Was soll ich machen, wenn ich in Revo Uninstaller keine Google Update Helper habe und so keine löschen kann?
log.txt Code:
ComboFix 15-03-01.01 - André 03.03.2015 17:21:02.2.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.12170.8140 [GMT 1:00]
ausgeführt von:: c:\users\AndrÚ\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
SP: Microsoft Security Essentials *Enabled/Updated* {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((( Dateien erstellt von 2015-02-03 bis 2015-03-03 ))))))))))))))))))))))))))))))
.
.
2015-03-03 16:30 . 2015-03-03 16:30 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-03-03 16:09 . 2015-03-03 16:09 -------- d-----w- c:\program files (x86)\VS Revo Group
2015-03-03 14:52 . 2015-01-29 09:07 11910896 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{EBD1EB74-868E-4647-A298-A6AFDDD1D4BF}\mpengine.dll
2015-03-03 09:29 . 2015-03-03 09:31 -------- d-----w- C:\FRST
2015-03-02 19:14 . 2015-03-02 19:14 -------- d-----w- c:\users\André\AppData\Local\codecwinsockapi
2015-03-02 19:14 . 2015-02-26 09:48 1032603 ----a-w- c:\program files (x86)\wauctla-setup.exe
2015-03-02 19:14 . 2015-03-02 19:10 2664983 ----a-w- c:\program files (x86)\ExtensionsInstallerAsUpdate.exe
2015-03-02 19:14 . 2015-03-02 19:10 2750425 ----a-w- c:\program files (x86)\distribution-installer.exe
2015-03-02 12:49 . 2015-01-29 09:07 11910896 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2015-02-28 18:00 . 2015-02-28 18:00 -------- d-----w- c:\windows\SysWow64\NV
2015-02-28 18:00 . 2015-02-28 18:00 -------- d-----w- c:\windows\system32\NV
2015-02-25 21:29 . 2015-02-25 21:29 17304752 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2015-02-24 10:21 . 2006-06-28 14:44 262144 ----a-w- c:\windows\SysWow64\dashard2006.dll
2015-02-24 10:21 . 2004-03-16 10:04 110592 ----a-w- c:\windows\SysWow64\dashard.dll
2015-02-24 10:21 . 2015-02-24 10:21 -------- d-----w- c:\program files (x86)\FreeStyler
2015-02-24 09:51 . 2015-02-24 10:18 -------- d-----w- c:\program files (x86)\dw-lighting
2015-02-23 22:02 . 2015-02-23 22:03 -------- d-----w- c:\users\André\AppData\Local\Europa Casino
2015-02-22 20:38 . 2015-02-22 20:38 -------- d-----w- c:\program files (x86)\CasinoOnNet
2015-02-22 11:46 . 2015-03-02 12:43 -------- d-----w- c:\users\André\AppData\Local\SCasino
2015-02-22 11:36 . 2014-09-16 20:53 1188440 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B1295466-44E7-4EE2-8BD2-26F12949B675}\gapaengine.dll
2015-02-20 21:08 . 2015-03-03 09:15 -------- d-----w- c:\programdata\Bigfoot Networks
2015-02-20 21:08 . 2015-02-20 21:08 -------- d-----w- c:\program files\Qualcomm Atheros
2015-02-20 20:44 . 2015-03-03 09:13 -------- d-----w- c:\programdata\NVIDIA
2015-02-20 20:44 . 2015-02-20 20:44 -------- d-----w- c:\users\UpdatusUser
2015-02-20 20:43 . 2012-06-05 07:25 2561896 ----a-w- c:\windows\system32\nvsvcr.dll
2015-02-20 20:43 . 2012-06-05 07:25 888680 ----a-w- c:\windows\system32\nvvsvc.exe
2015-02-20 20:43 . 2012-06-05 07:25 862056 ----a-w- c:\windows\system32\nv3dappshext.dll
2015-02-20 20:43 . 2012-06-05 07:25 63336 ----a-w- c:\windows\system32\nvshext.dll
2015-02-20 20:43 . 2012-06-05 07:25 55656 ----a-w- c:\windows\system32\nv3dappshextr.dll
2015-02-20 20:43 . 2012-06-05 07:25 118120 ----a-w- c:\windows\system32\nvmctray.dll
2015-02-20 20:43 . 2012-06-05 07:25 6156136 ----a-w- c:\windows\system32\nvcpl.dll
2015-02-20 20:43 . 2012-06-05 07:25 3152232 ----a-w- c:\windows\system32\nvsvc64.dll
2015-02-20 20:43 . 2012-06-05 07:24 2644963 ----a-w- c:\windows\system32\nvcoproc.bin
2015-02-20 20:33 . 2013-12-10 14:32 1435504 ----a-w- c:\windows\system32\nvumdshimx.dll
2015-02-20 20:33 . 2013-12-10 14:32 141336 ----a-w- c:\windows\SysWow64\nvinit.dll
2015-02-20 20:33 . 2013-12-10 14:32 3067560 ----a-w- c:\windows\system32\nvapi64.dll
2015-02-20 20:33 . 2012-06-05 12:55 1753448 ----a-w- c:\windows\system32\nvdispco64.dll
2015-02-20 20:33 . 2012-06-05 12:55 1468264 ----a-w- c:\windows\system32\nvdispgenco64.dll
2015-02-20 17:01 . 2015-02-20 17:01 -------- d-----w- c:\users\André\AppData\Local\Downloaded Installations
2015-02-20 16:56 . 2000-05-11 00:00 90112 ------w- c:\windows\Updreg.EXE
2015-02-20 16:56 . 2015-02-20 16:56 466520 ----a-w- c:\windows\system32\wrap_oal.dll
2015-02-20 16:56 . 2015-02-20 16:56 445016 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2015-02-20 16:56 . 2015-02-20 16:56 123480 ----a-w- c:\windows\system32\OpenAL32.dll
2015-02-20 16:56 . 2015-02-20 16:56 109144 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2015-02-20 16:56 . 2012-01-13 10:23 1944064 ------w- c:\windows\system32\Sens_oal.dll
2015-02-20 16:56 . 2012-01-13 10:21 2906586 ------w- c:\windows\SysWow64\Sens_oal.dll
2015-02-20 16:56 . 2015-02-20 16:56 -------- d-----w- c:\program files (x86)\Common Files\Creative Labs Shared
2015-02-20 16:55 . 2012-03-27 17:58 1052760 ----a-w- c:\windows\system32\drivers\CtHda.sys
2015-02-20 16:55 . 2012-03-27 17:54 134144 ----a-w- c:\windows\system32\CtHdaS64.exe
2015-02-20 16:55 . 2012-03-27 17:53 574464 ----a-w- c:\windows\system32\CtHdaC64.dll
2015-02-20 16:55 . 2012-03-27 17:52 122880 ----a-w- c:\windows\SysWow64\CtHdaSvc.exe
2015-02-20 16:55 . 2012-03-27 17:52 470016 ----a-w- c:\windows\SysWow64\CtHdaCtl.dll
2015-02-20 16:55 . 2012-03-02 21:41 25088 ----a-w- c:\windows\MEptDef.exe
2015-02-20 16:55 . 2012-02-29 11:34 10240 ----a-r- c:\windows\InstHlp.exe
2015-02-20 16:55 . 2012-02-13 18:16 889856 ----a-w- c:\windows\system32\CtHRFX64.dll
2015-02-20 16:55 . 2011-10-28 10:45 4894 ----a-w- c:\windows\cthdaGER.reg
2015-02-20 16:55 . 2011-10-24 09:02 4850 ----a-w- c:\windows\cthdaeng.reg
2015-02-20 16:55 . 2010-09-15 10:39 235520 ----a-w- c:\windows\system32\CtDco64.dll
2015-02-20 16:55 . 2006-12-05 13:52 48400 ----a-w- c:\windows\AddCat.exe
2015-02-20 16:46 . 2012-02-23 04:46 39976 ----a-w- c:\windows\system32\drivers\btwl2cap.sys
2015-02-20 16:46 . 2012-02-23 04:46 21544 ----a-w- c:\windows\system32\drivers\btwrchid.sys
2015-02-20 16:46 . 2012-02-23 04:46 211496 ----a-w- c:\windows\system32\drivers\btwavdt.sys
2015-02-20 16:46 . 2012-02-23 04:46 184360 ----a-w- c:\windows\system32\drivers\btwaudio.sys
2015-02-20 16:37 . 2015-02-20 16:37 -------- d-----w- c:\windows\SysWow64\Atheros_L1e
2015-02-20 16:32 . 2011-12-06 14:55 53248 ----a-w- c:\windows\SysWow64\CSVer.dll
2015-02-20 11:19 . 2015-02-12 16:39 44856 ----a-w- c:\windows\system32\uxtuneup.dll
2015-02-20 11:19 . 2015-02-12 16:39 36664 ----a-w- c:\windows\SysWow64\uxtuneup.dll
2015-02-20 10:07 . 2015-02-20 10:07 -------- d-----w- c:\users\André\AppData\Roaming\PCDr
2015-02-20 10:06 . 2015-02-20 10:06 -------- d-----w- c:\programdata\PCDr
2015-02-20 09:31 . 2015-02-12 16:39 41784 ----a-w- c:\windows\system32\TURegOpt.exe
2015-02-20 09:31 . 2015-02-12 16:39 30520 ----a-w- c:\windows\system32\authuitu.dll
2015-02-20 09:31 . 2015-02-12 16:39 25912 ----a-w- c:\windows\SysWow64\authuitu.dll
2015-02-20 09:21 . 2015-02-20 09:21 -------- d-----w- c:\program files (x86)\iTunes
2015-02-20 09:21 . 2015-02-20 09:22 -------- d-----w- c:\programdata\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-02-20 09:21 . 2015-02-20 09:21 -------- d-----w- c:\program files\iPod
2015-02-20 09:01 . 2015-02-20 09:01 -------- d-----w- C:\Dell
2015-02-20 08:55 . 2015-02-20 08:56 -------- d-----w- c:\programdata\Dell
2015-02-19 13:26 . 2015-02-19 20:48 -------- d-----w- c:\windows\system32\drivers\etc
2015-02-18 15:37 . 2015-02-19 11:52 -------- d-----w- c:\windows\system32\log
2015-02-18 09:07 . 2015-02-18 09:07 -------- d-----w- c:\program files (x86)\Microsoft CAPICOM 2.1.0.2
2015-02-17 09:07 . 2015-02-17 09:07 -------- d-----w- c:\users\André\AppData\Local\Scansoft
2015-02-16 10:43 . 2015-02-16 10:43 -------- d-----w- c:\programdata\CanonIJPLM
2015-02-16 10:37 . 2015-02-16 10:37 -------- d-----w- c:\programdata\InstallShield
2015-02-16 10:37 . 2015-02-16 10:37 -------- d-----w- c:\users\André\AppData\Roaming\ScanSoft
2015-02-16 10:37 . 2015-02-16 10:37 -------- d-----w- c:\programdata\ScanSoft
2015-02-16 10:37 . 2015-02-16 10:37 -------- d-----w- c:\program files (x86)\Common Files\ScanSoft Shared
2015-02-16 10:37 . 2015-02-16 10:37 -------- d-----w- c:\program files (x86)\ScanSoft
2015-02-16 10:28 . 2015-02-16 10:28 -------- d--h--w- c:\windows\system32\CanonIJ Uninstaller Information
2015-02-16 10:28 . 2006-12-25 20:00 236544 ----a-w- c:\windows\system32\CNMLM8R.DLL
2015-02-16 10:27 . 2006-06-29 05:30 17408 ----a-w- c:\windows\system32\cnco140.dll
2015-02-16 10:27 . 2006-11-10 02:03 1337344 ----a-w- c:\windows\system32\CNCC140.DLL
2015-02-16 10:27 . 2006-11-10 02:02 49664 ----a-w- c:\windows\system32\CNCI140.DLL
2015-02-16 10:27 . 2006-05-26 07:23 90624 ----a-w- c:\windows\system32\CNCL140.DLL
2015-02-16 10:27 . 2015-02-16 10:27 -------- d--h--w- c:\program files\CanonBJ
2015-02-15 19:26 . 2015-02-15 19:26 -------- d-----w- c:\program files\Dell
2015-02-13 08:39 . 2015-01-23 03:43 620032 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2015-02-13 08:39 . 2015-01-23 04:41 6041600 ----a-w- c:\windows\system32\jscript9.dll
2015-02-13 08:39 . 2015-01-23 03:17 4300800 ----a-w- c:\windows\SysWow64\jscript9.dll
2015-02-13 08:39 . 2015-01-23 04:42 814080 ----a-w- c:\windows\system32\jscript9diag.dll
2015-02-12 20:34 . 2015-02-12 20:34 -------- d-----w- c:\programdata\Grisoft
2015-02-11 12:32 . 2015-01-13 03:10 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2015-02-11 12:31 . 2014-10-04 02:10 3722752 ----a-w- c:\windows\system32\mstscax.dll
2015-02-11 12:31 . 2014-10-04 01:42 3221504 ----a-w- c:\windows\SysWow64\mstscax.dll
2015-02-11 12:31 . 2014-10-04 01:42 131584 ----a-w- c:\windows\SysWow64\aaclient.dll
2015-02-11 12:29 . 2014-12-08 03:09 406528 ----a-w- c:\windows\system32\scesrv.dll
2015-02-11 12:29 . 2014-12-08 02:46 308224 ----a-w- c:\windows\SysWow64\scesrv.dll
2015-02-11 12:26 . 2015-01-14 06:09 5554112 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-02-11 12:26 . 2015-01-14 05:44 3972544 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2015-02-11 12:26 . 2015-01-14 05:44 3917760 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2015-02-11 12:26 . 2015-01-14 06:05 503808 ----a-w- c:\windows\system32\srcore.dll
2015-02-11 12:26 . 2015-01-14 06:05 50176 ----a-w- c:\windows\system32\srclient.dll
2015-02-11 12:26 . 2015-01-14 06:04 296960 ----a-w- c:\windows\system32\rstrui.exe
2015-02-11 12:26 . 2015-01-14 05:41 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2015-02-11 12:26 . 2015-01-09 02:03 3201536 ----a-w- c:\windows\system32\win32k.sys
2015-02-11 10:30 . 2015-02-11 10:30 -------- d-----w- c:\program files (x86)\goodChoice
2015-02-11 10:30 . 2015-02-11 10:30 -------- d-----w- c:\program files (x86)\Color My SNS
2015-02-09 16:12 . 2015-02-10 13:42 -------- d-----w- c:\program files\CCleaner
2015-02-08 14:09 . 2015-02-08 14:11 -------- d-----w- c:\users\André\AppData\Roaming\FreeAudioEditor
2015-02-08 14:05 . 2015-02-10 13:43 -------- d-----w- c:\program files (x86)\Free Codec Pack
2015-02-08 14:05 . 2015-02-10 13:43 -------- d-----w- c:\program files (x86)\Common Files\DVDVideoSoft
2015-02-04 14:27 . 2015-02-04 14:27 -------- d-sh--w- c:\users\André\AppData\Local\EmieBrowserModeList
2015-02-04 14:22 . 2015-02-04 14:22 -------- d-----w- c:\users\André\AppData\Roaming\sparta123
2015-02-04 13:45 . 2015-02-04 13:45 -------- d-----w- c:\windows\SysWow64\controlfirmwareGUI
2015-02-04 10:05 . 2015-02-20 17:07 -------- d-----w- c:\program files\iTunes
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-03-03 09:19 . 2014-06-26 17:43 129752 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-02-25 21:30 . 2013-04-23 10:29 778416 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-02-25 21:30 . 2013-04-23 10:29 142512 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-02-20 17:42 . 2012-07-17 12:37 23256 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2015-02-12 09:25 . 2013-09-25 14:24 116773704 ----a-w- c:\windows\system32\MRT.exe
2015-01-30 22:36 . 2015-01-30 22:36 23760 ----a-w- c:\windows\system32\drivers\DDDriver64Dcsa.sys
2015-01-30 22:36 . 2015-01-30 22:36 23312 ----a-w- c:\windows\system32\drivers\DellProf.sys
2014-12-31 11:14 . 2010-11-21 03:27 298120 ------w- c:\windows\system32\MpSigStub.exe
2014-12-19 03:06 . 2015-01-14 16:08 210432 ----a-w- c:\windows\system32\profsvc.dll
2014-12-19 01:46 . 2015-01-14 16:08 141312 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2014-12-11 17:47 . 2015-01-14 16:08 52736 ----a-w- c:\windows\system32\TSWbPrxy.exe
2014-12-06 04:17 . 2015-01-14 16:08 303616 ----a-w- c:\windows\system32\nlasvc.dll
2014-12-06 03:50 . 2015-01-14 16:08 52224 ----a-w- c:\windows\SysWow64\nlaapi.dll
2014-12-06 03:50 . 2015-01-14 16:08 156672 ----a-w- c:\windows\SysWow64\ncsi.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-05-27 23:08 220632 ----a-w- c:\users\André\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-05-27 23:08 220632 ----a-w- c:\users\André\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-05-27 23:08 220632 ----a-w- c:\users\André\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="c:\program files (x86)\RocketDock\RocketDock.exe" [2007-09-02 495616]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-03-14 3672640]
"iCloudServices"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [2014-10-17 43816]
"ApplePhotoStreams"="c:\program files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" [2014-11-21 43816]
"IAStorUI"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorUI.exe" [2012-11-19 632376]
"DsLauncher"="c:\program files (x86)\AlienRespawn\dslauncher.exe" [2012-01-27 312640]
"PC-Doctor Module"="c:\program files\AlienAutopsy\pcdlauncher.exe" [2014-01-31 457720]
"DellSystemDetect"="c:\users\André\AppData\Local\Apps\2.0\23NV5ADE.MHW\HY49TWH7.HAO\dell..tion_e30b47f5d4a30e9e_0005.000e_4ab3a7332dd76702\DellSystemDetect.exe" [2015-02-20 283432]
"Revo Uninstaller"="c:\program files (x86)\VS Revo Group\Revo Uninstaller\revouninstaller.exe" [2013-07-03 3161648]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Sound Blaster Recon3Di Control Panel"="c:\program files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\SBRcni.exe" [2011-12-21 880640]
.
c:\users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Netzmanager.lnk - c:\program files\Netzmanager\netzmanager.exe /Autostart [2012-7-20 14134784]
Tintenwarnungen überwachen - HP Officejet 6700 (Netzwerk).lnk - c:\windows\system32\RunDll32.exe "c:\program files\HP\HP Officejet 6700\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN41AD50RJ05RQ;CONNECTION=NW;MONITOR=1; [2009-7-14 45568]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2012-2-22 1380128]
Qualcomm Atheros Killer Network Manager.lnk - c:\program files\Qualcomm Atheros\Killer Network Manager\KillerNetManager.exe -minimized [2012-2-15 549888]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll c:\windows\SysWOW64\nvinit.dll c:\progra~2\NVIDIA~1\NVSTRE~1\rxinput.dll c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli c:\program files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"UpdReg"=c:\windows\UpdReg.EXE
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime
"HP Software Update"=c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
"PDFPrint"=c:\program files (x86)\PDF24\pdf24.exe
"SSBkgdUpdate"="c:\program files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 DLPortIO;DriverLINX Port I/O Driver; [x]
R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys;c:\windows\SYSNATIVE\drivers\bcbtums.sys [x]
R3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [x]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [x]
R3 dcdbas;System Management Driver;c:\windows\system32\DRIVERS\dcdbas64.sys;c:\windows\SYSNATIVE\DRIVERS\dcdbas64.sys [x]
R3 HDJCtrl;Hercules DJ Control MP3 Service;c:\windows\system32\Drivers\HDJCtrl.sys;c:\windows\SYSNATIVE\Drivers\HDJCtrl.sys [x]
R3 HDJMidi;Hercules DJ Control MP3 MIDI;c:\windows\system32\DRIVERS\HDJMidi.sys;c:\windows\SYSNATIVE\DRIVERS\HDJMidi.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
R3 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 rzudd;Razer Keyboard Driver;c:\windows\system32\DRIVERS\rzudd.sys;c:\windows\SYSNATIVE\DRIVERS\rzudd.sys [x]
R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]
R3 TelekomNM6;Telekom Netzmanager Packet Filter Driver;c:\program files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys;c:\program files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
S0 EMSC;COMPAL Embedded System Control;c:\windows\system32\DRIVERS\EMSC.SYS;c:\windows\SYSNATIVE\DRIVERS\EMSC.SYS [x]
S0 iaStorA;iaStorA;c:\windows\system32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\drivers\iaStorF.sys;c:\windows\SYSNATIVE\drivers\iaStorF.sys [x]
S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 BfLwf;Bigfoot Networks Bandwidth Control;c:\windows\system32\DRIVERS\bflwfx64.sys;c:\windows\SYSNATIVE\DRIVERS\bflwfx64.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 nvkflt;nvkflt;c:\windows\system32\DRIVERS\nvkflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvkflt.sys [x]
S2 AlienFusionService;Alienware Fusion Service;c:\program files\Alienware\Command Center\AlienFusionService.exe;c:\program files\Alienware\Command Center\AlienFusionService.exe [x]
S2 Apple Mobile Device Service;Apple Mobile Device Service;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [x]
S2 codecwinsockapi.exe;codecwinsockapi.exe;c:\users\André\AppData\Local\codecwinsockapi\codecwinsockapi.exe;c:\users\André\AppData\Local\codecwinsockapi\codecwinsockapi.exe [x]
S2 controlfirmwareGUI;controlfirmwareGUI;c:\windows\SysWOW64\controlfirmwareGUI\controlfirmwareGUI.exe;c:\windows\SysWOW64\controlfirmwareGUI\controlfirmwareGUI.exe [x]
S2 CtHdaSvc;Sound Core3D Service;c:\windows\sysWow64\CtHdaSvc.exe;c:\windows\sysWow64\CtHdaSvc.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage-Technologie;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys;c:\windows\SYSNATIVE\drivers\mbamchameleon.sys [x]
S2 Netzmanager Service;Netzmanager Infrastruktur Informationssystem Dienst;c:\program files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe ;c:\program files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [x]
S2 NIHardwareService;NIHardwareService;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [x]
S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Qualcomm Atheros Killer Service;Qualcomm Atheros Killer Service;c:\program files\Qualcomm Atheros\Killer Network Manager\BFNService.exe;c:\program files\Qualcomm Atheros\Killer Network Manager\BFNService.exe [x]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\AlienRespawn\sftservice.EXE;c:\program files (x86)\AlienRespawn\sftservice.EXE [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [x]
S2 WTGService;WTGService;c:\program files (x86)\Verbindungsassistent\WTGService.exe;c:\program files (x86)\Verbindungsassistent\WTGService.exe [x]
S3 Ak27x64;Killer Wireless-N 1102 device driver;c:\windows\system32\DRIVERS\Ak27x64.sys;c:\windows\SYSNATIVE\DRIVERS\Ak27x64.sys [x]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys;c:\windows\SYSNATIVE\DRIVERS\CtClsFlt.sys [x]
S3 cthda;Sound Core3D(CtHda.sys);c:\windows\system32\drivers\cthda.sys;c:\windows\SYSNATIVE\drivers\cthda.sys [x]
S3 DDDriver;DDDriver;c:\windows\system32\drivers\DDDriver64Dcsa.sys;c:\windows\SYSNATIVE\drivers\DDDriver64Dcsa.sys [x]
S3 DellProf;DellProf;c:\windows\system32\drivers\DellProf.sys;c:\windows\SYSNATIVE\drivers\DellProf.sys [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - PCDSRVC{90AB3B40-A9A6E5C8-06020200}_0
*Deregistered* - PCDSRVC{90AB3B40-A9A6E5C8-06020200}_0
.
Inhalt des "geplante Tasks" Ordners
.
2015-03-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-04-23 21:30]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-05-27 23:08 244696 ----a-w- c:\users\André\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-05-27 23:08 244696 ----a-w- c:\users\André\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-05-27 23:08 244696 ----a-w- c:\users\André\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Command Center Controllers"="c:\program files\Alienware\Command Center\AWCCStartupOrchestrator.exe" [2012-06-15 12656]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-02-18 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-02-18 398616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-02-18 440600]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SYSTEM32\blank.htm
mSearch Page = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
uInternet Settings,ProxyOverride = <local>;*origin.com;*ea.com;*akamaihd.net
uInternet Settings,ProxyServer = http=127.0.0.1:11917
IE: An OneNote s&enden - c:\progra~1\MICROS~2\Office15\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~2\Office15\EXCEL.EXE/3000
LSP: %SYSTEMROOT%\system32\BfLLR.dll
Trusted Zone: dell.com
TCP: DhcpNameServer = 192.168.2.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
FF - ProfilePath - c:\users\André\AppData\Roaming\Mozilla\Firefox\Profiles\wv60tni2.default-1424269440517\
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
ShellIconOverlayIdentifiers-{8BA85C75-763B-4103-94EB-9470F12FE0F7} - (no file)
ShellIconOverlayIdentifiers-{CD55129A-B1A1-438E-A425-CEBC7DC684EE} - (no file)
ShellIconOverlayIdentifiers-{E768CD3B-BDDC-436D-9C13-E1B39CA257B1} - (no file)
AddRemove-Hot Jingle Player - c:\program files (x86)\Hot Jingle Player\uninstall.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_305_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_305_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_305_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_305_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.16"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2015-03-03 17:34:13
ComboFix-quarantined-files.txt 2015-03-03 16:34
ComboFix2.txt 2015-02-18 22:17
.
Vor Suchlauf: 22 Verzeichnis(se), 204.658.024.448 Bytes frei
Nach Suchlauf: 24 Verzeichnis(se), 204.316.000.256 Bytes frei
.
- - End Of File - - CD1ECD115F210CC53E20337E0822B468
5C616939100B85E558DA92B899A0FC36
combofix: Code:
ComboFix 15-03-01.01 - André 03.03.2015 17:21:02.2.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.12170.8140 [GMT 1:00]
ausgeführt von:: c:\users\AndrÚ\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
SP: Microsoft Security Essentials *Enabled/Updated* {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((( Dateien erstellt von 2015-02-03 bis 2015-03-03 ))))))))))))))))))))))))))))))
.
.
2015-03-03 16:30 . 2015-03-03 16:30 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-03-03 16:09 . 2015-03-03 16:09 -------- d-----w- c:\program files (x86)\VS Revo Group
2015-03-03 14:52 . 2015-01-29 09:07 11910896 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{EBD1EB74-868E-4647-A298-A6AFDDD1D4BF}\mpengine.dll
2015-03-03 09:29 . 2015-03-03 09:31 -------- d-----w- C:\FRST
2015-03-02 19:14 . 2015-03-02 19:14 -------- d-----w- c:\users\André\AppData\Local\codecwinsockapi
2015-03-02 19:14 . 2015-02-26 09:48 1032603 ----a-w- c:\program files (x86)\wauctla-setup.exe
2015-03-02 19:14 . 2015-03-02 19:10 2664983 ----a-w- c:\program files (x86)\ExtensionsInstallerAsUpdate.exe
2015-03-02 19:14 . 2015-03-02 19:10 2750425 ----a-w- c:\program files (x86)\distribution-installer.exe
2015-03-02 12:49 . 2015-01-29 09:07 11910896 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2015-02-28 18:00 . 2015-02-28 18:00 -------- d-----w- c:\windows\SysWow64\NV
2015-02-28 18:00 . 2015-02-28 18:00 -------- d-----w- c:\windows\system32\NV
2015-02-25 21:29 . 2015-02-25 21:29 17304752 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2015-02-24 10:21 . 2006-06-28 14:44 262144 ----a-w- c:\windows\SysWow64\dashard2006.dll
2015-02-24 10:21 . 2004-03-16 10:04 110592 ----a-w- c:\windows\SysWow64\dashard.dll
2015-02-24 10:21 . 2015-02-24 10:21 -------- d-----w- c:\program files (x86)\FreeStyler
2015-02-24 09:51 . 2015-02-24 10:18 -------- d-----w- c:\program files (x86)\dw-lighting
2015-02-23 22:02 . 2015-02-23 22:03 -------- d-----w- c:\users\André\AppData\Local\Europa Casino
2015-02-22 20:38 . 2015-02-22 20:38 -------- d-----w- c:\program files (x86)\CasinoOnNet
2015-02-22 11:46 . 2015-03-02 12:43 -------- d-----w- c:\users\André\AppData\Local\SCasino
2015-02-22 11:36 . 2014-09-16 20:53 1188440 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B1295466-44E7-4EE2-8BD2-26F12949B675}\gapaengine.dll
2015-02-20 21:08 . 2015-03-03 09:15 -------- d-----w- c:\programdata\Bigfoot Networks
2015-02-20 21:08 . 2015-02-20 21:08 -------- d-----w- c:\program files\Qualcomm Atheros
2015-02-20 20:44 . 2015-03-03 09:13 -------- d-----w- c:\programdata\NVIDIA
2015-02-20 20:44 . 2015-02-20 20:44 -------- d-----w- c:\users\UpdatusUser
2015-02-20 20:43 . 2012-06-05 07:25 2561896 ----a-w- c:\windows\system32\nvsvcr.dll
2015-02-20 20:43 . 2012-06-05 07:25 888680 ----a-w- c:\windows\system32\nvvsvc.exe
2015-02-20 20:43 . 2012-06-05 07:25 862056 ----a-w- c:\windows\system32\nv3dappshext.dll
2015-02-20 20:43 . 2012-06-05 07:25 63336 ----a-w- c:\windows\system32\nvshext.dll
2015-02-20 20:43 . 2012-06-05 07:25 55656 ----a-w- c:\windows\system32\nv3dappshextr.dll
2015-02-20 20:43 . 2012-06-05 07:25 118120 ----a-w- c:\windows\system32\nvmctray.dll
2015-02-20 20:43 . 2012-06-05 07:25 6156136 ----a-w- c:\windows\system32\nvcpl.dll
2015-02-20 20:43 . 2012-06-05 07:25 3152232 ----a-w- c:\windows\system32\nvsvc64.dll
2015-02-20 20:43 . 2012-06-05 07:24 2644963 ----a-w- c:\windows\system32\nvcoproc.bin
2015-02-20 20:33 . 2013-12-10 14:32 1435504 ----a-w- c:\windows\system32\nvumdshimx.dll
2015-02-20 20:33 . 2013-12-10 14:32 141336 ----a-w- c:\windows\SysWow64\nvinit.dll
2015-02-20 20:33 . 2013-12-10 14:32 3067560 ----a-w- c:\windows\system32\nvapi64.dll
2015-02-20 20:33 . 2012-06-05 12:55 1753448 ----a-w- c:\windows\system32\nvdispco64.dll
2015-02-20 20:33 . 2012-06-05 12:55 1468264 ----a-w- c:\windows\system32\nvdispgenco64.dll
2015-02-20 17:01 . 2015-02-20 17:01 -------- d-----w- c:\users\André\AppData\Local\Downloaded Installations
2015-02-20 16:56 . 2000-05-11 00:00 90112 ------w- c:\windows\Updreg.EXE
2015-02-20 16:56 . 2015-02-20 16:56 466520 ----a-w- c:\windows\system32\wrap_oal.dll
2015-02-20 16:56 . 2015-02-20 16:56 445016 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2015-02-20 16:56 . 2015-02-20 16:56 123480 ----a-w- c:\windows\system32\OpenAL32.dll
2015-02-20 16:56 . 2015-02-20 16:56 109144 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2015-02-20 16:56 . 2012-01-13 10:23 1944064 ------w- c:\windows\system32\Sens_oal.dll
2015-02-20 16:56 . 2012-01-13 10:21 2906586 ------w- c:\windows\SysWow64\Sens_oal.dll
2015-02-20 16:56 . 2015-02-20 16:56 -------- d-----w- c:\program files (x86)\Common Files\Creative Labs Shared
2015-02-20 16:55 . 2012-03-27 17:58 1052760 ----a-w- c:\windows\system32\drivers\CtHda.sys
2015-02-20 16:55 . 2012-03-27 17:54 134144 ----a-w- c:\windows\system32\CtHdaS64.exe
2015-02-20 16:55 . 2012-03-27 17:53 574464 ----a-w- c:\windows\system32\CtHdaC64.dll
2015-02-20 16:55 . 2012-03-27 17:52 122880 ----a-w- c:\windows\SysWow64\CtHdaSvc.exe
2015-02-20 16:55 . 2012-03-27 17:52 470016 ----a-w- c:\windows\SysWow64\CtHdaCtl.dll
2015-02-20 16:55 . 2012-03-02 21:41 25088 ----a-w- c:\windows\MEptDef.exe
2015-02-20 16:55 . 2012-02-29 11:34 10240 ----a-r- c:\windows\InstHlp.exe
2015-02-20 16:55 . 2012-02-13 18:16 889856 ----a-w- c:\windows\system32\CtHRFX64.dll
2015-02-20 16:55 . 2011-10-28 10:45 4894 ----a-w- c:\windows\cthdaGER.reg
2015-02-20 16:55 . 2011-10-24 09:02 4850 ----a-w- c:\windows\cthdaeng.reg
2015-02-20 16:55 . 2010-09-15 10:39 235520 ----a-w- c:\windows\system32\CtDco64.dll
2015-02-20 16:55 . 2006-12-05 13:52 48400 ----a-w- c:\windows\AddCat.exe
2015-02-20 16:46 . 2012-02-23 04:46 39976 ----a-w- c:\windows\system32\drivers\btwl2cap.sys
2015-02-20 16:46 . 2012-02-23 04:46 21544 ----a-w- c:\windows\system32\drivers\btwrchid.sys
2015-02-20 16:46 . 2012-02-23 04:46 211496 ----a-w- c:\windows\system32\drivers\btwavdt.sys
2015-02-20 16:46 . 2012-02-23 04:46 184360 ----a-w- c:\windows\system32\drivers\btwaudio.sys
2015-02-20 16:37 . 2015-02-20 16:37 -------- d-----w- c:\windows\SysWow64\Atheros_L1e
2015-02-20 16:32 . 2011-12-06 14:55 53248 ----a-w- c:\windows\SysWow64\CSVer.dll
2015-02-20 11:19 . 2015-02-12 16:39 44856 ----a-w- c:\windows\system32\uxtuneup.dll
2015-02-20 11:19 . 2015-02-12 16:39 36664 ----a-w- c:\windows\SysWow64\uxtuneup.dll
2015-02-20 10:07 . 2015-02-20 10:07 -------- d-----w- c:\users\André\AppData\Roaming\PCDr
2015-02-20 10:06 . 2015-02-20 10:06 -------- d-----w- c:\programdata\PCDr
2015-02-20 09:31 . 2015-02-12 16:39 41784 ----a-w- c:\windows\system32\TURegOpt.exe
2015-02-20 09:31 . 2015-02-12 16:39 30520 ----a-w- c:\windows\system32\authuitu.dll
2015-02-20 09:31 . 2015-02-12 16:39 25912 ----a-w- c:\windows\SysWow64\authuitu.dll
2015-02-20 09:21 . 2015-02-20 09:21 -------- d-----w- c:\program files (x86)\iTunes
2015-02-20 09:21 . 2015-02-20 09:22 -------- d-----w- c:\programdata\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-02-20 09:21 . 2015-02-20 09:21 -------- d-----w- c:\program files\iPod
2015-02-20 09:01 . 2015-02-20 09:01 -------- d-----w- C:\Dell
2015-02-20 08:55 . 2015-02-20 08:56 -------- d-----w- c:\programdata\Dell
2015-02-19 13:26 . 2015-02-19 20:48 -------- d-----w- c:\windows\system32\drivers\etc
2015-02-18 15:37 . 2015-02-19 11:52 -------- d-----w- c:\windows\system32\log
2015-02-18 09:07 . 2015-02-18 09:07 -------- d-----w- c:\program files (x86)\Microsoft CAPICOM 2.1.0.2
2015-02-17 09:07 . 2015-02-17 09:07 -------- d-----w- c:\users\André\AppData\Local\Scansoft
2015-02-16 10:43 . 2015-02-16 10:43 -------- d-----w- c:\programdata\CanonIJPLM
2015-02-16 10:37 . 2015-02-16 10:37 -------- d-----w- c:\programdata\InstallShield
2015-02-16 10:37 . 2015-02-16 10:37 -------- d-----w- c:\users\André\AppData\Roaming\ScanSoft
2015-02-16 10:37 . 2015-02-16 10:37 -------- d-----w- c:\programdata\ScanSoft
2015-02-16 10:37 . 2015-02-16 10:37 -------- d-----w- c:\program files (x86)\Common Files\ScanSoft Shared
2015-02-16 10:37 . 2015-02-16 10:37 -------- d-----w- c:\program files (x86)\ScanSoft
2015-02-16 10:28 . 2015-02-16 10:28 -------- d--h--w- c:\windows\system32\CanonIJ Uninstaller Information
2015-02-16 10:28 . 2006-12-25 20:00 236544 ----a-w- c:\windows\system32\CNMLM8R.DLL
2015-02-16 10:27 . 2006-06-29 05:30 17408 ----a-w- c:\windows\system32\cnco140.dll
2015-02-16 10:27 . 2006-11-10 02:03 1337344 ----a-w- c:\windows\system32\CNCC140.DLL
2015-02-16 10:27 . 2006-11-10 02:02 49664 ----a-w- c:\windows\system32\CNCI140.DLL
2015-02-16 10:27 . 2006-05-26 07:23 90624 ----a-w- c:\windows\system32\CNCL140.DLL
2015-02-16 10:27 . 2015-02-16 10:27 -------- d--h--w- c:\program files\CanonBJ
2015-02-15 19:26 . 2015-02-15 19:26 -------- d-----w- c:\program files\Dell
2015-02-13 08:39 . 2015-01-23 03:43 620032 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2015-02-13 08:39 . 2015-01-23 04:41 6041600 ----a-w- c:\windows\system32\jscript9.dll
2015-02-13 08:39 . 2015-01-23 03:17 4300800 ----a-w- c:\windows\SysWow64\jscript9.dll
2015-02-13 08:39 . 2015-01-23 04:42 814080 ----a-w- c:\windows\system32\jscript9diag.dll
2015-02-12 20:34 . 2015-02-12 20:34 -------- d-----w- c:\programdata\Grisoft
2015-02-11 12:32 . 2015-01-13 03:10 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2015-02-11 12:31 . 2014-10-04 02:10 3722752 ----a-w- c:\windows\system32\mstscax.dll
2015-02-11 12:31 . 2014-10-04 01:42 3221504 ----a-w- c:\windows\SysWow64\mstscax.dll
2015-02-11 12:31 . 2014-10-04 01:42 131584 ----a-w- c:\windows\SysWow64\aaclient.dll
2015-02-11 12:29 . 2014-12-08 03:09 406528 ----a-w- c:\windows\system32\scesrv.dll
2015-02-11 12:29 . 2014-12-08 02:46 308224 ----a-w- c:\windows\SysWow64\scesrv.dll
2015-02-11 12:26 . 2015-01-14 06:09 5554112 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-02-11 12:26 . 2015-01-14 05:44 3972544 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2015-02-11 12:26 . 2015-01-14 05:44 3917760 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2015-02-11 12:26 . 2015-01-14 06:05 503808 ----a-w- c:\windows\system32\srcore.dll
2015-02-11 12:26 . 2015-01-14 06:05 50176 ----a-w- c:\windows\system32\srclient.dll
2015-02-11 12:26 . 2015-01-14 06:04 296960 ----a-w- c:\windows\system32\rstrui.exe
2015-02-11 12:26 . 2015-01-14 05:41 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2015-02-11 12:26 . 2015-01-09 02:03 3201536 ----a-w- c:\windows\system32\win32k.sys
2015-02-11 10:30 . 2015-02-11 10:30 -------- d-----w- c:\program files (x86)\goodChoice
2015-02-11 10:30 . 2015-02-11 10:30 -------- d-----w- c:\program files (x86)\Color My SNS
2015-02-09 16:12 . 2015-02-10 13:42 -------- d-----w- c:\program files\CCleaner
2015-02-08 14:09 . 2015-02-08 14:11 -------- d-----w- c:\users\André\AppData\Roaming\FreeAudioEditor
2015-02-08 14:05 . 2015-02-10 13:43 -------- d-----w- c:\program files (x86)\Free Codec Pack
2015-02-08 14:05 . 2015-02-10 13:43 -------- d-----w- c:\program files (x86)\Common Files\DVDVideoSoft
2015-02-04 14:27 . 2015-02-04 14:27 -------- d-sh--w- c:\users\André\AppData\Local\EmieBrowserModeList
2015-02-04 14:22 . 2015-02-04 14:22 -------- d-----w- c:\users\André\AppData\Roaming\sparta123
2015-02-04 13:45 . 2015-02-04 13:45 -------- d-----w- c:\windows\SysWow64\controlfirmwareGUI
2015-02-04 10:05 . 2015-02-20 17:07 -------- d-----w- c:\program files\iTunes
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-03-03 09:19 . 2014-06-26 17:43 129752 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-02-25 21:30 . 2013-04-23 10:29 778416 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-02-25 21:30 . 2013-04-23 10:29 142512 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-02-20 17:42 . 2012-07-17 12:37 23256 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2015-02-12 09:25 . 2013-09-25 14:24 116773704 ----a-w- c:\windows\system32\MRT.exe
2015-01-30 22:36 . 2015-01-30 22:36 23760 ----a-w- c:\windows\system32\drivers\DDDriver64Dcsa.sys
2015-01-30 22:36 . 2015-01-30 22:36 23312 ----a-w- c:\windows\system32\drivers\DellProf.sys
2014-12-31 11:14 . 2010-11-21 03:27 298120 ------w- c:\windows\system32\MpSigStub.exe
2014-12-19 03:06 . 2015-01-14 16:08 210432 ----a-w- c:\windows\system32\profsvc.dll
2014-12-19 01:46 . 2015-01-14 16:08 141312 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2014-12-11 17:47 . 2015-01-14 16:08 52736 ----a-w- c:\windows\system32\TSWbPrxy.exe
2014-12-06 04:17 . 2015-01-14 16:08 303616 ----a-w- c:\windows\system32\nlasvc.dll
2014-12-06 03:50 . 2015-01-14 16:08 52224 ----a-w- c:\windows\SysWow64\nlaapi.dll
2014-12-06 03:50 . 2015-01-14 16:08 156672 ----a-w- c:\windows\SysWow64\ncsi.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-05-27 23:08 220632 ----a-w- c:\users\André\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-05-27 23:08 220632 ----a-w- c:\users\André\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-05-27 23:08 220632 ----a-w- c:\users\André\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="c:\program files (x86)\RocketDock\RocketDock.exe" [2007-09-02 495616]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-03-14 3672640]
"iCloudServices"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [2014-10-17 43816]
"ApplePhotoStreams"="c:\program files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" [2014-11-21 43816]
"IAStorUI"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorUI.exe" [2012-11-19 632376]
"DsLauncher"="c:\program files (x86)\AlienRespawn\dslauncher.exe" [2012-01-27 312640]
"PC-Doctor Module"="c:\program files\AlienAutopsy\pcdlauncher.exe" [2014-01-31 457720]
"DellSystemDetect"="c:\users\André\AppData\Local\Apps\2.0\23NV5ADE.MHW\HY49TWH7.HAO\dell..tion_e30b47f5d4a30e9e_0005.000e_4ab3a7332dd76702\DellSystemDetect.exe" [2015-02-20 283432]
"Revo Uninstaller"="c:\program files (x86)\VS Revo Group\Revo Uninstaller\revouninstaller.exe" [2013-07-03 3161648]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Sound Blaster Recon3Di Control Panel"="c:\program files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\SBRcni.exe" [2011-12-21 880640]
.
c:\users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Netzmanager.lnk - c:\program files\Netzmanager\netzmanager.exe /Autostart [2012-7-20 14134784]
Tintenwarnungen überwachen - HP Officejet 6700 (Netzwerk).lnk - c:\windows\system32\RunDll32.exe "c:\program files\HP\HP Officejet 6700\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN41AD50RJ05RQ;CONNECTION=NW;MONITOR=1; [2009-7-14 45568]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2012-2-22 1380128]
Qualcomm Atheros Killer Network Manager.lnk - c:\program files\Qualcomm Atheros\Killer Network Manager\KillerNetManager.exe -minimized [2012-2-15 549888]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll c:\windows\SysWOW64\nvinit.dll c:\progra~2\NVIDIA~1\NVSTRE~1\rxinput.dll c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli c:\program files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"UpdReg"=c:\windows\UpdReg.EXE
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime
"HP Software Update"=c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
"PDFPrint"=c:\program files (x86)\PDF24\pdf24.exe
"SSBkgdUpdate"="c:\program files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 DLPortIO;DriverLINX Port I/O Driver; [x]
R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys;c:\windows\SYSNATIVE\drivers\bcbtums.sys [x]
R3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [x]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [x]
R3 dcdbas;System Management Driver;c:\windows\system32\DRIVERS\dcdbas64.sys;c:\windows\SYSNATIVE\DRIVERS\dcdbas64.sys [x]
R3 HDJCtrl;Hercules DJ Control MP3 Service;c:\windows\system32\Drivers\HDJCtrl.sys;c:\windows\SYSNATIVE\Drivers\HDJCtrl.sys [x]
R3 HDJMidi;Hercules DJ Control MP3 MIDI;c:\windows\system32\DRIVERS\HDJMidi.sys;c:\windows\SYSNATIVE\DRIVERS\HDJMidi.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
R3 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 rzudd;Razer Keyboard Driver;c:\windows\system32\DRIVERS\rzudd.sys;c:\windows\SYSNATIVE\DRIVERS\rzudd.sys [x]
R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]
R3 TelekomNM6;Telekom Netzmanager Packet Filter Driver;c:\program files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys;c:\program files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
S0 EMSC;COMPAL Embedded System Control;c:\windows\system32\DRIVERS\EMSC.SYS;c:\windows\SYSNATIVE\DRIVERS\EMSC.SYS [x]
S0 iaStorA;iaStorA;c:\windows\system32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\drivers\iaStorF.sys;c:\windows\SYSNATIVE\drivers\iaStorF.sys [x]
S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 BfLwf;Bigfoot Networks Bandwidth Control;c:\windows\system32\DRIVERS\bflwfx64.sys;c:\windows\SYSNATIVE\DRIVERS\bflwfx64.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 nvkflt;nvkflt;c:\windows\system32\DRIVERS\nvkflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvkflt.sys [x]
S2 AlienFusionService;Alienware Fusion Service;c:\program files\Alienware\Command Center\AlienFusionService.exe;c:\program files\Alienware\Command Center\AlienFusionService.exe [x]
S2 Apple Mobile Device Service;Apple Mobile Device Service;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [x]
S2 codecwinsockapi.exe;codecwinsockapi.exe;c:\users\André\AppData\Local\codecwinsockapi\codecwinsockapi.exe;c:\users\André\AppData\Local\codecwinsockapi\codecwinsockapi.exe [x]
S2 controlfirmwareGUI;controlfirmwareGUI;c:\windows\SysWOW64\controlfirmwareGUI\controlfirmwareGUI.exe;c:\windows\SysWOW64\controlfirmwareGUI\controlfirmwareGUI.exe [x]
S2 CtHdaSvc;Sound Core3D Service;c:\windows\sysWow64\CtHdaSvc.exe;c:\windows\sysWow64\CtHdaSvc.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage-Technologie;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys;c:\windows\SYSNATIVE\drivers\mbamchameleon.sys [x]
S2 Netzmanager Service;Netzmanager Infrastruktur Informationssystem Dienst;c:\program files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe ;c:\program files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [x]
S2 NIHardwareService;NIHardwareService;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [x]
S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Qualcomm Atheros Killer Service;Qualcomm Atheros Killer Service;c:\program files\Qualcomm Atheros\Killer Network Manager\BFNService.exe;c:\program files\Qualcomm Atheros\Killer Network Manager\BFNService.exe [x]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\AlienRespawn\sftservice.EXE;c:\program files (x86)\AlienRespawn\sftservice.EXE [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [x]
S2 WTGService;WTGService;c:\program files (x86)\Verbindungsassistent\WTGService.exe;c:\program files (x86)\Verbindungsassistent\WTGService.exe [x]
S3 Ak27x64;Killer Wireless-N 1102 device driver;c:\windows\system32\DRIVERS\Ak27x64.sys;c:\windows\SYSNATIVE\DRIVERS\Ak27x64.sys [x]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys;c:\windows\SYSNATIVE\DRIVERS\CtClsFlt.sys [x]
S3 cthda;Sound Core3D(CtHda.sys);c:\windows\system32\drivers\cthda.sys;c:\windows\SYSNATIVE\drivers\cthda.sys [x]
S3 DDDriver;DDDriver;c:\windows\system32\drivers\DDDriver64Dcsa.sys;c:\windows\SYSNATIVE\drivers\DDDriver64Dcsa.sys [x]
S3 DellProf;DellProf;c:\windows\system32\drivers\DellProf.sys;c:\windows\SYSNATIVE\drivers\DellProf.sys [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - PCDSRVC{90AB3B40-A9A6E5C8-06020200}_0
*Deregistered* - PCDSRVC{90AB3B40-A9A6E5C8-06020200}_0
.
Inhalt des "geplante Tasks" Ordners
.
2015-03-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-04-23 21:30]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-05-27 23:08 244696 ----a-w- c:\users\André\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-05-27 23:08 244696 ----a-w- c:\users\André\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-05-27 23:08 244696 ----a-w- c:\users\André\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Command Center Controllers"="c:\program files\Alienware\Command Center\AWCCStartupOrchestrator.exe" [2012-06-15 12656]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-02-18 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-02-18 398616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-02-18 440600]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SYSTEM32\blank.htm
mSearch Page = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
uInternet Settings,ProxyOverride = <local>;*origin.com;*ea.com;*akamaihd.net
uInternet Settings,ProxyServer = http=127.0.0.1:11917
IE: An OneNote s&enden - c:\progra~1\MICROS~2\Office15\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~2\Office15\EXCEL.EXE/3000
LSP: %SYSTEMROOT%\system32\BfLLR.dll
Trusted Zone: dell.com
TCP: DhcpNameServer = 192.168.2.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
FF - ProfilePath - c:\users\André\AppData\Roaming\Mozilla\Firefox\Profiles\wv60tni2.default-1424269440517\
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
ShellIconOverlayIdentifiers-{8BA85C75-763B-4103-94EB-9470F12FE0F7} - (no file)
ShellIconOverlayIdentifiers-{CD55129A-B1A1-438E-A425-CEBC7DC684EE} - (no file)
ShellIconOverlayIdentifiers-{E768CD3B-BDDC-436D-9C13-E1B39CA257B1} - (no file)
AddRemove-Hot Jingle Player - c:\program files (x86)\Hot Jingle Player\uninstall.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_305_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_305_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_305_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_305_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.16"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2015-03-03 17:34:13
ComboFix-quarantined-files.txt 2015-03-03 16:34
ComboFix2.txt 2015-02-18 22:17
.
Vor Suchlauf: 22 Verzeichnis(se), 204.658.024.448 Bytes frei
Nach Suchlauf: 24 Verzeichnis(se), 204.316.000.256 Bytes frei
.
- - End Of File - - CD1ECD115F210CC53E20337E0822B468
5C616939100B85E558DA92B899A0FC36
|
FRST 32-Bit | FRST 64-Bit
Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
SecurityCheck und:
dann auf 
und dann auf 
. 
WARNUNG an die MITLESER: 
