Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Backdoor gefunden - Logfiles

Backdoor gefunden - Logfiles


Log-Analyse und Auswertung: Backdoor gefunden - Logfiles

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 16.10.2016, 22:52   #1
LChan
 
Backdoor gefunden - Logfiles - Standard

Backdoor gefunden - Logfiles


So, nachdem mir von kerri88 gesagt wurde, was ich in dem Fall tun soll, hier die entsprechenden Logfiles.
LG LChan :3

Hier das Malwarebytes Anti-Rootkit Logfile:

Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2016.10.16.08
  rootkit: v2016.09.26.02

Windows 10 x64 NTFS
Internet Explorer 11.321.14393.0
Viral Nature :: VIRALNATURE-PC [administrator]

16.10.2016 22:49:05
mbar-log-2016-10-16 (22-49-05).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 366024
Time elapsed: 12 minute(s), 56 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
Hier das GMER Logfile:

Code:
ATTFilter
GMER 2.2.19882 - hxxp://www.gmer.net
Rootkit scan 2016-10-16 23:32:14
Windows 6.2.9200  x64 \Device\Harddisk0\DR0 -> \Device\0000002b Crucial_CT256MX100SSD1 rev.MU01 238,47GB
Running: gmer-2.2.19882.exe; Driver: C:\Users\VIRALN~1\AppData\Local\Temp\axloruog.sys


---- User code sections - GMER 2.2 ----

?       C:\WINDOWS\system32\wbem\wbemsvc.dll [3120] entry point in ".rdata" section                                                                  000000006ef08fc0
?       C:\WINDOWS\SYSTEM32\dbgcore.DLL [3148] entry point in ".rdata" section                                                                       000000006fd6c940
?       C:\WINDOWS\system32\apphelp.dll [9220] entry point in ".rdata" section                                                                       000000006c4bf7c0

---- Threads - GMER 2.2 ----

Thread  C:\WINDOWS\system32\csrss.exe [764:10260]                                                                                                    ffff9f66ef006c20
Thread  C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe [7760:5160]                                                                              00007ffb1f6158f0
Thread  C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe [7760:7744]                                                                              00007ffb1e1359c0
Thread  C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe [7760:1404]                                                                              00007ffb12512bc0
Thread  C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe [7760:11564]                                                                             00007ffb1e1370d0
Thread  C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe [7760:6080]                                                                              00007ffb1b412880
Thread  C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe [7760:9532]                                                                              00007ffb1e1359c0
Thread  C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe [7760:11756]                                                                             00007ffb1f6158f0
Thread  C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe [7760:11508]                                                                             00007ffb1f6158f0
Thread  C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe [7760:8796]                                                                              00007ffb1f6158f0
Thread  C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe [7760:8724]                                                                              00007ffb1bff11a0
Thread  C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe [7760:11212]                                                                             00007ffb113fe010
Thread  C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe [7760:1864]                                                                              00007ffb150623bc
Thread  C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe [7760:4728]                                                                              00007ffb123d8ff0
Thread  C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.25061.0_x64__8wekyb3d8bbwe\Video.UI.exe [4256:13180]                                    00007ffb1f6158f0
Thread  C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.25061.0_x64__8wekyb3d8bbwe\Video.UI.exe [4256:5424]                                     00007ffb1e1359c0
Thread  C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.25061.0_x64__8wekyb3d8bbwe\Video.UI.exe [4256:7312]                                     00007ffb12512bc0
Thread  C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.25061.0_x64__8wekyb3d8bbwe\Video.UI.exe [4256:10764]                                    00007ffaee655870
Thread  C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.25061.0_x64__8wekyb3d8bbwe\Video.UI.exe [4256:3504]                                     00007ffb1f6158f0
Thread  C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.25061.0_x64__8wekyb3d8bbwe\Video.UI.exe [4256:12228]                                    00007ffb1d9ca1e0
Thread  C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.25061.0_x64__8wekyb3d8bbwe\Video.UI.exe [4256:11192]                                    00007ffb132c48e0
Thread  C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.25061.0_x64__8wekyb3d8bbwe\Video.UI.exe [4256:5564]                                     00007ffb0e57c820
Thread  C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.25061.0_x64__8wekyb3d8bbwe\Video.UI.exe [4256:8984]                                     00007ffb0e57c820
Thread  C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.25061.0_x64__8wekyb3d8bbwe\Video.UI.exe [4256:5888]                                     00007ffb1e1370d0
Thread  C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.25061.0_x64__8wekyb3d8bbwe\Video.UI.exe [4256:10552]                                    00007ffb123d8ff0
Thread  C:\Program Files\WindowsApps\Microsoft.ZuneMusic_3.6.25021.0_x64__8wekyb3d8bbwe\Music.UI.exe [9836:11568]                                    00007ffb1f6158f0
Thread  C:\Program Files\WindowsApps\Microsoft.ZuneMusic_3.6.25021.0_x64__8wekyb3d8bbwe\Music.UI.exe [9836:12616]                                    00007ffb1e1359c0
Thread  C:\Program Files\WindowsApps\Microsoft.ZuneMusic_3.6.25021.0_x64__8wekyb3d8bbwe\Music.UI.exe [9836:7884]                                     00007ffb12512bc0
Thread  C:\Program Files\WindowsApps\Microsoft.ZuneMusic_3.6.25021.0_x64__8wekyb3d8bbwe\Music.UI.exe [9836:9592]                                     00007ffaee655870
Thread  C:\Program Files\WindowsApps\Microsoft.ZuneMusic_3.6.25021.0_x64__8wekyb3d8bbwe\Music.UI.exe [9836:12368]                                    00007ffb1e2cca70
Thread  C:\Program Files\WindowsApps\Microsoft.ZuneMusic_3.6.25021.0_x64__8wekyb3d8bbwe\Music.UI.exe [9836:6772]                                     00007ffb1d9ca1e0
Thread  C:\Program Files\WindowsApps\Microsoft.ZuneMusic_3.6.25021.0_x64__8wekyb3d8bbwe\Music.UI.exe [9836:2556]                                     00007ffb1f6158f0
Thread  C:\Program Files\WindowsApps\Microsoft.ZuneMusic_3.6.25021.0_x64__8wekyb3d8bbwe\Music.UI.exe [9836:4844]                                     00007ffb1f6158f0
Thread  C:\Program Files\WindowsApps\Microsoft.ZuneMusic_3.6.25021.0_x64__8wekyb3d8bbwe\Music.UI.exe [9836:5592]                                     00007ffb0e57c820
Thread  C:\Program Files\WindowsApps\Microsoft.ZuneMusic_3.6.25021.0_x64__8wekyb3d8bbwe\Music.UI.exe [9836:11292]                                    00007ffb132c48e0
Thread  C:\Program Files\WindowsApps\Microsoft.ZuneMusic_3.6.25021.0_x64__8wekyb3d8bbwe\Music.UI.exe [9836:9072]                                     00007ffb0e57c820
Thread  C:\Program Files\WindowsApps\Microsoft.ZuneMusic_3.6.25021.0_x64__8wekyb3d8bbwe\Music.UI.exe [9836:6028]                                     00007ffb1e1370d0
Thread  C:\Program Files\WindowsApps\Microsoft.ZuneMusic_3.6.25021.0_x64__8wekyb3d8bbwe\Music.UI.exe [9836:5484]                                     00007ffb123d8ff0

---- Registry - GMER 2.2 ----

Reg     HKLM\SYSTEM\CurrentControlSet\Control\CMF\SqmData@CMFStartTime                                                                               0x9A 0xFF 0x07 0x32 ...
Reg     HKLM\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{0EF0DC12-9FA7-4B7A-ADBC-EA7A6946F7DD}\Connection@Name  isatap.{665670F5-9FB6-435B-9067-595DD022E219}
Reg     HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\kernel\RNG@RNGAuxiliarySeed                                                            930770148
Reg     HKLM\SYSTEM\CurrentControlSet\Services\aswRvrt\Parameters\Instup_14749069580782280@SetupOperations                                           ???2?????2?2?3?3?3?3?4???????????????????????????t???????????????????????????????????????A??????? ???????2???????????2???????? ??????????????????????????2??????Commited?????2?2?2?2?2?2?2?2???????????????????t???????????????????t?????????2???????????????????????????2???????????s??? ?2?????4?4?4?5?5?5?5?6?6?6?????????????????????????????t??????????????????4???????????????? ???????1?????2?????2??????????P?7??????????????2?????????e????aswSnx???????2?2?2?2?2?2?2?2??????L??2?????????n????avast! virtualization driver (aswSnx)???????????????????????????????t???????????????????0?????P??2??????????????\SystemRoot\system32\drivers\aswSnx.sys?00????0??2??????????FSFilter Virtualization??????????2??????????????FltMgr??????? ???????2?????2?????2? ???????? ?????????s??????? ??2???????????e??aswSnx Instance??????2?????2???2????? ???????2???????????2? ?????????????????????e???????2??????????137600???????2?2????????????????s??????2????? ???????2???????????2? ????????T??? ???????????? T??2??????????r???\??\C:\Program Files\AV
Reg     HKLM\SYSTEM\CurrentControlSet\Services\aswRvrt\Parameters\Instup_14749069895782280@SetupOperations                                           ? ?2?????4?4?4?5?5?5?5?6?6?6?????????????????????????????t??????????????????4???????????????? ???????1?????2?????2??????????P?7??????????????2?????????e????aswSnx???????2?2?2?2?2?2?2?2??????L??2?????????n????avast! virtualization driver (aswSnx)???????????????????????????????t???????????????????0?????P??2??????????????\SystemRoot\system32\drivers\aswSnx.sys?00????0??2??????????FSFilter Virtualization??????????2??????????????FltMgr??????? ???????2?????2?????2? ???????? ?????????s??????? ??2???????????e??aswSnx Instance??????2?????2???2????? ???????2???????????2? ?????????????????????e???????2??????????137600???????2?2????????????????s??????2????? ???????2???????????2? ????????T??? ???????????? T??2??????????r???\??\C:\Program Files\AVAST Software\Avast????2?2????? P??2??????????????\??\C:\ProgramData\AVAST Software\Avast?????? ???????1?????2?????2??????????N?8?????P????????2?????????e????aswSP????2?2?2?2?2?2?2?2??????.??2?????????n????avast! Self Protection???????????????????????????????????(?????????????????
Reg     HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Parameters\Isatap\{0EF0DC12-9FA7-4B7A-ADBC-EA7A6946F7DD}@InterfaceName                       isatap.{665670F5-9FB6-435B-9067-595DD022E219}
Reg     HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Parameters\Isatap\{0EF0DC12-9FA7-4B7A-ADBC-EA7A6946F7DD}@ReusableType                        0
Reg     HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch@Epoch                                                                              1398
Reg     HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch2@Epoch                                                                             54
Reg     HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeEstimated                                                          0x70 0x48 0x34 0x6A ...
Reg     HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeHigh                                                               0x70 0xB0 0xF8 0xCB ...
Reg     HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeLow                                                                0x70 0xE0 0x6F 0x08 ...
Reg     HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\0@Rw                                                                                           0x64 0x62 0x03 0x00 ...
Reg     HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\0@RwMask                                                                                       0x64 0x62 0x03 0x00 ...
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Live\Roaming\RegistrarData@LastRenewCollectionsInterest                                       0x99 0x4F 0x6D 0xB0 ...
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Notifications@TimestampWhenSeen                                                               0xE0 0xB7 0x47 0x4A ...
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\PushNotifications\wpnidm\48415de7@NotificationsCount                                          4
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\JumplistData@E7CF176E110C211B                                                          0xA5 0xBD 0x03 0xA4 ...
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{7049F216-EBCF-4B9E-B387-457FF4925FC6}@LastAccessedTime                     0x00 0x24 0xAC 0x9A ...
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{7049F216-EBCF-4B9E-B387-457FF4925FC6}@LaunchCount                          80
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{B1D308E5-FC58-4015-9976-F4EC8F31FF65}@LastAccessedTime                     0x20 0xB1 0xBA 0xD7 ...
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{B1D308E5-FC58-4015-9976-F4EC8F31FF65}@LaunchCount                          9
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Security and Maintenance@MessageTime                                                          0xDC 0x42 0x19 0xAD ...
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@0                                                                                     C:\Users\Viral Nature\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameRanger.lnk?C:\Users\Viral Nature\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@1                                                                                     C:\Users\Viral Nature\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\osu!.lnk?C:\Users\Viral Nature\AppData\Local\osu!\osu!.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@2                                                                                     C:\Users\Viral Nature\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk?C:\Users\Viral Nature\AppData\Roaming\Spotify\Spotify.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@3                                                                                     C:\Users\Viral Nature\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk?C:\WINDOWS\system32\eudcedit.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@4                                                                                     C:\Users\Viral Nature\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 12 (64bit).lnk?C:\Program Files (x86)\Image-Line\FL Studio 12\FL64.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@5                                                                                     C:\Users\Viral Nature\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 12.lnk?C:\Program Files (x86)\Image-Line\FL Studio 12\FL.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@6                                                                                     C:\Users\Viral Nature\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\IL Download Manager.lnk?C:\Program Files (x86)\Image-Line\Downloader\ILDownloadManager.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@7                                                                                     C:\Users\Viral Nature\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner\MSI Afterburner.lnk?C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@8                                                                                     C:\Users\Viral Nature\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software\Open Broadcaster Software (32bit).lnk?C:\Program Files (x86)\OBS\OBS.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@9                                                                                     C:\Users\Viral Nature\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software\Open Broadcaster Software (64bit).lnk?C:\Program Files\OBS\OBS.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@10                                                                                    C:\Users\Viral Nature\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server\RivaTuner Statistics Server.lnk?C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@11                                                                                    C:\Users\Viral Nature\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk?C:\Program Files (x86)\Steam\Steam.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@12                                                                                    C:\Users\Viral Nature\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client\TeamSpeak 3 Client.lnk?C:\Users\Viral Nature\AppData\Local\TeamSpeak 3 Client\ts3client_win64.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@13                                                                                    C:\Users\Viral Nature\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tweak-SSD v2\Tweak-SSD v2.lnk?C:\Program Files\Tweak-SSD v2\Tweak-SSD.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@14                                                                                    C:\Users\Viral Nature\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\Uplay\Uplay.lnk?C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@15                                                                                    C:\Users\Viral Nature\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk?C:\WINDOWS\syswow64\WindowsPowerShell\v1.0\powershell.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@16                                                                                    C:\Users\Viral Nature\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk?C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@17                                                                                    C:\Users\Viral Nature\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk?C:\Program Files\WinRAR\WinRAR.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@18                                                                                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat.com.lnk?C:\Program Files (x86)\Adobe\Acrobat.com\Acrobat.com.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@19                                                                                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller X.lnk?C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrodist.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@20                                                                                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat X Pro.lnk?C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@21                                                                                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Content Viewer.lnk?C:\Program Files (x86)\Adobe\Adobe Content Viewer\Adobe Content Viewer.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@22                                                                                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk?C:\Program Files (x86)\Adobe\Adobe Help\Adobe Help.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@23                                                                                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk?C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@24                                                                                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Widget Browser.lnk?C:\Program Files (x86)\Adobe\Adobe Widget Browser\Adobe Widget Browser.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@25                                                                                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk?C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@26                                                                                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk?C:\Program Files (x86)\Audacity\audacity.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@27                                                                                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk?C:\Program Files\GIMP 2\bin\gimp-2.8.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@28                                                                                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk?C:\Program Files\paint.net\PaintDotNet.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@29                                                                                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pidgin.lnk?C:\Program Files (x86)\Pidgin\pidgin.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@30                                                                                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10-Upgrade-Assistent.lnk?C:\Windows10Upgrade\Windows10UpgraderApp.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@31                                                                                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YaTQA.lnk?C:\Program Files (x86)\YaTQA\yatqa.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@32                                                                                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk?C:\WINDOWS\system32\mblctr.exe?/open?
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@33                                                                                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\ShapeCollector.lnk?C:\Program Files\Common Files\Microsoft Shared\Ink\ShapeCollector.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@34                                                                                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\TabTip.lnk?C:\Program Files\Common Files\Microsoft Shared\Ink\TabTip.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@35                                                                                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe\Adobe Story.lnk?C:\Program Files (x86)\Adobe Story\Adobe Story.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@36                                                                                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES2\Adobe LiveCycle Designer ES2.lnk?C:\Program Files (x86)\Adobe\Acrobat 10.0\Designer 9.0\FormDesigner.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@37                                                                                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS5.5\Adobe After Effects CS5.5.lnk?C:\Program Files\Adobe\Adobe After Effects CS5.5\Support Files\AfterFX.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@38                                                                                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS5.5\Adobe Audition CS5.5.lnk?C:\Program Files (x86)\Adobe\Adobe Audition CS5.5\Adobe Audition.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@39                                                                                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS5.5\Adobe Bridge CS5.1.lnk?C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@40                                                                                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS5.5\Adobe Contribute CS5.1.lnk?C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\App\Contribute.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@41                                                                                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS5.5\Adobe Device Central CS5.5.lnk?C:\Program Files (x86)\Adobe\Adobe Device Central CS5.5\DeviceCentral.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@42                                                                                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS5.5\Adobe Dreamweaver CS5.5.lnk?C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS5.5\Dreamweaver.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@43                                                                                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS5.5\Adobe Encore CS5.1 .lnk?C:\Program Files (x86)\Adobe\Adobe Encore CS5.1\Adobe Encore.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@44                                                                                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS5.5\Adobe ExtendScript Toolkit CS5.5.lnk?C:\Program Files (x86)\Adobe\Adobe Utilities - CS5.5\ExtendScript Toolkit CS5.5\ExtendScript Toolkit.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@45                                                                                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS5.5\Adobe Extension Manager CS5.5.lnk?C:\Program Files (x86)\Adobe\Adobe Extension Manager CS5.5\Adobe Extension Manager CS5.5.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@46                                                                                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS5.5\Adobe Fireworks CS5.1.lnk?C:\Program Files (x86)\Adobe\Adobe Fireworks CS5.1\Fireworks.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@47                                                                                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS5.5\Adobe Flash Builder 4.5.lnk?C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.5\FlashBuilder.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@48                                                                                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS5.5\Adobe Flash Catalyst CS5.5.lnk?C:\Program Files (x86)\Adobe\Adobe Flash Catalyst CS5.5\Adobe Flash Catalyst.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@49                                                                                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS5.5\Adobe Flash Professional CS5.5.lnk?C:\Program Files (x86)\Adobe\Adobe Flash CS5.5\Flash.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@50                                                                                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS5.5\Adobe Illustrator CS5.1.lnk?C:\Program Files (x86)\Adobe\Adobe Illustrator CS5.1\Support Files\Contents\Windows\Illustrator.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@51                                                                                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS5.5\Adobe Media Encoder CS5.5.lnk?C:\Program Files\Adobe\Adobe Media Encoder CS5.5\Adobe Media Encoder.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@52                                                                                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS5.5\Adobe OnLocation CS5.1.lnk?C:\Program Files (x86)\Adobe\Adobe OnLocation CS5.1\Adobe OnLocation.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@53                                                                                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS5.5\Adobe Photoshop CS5.1 (64 Bit).lnk?C:\Program Files\Adobe\Adobe Photoshop CS5.1 (64 Bit)\Photoshop.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@54                                                                                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS5.5\Adobe Photoshop CS5.1.lnk?C:\Program Files (x86)\Adobe\Adobe Photoshop CS5.1\Photoshop.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@55                                                                                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS5.5\Adobe Pixel Bender Toolkit 2.6.lnk?C:\Program Files (x86)\Adobe\Adobe Utilities - CS5.5\Pixel Bender Toolkit 2.6\Pixel Bender Toolkit.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@56                                                                                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS5.5\Adobe Premiere Pro CS5.5.lnk?C:\Program Files\Adobe\Adobe Premiere Pro CS5.5\Adobe Premiere Pro.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@57                                                                                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS5.5\Mocha for After Effects CS5.5.lnk?C:\Program Files\Adobe\Adobe After Effects CS5.5\mocha\bin\mocha4ae_adobe.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@58                                                                                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASRock Utility\ASRock eXtreme Tuner\ASRock eXtreme Tuner.lnk?C:\Program Files (x86)\ASRock Utility\AXTU\Bin\AsrXTU.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@59                                                                                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASRock Utility\InstantBoot\InstantBoot.lnk?C:\Program Files (x86)\ASRock Utility\InstantBoot\InstantBoot.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@60                                                                                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASRock Utility\SmartConnect\SmartConnect.lnk?C:\Program Files\ASRock Utility\SmartConnect\AsrSmartConnect.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@61                                                                                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net\Battle.net.lnk?C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@62                                                                                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CAM\CAM.lnk?C:\Program Files (x86)\NZXT\CAM\CAM_Client_V3.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@63                                                                                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk?C:\Program Files\CCleaner\CCleaner64.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@64                                                                                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\CPU-Z\CPU-Z.lnk?C:\Program Files\CPUID\CPU-Z\cpuz.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@65                                                                                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative\THX TruStudio\THX TruStudio-Einstellungen.lnk?C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@66                                                                                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink MediaEspresso\MediaEspresso Gadget.lnk?C:\Program Files (x86)\CyberLink\MediaEspresso\MediaEspresso.exe?gadget?
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@67                                                                                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink MediaEspresso\MediaEspresso.lnk?C:\Program Files (x86)\CyberLink\MediaEspresso\MediaEspresso.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@68                                                                                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\DVDVideoSoft Free Studio.lnk?C:\Program Files (x86)\Common Files\DVDVideoSoft\FreeStudioManager.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@69                                                                                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Free YouTube Download.lnk?C:\Program Files (x86)\DVDVideoSoft\Free YouTube Download\FreeYTVDownloader.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@70                                                                                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Free YouTube to MP3 Converter.lnk?C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\FreeYouTubeToMP3Converter.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@71                                                                                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Log Report.lnk?C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\DVSSysReport.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@72                                                                                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Premium Membership.lnk?C:\Program Files (x86)\Common Files\DVDVideoSoft\PremiumMembershipOffer.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@74                                                                                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps\Fraps.lnk?C:\Fraps\fraps.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@75                                                                                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GenArts Sapphire OFX\Check for Sapphire OFX Updates.lnk?C:\Program Files (x86)\GenArts\SapphireOFX\genarts-frontend.exe?-update?
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@76                                                                                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GenArts Sapphire OFX\Install Sapphire OFX Serial Number.lnk?C:\Program Files (x86)\GenArts\SapphireOFX\genarts-frontend.exe?-license-install?
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@77                                                                                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GenArts Sapphire OFX\Sapphire Flare Designer.lnk?C:\Program Files (x86)\GenArts\SapphireOFX\flare-editor\flare_editor.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@78                                                                                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GMX MailCheck\GMX MailCheck Reparaturassistent.lnk?C:\ProgramData\1&1 Mail & Media GmbH\MailCheck IE\GMX_MailCheck_Repair.exe?/REPAIR=1 /IT=3 /ID=9 /IM=12 /IY=2015 /IC=80 /IK=20632 /IJ=1 /LOCALE=de_DE /SEARCH=0 /DEFSEARCH=0 /STARTPAGE=0 /BUNDLE=0?
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@79                                                                                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GMX MailCheck\GMX Sichere Websuche.lnk?C:\Program Files (x86)\GMX MailCheck\IE\GMX_Sichere_Websuche.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@80                                                                                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gyazo\Gyazo GIF.lnk?C:\Program Files (x86)\Gyazo\GyazoGIF.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@81                                                                                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gyazo\Gyazo Settings.lnk?C:\Program Files (x86)\Gyazo\GyStation.exe?/option?
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@82                                                                                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gyazo\Gyazo.lnk?C:\Program Files (x86)\Gyazo\Gyazowin.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@83                                                                                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone\Hearthstone.lnk?D:\Hearthstone\Hearthstone\Hearthstone Beta Launcher.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@84                                                                                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios\Hi-Rez Diagnostics and Support.lnk?C:\Program Files (x86)\Hi-Rez Studios\HiRezGamesDiagAndSupport.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@86                                                                                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HiSuite\HiSuite.lnk?C:\Program Files (x86)\HiSuite\HiSuite.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@87                                                                                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 12.lnk?C:\Program Files (x86)\Image-Line\FL Studio 12\FL.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@88                                                                                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel\Intel Control Center.lnk?C:\Program Files (x86)\Intel\Intel Control Center\IntelControlCenter.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@89                                                                                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel\Updates\Intel(R) ME FW Recovery Agent.lnk?C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe?--domain-id 4e00205a-2ab1-4423-8f77-cc25b82cde1d --caller consumer?
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@90                                                                                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iZotope\iDrum\iZotope iDrum.lnk?C:\Program Files (x86)\iZotope\iDrum\win32\iDrum.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@91                                                                                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iZotope\The T-Pain Effect\The T-Pain Engine.lnk?C:\Program Files (x86)\iZotope\The T-Pain Effect\win32\The T-Pain Engine.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@92                                                                                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Magic Bullet Looks\Magic Bullet Looks.lnk?C:\Program Files (x86)\LooksBuilder\Magic Bullet Looks.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@93                                                                                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagicYUV\MagicYUV QuickTime configuration.lnk?C:\Windows\system32\rundll32.exe?"C:\Program Files (x86)\QuickTime\QTComponents\magicyuv_qt.qtx",Configure?
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@94                                                                                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagicYUV\MagicYUV VFW codec configuration.lnk?C:\Windows\system32\rundll32.exe?magicyuv.dll,Configure?
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@95                                                                                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus\Deinstallieren.lnk?C:\Program Files\McAfee Security Scan\uninstall.exe?C:\Program Files\McAfee Security Scan\3.11.334\McAfee.ico?
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@96                                                                                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus\McAfee Security Scan Plus.lnk?C:\Program Files\McAfee Security Scan\3.11.334\McUICnt.exe?SecurityScanner.dll?
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@97                                                                                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows - LIVE\Games for Windows - LIVE.lnk?C:\Program Files (x86)\Microsoft Games for Windows - LIVE\Client\GFWLive.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@98                                                                                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft LifeCam\Microsoft LifeCam.lnk?C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@99                                                                                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk?C:\Program Files\Microsoft Silverlight\5.1.50709.0\Silverlight.Configuration.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@100                                                                                   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft\Minecraft.lnk?C:\Program Files (x86)\Minecraft\MinecraftLauncher.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@101                                                                                   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\My MP4Box GUI\My MP4Box GUI.lnk?C:\Program Files\My MP4Box GUI\My MP4Box GUI.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@102                                                                                   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager\Nexus Mod Manager (Trace Mode).lnk?C:\Program Files\Nexus Mod Manager\NexusClient.exe?-trace?
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@103                                                                                   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager\Nexus Mod Manager.lnk?C:\Program Files\Nexus Mod Manager\NexusClient.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@104                                                                                   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\GeForce Experience.lnk?C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@105                                                                                   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision Photo Viewer.lnk?C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstview.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@106                                                                                   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision preview pack 1.lnk?C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe?/show?
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@107                                                                                   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.2\OpenOffice Base.lnk?C:\Program Files (x86)\OpenOffice 4\program\sbase.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@108                                                                                   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.2\OpenOffice Calc.lnk?C:\Program Files (x86)\OpenOffice 4\program\scalc.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@109                                                                                   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.2\OpenOffice Draw.lnk?C:\Program Files (x86)\OpenOffice 4\program\sdraw.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@110                                                                                   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.2\OpenOffice Impress.lnk?C:\Program Files (x86)\OpenOffice 4\program\simpress.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@111                                                                                   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.2\OpenOffice Math.lnk?C:\Program Files (x86)\OpenOffice 4\program\smath.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@112                                                                                   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.2\OpenOffice Writer.lnk?C:\Program Files (x86)\OpenOffice 4\program\swriter.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@113                                                                                   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.2\OpenOffice.lnk?C:\Program Files (x86)\OpenOffice 4\program\soffice.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@114                                                                                   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin\Origin Fehlermelder.lnk?C:\Program Files (x86)\Origin\OriginER.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@115                                                                                   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin\Origin.lnk?C:\Program Files (x86)\Origin\Origin.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@116                                                                                   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Overwatch\Overwatch.lnk?C:\Program Files (x86)\Overwatch\Overwatch Launcher.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@117                                                                                   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent\qBittorrent.lnk?C:\Program Files (x86)\qBittorrent\qbittorrent.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@118                                                                                   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\QuickTime deinstallieren.lnk?C:\Windows\SysWOW64\msiexec.exe?/i {627FFC10-CE0A-497F-BA2B-208CAC638010} /qf?
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@119                                                                                   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\QuickTime Player.lnk?C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@120                                                                                   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Red Giant\Red Giant Link.lnk?C:\Program Files (x86)\Red Giant\Common\Red Giant Link.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@121                                                                                   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony\Vegas Pro 13.0\Vegas Pro 13.0 (64-bit).lnk?C:\Program Files\Sony\Vegas Pro 13.0\vegas130.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@122                                                                                   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk?C:\Program Files (x86)\Steam\Steam.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@123                                                                                   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player - reset preferences and cache files.lnk?C:\Program Files\VideoLAN\VLC\vlc.exe?--reset-config --reset-plugins-cache vlc://quit?
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@124                                                                                   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk?C:\Program Files\VideoLAN\VLC\vlc.exe?-Iskins?
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@125                                                                                   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk?C:\Program Files\VideoLAN\VLC\vlc.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@126                                                                                   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vulkan 1.0.3.0\Demos\vulkaninfo.lnk?C:\Program Files (x86)\VulkanRT\1.0.3.0\vulkaninfo.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@127                                                                                   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vulkan 1.0.3.0\Demos\vulkaninfo32.lnk?C:\Program Files (x86)\VulkanRT\1.0.3.0\vulkaninfo32.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@128                                                                                   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk?C:\Program Files\WinRAR\WinRAR.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@129                                                                                   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\x264vfw\Configure x264vfw.lnk?C:\Windows\SysWOW64\rundll32.exe?x264vfw.dll,Configure?
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@130                                                                                   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\x264vfw\Configure x264vfw64.lnk?C:\Windows\System32\rundll32.exe?x264vfw64.dll,Configure?
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@131                                                                                   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XFast LAN\XFast LAN Konsole.lnk?C:\WINDOWS\System32\cmd.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@132                                                                                   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XFast USB\XFast USB.LNK?C:\Program Files (x86)\XFastUSB\XFastUsb.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@133                                                                                   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xinorbis6\Uninstall.lnk?C:\Program Files (x86)\freshney.org\Xinorbis6\UninstallXinorbis.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@134                                                                                   C:\Users\Viral Nature\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GFACE Launcher\GFACE.lnk?D:\GFACE\GFACE Launcher\live\gflauncher.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@135                                                                                   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TreeSize Free\TreeSize Free (Administrator).lnk?C:\Program Files (x86)\JAM Software\TreeSize Free\TreeSizeFree.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@137                                                                                   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends\League of Legends.lnk?D:\League of Legends\lol.launcher.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@139                                                                                   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk?C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\Silverlight.Configuration.exe??
Reg     HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC@140                                                                                   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexicon\Alpha\Uninstall Lexicon Alpha Driver Installer.lnk?C:\ProgramData\{E51ADF6A-7916-46B4-96C1-40D98D096077}\AlphaDriverInstaller.exe?REMOVE=TRUE UNINSTALL=YES MODIFY=FALSE?

---- EOF - GMER 2.2 ----

 

Themen zu Backdoor gefunden - Logfiles
administrator, backdoor, cloudflare, code, cpu-z, detected, disabled, drivers, explorer, gefunde, install.exe, logfile, logfiles, malicious, malware, malwarebytes, malwarebytes anti-rootkit, memory, minute, quick, registry, startup, system, trojaner, uplay, version, virus, windowsapps


« Win10: Zufällig Win32:Viknok-P [Cryp] bei vollständigem Virenscan gefunden | Windows 7 64Bit: Unverhofft öffnen sich neue Fenster im Browser nach Mausklick »


Ähnliche Themen: Backdoor gefunden - Logfiles


  1. ADWARE/InstallCore.Gen7 auf Rechner gefunden - Logfiles dazu anbei
    Log-Analyse und Auswertung - 22.12.2014 (7)
  2. Trojaner TR/Reveton.R.240 und Trojan.Agent.Gen gefunden ... hier die Logfiles
    Log-Analyse und Auswertung - 13.05.2013 (9)
  3. backdoor.gen 5 gefunden...
    Plagegeister aller Art und deren Bekämpfung - 15.01.2012 (21)
  4. Malware gefunden mit Avast und Spybot SD. Ist mein Rechner jetzt sauber? inkl. logfiles
    Plagegeister aller Art und deren Bekämpfung - 05.09.2011 (37)
  5. Viren gefunden! Logfiles vorhanden
    Log-Analyse und Auswertung - 22.05.2011 (1)
  6. Trojaner Tr Kazy mekml 1 gefunden: Logfiles
    Log-Analyse und Auswertung - 02.05.2011 (14)
  7. Backdoor.bot von Malwarebytes gefunden
    Plagegeister aller Art und deren Bekämpfung - 25.04.2011 (1)
  8. SpyEyes Trojaner gefunden, Logfiles erstellt
    Plagegeister aller Art und deren Bekämpfung - 01.03.2011 (15)
  9. Backdoor- und Hijackfiles gefunden
    Plagegeister aller Art und deren Bekämpfung - 19.02.2011 (5)
  10. Logfiles - Tool.EmailCracker und Ähnliches gefunden
    Log-Analyse und Auswertung - 30.06.2010 (19)
  11. BDS/Backdoor.Gen2 gefunden
    Log-Analyse und Auswertung - 29.08.2009 (2)
  12. BDS/Backdoor.gen gefunden!!
    Alles rund um Windows - 29.06.2009 (3)
  13. Backdoor Graybird gefunden
    Plagegeister aller Art und deren Bekämpfung - 03.02.2008 (6)
  14. Backdoor wird gefunden!
    Log-Analyse und Auswertung - 30.12.2007 (0)
  15. Backdoor.Tagent.e gefunden!Wat nu?
    Plagegeister aller Art und deren Bekämpfung - 09.02.2007 (6)
  16. backdoor.codbot.ah gefunden
    Log-Analyse und Auswertung - 07.10.2006 (2)
  17. Backdoor.Rbot.YE gefunden
    Plagegeister aller Art und deren Bekämpfung - 18.04.2005 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Backdoor gefunden - Logfiles - So, nachdem mir von kerri88 gesagt wurde, was ich in dem Fall tun soll, hier die entsprechenden Logfiles. LG LChan :3 Hier das Malwarebytes Anti-Rootkit Logfile: Code: Alles auswählen Aufklappen - Backdoor gefunden - Logfiles...
Archiv
Du betrachtest: Backdoor gefunden - Logfiles auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131