Sound Probleme bei Tastatur eingabe und die eingabe selbst hackt auch! Verschwunden nach Neustart, kehrt aber wieder wen ich Online gehe

Benj · 28.01.2014, 21:32

Okay hab Ich gemacht hier die geforderten daten bzw das log! hat ca 1 std gedauert der scan7

Combofix Logfile:

Code:

ATTFilter

ComboFix 14-01-27.02 -klaus peter 28.01.2014  15:13:05.2.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.8055.6210 [GMT 1:00]
ausgeführt von:: c:\users\klaus peter\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Spybot - Search and Destroy *Disabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\wininit.ini
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-12-28 bis 2014-01-28  ))))))))))))))))))))))))))))))
.
.
2014-01-28 14:25 . 2014-01-28 14:25	--------	d-----w-	c:\users\Rough Neck\AppData\Local\temp
2014-01-28 14:25 . 2014-01-28 14:25	--------	d-----w-	c:\users\DefaultAppPool\AppData\Local\temp
2014-01-28 14:25 . 2014-01-28 14:25	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-01-28 03:28 . 2014-01-28 03:28	--------	d-----w-	C:\FRST
2014-01-27 22:20 . 2013-12-04 03:28	10315576	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{CFDF58EC-94E3-4D87-B408-AF0DC4954BC5}\mpengine.dll
2014-01-27 21:09 . 2014-01-27 21:15	--------	d-----w-	c:\program files (x86)\Spybot - Search & Destroy
2014-01-25 20:43 . 2013-12-04 03:28	10315576	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-01-25 04:40 . 2014-01-25 04:45	--------	d-----w-	c:\users\Astrid Cobb\AppData\Roaming\Mp3tag
2014-01-25 04:40 . 2014-01-25 04:40	--------	d-----w-	c:\program files (x86)\Mp3tag
2014-01-23 13:24 . 2013-12-05 01:04	965000	------w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{105E9C48-A25A-4343-AE2B-F137247A054F}\gapaengine.dll
2014-01-22 22:48 . 2014-01-22 22:48	--------	d-----w-	c:\users\Astrid Cobb\AppData\Local\Diagnostics
2014-01-22 07:52 . 2014-01-22 07:52	206080	----a-w-	c:\windows\system32\drivers\ssudmdm.sys
2014-01-22 07:52 . 2014-01-22 07:52	108800	----a-w-	c:\windows\system32\drivers\ssudbus.sys
2014-01-17 05:11 . 2013-12-18 20:09	96168	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-01-15 23:53 . 2014-01-15 23:53	--------	d-----w-	c:\users\Astrid Cobb\AppData\Local\ElevatedDiagnostics
2014-01-15 23:45 . 2014-01-15 23:45	--------	d-----w-	c:\programdata\eMule
2014-01-15 23:44 . 2014-01-16 00:01	--------	d-----w-	c:\users\Astrid Cobb\AppData\Local\eMule
2014-01-15 23:44 . 2014-01-15 23:44	--------	d-----w-	c:\program files (x86)\eMule
2014-01-15 21:37 . 2013-11-27 01:41	343040	----a-w-	c:\windows\system32\drivers\usbhub.sys
2014-01-15 21:37 . 2013-11-27 01:41	99840	----a-w-	c:\windows\system32\drivers\usbccgp.sys
2014-01-15 21:37 . 2013-11-27 01:41	53248	----a-w-	c:\windows\system32\drivers\usbehci.sys
2014-01-15 21:37 . 2013-11-27 01:41	325120	----a-w-	c:\windows\system32\drivers\usbport.sys
2014-01-15 21:37 . 2013-11-27 01:41	30720	----a-w-	c:\windows\system32\drivers\usbuhci.sys
2014-01-15 21:37 . 2013-11-27 01:41	25600	----a-w-	c:\windows\system32\drivers\usbohci.sys
2014-01-15 21:37 . 2013-11-27 01:41	7808	----a-w-	c:\windows\system32\drivers\usbd.sys
2014-01-15 21:37 . 2013-11-26 10:32	3156480	----a-w-	c:\windows\system32\win32k.sys
2014-01-15 21:37 . 2013-11-26 11:40	376768	----a-w-	c:\windows\system32\drivers\netio.sys
2014-01-15 01:14 . 2014-01-15 01:14	--------	d-----w-	c:\windows\SysWow64\NV
2014-01-15 01:14 . 2014-01-15 01:14	--------	d-----w-	c:\windows\system32\NV
2014-01-15 01:06 . 2014-01-15 01:06	--------	d-----w-	C:\NVIDIA
2014-01-15 01:03 . 2010-05-26 10:41	276832	----a-w-	c:\windows\system32\d3dx11_43.dll
2014-01-15 01:03 . 2010-05-26 10:41	248672	----a-w-	c:\windows\SysWow64\d3dx11_43.dll
2014-01-15 01:03 . 2010-05-26 10:41	511328	----a-w-	c:\windows\system32\d3dx10_43.dll
2014-01-15 01:03 . 2010-05-26 10:41	470880	----a-w-	c:\windows\SysWow64\d3dx10_43.dll
2014-01-15 01:03 . 2010-05-26 10:41	1998168	----a-w-	c:\windows\SysWow64\D3DX9_43.dll
2014-01-15 01:03 . 2010-05-26 10:41	2401112	----a-w-	c:\windows\system32\D3DX9_43.dll
2014-01-15 01:00 . 2013-12-05 08:42	39200	----a-w-	c:\windows\system32\drivers\nvvad64v.sys
2014-01-15 01:00 . 2013-12-05 08:42	32544	----a-w-	c:\windows\SysWow64\nvaudcap32v.dll
2014-01-14 15:01 . 2014-01-14 15:10	--------	d-----w-	c:\program files (x86)\SmartTweak
2014-01-13 14:29 . 2014-01-13 14:29	--------	d-----w-	c:\users\Astrid Cobb\AppData\Local\Plus500
2014-01-13 14:29 . 2014-01-13 14:29	--------	d-----w-	c:\program files (x86)\Plus500
2014-01-08 23:23 . 2014-01-26 15:13	--------	d-----w-	c:\users\Astrid Cobb\AppData\Roaming\BitTorrent
2014-01-08 23:15 . 2014-01-25 12:44	--------	d-----w-	c:\users\Astrid Cobb\AppData\Roaming\vlc
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-19 07:33 . 2011-04-26 10:31	270496	------w-	c:\windows\system32\MpSigStub.exe
2014-01-16 02:00 . 2011-04-26 10:48	86054176	----a-w-	c:\windows\system32\MRT.exe
2013-12-19 20:33 . 2013-12-05 01:17	141336	----a-w-	c:\windows\SysWow64\nvinit.dll
2013-12-19 20:33 . 2013-12-05 01:17	1242400	----a-w-	c:\windows\SysWow64\nvumdshim.dll
2013-12-19 20:33 . 2013-12-05 01:17	168616	----a-w-	c:\windows\system32\nvinitx.dll
2013-12-19 20:33 . 2013-08-17 22:00	2698272	----a-w-	c:\windows\SysWow64\nvapi.dll
2013-12-19 20:33 . 2012-03-29 18:23	1436528	----a-w-	c:\windows\system32\nvumdshimx.dll
2013-12-19 20:33 . 2010-01-19 14:50	3071656	----a-w-	c:\windows\system32\nvapi64.dll
2013-12-19 18:53 . 2011-01-07 18:50	6671648	----a-w-	c:\windows\system32\nvcpl.dll
2013-12-19 18:53 . 2011-01-07 18:49	3490080	----a-w-	c:\windows\system32\nvsvc64.dll
2013-12-19 18:53 . 2011-01-07 18:49	386336	----a-w-	c:\windows\system32\nvmctray.dll
2013-12-19 18:53 . 2011-01-07 18:49	922912	----a-w-	c:\windows\system32\nvvsvc.exe
2013-12-19 18:53 . 2011-01-07 18:49	67072	----a-w-	c:\windows\system32\nv3dappshextr.dll
2013-12-19 18:53 . 2011-01-07 18:49	2559776	----a-w-	c:\windows\system32\nvsvcr.dll
2013-12-19 18:53 . 2011-01-07 18:49	1065248	----a-w-	c:\windows\system32\nv3dappshext.dll
2013-12-19 18:53 . 2010-01-14 15:37	63776	----a-w-	c:\windows\system32\nvshext.dll
2013-12-19 11:20 . 2013-12-19 11:20	590112	----a-w-	c:\windows\SysWow64\nvStreaming.exe
2013-12-19 05:01 . 2011-01-07 18:49	3539040	----a-w-	c:\windows\system32\nvcoproc.bin
2013-12-11 08:05 . 2012-03-29 12:07	692616	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-11 08:05 . 2011-05-18 10:03	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-10 02:13 . 2013-12-05 01:00	982232	----a-w-	c:\windows\SysWow64\nvspcap.dll
2013-12-10 02:13 . 2013-12-05 01:00	1100248	----a-w-	c:\windows\system32\nvspcap64.dll
2013-12-05 08:42 . 2013-08-18 13:26	35104	----a-w-	c:\windows\system32\nvaudcap64v.dll
2013-12-05 01:04 . 2013-12-06 23:36	965000	------w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2013-12-04 13:41 . 2013-12-04 13:41	940032	----a-w-	c:\windows\system32\MsSpellCheckingFacility.exe
2013-12-04 13:41 . 2013-12-04 13:41	194048	----a-w-	c:\windows\SysWow64\elshyph.dll
2013-12-04 13:41 . 2013-12-04 13:41	942592	----a-w-	c:\windows\system32\jsIntl.dll
2013-12-04 13:41 . 2013-12-04 13:41	90112	----a-w-	c:\windows\system32\SetIEInstalledDate.exe
2013-12-04 13:41 . 2013-12-04 13:41	86016	----a-w-	c:\windows\SysWow64\iesysprep.dll
2013-12-04 13:41 . 2013-12-04 13:41	86016	----a-w-	c:\windows\system32\RegisterIEPKEYs.exe
2013-12-04 13:41 . 2013-12-04 13:41	84992	----a-w-	c:\windows\system32\mshtmled.dll
2013-12-04 13:41 . 2013-12-04 13:41	83968	----a-w-	c:\windows\system32\MshtmlDac.dll
2013-12-04 13:41 . 2013-12-04 13:41	81408	----a-w-	c:\windows\system32\icardie.dll
2013-12-04 13:41 . 2013-12-04 13:41	774144	----a-w-	c:\windows\system32\jscript.dll
2013-12-04 13:41 . 2013-12-04 13:41	77312	----a-w-	c:\windows\system32\tdc.ocx
2013-12-04 13:41 . 2013-12-04 13:41	74240	----a-w-	c:\windows\SysWow64\SetIEInstalledDate.exe
2013-12-04 13:41 . 2013-12-04 13:41	71680	----a-w-	c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-12-04 13:41 . 2013-12-04 13:41	645120	----a-w-	c:\windows\SysWow64\jsIntl.dll
2013-12-04 13:41 . 2013-12-04 13:41	626176	----a-w-	c:\windows\system32\msfeeds.dll
2013-12-04 13:41 . 2013-12-04 13:41	62464	----a-w-	c:\windows\SysWow64\tdc.ocx
2013-12-04 13:41 . 2013-12-04 13:41	62464	----a-w-	c:\windows\system32\pngfilt.dll
2013-12-04 13:41 . 2013-12-04 13:41	61952	----a-w-	c:\windows\SysWow64\MshtmlDac.dll
2013-12-04 13:41 . 2013-12-04 13:41	61952	----a-w-	c:\windows\SysWow64\iesetup.dll
2013-12-04 13:41 . 2013-12-04 13:41	616104	----a-w-	c:\windows\system32\ieapfltr.dat
2013-12-04 13:41 . 2013-12-04 13:41	548352	----a-w-	c:\windows\system32\vbscript.dll
2013-12-04 13:41 . 2013-12-04 13:41	52224	----a-w-	c:\windows\system32\msfeedsbs.dll
2013-12-04 13:41 . 2013-12-04 13:41	51200	----a-w-	c:\windows\SysWow64\ieetwproxystub.dll
2013-12-04 13:41 . 2013-12-04 13:41	48640	----a-w-	c:\windows\SysWow64\mshtmler.dll
2013-12-04 13:41 . 2013-12-04 13:41	48640	----a-w-	c:\windows\system32\mshtmler.dll
2013-12-04 13:41 . 2013-12-04 13:41	48128	----a-w-	c:\windows\system32\imgutil.dll
2013-12-04 13:41 . 2013-12-04 13:41	454656	----a-w-	c:\windows\SysWow64\vbscript.dll
2013-12-04 13:41 . 2013-12-04 13:41	453120	----a-w-	c:\windows\system32\dxtmsft.dll
2013-12-04 13:41 . 2013-12-04 13:41	413696	----a-w-	c:\windows\system32\html.iec
2013-12-04 13:41 . 2013-12-04 13:41	40448	----a-w-	c:\windows\system32\JavaScriptCollectionAgent.dll
2013-12-04 13:41 . 2013-12-04 13:41	36352	----a-w-	c:\windows\SysWow64\imgutil.dll
2013-12-04 13:41 . 2013-12-04 13:41	34816	----a-w-	c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2013-12-04 13:41 . 2013-12-04 13:41	337408	----a-w-	c:\windows\SysWow64\html.iec
2013-12-04 13:41 . 2013-12-04 13:41	30208	----a-w-	c:\windows\system32\licmgr10.dll
2013-12-04 13:41 . 2013-12-04 13:41	296960	----a-w-	c:\windows\system32\dxtrans.dll
2013-12-04 13:41 . 2013-12-04 13:41	263376	----a-w-	c:\windows\system32\iedkcs32.dll
2013-12-04 13:41 . 2013-12-04 13:41	247808	----a-w-	c:\windows\system32\msls31.dll
2013-12-04 13:41 . 2013-12-04 13:41	24576	----a-w-	c:\windows\SysWow64\licmgr10.dll
2013-12-04 13:41 . 2013-12-04 13:41	243200	----a-w-	c:\windows\system32\webcheck.dll
2013-12-04 13:41 . 2013-12-04 13:41	235520	----a-w-	c:\windows\system32\url.dll
2013-12-04 13:41 . 2013-12-04 13:41	235008	----a-w-	c:\windows\system32\elshyph.dll
2013-12-04 13:41 . 2013-12-04 13:41	195584	----a-w-	c:\windows\system32\msrating.dll
2013-12-04 13:41 . 2013-12-04 13:41	182272	----a-w-	c:\windows\SysWow64\msls31.dll
2013-12-04 13:41 . 2013-12-04 13:41	167424	----a-w-	c:\windows\system32\iexpress.exe
2013-12-04 13:41 . 2013-12-04 13:41	151552	----a-w-	c:\windows\SysWow64\iexpress.exe
2013-12-04 13:41 . 2013-12-04 13:41	147968	----a-w-	c:\windows\system32\occache.dll
2013-12-04 13:41 . 2013-12-04 13:41	143872	----a-w-	c:\windows\system32\wextract.exe
2013-12-04 13:41 . 2013-12-04 13:41	139264	----a-w-	c:\windows\SysWow64\wextract.exe
2013-12-04 13:41 . 2013-12-04 13:41	13824	----a-w-	c:\windows\system32\mshta.exe
2013-12-04 13:41 . 2013-12-04 13:41	135680	----a-w-	c:\windows\system32\iepeers.dll
2013-12-04 13:41 . 2013-12-04 13:41	13312	----a-w-	c:\windows\SysWow64\mshta.exe
2013-12-04 13:41 . 2013-12-04 13:41	13312	----a-w-	c:\windows\system32\msfeedssync.exe
2013-12-04 13:41 . 2013-12-04 13:41	131072	----a-w-	c:\windows\system32\IEAdvpack.dll
2013-12-04 13:41 . 2013-12-04 13:41	1228800	----a-w-	c:\windows\system32\mshtmlmedia.dll
2013-12-04 13:41 . 2013-12-04 13:41	112128	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2013-12-04 13:41 . 2013-12-04 13:41	111616	----a-w-	c:\windows\SysWow64\IEAdvpack.dll
2013-12-04 13:41 . 2013-12-04 13:41	105984	----a-w-	c:\windows\system32\iesysprep.dll
2013-12-04 13:41 . 2013-12-04 13:41	1051136	----a-w-	c:\windows\SysWow64\mshtmlmedia.dll
2013-12-04 13:41 . 2013-12-04 13:41	101376	----a-w-	c:\windows\system32\inseng.dll
2013-11-26 11:54 . 2013-12-12 02:01	23183360	----a-w-	c:\windows\system32\mshtml.dll
2013-11-26 10:19 . 2013-12-12 02:01	2724864	----a-w-	c:\windows\system32\mshtml.tlb
2013-11-26 10:18 . 2013-12-12 02:01	4096	----a-w-	c:\windows\system32\ieetwcollectorres.dll
2013-11-26 09:48 . 2013-12-12 02:01	66048	----a-w-	c:\windows\system32\iesetup.dll
2013-11-26 09:46 . 2013-12-12 02:01	48640	----a-w-	c:\windows\system32\ieetwproxystub.dll
2013-11-26 09:41 . 2013-12-12 02:01	2764288	----a-w-	c:\windows\system32\iertutil.dll
2013-11-26 09:29 . 2013-12-12 02:01	53760	----a-w-	c:\windows\system32\jsproxy.dll
2013-11-26 09:27 . 2013-12-12 02:01	33792	----a-w-	c:\windows\system32\iernonce.dll
2013-11-26 09:23 . 2013-12-12 02:01	2724864	----a-w-	c:\windows\SysWow64\mshtml.tlb
2013-11-26 09:21 . 2013-12-12 02:01	574976	----a-w-	c:\windows\system32\ieui.dll
2013-11-26 09:18 . 2013-12-12 02:01	139264	----a-w-	c:\windows\system32\ieUnatt.exe
2013-11-26 09:18 . 2013-12-12 02:01	111616	----a-w-	c:\windows\system32\ieetwcollector.exe
2013-11-26 09:16 . 2013-12-12 02:01	708608	----a-w-	c:\windows\system32\jscript9diag.dll
2013-11-26 08:57 . 2013-12-12 02:01	218624	----a-w-	c:\windows\system32\ie4uinit.exe
2013-11-26 08:35 . 2013-12-12 02:01	5769216	----a-w-	c:\windows\system32\jscript9.dll
2013-11-26 08:28 . 2013-12-12 02:01	553472	----a-w-	c:\windows\SysWow64\jscript9diag.dll
2013-11-26 08:16 . 2013-12-12 02:01	4243968	----a-w-	c:\windows\SysWow64\jscript9.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	131248	----a-w-	c:\users\Astrid Cobb\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	131248	----a-w-	c:\users\Astrid Cobb\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	131248	----a-w-	c:\users\Astrid Cobb\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Gaming Mouse"="c:\gaming mouse\Gaming Mouse.exe" [2009-09-30 1306624]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-03 284696]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2013-07-15 311152]
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe" [2013-12-21 3478392]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888]
"HotkeyApp"="c:\program files (x86)\Launch Manager\HotkeyApp.exe" [2009-12-14 200704]
"LMgrVolOSD"="c:\program files (x86)\Launch Manager\OSD.exe" [2009-12-11 348960]
"Wbutton"="c:\program files (x86)\Launch Manager\Wbutton.exe" [2010-06-21 436264]
"TkBellExe"="c:\program files (x86)\Real\RealPlayer\update\realsched.exe" [2013-06-16 295512]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-11-01 152392]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk *\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 Windows Networkmanager;Windows Networkmanager;c:\windows\SysWOW64\Networkmanager\Networkmanager.exe run;c:\windows\SysWOW64\Networkmanager\Networkmanager.exe run [x]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\SysWOW64\FsUsbExDisk.SYS;c:\windows\SysWOW64\FsUsbExDisk.SYS [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 ManyCam;ManyCam Virtual Webcam;c:\windows\system32\DRIVERS\mcvidrv_x64.sys;c:\windows\SYSNATIVE\DRIVERS\mcvidrv_x64.sys [x]
R3 mcaudrv_simple;ManyCam Virtual Microphone;c:\windows\system32\drivers\mcaudrv_x64.sys;c:\windows\SYSNATIVE\drivers\mcaudrv_x64.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys;c:\windows\SYSNATIVE\DRIVERS\Rts516xIR.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WMSVC;Webverwaltungsdienst;c:\windows\system32\inetsrv\wmsvc.exe;c:\windows\SYSNATIVE\inetsrv\wmsvc.exe [x]
R3 WSDScan;WSD-Scanunterstützung durch UMB;c:\windows\system32\DRIVERS\WSDScan.sys;c:\windows\SYSNATIVE\DRIVERS\WSDScan.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 RalinkRegistryWriter64;RalinkRegistryWriter64;c:\program files (x86)\Belkin\F9L1103\v1\Common\RaRegistry64.exe;c:\program files (x86)\Belkin\F9L1103\v1\Common\RaRegistry64.exe [x]
S2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe;c:\program files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys;c:\windows\SYSNATIVE\DRIVERS\rtl8192se.sys [x]
S3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
S3 WisLMSvc;WisLMSvc;c:\program files (x86)\Launch Manager\WisLMSvc.exe;c:\program files (x86)\Launch Manager\WisLMSvc.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
iissvcs	REG_MULTI_SZ   	w3svc was
apphost	REG_MULTI_SZ   	apphostsvc
.
Inhalt des "geplante Tasks" Ordners
.
2014-01-28 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-29 08:05]
.
2014-01-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-09-11 00:11]
.
2014-01-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-09-11 00:11]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	164016	----a-w-	c:\users\Astrid Cobb\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	164016	----a-w-	c:\users\Astrid Cobb\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	164016	----a-w-	c:\users\Astrid Cobb\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	164016	----a-w-	c:\users\Astrid Cobb\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2011-04-26 172032]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-09-20 444904]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-08-09 167744]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-08-09 392512]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-08-09 417088]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 1832760]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-07-27 1028896]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2013-12-10 2279712]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2013-12-10 1100248]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 1266912]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
uInternet Settings,ProxyServer = localhost:8080
IE: An vorhandene PDF-Datei anfügen - c:\program files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: E&xport to Microsoft Excel - c:\progra~2\MIF5BA~1\Office14\EXCEL.EXE/3000
IE: Free YouTube to MP3 Converter - c:\users\Astrid Cobb\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: In Adobe PDF konvertieren - c:\program files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Linkziel an vorhandene PDF-Datei anhängen - c:\program files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Linkziel in Adobe PDF konvertieren - c:\program files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Se&nd to OneNote - c:\progra~2\MIF5BA~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{0F6F9345-AE8A-4D64-AF05-675B60A8B759}: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Astrid Cobb\AppData\Roaming\Mozilla\Firefox\Profiles\etykr1f9.default\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1312728702-859359394-3168730491-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-1312728702-859359394-3168730491-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_USERS\S-1-5-21-1312728702-859359394-3168730491-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{C47C34B5-E1A6-C020-F1AC-02BEBAED4EDC}*]
@Allowed: (Read) (RestrictedCode)
"pakndafjmjficifinilnigojdpcpnfcp"=hex:6a,61,67,69,6c,67,70,6c,70,6b,62,70,6b,
   69,6d,66,62,66,64,62,00,fa
"oaeegcoojojcalfecjlfmmefmpkekl"=hex:6a,61,67,69,6c,67,70,6c,70,6b,62,70,6b,69,
   6d,66,62,66,64,62,00,fa
.
[HKEY_USERS\S-1-5-21-1312728702-859359394-3168730491-1000\Software\SecuROM\License information*]
"datasecu"=hex:b2,f9,63,3c,90,42,49,9e,aa,86,0b,9d,a4,d3,fb,12,a3,1b,60,9a,bc,
   ca,f8,1c,2e,c5,99,22,b7,ce,ff,df,e1,a8,24,a6,0a,81,12,6d,89,54,53,9b,cc,46,\
"rkeysecu"=hex:f7,14,9f,89,9e,96,f4,38,c0,dc,5f,85,74,31,4d,35
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Wondershare\Wondershare Helper Compact\996505193\c:\windows\system32;c:\windows;c:\Windows\System32\Wbem;c:\windows\System32\WindowsPowerShell\v1.0\;c:\program files (x86)\Windows Live\Shared;c:\program files (x86)\QuickTime\QTSystem\PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC*PROCESSO]
"JoinUserExperience"=dword:00000001
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-01-28  15:28:26
ComboFix-quarantined-files.txt  2014-01-28 14:28
ComboFix2.txt  2014-01-27 21:27
.
Vor Suchlauf: 24 Verzeichnis(se), 111.361.548.288 Bytes frei
Nach Suchlauf: 25 Verzeichnis(se), 111.047.852.032 Bytes frei
.
- - End Of File - - 3557F53677831B8C3A12DAD3F656E537

--- --- ---

Zitat:

Zitat von Benj

Okay hab Ich gemacht hier die geforderten daten bzw das log! hat ca 1 std gedauert der scan :-( langsamer Laptop!

Combofix Logfile:

Code:

ATTFilter

ComboFix 14-01-27.02 -klaus peter 28.01.2014  15:13:05.2.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.8055.6210 [GMT 1:00]
ausgeführt von:: c:\users\klaus peter\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Spybot - Search and Destroy *Disabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\wininit.ini
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-12-28 bis 2014-01-28  ))))))))))))))))))))))))))))))
.
.
2014-01-28 14:25 . 2014-01-28 14:25	--------	d-----w-	c:\users\Rough Neck\AppData\Local\temp
2014-01-28 14:25 . 2014-01-28 14:25	--------	d-----w-	c:\users\DefaultAppPool\AppData\Local\temp
2014-01-28 14:25 . 2014-01-28 14:25	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-01-28 03:28 . 2014-01-28 03:28	--------	d-----w-	C:\FRST
2014-01-27 22:20 . 2013-12-04 03:28	10315576	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{CFDF58EC-94E3-4D87-B408-AF0DC4954BC5}\mpengine.dll
2014-01-27 21:09 . 2014-01-27 21:15	--------	d-----w-	c:\program files (x86)\Spybot - Search & Destroy
2014-01-25 20:43 . 2013-12-04 03:28	10315576	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-01-25 04:40 . 2014-01-25 04:45	--------	d-----w-	c:\users\Astrid Cobb\AppData\Roaming\Mp3tag
2014-01-25 04:40 . 2014-01-25 04:40	--------	d-----w-	c:\program files (x86)\Mp3tag
2014-01-23 13:24 . 2013-12-05 01:04	965000	------w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{105E9C48-A25A-4343-AE2B-F137247A054F}\gapaengine.dll
2014-01-22 22:48 . 2014-01-22 22:48	--------	d-----w-	c:\users\Astrid Cobb\AppData\Local\Diagnostics
2014-01-22 07:52 . 2014-01-22 07:52	206080	----a-w-	c:\windows\system32\drivers\ssudmdm.sys
2014-01-22 07:52 . 2014-01-22 07:52	108800	----a-w-	c:\windows\system32\drivers\ssudbus.sys
2014-01-17 05:11 . 2013-12-18 20:09	96168	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-01-15 23:53 . 2014-01-15 23:53	--------	d-----w-	c:\users\Astrid Cobb\AppData\Local\ElevatedDiagnostics
2014-01-15 23:45 . 2014-01-15 23:45	--------	d-----w-	c:\programdata\eMule
2014-01-15 23:44 . 2014-01-16 00:01	--------	d-----w-	c:\users\Astrid Cobb\AppData\Local\eMule
2014-01-15 23:44 . 2014-01-15 23:44	--------	d-----w-	c:\program files (x86)\eMule
2014-01-15 21:37 . 2013-11-27 01:41	343040	----a-w-	c:\windows\system32\drivers\usbhub.sys
2014-01-15 21:37 . 2013-11-27 01:41	99840	----a-w-	c:\windows\system32\drivers\usbccgp.sys
2014-01-15 21:37 . 2013-11-27 01:41	53248	----a-w-	c:\windows\system32\drivers\usbehci.sys
2014-01-15 21:37 . 2013-11-27 01:41	325120	----a-w-	c:\windows\system32\drivers\usbport.sys
2014-01-15 21:37 . 2013-11-27 01:41	30720	----a-w-	c:\windows\system32\drivers\usbuhci.sys
2014-01-15 21:37 . 2013-11-27 01:41	25600	----a-w-	c:\windows\system32\drivers\usbohci.sys
2014-01-15 21:37 . 2013-11-27 01:41	7808	----a-w-	c:\windows\system32\drivers\usbd.sys
2014-01-15 21:37 . 2013-11-26 10:32	3156480	----a-w-	c:\windows\system32\win32k.sys
2014-01-15 21:37 . 2013-11-26 11:40	376768	----a-w-	c:\windows\system32\drivers\netio.sys
2014-01-15 01:14 . 2014-01-15 01:14	--------	d-----w-	c:\windows\SysWow64\NV
2014-01-15 01:14 . 2014-01-15 01:14	--------	d-----w-	c:\windows\system32\NV
2014-01-15 01:06 . 2014-01-15 01:06	--------	d-----w-	C:\NVIDIA
2014-01-15 01:03 . 2010-05-26 10:41	276832	----a-w-	c:\windows\system32\d3dx11_43.dll
2014-01-15 01:03 . 2010-05-26 10:41	248672	----a-w-	c:\windows\SysWow64\d3dx11_43.dll
2014-01-15 01:03 . 2010-05-26 10:41	511328	----a-w-	c:\windows\system32\d3dx10_43.dll
2014-01-15 01:03 . 2010-05-26 10:41	470880	----a-w-	c:\windows\SysWow64\d3dx10_43.dll
2014-01-15 01:03 . 2010-05-26 10:41	1998168	----a-w-	c:\windows\SysWow64\D3DX9_43.dll
2014-01-15 01:03 . 2010-05-26 10:41	2401112	----a-w-	c:\windows\system32\D3DX9_43.dll
2014-01-15 01:00 . 2013-12-05 08:42	39200	----a-w-	c:\windows\system32\drivers\nvvad64v.sys
2014-01-15 01:00 . 2013-12-05 08:42	32544	----a-w-	c:\windows\SysWow64\nvaudcap32v.dll
2014-01-14 15:01 . 2014-01-14 15:10	--------	d-----w-	c:\program files (x86)\SmartTweak
2014-01-13 14:29 . 2014-01-13 14:29	--------	d-----w-	c:\users\Astrid Cobb\AppData\Local\Plus500
2014-01-13 14:29 . 2014-01-13 14:29	--------	d-----w-	c:\program files (x86)\Plus500
2014-01-08 23:23 . 2014-01-26 15:13	--------	d-----w-	c:\users\Astrid Cobb\AppData\Roaming\BitTorrent
2014-01-08 23:15 . 2014-01-25 12:44	--------	d-----w-	c:\users\Astrid Cobb\AppData\Roaming\vlc
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-19 07:33 . 2011-04-26 10:31	270496	------w-	c:\windows\system32\MpSigStub.exe
2014-01-16 02:00 . 2011-04-26 10:48	86054176	----a-w-	c:\windows\system32\MRT.exe
2013-12-19 20:33 . 2013-12-05 01:17	141336	----a-w-	c:\windows\SysWow64\nvinit.dll
2013-12-19 20:33 . 2013-12-05 01:17	1242400	----a-w-	c:\windows\SysWow64\nvumdshim.dll
2013-12-19 20:33 . 2013-12-05 01:17	168616	----a-w-	c:\windows\system32\nvinitx.dll
2013-12-19 20:33 . 2013-08-17 22:00	2698272	----a-w-	c:\windows\SysWow64\nvapi.dll
2013-12-19 20:33 . 2012-03-29 18:23	1436528	----a-w-	c:\windows\system32\nvumdshimx.dll
2013-12-19 20:33 . 2010-01-19 14:50	3071656	----a-w-	c:\windows\system32\nvapi64.dll
2013-12-19 18:53 . 2011-01-07 18:50	6671648	----a-w-	c:\windows\system32\nvcpl.dll
2013-12-19 18:53 . 2011-01-07 18:49	3490080	----a-w-	c:\windows\system32\nvsvc64.dll
2013-12-19 18:53 . 2011-01-07 18:49	386336	----a-w-	c:\windows\system32\nvmctray.dll
2013-12-19 18:53 . 2011-01-07 18:49	922912	----a-w-	c:\windows\system32\nvvsvc.exe
2013-12-19 18:53 . 2011-01-07 18:49	67072	----a-w-	c:\windows\system32\nv3dappshextr.dll
2013-12-19 18:53 . 2011-01-07 18:49	2559776	----a-w-	c:\windows\system32\nvsvcr.dll
2013-12-19 18:53 . 2011-01-07 18:49	1065248	----a-w-	c:\windows\system32\nv3dappshext.dll
2013-12-19 18:53 . 2010-01-14 15:37	63776	----a-w-	c:\windows\system32\nvshext.dll
2013-12-19 11:20 . 2013-12-19 11:20	590112	----a-w-	c:\windows\SysWow64\nvStreaming.exe
2013-12-19 05:01 . 2011-01-07 18:49	3539040	----a-w-	c:\windows\system32\nvcoproc.bin
2013-12-11 08:05 . 2012-03-29 12:07	692616	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-11 08:05 . 2011-05-18 10:03	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-10 02:13 . 2013-12-05 01:00	982232	----a-w-	c:\windows\SysWow64\nvspcap.dll
2013-12-10 02:13 . 2013-12-05 01:00	1100248	----a-w-	c:\windows\system32\nvspcap64.dll
2013-12-05 08:42 . 2013-08-18 13:26	35104	----a-w-	c:\windows\system32\nvaudcap64v.dll
2013-12-05 01:04 . 2013-12-06 23:36	965000	------w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2013-12-04 13:41 . 2013-12-04 13:41	940032	----a-w-	c:\windows\system32\MsSpellCheckingFacility.exe
2013-12-04 13:41 . 2013-12-04 13:41	194048	----a-w-	c:\windows\SysWow64\elshyph.dll
2013-12-04 13:41 . 2013-12-04 13:41	942592	----a-w-	c:\windows\system32\jsIntl.dll
2013-12-04 13:41 . 2013-12-04 13:41	90112	----a-w-	c:\windows\system32\SetIEInstalledDate.exe
2013-12-04 13:41 . 2013-12-04 13:41	86016	----a-w-	c:\windows\SysWow64\iesysprep.dll
2013-12-04 13:41 . 2013-12-04 13:41	86016	----a-w-	c:\windows\system32\RegisterIEPKEYs.exe
2013-12-04 13:41 . 2013-12-04 13:41	84992	----a-w-	c:\windows\system32\mshtmled.dll
2013-12-04 13:41 . 2013-12-04 13:41	83968	----a-w-	c:\windows\system32\MshtmlDac.dll
2013-12-04 13:41 . 2013-12-04 13:41	81408	----a-w-	c:\windows\system32\icardie.dll
2013-12-04 13:41 . 2013-12-04 13:41	774144	----a-w-	c:\windows\system32\jscript.dll
2013-12-04 13:41 . 2013-12-04 13:41	77312	----a-w-	c:\windows\system32\tdc.ocx
2013-12-04 13:41 . 2013-12-04 13:41	74240	----a-w-	c:\windows\SysWow64\SetIEInstalledDate.exe
2013-12-04 13:41 . 2013-12-04 13:41	71680	----a-w-	c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-12-04 13:41 . 2013-12-04 13:41	645120	----a-w-	c:\windows\SysWow64\jsIntl.dll
2013-12-04 13:41 . 2013-12-04 13:41	626176	----a-w-	c:\windows\system32\msfeeds.dll
2013-12-04 13:41 . 2013-12-04 13:41	62464	----a-w-	c:\windows\SysWow64\tdc.ocx
2013-12-04 13:41 . 2013-12-04 13:41	62464	----a-w-	c:\windows\system32\pngfilt.dll
2013-12-04 13:41 . 2013-12-04 13:41	61952	----a-w-	c:\windows\SysWow64\MshtmlDac.dll
2013-12-04 13:41 . 2013-12-04 13:41	61952	----a-w-	c:\windows\SysWow64\iesetup.dll
2013-12-04 13:41 . 2013-12-04 13:41	616104	----a-w-	c:\windows\system32\ieapfltr.dat
2013-12-04 13:41 . 2013-12-04 13:41	548352	----a-w-	c:\windows\system32\vbscript.dll
2013-12-04 13:41 . 2013-12-04 13:41	52224	----a-w-	c:\windows\system32\msfeedsbs.dll
2013-12-04 13:41 . 2013-12-04 13:41	51200	----a-w-	c:\windows\SysWow64\ieetwproxystub.dll
2013-12-04 13:41 . 2013-12-04 13:41	48640	----a-w-	c:\windows\SysWow64\mshtmler.dll
2013-12-04 13:41 . 2013-12-04 13:41	48640	----a-w-	c:\windows\system32\mshtmler.dll
2013-12-04 13:41 . 2013-12-04 13:41	48128	----a-w-	c:\windows\system32\imgutil.dll
2013-12-04 13:41 . 2013-12-04 13:41	454656	----a-w-	c:\windows\SysWow64\vbscript.dll
2013-12-04 13:41 . 2013-12-04 13:41	453120	----a-w-	c:\windows\system32\dxtmsft.dll
2013-12-04 13:41 . 2013-12-04 13:41	413696	----a-w-	c:\windows\system32\html.iec
2013-12-04 13:41 . 2013-12-04 13:41	40448	----a-w-	c:\windows\system32\JavaScriptCollectionAgent.dll
2013-12-04 13:41 . 2013-12-04 13:41	36352	----a-w-	c:\windows\SysWow64\imgutil.dll
2013-12-04 13:41 . 2013-12-04 13:41	34816	----a-w-	c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2013-12-04 13:41 . 2013-12-04 13:41	337408	----a-w-	c:\windows\SysWow64\html.iec
2013-12-04 13:41 . 2013-12-04 13:41	30208	----a-w-	c:\windows\system32\licmgr10.dll
2013-12-04 13:41 . 2013-12-04 13:41	296960	----a-w-	c:\windows\system32\dxtrans.dll
2013-12-04 13:41 . 2013-12-04 13:41	263376	----a-w-	c:\windows\system32\iedkcs32.dll
2013-12-04 13:41 . 2013-12-04 13:41	247808	----a-w-	c:\windows\system32\msls31.dll
2013-12-04 13:41 . 2013-12-04 13:41	24576	----a-w-	c:\windows\SysWow64\licmgr10.dll
2013-12-04 13:41 . 2013-12-04 13:41	243200	----a-w-	c:\windows\system32\webcheck.dll
2013-12-04 13:41 . 2013-12-04 13:41	235520	----a-w-	c:\windows\system32\url.dll
2013-12-04 13:41 . 2013-12-04 13:41	235008	----a-w-	c:\windows\system32\elshyph.dll
2013-12-04 13:41 . 2013-12-04 13:41	195584	----a-w-	c:\windows\system32\msrating.dll
2013-12-04 13:41 . 2013-12-04 13:41	182272	----a-w-	c:\windows\SysWow64\msls31.dll
2013-12-04 13:41 . 2013-12-04 13:41	167424	----a-w-	c:\windows\system32\iexpress.exe
2013-12-04 13:41 . 2013-12-04 13:41	151552	----a-w-	c:\windows\SysWow64\iexpress.exe
2013-12-04 13:41 . 2013-12-04 13:41	147968	----a-w-	c:\windows\system32\occache.dll
2013-12-04 13:41 . 2013-12-04 13:41	143872	----a-w-	c:\windows\system32\wextract.exe
2013-12-04 13:41 . 2013-12-04 13:41	139264	----a-w-	c:\windows\SysWow64\wextract.exe
2013-12-04 13:41 . 2013-12-04 13:41	13824	----a-w-	c:\windows\system32\mshta.exe
2013-12-04 13:41 . 2013-12-04 13:41	135680	----a-w-	c:\windows\system32\iepeers.dll
2013-12-04 13:41 . 2013-12-04 13:41	13312	----a-w-	c:\windows\SysWow64\mshta.exe
2013-12-04 13:41 . 2013-12-04 13:41	13312	----a-w-	c:\windows\system32\msfeedssync.exe
2013-12-04 13:41 . 2013-12-04 13:41	131072	----a-w-	c:\windows\system32\IEAdvpack.dll
2013-12-04 13:41 . 2013-12-04 13:41	1228800	----a-w-	c:\windows\system32\mshtmlmedia.dll
2013-12-04 13:41 . 2013-12-04 13:41	112128	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2013-12-04 13:41 . 2013-12-04 13:41	111616	----a-w-	c:\windows\SysWow64\IEAdvpack.dll
2013-12-04 13:41 . 2013-12-04 13:41	105984	----a-w-	c:\windows\system32\iesysprep.dll
2013-12-04 13:41 . 2013-12-04 13:41	1051136	----a-w-	c:\windows\SysWow64\mshtmlmedia.dll
2013-12-04 13:41 . 2013-12-04 13:41	101376	----a-w-	c:\windows\system32\inseng.dll
2013-11-26 11:54 . 2013-12-12 02:01	23183360	----a-w-	c:\windows\system32\mshtml.dll
2013-11-26 10:19 . 2013-12-12 02:01	2724864	----a-w-	c:\windows\system32\mshtml.tlb
2013-11-26 10:18 . 2013-12-12 02:01	4096	----a-w-	c:\windows\system32\ieetwcollectorres.dll
2013-11-26 09:48 . 2013-12-12 02:01	66048	----a-w-	c:\windows\system32\iesetup.dll
2013-11-26 09:46 . 2013-12-12 02:01	48640	----a-w-	c:\windows\system32\ieetwproxystub.dll
2013-11-26 09:41 . 2013-12-12 02:01	2764288	----a-w-	c:\windows\system32\iertutil.dll
2013-11-26 09:29 . 2013-12-12 02:01	53760	----a-w-	c:\windows\system32\jsproxy.dll
2013-11-26 09:27 . 2013-12-12 02:01	33792	----a-w-	c:\windows\system32\iernonce.dll
2013-11-26 09:23 . 2013-12-12 02:01	2724864	----a-w-	c:\windows\SysWow64\mshtml.tlb
2013-11-26 09:21 . 2013-12-12 02:01	574976	----a-w-	c:\windows\system32\ieui.dll
2013-11-26 09:18 . 2013-12-12 02:01	139264	----a-w-	c:\windows\system32\ieUnatt.exe
2013-11-26 09:18 . 2013-12-12 02:01	111616	----a-w-	c:\windows\system32\ieetwcollector.exe
2013-11-26 09:16 . 2013-12-12 02:01	708608	----a-w-	c:\windows\system32\jscript9diag.dll
2013-11-26 08:57 . 2013-12-12 02:01	218624	----a-w-	c:\windows\system32\ie4uinit.exe
2013-11-26 08:35 . 2013-12-12 02:01	5769216	----a-w-	c:\windows\system32\jscript9.dll
2013-11-26 08:28 . 2013-12-12 02:01	553472	----a-w-	c:\windows\SysWow64\jscript9diag.dll
2013-11-26 08:16 . 2013-12-12 02:01	4243968	----a-w-	c:\windows\SysWow64\jscript9.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	131248	----a-w-	c:\users\Astrid Cobb\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	131248	----a-w-	c:\users\Astrid Cobb\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	131248	----a-w-	c:\users\Astrid Cobb\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Gaming Mouse"="c:\gaming mouse\Gaming Mouse.exe" [2009-09-30 1306624]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-03 284696]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2013-07-15 311152]
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe" [2013-12-21 3478392]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888]
"HotkeyApp"="c:\program files (x86)\Launch Manager\HotkeyApp.exe" [2009-12-14 200704]
"LMgrVolOSD"="c:\program files (x86)\Launch Manager\OSD.exe" [2009-12-11 348960]
"Wbutton"="c:\program files (x86)\Launch Manager\Wbutton.exe" [2010-06-21 436264]
"TkBellExe"="c:\program files (x86)\Real\RealPlayer\update\realsched.exe" [2013-06-16 295512]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-11-01 152392]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk *\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 Windows Networkmanager;Windows Networkmanager;c:\windows\SysWOW64\Networkmanager\Networkmanager.exe run;c:\windows\SysWOW64\Networkmanager\Networkmanager.exe run [x]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\SysWOW64\FsUsbExDisk.SYS;c:\windows\SysWOW64\FsUsbExDisk.SYS [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 ManyCam;ManyCam Virtual Webcam;c:\windows\system32\DRIVERS\mcvidrv_x64.sys;c:\windows\SYSNATIVE\DRIVERS\mcvidrv_x64.sys [x]
R3 mcaudrv_simple;ManyCam Virtual Microphone;c:\windows\system32\drivers\mcaudrv_x64.sys;c:\windows\SYSNATIVE\drivers\mcaudrv_x64.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys;c:\windows\SYSNATIVE\DRIVERS\Rts516xIR.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WMSVC;Webverwaltungsdienst;c:\windows\system32\inetsrv\wmsvc.exe;c:\windows\SYSNATIVE\inetsrv\wmsvc.exe [x]
R3 WSDScan;WSD-Scanunterstützung durch UMB;c:\windows\system32\DRIVERS\WSDScan.sys;c:\windows\SYSNATIVE\DRIVERS\WSDScan.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 RalinkRegistryWriter64;RalinkRegistryWriter64;c:\program files (x86)\Belkin\F9L1103\v1\Common\RaRegistry64.exe;c:\program files (x86)\Belkin\F9L1103\v1\Common\RaRegistry64.exe [x]
S2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe;c:\program files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys;c:\windows\SYSNATIVE\DRIVERS\rtl8192se.sys [x]
S3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
S3 WisLMSvc;WisLMSvc;c:\program files (x86)\Launch Manager\WisLMSvc.exe;c:\program files (x86)\Launch Manager\WisLMSvc.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
iissvcs	REG_MULTI_SZ   	w3svc was
apphost	REG_MULTI_SZ   	apphostsvc
.
Inhalt des "geplante Tasks" Ordners
.
2014-01-28 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-29 08:05]
.
2014-01-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-09-11 00:11]
.
2014-01-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-09-11 00:11]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	164016	----a-w-	c:\users\Astrid Cobb\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	164016	----a-w-	c:\users\Astrid Cobb\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	164016	----a-w-	c:\users\Astrid Cobb\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	164016	----a-w-	c:\users\Astrid Cobb\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2011-04-26 172032]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-09-20 444904]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-08-09 167744]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-08-09 392512]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-08-09 417088]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 1832760]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-07-27 1028896]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2013-12-10 2279712]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2013-12-10 1100248]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 1266912]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
uInternet Settings,ProxyServer = localhost:8080
IE: An vorhandene PDF-Datei anfügen - c:\program files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: E&xport to Microsoft Excel - c:\progra~2\MIF5BA~1\Office14\EXCEL.EXE/3000
IE: Free YouTube to MP3 Converter - c:\users\Astrid Cobb\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: In Adobe PDF konvertieren - c:\program files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Linkziel an vorhandene PDF-Datei anhängen - c:\program files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Linkziel in Adobe PDF konvertieren - c:\program files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Se&nd to OneNote - c:\progra~2\MIF5BA~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{0F6F9345-AE8A-4D64-AF05-675B60A8B759}: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Astrid Cobb\AppData\Roaming\Mozilla\Firefox\Profiles\etykr1f9.default\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1312728702-859359394-3168730491-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-1312728702-859359394-3168730491-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_USERS\S-1-5-21-1312728702-859359394-3168730491-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{C47C34B5-E1A6-C020-F1AC-02BEBAED4EDC}*]
@Allowed: (Read) (RestrictedCode)
"pakndafjmjficifinilnigojdpcpnfcp"=hex:6a,61,67,69,6c,67,70,6c,70,6b,62,70,6b,
   69,6d,66,62,66,64,62,00,fa
"oaeegcoojojcalfecjlfmmefmpkekl"=hex:6a,61,67,69,6c,67,70,6c,70,6b,62,70,6b,69,
   6d,66,62,66,64,62,00,fa
.
[HKEY_USERS\S-1-5-21-1312728702-859359394-3168730491-1000\Software\SecuROM\License information*]
"datasecu"=hex:b2,f9,63,3c,90,42,49,9e,aa,86,0b,9d,a4,d3,fb,12,a3,1b,60,9a,bc,
   ca,f8,1c,2e,c5,99,22,b7,ce,ff,df,e1,a8,24,a6,0a,81,12,6d,89,54,53,9b,cc,46,\
"rkeysecu"=hex:f7,14,9f,89,9e,96,f4,38,c0,dc,5f,85,74,31,4d,35
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Wondershare\Wondershare Helper Compact\996505193\c:\windows\system32;c:\windows;c:\Windows\System32\Wbem;c:\windows\System32\WindowsPowerShell\v1.0\;c:\program files (x86)\Windows Live\Shared;c:\program files (x86)\QuickTime\QTSystem\PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC*PROCESSO]
"JoinUserExperience"=dword:00000001
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-01-28  15:28:26
ComboFix-quarantined-files.txt  2014-01-28 14:28
ComboFix2.txt  2014-01-27 21:27
.
Vor Suchlauf: 24 Verzeichnis(se), 111.361.548.288 Bytes frei
Nach Suchlauf: 25 Verzeichnis(se), 111.047.852.032 Bytes frei
.
- - End Of File - - 3557F53677831B8C3A12DAD3F656E537

--- --- ---

Wie verfahren wir jetzt weiter? :-) Ich danke dir schonmal das du dich der sache annimmst
Merci

Sound Probleme bei Tastatur eingabe und die eingabe selbst hackt auch! Verschwunden nach Neustart, kehrt aber wieder wen ich Online gehe

Log-Analyse und Auswertung: Sound Probleme bei Tastatur eingabe und die eingabe selbst hackt auch! Verschwunden nach Neustart, kehrt aber wieder wen ich Online gehe

Sound Probleme bei Tastatur eingabe und die eingabe selbst hackt auch! Verschwunden nach Neustart, kehrt aber wieder wen ich Online gehe

Ähnliche Themen: Sound Probleme bei Tastatur eingabe und die eingabe selbst hackt auch! Verschwunden nach Neustart, kehrt aber wieder wen ich Online gehe