logfile Combofix. Kam zu keinen Problemen. Firefox war danach nicht mehr mein Standard-Browser. Hat also wohl daran was gedreht.
Wie geht das dann nun weiter? Du sagst wohl bescheid, wenn nix mehr kommen soll oder soll ich mal paar Tage beobachten und dann melden, ob das Problem noch besteht? Code:
ComboFix 15-01-02.01 - Raidi 02.01.2015 22:35:47.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.8150.6274 [GMT 1:00]
ausgeführt von:: c:\users\Raidi\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
FW: avast! Antivirus *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\mazuki.dll
c:\users\Raidi\AppData\Local\Microsoft\Windows\Temporary Internet Files\{A0709550-888E-4938-85F2-67A0C0798916}.xps
c:\users\Raidi\AppData\Local\Microsoft\Windows\Temporary Internet Files\{E3B1B16B-314D-4490-9DE2-8B443D04DBC4}.xps
c:\windows\msdownld.tmp
.
.
((((((((((((((((((((((( Dateien erstellt von 2014-12-02 bis 2015-01-02 ))))))))))))))))))))))))))))))
.
.
2015-01-02 21:45 . 2015-01-02 21:45 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-01-02 21:37 . 2015-01-02 21:37 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C4091DA7-85C1-4B8B-8E03-258F74D737D6}\offreg.dll
2015-01-02 17:12 . 2015-01-02 17:14 -------- d-----w- C:\FRST
2015-01-02 08:38 . 2014-12-02 10:26 11870360 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C4091DA7-85C1-4B8B-8E03-258F74D737D6}\mpengine.dll
2014-12-26 15:35 . 2014-12-26 15:35 -------- d-----w- c:\windows\ERUNT
2014-12-26 14:58 . 2014-12-13 00:47 620176 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2014-12-26 14:49 . 2015-01-02 17:02 -------- d-----w- c:\users\Raidi\AppData\Roaming\HpUpdate
2014-12-26 14:48 . 2014-12-26 14:48 -------- d-----w- c:\windows\Hewlett-Packard
2014-12-20 14:57 . 2015-01-02 08:45 129752 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-12-20 14:57 . 2014-12-20 14:57 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2014-12-20 14:57 . 2014-12-20 14:57 -------- d-----w- c:\programdata\Malwarebytes
2014-12-20 14:57 . 2014-11-21 05:14 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-12-20 14:57 . 2014-11-21 05:14 93400 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-12-20 14:57 . 2014-11-21 05:14 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-12-20 13:40 . 2014-12-26 15:32 -------- d-----w- C:\AdwCleaner
2014-12-20 13:35 . 2014-11-22 10:46 38032 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2014-12-20 13:35 . 2014-11-22 10:46 32400 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2014-12-20 13:34 . 2014-12-26 15:37 -------- d-----w- c:\users\Raidi\AppData\Roaming\moters
2014-12-20 13:34 . 2014-12-20 13:34 -------- d-sh--w- c:\users\Raidi\AppData\Local\EmieBrowserModeList
2014-12-17 19:08 . 2014-12-13 05:09 144384 ----a-w- c:\windows\system32\ieUnatt.exe
2014-12-17 19:08 . 2014-12-13 03:33 115712 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2014-12-14 10:58 . 2014-12-31 11:30 -------- d-----w- c:\users\Raidi\AppData\Local\Game Dev Tycoon - Steam
2014-12-12 15:36 . 2014-12-12 15:36 -------- d-----w- c:\windows\system32\appraiser
2014-12-12 00:02 . 2014-10-18 02:05 4121600 ----a-w- c:\windows\system32\mf.dll
2014-12-12 00:02 . 2014-10-18 01:33 3209728 ----a-w- c:\windows\SysWow64\mf.dll
2014-12-12 00:02 . 2014-07-07 02:06 206848 ----a-w- c:\windows\system32\mfps.dll
2014-12-12 00:02 . 2014-07-07 02:06 55808 ----a-w- c:\windows\system32\rrinstaller.exe
2014-12-12 00:02 . 2014-07-07 02:06 24576 ----a-w- c:\windows\system32\mfpmp.exe
2014-12-12 00:02 . 2014-07-07 02:02 2048 ----a-w- c:\windows\system32\mferror.dll
2014-12-12 00:02 . 2014-07-07 01:40 103424 ----a-w- c:\windows\SysWow64\mfps.dll
2014-12-12 00:02 . 2014-07-07 01:39 50176 ----a-w- c:\windows\SysWow64\rrinstaller.exe
2014-12-12 00:02 . 2014-07-07 01:39 23040 ----a-w- c:\windows\SysWow64\mfpmp.exe
2014-12-12 00:02 . 2014-07-07 01:37 2048 ----a-w- c:\windows\SysWow64\mferror.dll
2014-12-11 17:43 . 2014-12-04 02:50 741376 ----a-w- c:\windows\system32\invagent.dll
2014-12-11 17:43 . 2014-12-04 02:50 192000 ----a-w- c:\windows\system32\aepic.dll
2014-12-11 17:43 . 2014-12-04 02:44 1083392 ----a-w- c:\windows\system32\aeinv.dll
2014-12-11 17:43 . 2014-12-01 23:28 1232040 ----a-w- c:\windows\system32\aitstatic.exe
2014-12-11 17:43 . 2014-12-04 02:50 413184 ----a-w- c:\windows\system32\generaltel.dll
2014-12-11 17:43 . 2014-12-04 02:50 396800 ----a-w- c:\windows\system32\devinv.dll
2014-12-11 17:43 . 2014-12-04 02:50 227328 ----a-w- c:\windows\system32\aepdu.dll
2014-12-11 17:43 . 2014-11-11 03:09 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-12-11 17:43 . 2014-11-11 02:44 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2014-12-11 17:43 . 2014-11-11 01:46 119296 ----a-w- c:\windows\system32\drivers\tdx.sys
2014-12-11 17:40 . 2014-10-30 02:03 165888 ----a-w- c:\windows\system32\charmap.exe
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-12-26 15:38 . 2013-08-31 21:32 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-12-26 15:38 . 2013-08-31 21:32 701616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-12-13 10:08 . 2014-11-19 06:55 16040184 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2014-12-13 10:08 . 2014-11-19 06:55 17264312 ----a-w- c:\windows\system32\nvd3dumx.dll
2014-12-13 10:08 . 2013-09-19 20:28 18594432 ----a-w- c:\windows\system32\nvwgf2umx.dll
2014-12-13 10:08 . 2013-08-31 20:49 74056 ----a-w- c:\windows\system32\OpenCL.dll
2014-12-13 10:08 . 2013-08-31 20:49 60560 ----a-w- c:\windows\SysWow64\OpenCL.dll
2014-12-13 10:08 . 2013-02-25 22:32 14128496 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2014-12-13 10:08 . 2013-02-25 22:32 3293136 ----a-w- c:\windows\system32\nvapi64.dll
2014-12-13 08:03 . 2013-08-31 20:49 6859408 ----a-w- c:\windows\system32\nvcpl.dll
2014-12-13 08:03 . 2013-08-31 20:49 3513488 ----a-w- c:\windows\system32\nvsvc64.dll
2014-12-13 08:03 . 2013-08-31 20:49 935240 ----a-w- c:\windows\system32\nvvsvc.exe
2014-12-13 08:03 . 2013-08-31 20:49 62608 ----a-w- c:\windows\system32\nvshext.dll
2014-12-13 08:03 . 2013-08-31 20:49 386368 ----a-w- c:\windows\system32\nvmctray.dll
2014-12-13 08:03 . 2013-08-31 20:49 2558608 ----a-w- c:\windows\system32\nvsvcr.dll
2014-12-13 00:12 . 2014-06-03 17:16 1291464 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2014-12-13 00:12 . 2013-10-28 22:00 2210040 ----a-w- c:\windows\SysWow64\nvspcap.dll
2014-12-13 00:12 . 2014-06-03 17:16 1715224 ----a-w- c:\windows\system32\nvspbridge64.dll
2014-12-13 00:12 . 2013-10-28 22:00 2824504 ----a-w- c:\windows\system32\nvspcap64.dll
2014-12-12 23:11 . 2013-08-31 20:49 4151176 ----a-w- c:\windows\system32\nvcoproc.bin
2014-12-12 00:03 . 2013-08-31 23:22 112710672 ----a-w- c:\windows\system32\MRT.exe
2014-12-07 20:09 . 2013-09-01 09:12 215416 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-12-07 20:09 . 2013-09-01 09:12 215416 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2014-11-24 13:04 . 2010-11-21 03:27 275080 ------w- c:\windows\system32\MpSigStub.exe
2014-11-22 10:46 . 2013-09-19 20:28 35472 ----a-w- c:\windows\system32\nvaudcap64v.dll
2014-11-21 22:23 . 2013-10-01 20:03 1041168 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-11-19 03:31 . 2014-11-19 03:31 1217192 ----a-w- c:\windows\SysWow64\FM20.DLL
2014-11-13 00:20 . 2014-11-19 06:55 1876296 ----a-w- c:\windows\system32\nvdispco6434475.dll
2014-11-13 00:20 . 2014-11-19 06:55 1540424 ----a-w- c:\windows\system32\nvdispgenco6434475.dll
2014-11-11 03:08 . 2014-11-18 23:37 241152 ----a-w- c:\windows\system32\pku2u.dll
2014-11-11 03:08 . 2014-11-18 23:37 728064 ----a-w- c:\windows\system32\kerberos.dll
2014-11-11 02:44 . 2014-11-18 23:37 186880 ----a-w- c:\windows\SysWow64\pku2u.dll
2014-11-11 02:44 . 2014-11-18 23:37 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-10-30 08:56 . 2014-02-18 22:50 1538880 ----a-w- c:\windows\system32\nvhdagenco6420103.dll
2014-10-30 04:53 . 2014-11-04 18:23 1876296 ----a-w- c:\windows\system32\nvdispco6434460.dll
2014-10-30 04:53 . 2014-11-04 18:23 1539272 ----a-w- c:\windows\system32\nvdispgenco6434460.dll
2014-10-26 11:05 . 2013-12-01 11:14 76152 ----a-w- c:\windows\system32\PnkBstrA.exe
2014-10-25 01:57 . 2014-11-12 18:53 77824 ----a-w- c:\windows\system32\packager.dll
2014-10-25 01:32 . 2014-11-12 18:53 67584 ----a-w- c:\windows\SysWow64\packager.dll
2014-10-22 05:15 . 2014-09-20 16:07 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-10-18 02:05 . 2014-11-12 18:51 861696 ----a-w- c:\windows\system32\oleaut32.dll
2014-10-18 01:33 . 2014-11-12 18:51 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2014-10-14 02:16 . 2014-11-12 20:47 155064 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2014-10-14 02:13 . 2014-11-12 20:47 683520 ----a-w- c:\windows\system32\termsrv.dll
2014-10-14 02:13 . 2014-11-12 18:51 3241984 ----a-w- c:\windows\system32\msi.dll
2014-10-14 02:12 . 2014-11-12 20:47 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-10-14 02:09 . 2014-11-12 20:47 146432 ----a-w- c:\windows\system32\msaudite.dll
2014-10-14 02:07 . 2014-11-12 20:47 681984 ----a-w- c:\windows\system32\adtschema.dll
2014-10-14 01:50 . 2014-11-12 20:47 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-10-14 01:50 . 2014-11-12 18:51 2363904 ----a-w- c:\windows\SysWow64\msi.dll
2014-10-14 01:49 . 2014-11-12 20:47 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-10-14 01:47 . 2014-11-12 20:47 146432 ----a-w- c:\windows\SysWow64\msaudite.dll
2014-10-14 01:46 . 2014-11-12 20:47 681984 ----a-w- c:\windows\SysWow64\adtschema.dll
2014-10-10 00:57 . 2014-11-12 18:52 3198976 ----a-w- c:\windows\system32\win32k.sys
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2012-08-09 5263504]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-05-20 291648]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-07-29 4085896]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-10-07 507776]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2013-05-30 96056]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]
O&O Defrag Tray.lnk - c:\windows\Installer\{46CD29D7-580C-4E2E-8469-BD7F7CB1CCF8}\app_icon.ico [2014-12-26 292878]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 BstHdAndroidSvc;BlueStacks Android Service;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe;c:\windows\SYSNATIVE\AppleChargerSrv.exe [x]
R3 DRHARD;DRHARD;c:\windows\system32\DRIVERS\DRHARD.SYS;c:\windows\SYSNATIVE\DRIVERS\DRHARD.SYS [x]
R3 GVTDrv64;GVTDrv64;c:\windows\GVTDrv64.sys;c:\windows\GVTDrv64.sys [x]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys;c:\windows\SYSNATIVE\DRIVERS\MijXfilt.sys [x]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys;c:\windows\SYSNATIVE\drivers\nusb3hub.sys [x]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys;c:\windows\SYSNATIVE\drivers\nusb3xhc.sys [x]
R3 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AppleCharger.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxDrv.sys [x]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxUSBMon.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 BstHdDrv;BlueStacks Hypervisor;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [x]
S2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe [x]
S2 BstHdUpdaterSvc;BlueStacks Updater Service;c:\program files (x86)\BlueStacks\HD-UpdaterService.exe;c:\program files (x86)\BlueStacks\HD-UpdaterService.exe [x]
S2 DRHARD64;DRHARD64;c:\windows\system32\drivers\DRHARD64.sys;c:\windows\SYSNATIVE\drivers\DRHARD64.sys [x]
S2 DRHMSR64;DRHMSR64;c:\windows\system32\drivers\DRHMSR64.sys;c:\windows\SYSNATIVE\drivers\DRHMSR64.sys [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 OODefragAgent;O&O Defrag;c:\program files\OO Software\Defrag\oodag.exe;c:\program files\OO Software\Defrag\oodag.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe;c:\windows\SYSNATIVE\viakaraokesrv.exe [x]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys;c:\windows\SYSNATIVE\Drivers\EtronHub3.sys [x]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys;c:\windows\SYSNATIVE\Drivers\EtronXHCI.sys [x]
S3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-12-12 21:38 1087816 ----a-w- c:\program files (x86)\Google\Chrome\Application\39.0.2171.95\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2015-01-02 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-31 15:38]
.
2015-01-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-08-31 23:16]
.
2015-01-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-08-31 23:16]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-07-18 09:25 634872 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OODefragTray"="c:\program files\OO Software\Defrag\oodtray.exe" [2014-08-29 4465448]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-12-13 2824504]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-12-13 2531472]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mDefault_Search_URL = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = *.local
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Raidi\AppData\Roaming\Mozilla\Firefox\Profiles\r9nluq47.default-1419087529209\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM-Run-Nvtmru - c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1976008990-4196840881-3594075464-1000\Software\SecuROM\License information*]
"datasecu"=hex:bc,c9,ef,e1,55,16,bc,3e,3d,7e,e4,45,cb,ea,e4,a1,d3,04,04,b5,a6,
b8,a5,a6,f5,2b,09,0c,ce,58,30,af,de,70,5e,7d,76,89,c3,7e,58,78,3e,36,cf,80,\
"rkeysecu"=hex:d8,b3,6f,c8,c5,a4,b4,ee,b0,0c,41,37,45,36,46,e1
.
[HKEY_LOCAL_MACHINE\SOFTWARE\BlueStacks]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_235_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_235_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_235_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_235_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.16"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG17.00.00.01PROFESSIONAL"="2290FC36D58E045D8D4CE12AF80F8D23F9920315331E8A89A514A05816F481E073997ADCE8B8036752DEC92D547E2BCCADBA49E99D142F856E96C67F7029F9EF8FB74F3439B8DDCB405861050CCB4FF8160E35D5268DB9904E071365F5A45347A28BBAA331EB97A2AA5C564504ECBDFECED607B7CA314CDEC87476D9DA65B0163A09FC86DF4775BAC8E35CF544697CE7D8B483E7A9BD4F5749C2E49DF8FB7BC1C77ADC2CF8D10293373F2A1378DCD7F39999712C898370961CAA57E74F9161E224FB245752268C64F28F790CF079DD9557CB9CC353E99FEC72B74BE07EDD5446877E9F3EE7732597FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA9C6AECB7A5D1407A2D97226D213B555A6171C11EC38DE3D9DB7CE019D40AA5CD69DC45E16845B82055E91D2F5B9FA9F15F8EA2A24FB1FFA9026237A39DE706E7A43E94C4E86B97A9F5D376317D55505FD06405D0C71AB57AF007B9DA58C40F4F4B4BB87A590D63E42FAD28F7504956764B54B910A5352BC32B52B06635D54B24F764DF317D23AD37FA3C8C5E5EA66E886F5E263ECDF7D871E58191CDAC1F464785EB8E53E153171CC92826ADD46355D0209606022E6DDCCDB4F323C92BFB576BF1999A7DEB14F0684D7EDD3F8E4B34FDA05A48EBECBE4D03754E4383870E70F5CA812785E95E53267597C4C752BD8FB78531266F988CA906078A5D59C81A605655DC509454512C794CF2593B68FDE5526318E5131A78BB86C1C6BCCB4334C62DADF5D0043D4ADD115C7DFDDC31D430013B00432634AE3ABD277324B19DB78E81C2E85772AEF5C8CD1A1AB50C6F24957D2B7E25B34A45980F095FA710764900C7016EEFBEE5402E6191309078FC57566DC011C956B7F318287544754DECABC70003B4E922CD3C6879E24FD11105B93F08D19271D75B6F72F396720FC261FE7F45716DB2E1FD51A4577B195706010B1EA2261FEA0E13A7B398FD310E88608C3276A72553B2AD32CAD1F6C5B9C3BD1A0FD3F9122C4E40ED008F7752809CABC43CB8CEEF916D25CF1017359E002FD267609ECB19223564BCDB440FC7AC1660C9FD9F7021011C391A4B336D1BD7D2E228F9C9520D7C5B19E8D8E9F699F6D6B5754FB4A705F73C92AC06D0F810B636FF187FD898D7C2E9847EE192C1434D71593A192055734F5D86F098C87E9667A10D343A77B828E4ECB1916096428D5C1BEC90B320C27DFC7044102A00E5F6FFDFB1D654602D52010B57D6AC92722A862EA1759A0A92336880890F36E768BCE1C48B35B3B1AB649CFE1F0957AB95656603D2E995A8BE111D0BFE3EBECF469AC782B92519CA227A45BFE03876CC26B8759FDD29A0EC351CBAA30D5BC4BA44C36AAFE4A3A345FFC5078E2587426D05C6E5F1C5EF020462F48917C937AE8"
"OODEFRAG18.00.00.01PROFESSIONAL"="6316C681B1E222F8C4F848B4B04E080AF3BF0421A0A1D812EC25427E288067CBDB22A14F9E46F57B5543166970E195C7E08F3312CD4ADA964E82C927AA7366046389D3D911E4B5E04F22B2F84157C4CA7481B74F9FDC0BC9034485077826B80160B839A80FD0CEFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA9C6AECB7A5D1407A9C6AECB7A5D14078EDD5E5BE2F6E6678EDD5E5BE2F6E6671216A8E975F29CE191066210B1A57527099FFA5092E34A61FD89E0C87EBABED28A3B552D66A1FDC50D6BB3F6C211801971C3C85F1B62F529F96E3529207C2A81AA6967425B5707E4B534A3AFE1CDA41F80429444263B66AA36CAF7B5CC6BA822E9D9D1F11CDE800AC9BE344DF0D88962DE409384CEC0C489E3A7307F76CE0675249A0CF61414F5B26FBD6E5B73C31BBC9C347D92D258FC219BE2678735015072198C8E81D3E53613AF39DCD393320ABE29EA90DA137DC17A562CA9C6C173D8C2EA67D8368E59D38E740A8F2A1E6049AB5A828C3A963E065872098925FD2735C22233EE2D1D87A5C28FDF1AC2829812F9E971360307BC052EB2519C8469B4C104294E56F17A9C48FDB63E15F557BDE0D7747DD4FBB1AFBA26BD32FD38ACC61ACB5069190548581A40017A9A915545F4A17CC237DD0AE0E8991D2EC884149DA294C90D4759480EBD4269C0CCD659B7526D6631ADD7242E141D4016A0268C8B800CAE10F1D7E2279BED530FCB7962B1C101FC8D8B8A3B8A06F179962B4C29F61D1479A131DD25215DE28138C1A318E5CF58EB6DAA8D2C7C4C127E2B901AA1DCA7BF89C39F383D0973F11CE2D9F242994B24453FE76AF99DB6A969A37E26504C915B224CDAAD81868F22300B4376CD25C9C67F40A21EC89BDB193AA528FAB4E792E26B6486F5E750AAAEADFCB2B44BF6A357F106BF1CE43B9375D1A9C219F066A209EF89483B8BB17F8469DE5F26EF8EF223DB772949BA507C07777D07714C9502311F8DCB1F2F8C0CC81BA483B8948319285D50CA815CC5F54A55BFB36D31D130F7CC97BF35B4D4154FDF1ADF4B36FC3A1AFCA19490FE9A26EFF8E789E52F1076A73020D586A4929FA4B7DDB8B475393F61244D7CB9FDE0775B56BC4F2BF8D65DC464F5C48D2A61F806876255BE170A53191F0CF933D63D94A743DBCD0066423282EA39C73B1673AE661870012506D2E61020E98A25AAEB701EF9B5D29A7080884BA3601E72DB0B15EC14208B98CB8FADC9BBC6AE3041BA3F42980F2F28B655B63DD837090D938143F20E61493E9B4BA0FE6CD4EA65028B7A46A1813A457D19D529345850D5F8C21387F77790304AA8FA9A0F9DC64AFBD5DE15FB78CC06A9B44414C6B73D8DECCEA46EACF83D7A4FDBBD3DE47DD059E0A2EEC8F0B54472C7A9A439819A20E6713BDA1C67"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2015-01-02 22:51:54
ComboFix-quarantined-files.txt 2015-01-02 21:51
.
Vor Suchlauf: 13 Verzeichnis(se), 326.910.332.928 Bytes frei
Nach Suchlauf: 18 Verzeichnis(se), 329.989.271.552 Bytes frei
.
- - End Of File - - B803690B81C6AC1FC5C5BD3993405C78
5FB38429D5D77768867C76DCBDB35194 mfg raidi |