ComboFix 16-05-18.01 - ENTARO 28.05.2016 19:17:32.1.6 - x64 Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.8175.5305 [GMT 2:00] ausgeführt von:: c:\users\ENTARO\Downloads\ComboFix.exe SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((((( Weitere Löschungen )))))))))))))))))))))))))))))))))))))))))))))))) . . C:\CFLog c:\cflog\EPLog.txt . . ((((((((((((((((((((((( Dateien erstellt von 2016-04-28 bis 2016-05-28 )))))))))))))))))))))))))))))) . . 2016-05-28 17:27 . 2016-05-28 17:27 -------- d-----w- c:\users\Default\AppData\Local\temp 2016-05-28 14:46 . 2016-05-28 14:46 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{2637D90F-3061-4C02-BF34-9C226181729F}\offreg.4972.dll 2016-05-28 14:11 . 2016-05-28 14:12 -------- d-----w- C:\FRST 2016-05-28 13:42 . 2016-05-28 14:23 -------- d-----w- c:\program files (x86)\Overwatch 2016-05-28 11:52 . 2016-05-28 11:52 -------- d-----w- c:\program files (x86)\Chip Digital GmbH 2016-05-28 11:52 . 2016-05-28 11:52 -------- d-----w- c:\users\ENTARO\AppData\Local\Downloaded Installations 2016-05-28 10:56 . 2016-05-02 05:39 1377800 ----a-w- c:\windows\SysWow64\nvspcap.dll 2016-05-28 10:56 . 2016-05-02 05:39 1316184 ----a-w- c:\windows\SysWow64\nvspbridge.dll 2016-05-28 10:56 . 2016-05-02 05:38 1767944 ----a-w- c:\windows\system32\nvspcap64.dll 2016-05-28 10:56 . 2016-05-02 05:38 1756608 ----a-w- c:\windows\system32\nvspbridge64.dll 2016-05-28 10:56 . 2016-05-02 05:38 112032 ----a-w- c:\windows\system32\NvRtmpStreamer64.dll 2016-05-28 10:55 . 2016-05-20 01:45 113208 ----a-w- c:\windows\SysWow64\nvStreaming.exe 2016-05-28 10:55 . 2016-05-04 02:23 129824 ----a-w- c:\windows\SysWow64\vulkan-1.dll 2016-05-28 10:55 . 2016-05-04 02:22 40224 ----a-w- c:\windows\SysWow64\vulkaninfo.exe 2016-05-28 10:55 . 2016-05-04 02:22 130848 ----a-w- c:\windows\system32\vulkan-1.dll 2016-05-28 10:55 . 2016-05-04 02:22 45344 ----a-w- c:\windows\system32\vulkaninfo.exe 2016-05-28 10:55 . 2016-05-28 10:55 -------- d-----w- c:\program files (x86)\VulkanRT 2016-05-28 10:55 . 2016-05-20 02:11 83512 ----a-w- c:\windows\system32\nv3dappshextr.dll 2016-05-28 10:55 . 2016-05-20 02:11 531904 ----a-w- c:\windows\system32\nv3dappshext.dll 2016-05-28 10:52 . 2016-05-28 10:52 -------- d-----w- C:\NVIDIA 2016-05-28 10:44 . 2016-05-28 10:44 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{2637D90F-3061-4C02-BF34-9C226181729F}\offreg.2272.dll 2016-05-28 10:32 . 2016-05-28 10:58 -------- d-----w- c:\users\ENTARO\AppData\Local\NVIDIA 2016-05-28 10:29 . 2016-05-28 13:39 -------- d-----w- c:\programdata\NVIDIA 2016-05-28 10:28 . 2016-05-20 02:11 6346688 ----a-w- c:\windows\system32\nvcpl.dll 2016-05-28 10:28 . 2016-05-20 02:11 2454976 ----a-w- c:\windows\system32\nvsvc64.dll 2016-05-28 10:28 . 2016-05-20 02:11 69568 ----a-w- c:\windows\system32\nvshext.dll 2016-05-28 10:28 . 2016-05-20 02:11 393784 ----a-w- c:\windows\system32\nvmctray.dll 2016-05-28 10:28 . 2016-05-20 02:11 1762752 ----a-w- c:\windows\system32\nvsvcr.dll 2016-05-28 10:28 . 2016-05-20 02:11 1352760 ----a-w- c:\windows\system32\nvvsvc.exe 2016-05-28 10:28 . 2016-05-18 23:25 6448223 ----a-w- c:\windows\system32\nvcoproc.bin 2016-05-28 09:55 . 2016-05-28 09:55 -------- d-----w- c:\program files\CCleaner 2016-05-28 09:44 . 2015-06-25 05:53 40760 ----a-w- c:\windows\system32\TURegOpt.exe 2016-05-28 09:44 . 2015-06-25 05:53 29496 ----a-w- c:\windows\system32\authuitu.dll 2016-05-28 09:44 . 2015-06-25 05:53 25400 ----a-w- c:\windows\SysWow64\authuitu.dll 2016-05-28 09:43 . 2016-05-28 09:43 -------- d-----w- c:\users\ENTARO\AppData\Roaming\TuneUp Software 2016-05-28 09:43 . 2016-05-28 09:43 -------- d-----w- c:\users\ENTARO\AppData\Local\TuneUp Software 2016-05-28 09:42 . 2016-05-28 09:44 -------- d-----w- c:\program files (x86)\TuneUp Utilities 2014 2016-05-28 09:39 . 2016-05-28 09:39 -------- d--h--w- c:\programdata\Common Files 2016-05-28 09:39 . 2016-05-28 09:44 -------- d-----w- c:\programdata\TuneUp Software 2016-05-27 23:24 . 2016-05-27 23:24 -------- d-----w- c:\windows\system32\appmgmt 2016-05-27 22:59 . 2016-05-27 22:59 -------- d-----w- c:\users\ENTARO\AppData\Local\ESET 2016-05-27 22:33 . 2016-05-27 22:33 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{2637D90F-3061-4C02-BF34-9C226181729F}\offreg.3500.dll 2016-05-14 15:37 . 2016-05-14 15:37 5995712 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe 2016-05-12 08:48 . 2016-05-12 08:48 53384 ----a-w- c:\windows\system32\drivers\EpfwLWF.sys 2016-05-04 02:23 . 2016-05-04 02:23 129824 ----a-w- c:\windows\SysWow64\vulkan-1-1-0-11-1.dll 2016-05-04 02:22 . 2016-05-04 02:22 40224 ----a-w- c:\windows\SysWow64\vulkaninfo-1-1-0-11-1.exe 2016-05-04 02:22 . 2016-05-04 02:22 130848 ----a-w- c:\windows\system32\vulkan-1-1-0-11-1.dll 2016-05-04 02:22 . 2016-05-04 02:22 45344 ----a-w- c:\windows\system32\vulkaninfo-1-1-0-11-1.exe . . . (((((((((((((((((((((((((((((((((((( Find3M Bericht )))))))))))))))))))))))))))))))))))))))))))))))))))))) . 2016-05-20 07:01 . 2015-11-10 00:51 19110968 ----a-w- c:\windows\system32\nvwgf2umx.dll 2016-05-20 07:01 . 2015-11-10 00:51 16693208 ----a-w- c:\windows\SysWow64\nvwgf2um.dll 2016-05-20 07:01 . 2015-11-10 00:47 14293592 ----a-w- c:\windows\SysWow64\nvd3dum.dll 2016-05-20 07:01 . 2015-11-10 00:44 3383448 ----a-w- c:\windows\SysWow64\nvapi.dll 2016-05-14 15:37 . 2015-09-08 18:22 797376 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2016-05-14 15:37 . 2015-09-08 18:22 142528 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl . . (((((((((((((((((((((((((((( Autostartpunkte der Registrierung )))))))))))))))))))))))))))))))))))))))) . . *Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BingSvc"="c:\users\ENTARO\AppData\Local\Microsoft\BingSvc\BingSvc.exe" [2015-11-13 144008] "DAEMON Tools Pro Agent"="c:\program files (x86)\DAEMON Tools Pro\DTAgent.exe" [2012-10-23 3108480] "ALLPlayer WiFi Remote"="c:\program files (x86)\ALLPlayer Remote\ALLPlayerRemoteControl.exe" [2014-07-23 5182896] "Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2016-05-17 53123712] "CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2016-04-15 8698584] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "D-Link D-Link DWA-125"="c:\program files (x86)\D-Link\DWA-125 revA\AirNCFG.exe" [2014-03-18 1095984] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" "HP Software Update"=c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x] R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x] R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsux64.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x] S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x] S1 anodlwf;ANOD Network Security Filter driver;c:\windows\system32\DRIVERS\anodlwfx.sys;c:\windows\SYSNATIVE\DRIVERS\anodlwfx.sys [x] S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x] S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x] S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x] S2 chip1click;chip 1-click download service;c:\program files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe;c:\program files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe [x] S2 D_Link_DWA-125_WPS;D_Link_DWA-125_WPS Service;c:\program files (x86)\D-Link\DWA-125 revA\ANIWConnService.exe;c:\program files (x86)\D-Link\DWA-125 revA\ANIWConnService.exe [x] S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x] S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x] S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x] S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [x] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe [x] S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [x] S3 hxctlflt;hxctlflt;c:\windows\system32\DRIVERS\hxctlflt.sys;c:\windows\SYSNATIVE\DRIVERS\hxctlflt.sys [x] S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x] S3 NvStreamNetworkSvc;NVIDIA Streamer Network Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [x] S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x] S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [x] . . --- Andere Dienste/Treiber im Speicher --- . *NewlyCreated* - KWLIYPOD *Deregistered* - kwliypod . Inhalt des "geplante Tasks" Ordners . 2016-05-28 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-09-08 15:37] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CamserviceOG"="c:\program files (x86)\Hercules\Hercules Optical Glass\XtrCtrlEx.exe" [2011-09-07 3382568] "NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2016-05-02 2398776] "ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2016-05-02 1767944] . ------- Zusätzlicher Suchlauf ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm TCP: DhcpNameServer = 192.168.0.1 FF - ProfilePath - c:\users\ENTARO\AppData\Roaming\Mozilla\Firefox\Profiles\qanuv8y2.default\ FF - prefs.js: browser.search.selectedEngine - Bing FF - prefs.js: browser.startup.homepage - hxxp://www.msn.com/?pc=SL5M&ocid=SL5MDHP&osmkt=de-de FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=SL5MDF&PC=SL5M&q= FF - user.js: network.http.max-persistent-connections-per-server - 4 FF - user.js: nglayout.initialpaint.delay - 600 FF - user.js: content.notify.interval - 600000 FF - user.js: content.max.tokenizing.time - 1800000 FF - user.js: content.switch.threshold - 600000 . - - - - Entfernte verwaiste Registrierungseinträge - - - - . Wow6432Node-HKLM-Run- - (no file) AddRemove-{0C9221F6-1EA9-4D92-892D-A5FEB3084A75} - c:\programdata\{2A082487-0FFF-4FD5-BE3C-DE59C1ECC4E0}\NFSU2_PL.exe . . . --------------------- Gesperrte Registrierungsschluessel --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_21_0_0_242_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_21_0_0_242_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}] @Denied: (A 2) (Everyone) @="IFlashBroker6" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_21_0_0_242_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_21_0_0_242_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_21_0_0_242.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.21" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_21_0_0_242.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_21_0_0_242.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_21_0_0_242.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}] @Denied: (A 2) (Everyone) @="IFlashBroker6" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Zeit der Fertigstellung: 2016-05-28 19:39:02 ComboFix-quarantined-files.txt 2016-05-28 17:38 . Vor Suchlauf: 15 Verzeichnis(se), 854.951.972.864 Bytes frei Nach Suchlauf: 18 Verzeichnis(se), 854.939.910.144 Bytes frei . - - End Of File - - C0BB0D9D0E675CA4F10CC5BDA7D663E8 A36C5E4F47E84449FF07ED3517B43A31