 . 2013-10-10 09:23 146944 ----a-w- c:\windows\system32\cscript.exe
2014-08-07 00:03 . 2013-10-10 09:22 222720 ----a-w- c:\windows\system32\scrobj.dll
2014-08-07 00:03 . 2013-10-10 09:22 194048 ----a-w- c:\windows\system32\scrrun.dll
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-08-11 17:16 . 2013-07-08 13:35 34752 ----a-w- c:\windows\system32\drivers\WPRO_41_2001.sys
2014-08-06 21:54 . 2012-07-26 08:13 23256 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BtTray"="c:\program files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe" [2013-01-10 379904]
"AccelerometerSysTrayApplet"="c:\program files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe" [2013-03-01 77088]
"RemoteControl10"="c:\program files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" [2012-07-13 93296]
"HPMessageService"="c:\program files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe" [2013-02-25 1045304]
"HP CoolSense"="c:\program files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe" [2012-11-05 1343904]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-08-07 4085896]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\StartUp\
iSCTsysTray.lnk - c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe [2013-2-13 249320]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
R3 IntcDAud;Intel(R) Zvuk pre obrazovky;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys;c:\windows\SYSNATIVE\DRIVERS\revoflt.sys [x]
R3 SmbDrv;SmbDrv;c:\windows\System32\drivers\Smb_driver_AMDASF.sys;c:\windows\SYSNATIVE\drivers\Smb_driver_AMDASF.sys [x]
R3 TrueService;TrueAPI Service component;c:\program files\Common Files\AuthenTec\TrueService.exe;c:\program files\Common Files\AuthenTec\TrueService.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 CLVirtualDrive;CLVirtualDrive;c:\windows\system32\DRIVERS\CLVirtualDrive.sys;c:\windows\SYSNATIVE\DRIVERS\CLVirtualDrive.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 FPLService;TrueSuiteService;c:\program files (x86)\HP SimplePass\TrueSuiteService.exe;c:\program files (x86)\HP SimplePass\TrueSuiteService.exe [x]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe;c:\program files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 ISCTAgent;Intel(R) Smart Connect Technology Agent;c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe ;c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S3 BtAudioBusSrv;Ralink Bluetooth Audio Bus Service;c:\windows\System32\Drivers\BtAudioBus.sys;c:\windows\SYSNATIVE\Drivers\BtAudioBus.sys [x]
S3 BthL2caScoIfSrv;Bluetooth Profile Interface Driver Service;c:\windows\System32\Drivers\BtL2caScoIf.sys;c:\windows\SYSNATIVE\Drivers\BtL2caScoIf.sys [x]
S3 BthLEEnum;Bluetooth Low Energy Driver;c:\windows\system32\DRIVERS\BthLEEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthLEEnum.sys [x]
S3 btUrbFilterDrv;IVT URB Bluetooth Filter Driver Service;c:\windows\System32\Drivers\IvtUrbBtFlt.sys;c:\windows\SYSNATIVE\Drivers\IvtUrbBtFlt.sys [x]
S3 ikbevent;Intel Upper keyboard Class Filter Driver;c:\windows\system32\DRIVERS\ikbevent.sys;c:\windows\SYSNATIVE\DRIVERS\ikbevent.sys [x]
S3 imsevent;Intel Upper Mouse Class Filter Driver;c:\windows\system32\DRIVERS\imsevent.sys;c:\windows\SYSNATIVE\DRIVERS\imsevent.sys [x]
S3 ISCT;Intel(R) Smart Connect Technology Device Driver;c:\windows\System32\drivers\ISCTD64.sys;c:\windows\SYSNATIVE\drivers\ISCTD64.sys [x]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
S3 rtbth;RTBTH Bluetooth Device Driver;c:\windows\System32\drivers\rtbth.sys;c:\windows\SYSNATIVE\drivers\rtbth.sys [x]
S3 RTL8168;Realtek 8168 NT Driver;c:\windows\system32\DRIVERS\Rt630x64.sys;c:\windows\SYSNATIVE\DRIVERS\Rt630x64.sys [x]
S3 RTSPER;Realtek PCIE Card Reader - PER;c:\windows\system32\DRIVERS\RtsPer.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPer.sys [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
apphost REG_MULTI_SZ apphostsvc
iissvcs REG_MULTI_SZ w3svc was
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-08-07 18:31 1104200 ----a-w- c:\program files (x86)\Google\Chrome\Application\36.0.1985.125\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-08-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-08-07 18:26]
.
2014-08-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-08-07 18:26]
.
2014-08-09 c:\windows\Tasks\Wise Care 365 PC Checkup Task.job
- c:\program files (x86)\Wise\Wise Care 365\WiseCare365.exe [2014-08-09 13:52]
.
2014-08-09 c:\windows\Tasks\Wise Turbo Checker.job
- c:\program files (x86)\Wise\Wise Care 365\WiseTurbo.exe [2014-08-09 12:38]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-08-07 18:56 634872 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2013-03-22 165872]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2013-03-22 407536]
"Persistence"="c:\windows\system32\igfxpers.exe" [2013-03-22 441840]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 213.202.32.3 195.162.161.182
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
ShellIconOverlayIdentifiers-{F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
ShellIconOverlayIdentifiers-{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
ShellIconOverlayIdentifiers-{BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
ShellIconOverlayIdentifiers-{F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
ShellIconOverlayIdentifiers-{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
ShellIconOverlayIdentifiers-{BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
c:\program files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\program files (x86)\HP SimplePass\IEWebSiteLogon.exe
c:\program files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
c:\program files (x86)\CyberLink\YouCam\YCMMirage.exe
c:\program files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-08-11 19:25:48 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2014-08-11 17:25
.
Vor Suchlauf: 898 586 025 984 bytes free
Nach Suchlauf: 897 481 560 064 bytes free
.
- - End Of File - - 7E313D6590E596DF2FB9EA4F9A32BDE1
5FB38429D5D77768867C76DCBDB35194