Feinschnitt | 04.01.2014 20:17 | Vielen Dank schrauber für deine Mühe.
Hier die Auswertung: Code:
ComboFix 14-01-04.03 - Jerome 04.01.2014 19:06:14.1.1 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.1913.494 [GMT 1:00]
ausgeführt von:: c:\users\Jerome\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Common Files\Acer GameZone online.ico
c:\program files (x86)\Downloaded Installers
c:\program files (x86)\Downloaded Installers\{85734060-4F8B-477D-9FBD-44DEAC824BE2}\setup.msi
c:\users\Jerome\AppData\Local\assembly\tmp
c:\users\Jerome\AppData\Roaming\Microsoft\Windows\Recent\desktop_8956756.ico
c:\users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\31joi5mq.default\extensions\crossriderapp529@crossrider.com
c:\users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\31joi5mq.default\extensions\crossriderapp529@crossrider.com\chrome.manifest
c:\users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\31joi5mq.default\extensions\crossriderapp529@crossrider.com\chrome\content\api.js
c:\users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\31joi5mq.default\extensions\crossriderapp529@crossrider.com\chrome\content\api\asyncDB.js
c:\users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\31joi5mq.default\extensions\crossriderapp529@crossrider.com\chrome\content\api\background.js
c:\users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\31joi5mq.default\extensions\crossriderapp529@crossrider.com\chrome\content\api\browserAction.js
c:\users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\31joi5mq.default\extensions\crossriderapp529@crossrider.com\chrome\content\api\contextMenu.js
c:\users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\31joi5mq.default\extensions\crossriderapp529@crossrider.com\chrome\content\api\dbManager.js
c:\users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\31joi5mq.default\extensions\crossriderapp529@crossrider.com\chrome\content\api\dom_bg.js
c:\users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\31joi5mq.default\extensions\crossriderapp529@crossrider.com\chrome\content\api\fileManager.js
c:\users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\31joi5mq.default\extensions\crossriderapp529@crossrider.com\chrome\content\api\firefox.js
c:\users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\31joi5mq.default\extensions\crossriderapp529@crossrider.com\chrome\content\api\firefoxNotifications.js
c:\users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\31joi5mq.default\extensions\crossriderapp529@crossrider.com\chrome\content\api\firefoxOmnibox.js
c:\users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\31joi5mq.default\extensions\crossriderapp529@crossrider.com\chrome\content\api\message.js
c:\users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\31joi5mq.default\extensions\crossriderapp529@crossrider.com\chrome\content\api\pageAction.js
c:\users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\31joi5mq.default\extensions\crossriderapp529@crossrider.com\chrome\content\api\request.js
c:\users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\31joi5mq.default\extensions\crossriderapp529@crossrider.com\chrome\content\api\tabs.js
c:\users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\31joi5mq.default\extensions\crossriderapp529@crossrider.com\chrome\content\api\webRequest.js
c:\users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\31joi5mq.default\extensions\crossriderapp529@crossrider.com\chrome\content\background.html
c:\users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\31joi5mq.default\extensions\crossriderapp529@crossrider.com\chrome\content\baseObject.js
c:\users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\31joi5mq.default\extensions\crossriderapp529@crossrider.com\chrome\content\browser.xul
c:\users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\31joi5mq.default\extensions\crossriderapp529@crossrider.com\chrome\content\core\console.js
c:\users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\31joi5mq.default\extensions\crossriderapp529@crossrider.com\chrome\content\core\consts.js
c:\users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\31joi5mq.default\extensions\crossriderapp529@crossrider.com\chrome\content\core\delegate.js
c:\users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\31joi5mq.default\extensions\crossriderapp529@crossrider.com\chrome\content\core\extensionDataStore.js
c:\users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\31joi5mq.default\extensions\crossriderapp529@crossrider.com\chrome\content\core\folderIOWrapper.js
c:\users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\31joi5mq.default\extensions\crossriderapp529@crossrider.com\chrome\content\core\httpObserver.js
c:\users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\31joi5mq.default\extensions\crossriderapp529@crossrider.com\chrome\content\core\IDBWrapper.js
c:\users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\31joi5mq.default\extensions\crossriderapp529@crossrider.com\chrome\content\core\installer.js
c:\users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\31joi5mq.default\extensions\crossriderapp529@crossrider.com\chrome\content\core\logFile.js
c:\users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\31joi5mq.default\extensions\crossriderapp529@crossrider.com\chrome\content\core\prefs.js
c:\users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\31joi5mq.default\extensions\crossriderapp529@crossrider.com\chrome\content\core\progressListenerObserver.js
c:\users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\31joi5mq.default\extensions\crossriderapp529@crossrider.com\chrome\content\core\registry.js
c:\users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\31joi5mq.default\extensions\crossriderapp529@crossrider.com\chrome\content\core\reloadObserver.js
c:\users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\31joi5mq.default\extensions\crossriderapp529@crossrider.com\chrome\content\core\reports.js
c:\users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\31joi5mq.default\extensions\crossriderapp529@crossrider.com\chrome\content\core\requestObject.js
c:\users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\31joi5mq.default\extensions\crossriderapp529@crossrider.com\chrome\content\core\searchSettings.js
c:\users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\31joi5mq.default\extensions\crossriderapp529@crossrider.com\chrome\content\core\uninstallObserver.js
c:\users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\31joi5mq.default\extensions\crossriderapp529@crossrider.com\chrome\content\core\updateManager.js
c:\users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\31joi5mq.default\extensions\crossriderapp529@crossrider.com\chrome\content\core\utils.js
c:\users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\31joi5mq.default\extensions\crossriderapp529@crossrider.com\chrome\content\core\xhr.js
c:\users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\31joi5mq.default\extensions\crossriderapp529@crossrider.com\chrome\content\dialog.js
c:\users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\31joi5mq.default\extensions\crossriderapp529@crossrider.com\chrome\content\main.js
c:\users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\31joi5mq.default\extensions\crossriderapp529@crossrider.com\chrome\content\options.js
c:\users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\31joi5mq.default\extensions\crossriderapp529@crossrider.com\chrome\content\options.xul
c:\users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\31joi5mq.default\extensions\crossriderapp529@crossrider.com\chrome\content\search_dialog.xul
c:\users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\31joi5mq.default\extensions\crossriderapp529@crossrider.com\defaults\preferences\prefs.js
c:\users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\31joi5mq.default\extensions\crossriderapp529@crossrider.com\extensionData\manifest.xml
c:\users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\31joi5mq.default\extensions\crossriderapp529@crossrider.com\extensionData\plugins.json
c:\users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\31joi5mq.default\extensions\crossriderapp529@crossrider.com\extensionData\plugins\12_iws_coupons_only.js
c:\users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\31joi5mq.default\extensions\crossriderapp529@crossrider.com\extensionData\plugins\13_CrossriderAppUtils.js
c:\users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\31joi5mq.default\extensions\crossriderapp529@crossrider.com\extensionData\plugins\14_CrossriderUtils.js
c:\users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\31joi5mq.default\extensions\crossriderapp529@crossrider.com\extensionData\plugins\16_FFAppAPIWrapper.js
c:\users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\31joi5mq.default\extensions\crossriderapp529@crossrider.com\extensionData\plugins\17_jQuery.js
c:\users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\31joi5mq.default\extensions\crossriderapp529@crossrider.com\extensionData\plugins\29_autocomplete_plus.js
c:\users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\31joi5mq.default\extensions\crossriderapp529@crossrider.com\extensionData\plugins\47_resources_background.js
c:\users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\31joi5mq.default\extensions\crossriderapp529@crossrider.com\extensionData\plugins\60_base_monetization.js
c:\users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\31joi5mq.default\extensions\crossriderapp529@crossrider.com\extensionData\plugins\64_appApiMessage.js
c:\users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\31joi5mq.default\extensions\crossriderapp529@crossrider.com\extensionData\plugins\72_appApiValidation.js
c:\users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\31joi5mq.default\extensions\crossriderapp529@crossrider.com\extensionData\plugins\78_CrossriderInfo.js
c:\users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\31joi5mq.default\extensions\crossriderapp529@crossrider.com\extensionData\plugins\98_omniCommands.js
c:\users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\31joi5mq.default\extensions\crossriderapp529@crossrider.com\extensionData\userCode\background.js
c:\users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\31joi5mq.default\extensions\crossriderapp529@crossrider.com\extensionData\userCode\extension.js
c:\users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\31joi5mq.default\extensions\crossriderapp529@crossrider.com\install.rdf
c:\users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\31joi5mq.default\extensions\crossriderapp529@crossrider.com\locale\en-US\translations.dtd
c:\users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\31joi5mq.default\extensions\crossriderapp529@crossrider.com\skin\button1.png
c:\users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\31joi5mq.default\extensions\crossriderapp529@crossrider.com\skin\button2.png
c:\users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\31joi5mq.default\extensions\crossriderapp529@crossrider.com\skin\button3.png
c:\users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\31joi5mq.default\extensions\crossriderapp529@crossrider.com\skin\button4.png
c:\users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\31joi5mq.default\extensions\crossriderapp529@crossrider.com\skin\button5.png
c:\users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\31joi5mq.default\extensions\crossriderapp529@crossrider.com\skin\crossrider_statusbar.png
c:\users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\31joi5mq.default\extensions\crossriderapp529@crossrider.com\skin\icon128.png
c:\users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\31joi5mq.default\extensions\crossriderapp529@crossrider.com\skin\icon16.png
c:\users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\31joi5mq.default\extensions\crossriderapp529@crossrider.com\skin\icon24.png
c:\users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\31joi5mq.default\extensions\crossriderapp529@crossrider.com\skin\icon48.png
c:\users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\31joi5mq.default\extensions\crossriderapp529@crossrider.com\skin\panelarrow-up.png
c:\users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\31joi5mq.default\extensions\crossriderapp529@crossrider.com\skin\popup.html
c:\users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\31joi5mq.default\extensions\crossriderapp529@crossrider.com\skin\skin.css
c:\users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\31joi5mq.default\extensions\crossriderapp529@crossrider.com\skin\update.css
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\SysWow64\PowerToyReadme.htm
c:\windows\XSxS
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-12-04 bis 2014-01-04 ))))))))))))))))))))))))))))))
.
.
2014-01-04 18:41 . 2014-01-04 18:41 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-01-04 07:38 . 2014-01-04 08:28 -------- d-----w- c:\users\Jerome\AppData\Local\Genymobile
2014-01-04 07:36 . 2014-01-04 07:36 -------- d-----w- c:\program files\Genymobile
2014-01-04 07:31 . 2014-01-04 07:29 965000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{29E64A55-390D-4BD2-821C-CD766C9415D9}\gapaengine.dll
2014-01-04 07:30 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F7CBE54C-48D6-4C8E-B0AD-214DB8D7C1AB}\mpengine.dll
2014-01-04 07:30 . 2013-11-23 18:26 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2014-01-04 07:30 . 2013-11-23 17:47 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2014-01-04 07:30 . 2012-02-11 06:36 559104 ----a-w- c:\windows\system32\spoolsv.exe
2014-01-04 07:30 . 2012-02-11 06:36 67072 ----a-w- c:\windows\splwow64.exe
2014-01-04 07:29 . 2013-04-17 07:02 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2014-01-04 07:29 . 2013-04-17 06:24 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-01-02 21:58 . 2014-01-02 21:58 -------- d-----w- c:\windows\SysWow64\wbem\en-US
2014-01-02 21:58 . 2014-01-02 21:58 -------- d-----w- c:\windows\system32\wbem\en-US
2014-01-02 21:01 . 2013-05-10 04:30 167424 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2014-01-02 21:01 . 2013-05-10 03:48 164864 ----a-w- c:\program files (x86)\Windows Media Player\wmplayer.exe
2014-01-02 21:01 . 2013-05-10 05:56 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2014-01-02 21:01 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL
2014-01-02 21:00 . 2013-05-10 05:56 14631424 ----a-w- c:\windows\system32\wmp.dll
2014-01-02 20:13 . 2014-01-02 20:13 -------- d-----w- c:\windows\Migration
2014-01-02 19:22 . 2013-10-14 17:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2014-01-02 17:11 . 2012-07-26 07:46 2560 ----a-w- c:\windows\system32\drivers\de-DE\wdf01000.sys.mui
2014-01-02 14:24 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2014-01-02 14:24 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2014-01-02 14:24 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2014-01-02 14:24 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2014-01-02 14:24 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2014-01-02 14:24 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2014-01-02 14:24 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2014-01-02 13:21 . 2014-01-02 13:47 -------- d-----w- c:\windows\system32\MRT
2014-01-02 12:52 . 2014-01-02 12:52 -------- d-----w- c:\program files (x86)\FinalWire
2014-01-02 12:43 . 2013-01-04 06:11 2284544 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
2014-01-02 12:43 . 2013-01-04 06:11 2776576 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2014-01-02 12:43 . 2013-01-13 19:53 187392 ----a-w- c:\windows\SysWow64\UIAnimation.dll
2014-01-02 12:43 . 2013-01-13 19:24 221184 ----a-w- c:\windows\system32\UIAnimation.dll
2014-01-02 12:19 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-01-02 12:13 . 2013-09-28 01:09 497152 ----a-w- c:\windows\system32\drivers\afd.sys
2014-01-02 12:13 . 2012-10-09 18:17 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2014-01-02 12:13 . 2012-10-09 18:17 226816 ----a-w- c:\windows\system32\dhcpcore6.dll
2014-01-02 12:13 . 2012-10-09 17:40 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll
2014-01-02 12:13 . 2012-10-09 17:40 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll
2014-01-02 12:09 . 2013-10-05 20:25 1474048 ----a-w- c:\windows\system32\crypt32.dll
2014-01-02 12:09 . 2013-10-05 19:57 1168384 ----a-w- c:\windows\SysWow64\crypt32.dll
2014-01-02 12:09 . 2013-07-09 05:46 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2014-01-02 12:09 . 2013-07-09 05:46 139776 ----a-w- c:\windows\system32\cryptnet.dll
2014-01-02 12:09 . 2013-07-09 04:46 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2014-01-02 12:09 . 2013-07-09 04:46 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2014-01-02 12:07 . 2012-12-07 11:20 43520 ----a-w- c:\windows\system32\csrr.rs
2014-01-02 12:06 . 2013-07-26 02:24 14172672 ----a-w- c:\windows\system32\shell32.dll
2014-01-02 12:06 . 2013-07-26 02:24 197120 ----a-w- c:\windows\system32\shdocvw.dll
2014-01-02 12:05 . 2012-11-30 05:45 362496 ----a-w- c:\windows\system32\wow64win.dll
2014-01-02 12:05 . 2012-11-30 05:45 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2014-01-02 12:05 . 2012-11-30 05:43 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2014-01-02 12:01 . 2013-02-27 06:02 111448 ----a-w- c:\windows\system32\consent.exe
2014-01-02 12:01 . 2013-02-27 05:47 70144 ----a-w- c:\windows\system32\appinfo.dll
2014-01-02 12:00 . 2013-07-25 09:25 1888768 ----a-w- c:\windows\system32\WMVDECOD.DLL
2014-01-02 12:00 . 2013-07-25 08:57 1620992 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2014-01-02 12:00 . 2013-08-05 02:25 155584 ----a-w- c:\windows\system32\drivers\ataport.sys
2014-01-02 12:00 . 2013-10-04 02:24 1930752 ----a-w- c:\windows\system32\authui.dll
2014-01-02 12:00 . 2013-10-04 02:28 190464 ----a-w- c:\windows\system32\SmartcardCredentialProvider.dll
2014-01-02 12:00 . 2013-10-04 02:25 197120 ----a-w- c:\windows\system32\credui.dll
2014-01-02 12:00 . 2013-10-04 01:58 152576 ----a-w- c:\windows\SysWow64\SmartcardCredentialProvider.dll
2014-01-02 12:00 . 2013-10-04 01:56 168960 ----a-w- c:\windows\SysWow64\credui.dll
2014-01-02 12:00 . 2013-10-04 01:56 1796096 ----a-w- c:\windows\SysWow64\authui.dll
2014-01-02 11:58 . 2013-03-31 22:52 1887232 ----a-w- c:\windows\system32\d3d11.dll
2014-01-02 11:56 . 2013-07-04 12:57 259584 ----a-w- c:\windows\system32\WebClnt.dll
2014-01-02 11:54 . 2013-10-30 01:24 3155968 ----a-w- c:\windows\system32\win32k.sys
2014-01-02 11:52 . 2013-04-26 05:51 751104 ----a-w- c:\windows\system32\win32spl.dll
2014-01-02 11:51 . 2013-03-19 05:53 48640 ----a-w- c:\windows\system32\wwanprotdim.dll
2014-01-02 11:51 . 2013-03-19 05:53 230400 ----a-w- c:\windows\system32\wwansvc.dll
2014-01-02 11:51 . 2013-10-30 02:32 335360 ----a-w- c:\windows\system32\msieftp.dll
2014-01-02 11:51 . 2013-10-30 02:19 301568 ----a-w- c:\windows\SysWow64\msieftp.dll
2014-01-02 11:51 . 2012-08-11 00:56 715776 ----a-w- c:\windows\system32\kerberos.dll
2014-01-02 11:51 . 2012-08-10 23:56 542208 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-01-02 11:51 . 2012-11-02 05:59 478208 ----a-w- c:\windows\system32\dpnet.dll
2014-01-02 11:51 . 2012-11-02 05:11 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
2014-01-02 11:51 . 2013-07-03 04:40 42496 ----a-w- c:\windows\system32\drivers\usbscan.sys
2014-01-02 11:51 . 2013-07-03 04:05 76800 ----a-w- c:\windows\system32\drivers\hidclass.sys
2014-01-02 11:51 . 2013-07-03 04:05 32896 ----a-w- c:\windows\system32\drivers\hidparse.sys
2014-01-02 11:42 . 2013-08-28 01:12 461312 ----a-w- c:\windows\system32\scavengeui.dll
2014-01-02 11:41 . 2013-05-10 05:49 30720 ----a-w- c:\windows\system32\cryptdlg.dll
2014-01-02 11:41 . 2013-05-10 03:20 24576 ----a-w- c:\windows\SysWow64\cryptdlg.dll
2014-01-02 11:17 . 2013-05-13 03:43 1192448 ----a-w- c:\windows\system32\certutil.exe
2014-01-02 11:17 . 2013-05-13 03:08 903168 ----a-w- c:\windows\SysWow64\certutil.exe
2014-01-02 11:17 . 2013-05-13 05:50 52224 ----a-w- c:\windows\system32\certenc.dll
2014-01-02 11:17 . 2013-05-13 03:08 43008 ----a-w- c:\windows\SysWow64\certenc.dll
2014-01-02 11:15 . 2013-04-10 05:48 1732608 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2014-01-02 11:15 . 2013-04-10 05:46 1393152 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2014-01-02 11:15 . 2013-04-10 05:46 1367040 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2014-01-02 11:15 . 2013-04-10 05:46 1402880 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2014-01-02 11:15 . 2013-04-10 05:03 936448 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2014-01-02 11:15 . 2013-01-03 06:00 288088 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2014-01-02 11:15 . 2012-08-22 18:12 376688 ----a-w- c:\windows\system32\drivers\netio.sys
2014-01-02 11:15 . 2012-05-14 05:26 956928 ----a-w- c:\windows\system32\localspl.dll
2014-01-02 09:27 . 2014-01-02 09:27 -------- d-----w- C:\FRST
2014-01-02 05:39 . 2014-01-02 05:39 -------- d-----w- c:\program files\iPod
2014-01-02 05:39 . 2014-01-02 05:40 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-02 05:39 . 2014-01-02 05:40 -------- d-----w- c:\program files\iTunes
2014-01-02 05:39 . 2014-01-02 05:40 -------- d-----w- c:\program files (x86)\iTunes
2013-12-31 17:35 . 2013-12-31 17:35 -------- d-----w- c:\users\Jerome\AppData\Roaming\T-Mobile Internet Manager
2013-12-31 17:11 . 2013-12-31 17:11 119808 ----a-r- c:\users\Jerome\AppData\Roaming\Microsoft\Installer\{CCF298AF-9CE1-4B26-B251-486E98A34789}\icons.exe
2013-12-31 16:13 . 2013-12-31 16:16 -------- d-----w- c:\users\NEU
2013-12-31 11:47 . 2013-12-31 11:47 8699272 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2013-12-09 17:48 . 2013-12-10 19:17 -------- d-----w- c:\program files (x86)\Parrot Software Update Tool
2013-12-05 21:05 . 2013-12-05 21:05 -------- d-----w- c:\users\Jerome\dwhelper
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-31 11:50 . 2012-05-31 17:55 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-31 11:50 . 2011-05-22 06:42 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-01 13:42 . 2010-01-24 13:16 90708896 ----a-w- c:\windows\system32\MRT.exe
2013-11-19 10:21 . 2010-01-21 15:47 267936 ------w- c:\windows\system32\MpSigStub.exe
2013-10-08 06:50 . 2013-10-29 08:54 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2006-05-03 10:06 163328 --sh--r- c:\windows\SysWOW64\flvDX.dll
2007-02-21 11:47 31232 --sh--r- c:\windows\SysWOW64\msfDX.dll
2008-03-16 13:30 216064 --sh--r- c:\windows\SysWOW64\nbDX.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{D0C21091-FF8E-432C-9006-0540E81BA9D7}]
2013-08-14 07:17 321488 ----a-w- c:\users\Jerome\AppData\Local\GreatArcadeHits\GreatArcadeHitsIE.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17 130736 ----a-w- c:\users\Jerome\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17 130736 ----a-w- c:\users\Jerome\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17 130736 ----a-w- c:\users\Jerome\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17 130736 ----a-w- c:\users\Jerome\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ApplePhotoStreams"="c:\program files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" [2013-11-20 59720]
"iCloudServices"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [2013-11-20 59720]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-09-27 59240]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888]
"Wondershare Helper Compact.exe"="c:\program files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe" [2013-07-25 1985824]
"ClipboardMaster"="c:\program files (x86)\Jumping Bytes\Clipboard Master\ClipboardMaster.exe" [2013-10-23 2414272]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-09-05 958576]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-11-01 152392]
.
c:\users\Jerome\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Stoic Joker's T-Clock 2010 x64.lnk - c:\users\Jerome\Portable\T-Clock 2010 (build X - Release to DC)\T-Clock 2010 (build X - Release to DC)\x64\Clock.exe [2012-4-12 279040]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime
"Bonus.SSR.FR10"="c:\program files (x86)\ABBYY FineReader 10\Bonus.ScreenshotReader.exe" /autorun
"LManager"=c:\program files (x86)\Launch Manager\LManager.exe
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
"PDFPrint"=c:\program files (x86)\PDF24\pdf24.exe
"AppleSyncNotifier"=c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
"VirtualCloneDrive"="c:\program files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
"TkBellExe"="c:\program files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
"BlueStacks Agent"=c:\program files (x86)\BlueStacks\HD-Agent.exe
"DiscWizardMonitor.exe"="c:\program files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"ClipboardMaster"="c:\program files (x86)\Jumping Bytes\Clipboard Master\ClipboardMaster.exe" startup
"Wondershare Helper Compact.exe"=c:\program files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 regi;regi;c:\windows\system32\drivers\regi.sys;c:\windows\SYSNATIVE\drivers\regi.sys [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 DrvAgent64;DrvAgent64;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS [x]
R3 DxkgFilter;Filtering Dxkg;c:\program files (x86)\iDisplay\idisplay.sys;c:\program files (x86)\iDisplay\idisplay.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 libusb0;LibUsb-Win32 - Kernel Driver 09/17/2010, 1.2.1.0;c:\windows\system32\drivers\libusb0.sys;c:\windows\SYSNATIVE\drivers\libusb0.sys [x]
R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\DRIVERS\ManyCam_x64.sys;c:\windows\SYSNATIVE\DRIVERS\ManyCam_x64.sys [x]
R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys;c:\windows\SYSNATIVE\drivers\massfilter.sys [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RRNetCap;RRNetCap Service;c:\windows\system32\DRIVERS\rrnetcap.sys;c:\windows\SYSNATIVE\DRIVERS\rrnetcap.sys [x]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys;c:\windows\SYSNATIVE\DRIVERS\Rts516xIR.sys [x]
R3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\DRIVERS\s1018bus.sys;c:\windows\SYSNATIVE\DRIVERS\s1018bus.sys [x]
R3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1018mdfl.sys;c:\windows\SYSNATIVE\DRIVERS\s1018mdfl.sys [x]
R3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1018mdm.sys;c:\windows\SYSNATIVE\DRIVERS\s1018mdm.sys [x]
R3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1018mgmt.sys;c:\windows\SYSNATIVE\DRIVERS\s1018mgmt.sys [x]
R3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\system32\DRIVERS\s1018nd5.sys;c:\windows\SYSNATIVE\DRIVERS\s1018nd5.sys [x]
R3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s1018obex.sys;c:\windows\SYSNATIVE\DRIVERS\s1018obex.sys [x]
R3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\DRIVERS\s1018unic.sys;c:\windows\SYSNATIVE\DRIVERS\s1018unic.sys [x]
R3 scramby_out;Scramby Output;c:\windows\system32\drivers\scramby_out.sys;c:\windows\SYSNATIVE\drivers\scramby_out.sys [x]
R3 TelekomNM6;Telekom Netzmanager Packet Filter Driver;c:\program files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys;c:\program files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VBoxUSB;VirtualBox USB;c:\windows\system32\Drivers\VBoxUSB.sys;c:\windows\SYSNATIVE\Drivers\VBoxUSB.sys [x]
R3 xpvcom;XPVCOM Port;c:\windows\system32\Drivers\xpvcom.sys;c:\windows\SYSNATIVE\Drivers\xpvcom.sys [x]
R3 ZTEusbnet;ZTE USB-NDIS miniport;c:\windows\system32\DRIVERS\ZTEusbnet.sys;c:\windows\SYSNATIVE\DRIVERS\ZTEusbnet.sys [x]
R4 ABBYY.Licensing.FineReader.Corporate.10.0;ABBYY FineReader 10 CE Licensing Service;c:\program files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\CE\NetworkLicenseServer.exe;c:\program files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\CE\NetworkLicenseServer.exe [x]
R4 BsMobileCS;BsMobileCS;c:\program files (x86)\IVT Corporation\BlueSoleil\BsMobileCS.exe;c:\program files (x86)\IVT Corporation\BlueSoleil\BsMobileCS.exe [x]
R4 BstHdAndroidSvc;BlueStacks Android Service;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x]
R4 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe [x]
R4 Cepstral License Server;Cepstral License Server;c:\program files (x86)\Cepstral\bin\CepstralLicSrv.exe;c:\program files (x86)\Cepstral\bin\CepstralLicSrv.exe [x]
R4 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
R4 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
R4 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R4 MCSWASVR;Mediencenter Service;c:\program files\Telekom\Mediencenter\WebDAV.AdminService.exe;c:\program files\Telekom\Mediencenter\WebDAV.AdminService.exe [x]
R4 Mobiola Wave Service;Mobiola Wave Service;c:\program files (x86)\Common Files\SHAPE Services\Mobiola Wave Service\MobiolaWaveService.exe;c:\program files (x86)\Common Files\SHAPE Services\Mobiola Wave Service\MobiolaWaveService.exe [x]
R4 MSSQLServerADHelper100;SQL Server Hilfsdienst für Active Directory;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [x]
R4 Netzmanager Service;Netzmanager Infrastruktur Informationssystem Dienst;c:\program files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe ;c:\program files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [x]
R4 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [x]
R4 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [x]
R4 RsFx0105;RsFx0105 Driver;c:\windows\system32\DRIVERS\RsFx0105.sys;c:\windows\SYSNATIVE\DRIVERS\RsFx0105.sys [x]
R4 ScrybeUpdater;Scrybe-Updateprogramm;c:\program files (x86)\Synaptics\Scrybe\Service\ScrybeUpdater.exe;c:\program files (x86)\Synaptics\Scrybe\Service\ScrybeUpdater.exe [x]
R4 SgtSch2Svc;Seagate Scheduler2 Service;c:\program files (x86)\Common Files\Seagate\Schedule2\schedul2.exe;c:\program files (x86)\Common Files\Seagate\Schedule2\schedul2.exe [x]
R4 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x]
R4 SQLAgent$SQLEXPRESS;SQL Server-Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE;c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [x]
R4 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R4 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
R4 vncserver;VNC Server;c:\program files\RealVNC\VNC Server\vncserver.exe;c:\program files\RealVNC\VNC Server\vncserver.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 BtHidBus;Bluetooth HID Bus Service;c:\windows\System32\Drivers\BtHidBus.sys;c:\windows\SYSNATIVE\Drivers\BtHidBus.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]
S0 vididr;Acronis Virtual Disk;c:\windows\system32\DRIVERS\vididr.sys;c:\windows\SYSNATIVE\DRIVERS\vididr.sys [x]
S0 vidsflt53;Acronis Disk Storage Filter (53);c:\windows\system32\DRIVERS\vsflt53.sys;c:\windows\SYSNATIVE\DRIVERS\vsflt53.sys [x]
S1 cbfs3;cbfs3;c:\windows\system32\drivers\cbfs3.sys;c:\windows\SYSNATIVE\drivers\cbfs3.sys [x]
S1 nm3;Microsoft Network Monitor 3 Driver;c:\windows\system32\DRIVERS\nm3.sys;c:\windows\SYSNATIVE\DRIVERS\nm3.sys [x]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxDrv.sys [x]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxUSBMon.sys [x]
S2 AVTHelper;AVTHelper;c:\program files\Avatron\Air Display\AVTHelper.exe;c:\program files\Avatron\Air Display\AVTHelper.exe [x]
S2 BstHdDrv;BlueStacks Hypervisor;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [x]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [x]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys;c:\windows\SYSNATIVE\drivers\npf.sys [x]
S2 UnsignedThemes;Unsigned Themes;c:\windows\UnsignedThemesSvc.exe;c:\windows\UnsignedThemesSvc.exe [x]
S2 uxpatch;uxpatch;c:\windows\system32\drivers\uxpatch.sys;c:\windows\SYSNATIVE\drivers\uxpatch.sys [x]
S3 AirDisplay;Air Display Support;c:\windows\system32\DRIVERS\AVVideoCard.sys;c:\windows\SYSNATIVE\DRIVERS\AVVideoCard.sys [x]
S3 AirDisplayMirror;Air Display Mirror Support;c:\windows\system32\DRIVERS\AVVideoCardMirror.sys;c:\windows\SYSNATIVE\DRIVERS\AVVideoCardMirror.sys [x]
S3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\Drivers\btnetBus.sys;c:\windows\SYSNATIVE\Drivers\btnetBus.sys [x]
S3 iDispService;iDispService;c:\windows\system32\DRIVERS\idisplayminiport.sys;c:\windows\SYSNATIVE\DRIVERS\idisplayminiport.sys [x]
S3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\Drivers\IvtBtBus.sys;c:\windows\SYSNATIVE\Drivers\IvtBtBus.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 MOBIOLA_Wave;Mobiola Wave Audio Device (WDM);c:\windows\system32\drivers\mobiolawave.sys;c:\windows\SYSNATIVE\drivers\mobiolawave.sys [x]
S3 mobiolavs;Mobiola Web Camera Video Source;c:\windows\system32\DRIVERS\mobiolavs.sys;c:\windows\SYSNATIVE\DRIVERS\mobiolavs.sys [x]
S3 pnetmdm;PdaNet Modem;c:\windows\system32\DRIVERS\pnetmdm64.sys;c:\windows\SYSNATIVE\DRIVERS\pnetmdm64.sys [x]
S3 RRNetCapMP;RRNetCapMP;c:\windows\system32\DRIVERS\rrnetcap.sys;c:\windows\SYSNATIVE\DRIVERS\rrnetcap.sys [x]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2}]
2010-02-16 17:02 114688 ----a-w- c:\program files (x86)\PixiePack Codec Pack\InstallerHelper.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-01-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-31 11:53]
.
2014-01-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-25 18:58]
.
2014-01-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-25 18:58]
.
2014-01-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2486777943-296773835-1515299602-1005Core.job
- c:\users\Jerome\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-20 03:26]
.
2014-01-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2486777943-296773835-1515299602-1005UA.job
- c:\users\Jerome\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-20 03:26]
.
2014-01-04 c:\windows\Tasks\GreatArcadeHits.job
- c:\users\Jerome\AppData\Local\GreatArcadeHits\GAHUpdate.exe [2013-08-07 07:17]
.
2011-07-21 c:\windows\Tasks\SlimDrivers Startup.job
- c:\program files (x86)\SlimDrivers\SlimDrivers.exe [2011-05-10 08:44]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\01Mediencenter_InSync]
@="{77BC4082-DB5F-439A-8DC8-F9E24A63B0DE}"
"ReferenceCount"=dword:00000001
[HKEY_CLASSES_ROOT\CLSID\{77BC4082-DB5F-439A-8DC8-F9E24A63B0DE}]
2013-08-22 07:40 558592 ----a-w- c:\users\Jerome\AppData\Roaming\Telekom\MediencenterSync\DTAG.Mediencenter.IconOverlayHandler.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\02Mediencenter_ToSync]
@="{528EE335-5034-4EFC-834E-63E5F02D2BC2}"
"ReferenceCount"=dword:00000001
[HKEY_CLASSES_ROOT\CLSID\{528EE335-5034-4EFC-834E-63E5F02D2BC2}]
2013-08-22 07:40 558592 ----a-w- c:\users\Jerome\AppData\Roaming\Telekom\MediencenterSync\DTAG.Mediencenter.IconOverlayHandler.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\03Mediencenter_Failed]
@="{6066ADF0-9EB0-43E5-ADB6-990F5A3B979C}"
"ReferenceCount"=dword:00000001
[HKEY_CLASSES_ROOT\CLSID\{6066ADF0-9EB0-43E5-ADB6-990F5A3B979C}]
2013-08-22 07:40 558592 ----a-w- c:\users\Jerome\AppData\Roaming\Telekom\MediencenterSync\DTAG.Mediencenter.IconOverlayHandler.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17 164016 ----a-w- c:\users\Jerome\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17 164016 ----a-w- c:\users\Jerome\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17 164016 ----a-w- c:\users\Jerome\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17 164016 ----a-w- c:\users\Jerome\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EldosIconOverlay]
@="{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}"
[HKEY_CLASSES_ROOT\CLSID\{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}]
2010-05-15 13:55 187672 ----a-w- c:\windows\System32\CbFsMntNtf3.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\WebDavOverlayUpload]
@="{0774B5A9-ADB5-4D3A-915F-72C7EF9CD262}"
[HKEY_CLASSES_ROOT\CLSID\{0774B5A9-ADB5-4D3A-915F-72C7EF9CD262}]
2010-10-27 11:13 309392 ----a-w- c:\windows\System32\WebDAV.ShellExtension.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2009-08-06 828960]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 1266912]
"snp2std"="c:\windows\vsnp2std.exe" [2006-09-15 675840]
"Seagate Scheduler2 Service"="c:\program files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe" [2011-06-30 395152]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{1984D045-52CF-49cd-DB77-08F378FEA4DB}"= "c:\program files (x86)\Stardock\ObjectDockPlus2\ODMenu64.dll" [2010-03-24 633200]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.daum.net/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = 127.0.0.1
IE: &Download by Orbit - c:\program files (x86)\Orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - c:\program files (x86)\Orbitdownloader\orbitmxt.dll/204
IE: + Offline &Explorer: Download the link - file://c:\program files (x86)\Offline Explorer Enterprise\Add_UrlO.htm
IE: + Offline E&xplorer: Download the current page - file://c:\program files (x86)\Offline Explorer Enterprise\Add_AllO.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Alles mit NetXfer herunterladen - c:\program files (x86)\Xi\NetXfer\NXAddList.html
IE: Do&wnload selected by Orbit - c:\program files (x86)\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - c:\program files (x86)\Orbitdownloader\orbitmxt.dll/202
IE: Free YouTube to Mp3 Converter - c:\users\Jerome\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm
IE: Herunterladen mit NetXfer - c:\program files (x86)\Xi\NetXfer\NXAddLink.html
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
IE: Per Mitteilung versenden(&M) ... - c:\program files (x86)\IVT Corporation\BlueSoleil\TransSend\IE\tssms.htm
IE: Über Bluetooth senden - c:\program files (x86)\IVT Corporation\BlueSoleil\TransSend\IE\tsinfo.htm
IE: {{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - c:\program files (x86)\ICQ7.4\ICQ.exe
TCP: DhcpNameServer = 192.168.0.1 192.168.0.2
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-MobileDocuments - c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe
Wow6432Node-HKCU-Run-com.apple.dav.bookmarks.daemon - c:\program files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Status Monitor.lnk - (no file)
SafeBoot-mcmscsvc
SafeBoot-MCODS
Toolbar-Locked - (no file)
AddRemove-{0497EAED-70DA-4BBE-BEB3-AF77FD8788EA} - c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe
AddRemove-{4EC5574F-35D4-4B7E-93A6-4BBC03793A32}_is1 - c:\program files\icPlus\Plugins\ICQ Status Logger\unins000.exe
AddRemove-851457055.d.seesmic.com - c:\program files (x86)\Microsoft Silverlight\4.0.60831.0\Silverlight.Configuration.exe
AddRemove-RouteConverter - c:\windows\system32\javaws.exe
AddRemove-Sweet Home 3D - c:\windows\system32\javaws.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.alb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FotoManager10Deluxe.8.alb"
.
[HKEY_USERS\S-1-5-21-2486777943-296773835-1515299602-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*ß&˜j*€ÿÿˆaïøcï˜eïcïÀbïXÀ½*¸x»X³à»è_ïð¿8¸¨iï´ÈdïphïÐfH¼˜¶ø´h·»¸¾Ð·Xbïx]ïØhïp3*.&˜j¸è*file:///C:/Users/Jerome/Eigene%20Musik%20NEW/Radio%20-%20EDM%20-%202011.02.05/Adam%20Kult%20-%20%20Harsh%20Is%20Dead.mp3*@H?&˜j]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-2486777943-296773835-1515299602-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*ß&˜j*€ÿÿˆaïøcï˜eïcïÀbïXÀ½*¸x»X³à»è_ïð¿8¸¨iï´ÈdïphïÐfH¼˜¶ø´h·»¸¾Ð·Xbïx]ïØhïp3*.&˜j¸è*file:///C:/Users/Jerome/Eigene%20Musik%20NEW/Radio%20-%20EDM%20-%202011.02.05/Adam%20Kult%20-%20%20Harsh%20Is%20Dead.mp3*@H?&˜j\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-2486777943-296773835-1515299602-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*£P®j]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-2486777943-296773835-1515299602-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*£P®j\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-2486777943-296773835-1515299602-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*´R®j]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-2486777943-296773835-1515299602-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*´R®j\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-2486777943-296773835-1515299602-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*PS®j]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-2486777943-296773835-1515299602-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*PS®j\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-2486777943-296773835-1515299602-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*ÈS®j]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-2486777943-296773835-1515299602-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*ÈS®j\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-2486777943-296773835-1515299602-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*2Z¾D]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-2486777943-296773835-1515299602-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*2Z¾D\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-2486777943-296773835-1515299602-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*EZ¾D]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-2486777943-296773835-1515299602-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*EZ¾D\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-2486777943-296773835-1515299602-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*vZ¾D]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-2486777943-296773835-1515299602-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*vZ¾D\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-2486777943-296773835-1515299602-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*˜Z¾D]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-2486777943-296773835-1515299602-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*˜Z¾D\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-2486777943-296773835-1515299602-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*ÍZ¾D]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-2486777943-296773835-1515299602-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*ÍZ¾D\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-2486777943-296773835-1515299602-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*Š[¾D]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-2486777943-296773835-1515299602-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*Š[¾D\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-2486777943-296773835-1515299602-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*»[¾D]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-2486777943-296773835-1515299602-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*»[¾D\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-2486777943-296773835-1515299602-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*è[¾D]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-2486777943-296773835-1515299602-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*è[¾D\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-2486777943-296773835-1515299602-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*\¾D*U*ˆà;h0ªHh@ªHh*ªHhÐ;h0JAh_*i*c*o*n*_*3*3*0*7*1*2*4*8*1*7*9*2*0*2*1*4*7*4*8*3*6*4*8*1*_*1*6*_*\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-2486777943-296773835-1515299602-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*G\¾D]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-2486777943-296773835-1515299602-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*G\¾D\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-2486777943-296773835-1515299602-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*]¾D]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-2486777943-296773835-1515299602-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*]¾D\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-2486777943-296773835-1515299602-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*ù]¾D]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-2486777943-296773835-1515299602-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*ù]¾D\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-2486777943-296773835-1515299602-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*:`h@]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-2486777943-296773835-1515299602-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*:`h@\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-2486777943-296773835-1515299602-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*I`h@]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-2486777943-296773835-1515299602-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*I`h@\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-2486777943-296773835-1515299602-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*X`h@]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-2486777943-296773835-1515299602-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*X`h@\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-2486777943-296773835-1515299602-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*o`h@]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-2486777943-296773835-1515299602-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*o`h@\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-2486777943-296773835-1515299602-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*~`h@]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-2486777943-296773835-1515299602-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*~`h@\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-2486777943-296773835-1515299602-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*£`h@]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-2486777943-296773835-1515299602-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*£`h@\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-2486777943-296773835-1515299602-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*²`h@]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-2486777943-296773835-1515299602-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*²`h@\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-2486777943-296773835-1515299602-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*Á`h@]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-2486777943-296773835-1515299602-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*Á`h@\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-2486777943-296773835-1515299602-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*Ð`h@]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-2486777943-296773835-1515299602-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*Ð`h@\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-2486777943-296773835-1515299602-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*õah@]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-2486777943-296773835-1515299602-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*õah@\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-2486777943-296773835-1515299602-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*^bh@]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-2486777943-296773835-1515299602-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*^bh@\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-2486777943-296773835-1515299602-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*|bh@]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-2486777943-296773835-1515299602-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*|bh@\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-2486777943-296773835-1515299602-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*‘bì@]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-2486777943-296773835-1515299602-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*‘bì@\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-2486777943-296773835-1515299602-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*Öbh@]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-2486777943-296773835-1515299602-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*Öbh@\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-2486777943-296773835-1515299602-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*tcì@]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-2486777943-296773835-1515299602-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*tcì@\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-2486777943-296773835-1515299602-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*Ýcì@]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-2486777943-296773835-1515299602-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*Ýcì@\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-2486777943-296773835-1515299602-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*gh@]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-2486777943-296773835-1515299602-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*gh@\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-2486777943-296773835-1515299602-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*Jgh@]**ˆà~k@2~kible Walls (Accuface 'bacNektarios Meets Kirsty HawkshaFuture Trance Vol.54*]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-2486777943-296773835-1515299602-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*Jgh@]**ˆà~k@2~kible Walls (Accuface 'bacNektarios Meets Kirsty HawkshaFuture Trance Vol.54*\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-2486777943-296773835-1515299602-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*Žgh@]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-2486777943-296773835-1515299602-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*Žgh@\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-2486777943-296773835-1515299602-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*gh@]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-2486777943-296773835-1515299602-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*gh@\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-2486777943-296773835-1515299602-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*—‘.@]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-2486777943-296773835-1515299602-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*—‘.@\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-2486777943-296773835-1515299602-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*p¡^B]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-2486777943-296773835-1515299602-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*p¡^B\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\BlueStacks]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BEB3C0C7-B648-4257-96D9-B5D024816E27}\Version*Version]
"Version"=hex:6c,a0,ff,ce,b7,56,d4,8f,11,02,66,95,06,d2,8a,47,64,f1,c9,d7,e5,
f5,95,7a,fc,39,1d,85,88,b0,da,fd,5f,e0,61,53,ba,e4,56,97,ec,8b,70,c6,65,c6,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG14.00.00.01PROFESSIONAL"="9944CC22FE107131A9A4A81DCCA393BFF5D8AFAD65429D0D6A7A9E9813CBB8C4A44F2DF72A50904E996F39525232E4AB03F0353522E06561A125EC72809D5BF04EFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808A6A0AC4980AC79339DB7CE019D40AA5CFEBC9E127BECC74C54C541F45E6D21F3B0813D028D4C6866A659459C937DC8A6742F48AD0F8DE1934047E79413BD001ED305AE0A6BB11050EA86CE6075F1B53A1482F483042D5B179C05ACD857DFDF5390EBD2E1A1B9D460C9C095BAA15CC44C0A5888DC44690D3BAF4E48BB5E5CCA9FF041AA28F3B758D2AA6F03918982CEF03F1575041313A98883A2D38A5FAFEB9D3F4399CFA9F4DD79BC2F659A2997D2CC61501015B96C891966B850E8144913FC0B64689E8E2FCEB9EC4E6DE1FAC6F199E2581681082CA79E6A7AA1CA3A0E3482A64AC4B17217B70CF151B0C800ADF2A676ACA38DCEFCA15964040DFA97D4E78729D0BC7528D1CBFDC0EE28823D5EBED517013CD1E27E3AA270A7C096EEE968F66E8647AC0977DC3199923295BBDFE41E01BEC5BB1FC4DA65EC6C49908E0D9652162C3A70EF16E5DA795C8F5E07AA150836838B8B5FD30CA0F9881CACC273772C023A54A9BBAD83C4A69F658DAFAEA6B37B9DB9D587A9FC677F6C90865E44B0AE5A5BB4975035F4CA27E33E26CC4B93D3591464037B3581E12738DF0CB81B0F9409EBDFCC161421DEC76506FE74D878AC1D9C81D126D6104ADE422C7DAC89042EBE80BD30782790089A120FC64321199859A5EC51F4E742EF5893F7F01812A161ECDE1CFCE7416FDBF08E0FF9DBDF5908E0506266583259370A69A951DE2D9FA5CC812AC055258F0B65B21E6EE04AC47B4F6E86CAC676B695AF360E5BE5C7DB865896FC5FBB0D64D5D2883B4B7D04098AFE0BDD8A3B66E119C49D532219C054A44E020E9094A58810D8D0C68BDA2977DD94E25586B0A8855E8DFA0E89E56C2EB433D8B65DDF9037A4DC008501AC4606B372E339F22BD871990F5C35CBC01230FECC66B924A262D21107BAA24D26DC4F60C1B4BBD92F8696921402A3789FEF47DEA6A8BA9962A45F65C25FAA6901651049712DF41746B30D23AAE019EF7C3482461052C2C22DD20747407B0FA07746AAE7325ADEDBFED70F3DA4A3B967578396389CCA3D7C8FDF15F0F3D42593CDE0A5CAF77CD62D6ADE7D6197A70BE9B0F45ACC232BFA73A0B07AAE16E026B4C5062A947D8720E29DA6D828DF7EFA541117CA313EC231ABF51CCD61A24BAFCC28FB06FB3E24E02AB302C93D98EC565902E607A44D94F77A2B714600D9F343F6447BAC497CAF2304C83919DE276D537D935AD47DF356C90D6071C1923F6FC52467B332DC3E3A57C57F86B8612F2D071B57D8192119720ADF3A4F41"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Minnetonka Audio Software\SurCode Dolby Digital Premiere\Version*Version]
"Version"=hex:6c,a0,ff,ce,b7,56,d4,8f,11,02,66,95,06,d2,8a,47,64,f1,c9,d7,e5,
f5,95,7a,fc,39,1d,85,88,b0,da,fd,5f,e0,61,53,ba,e4,56,97,ec,8b,70,c6,65,c6,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
@DACL=(02 0000)
"Installed"="1"
@=""
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
@DACL=(02 0000)
"NoChange"="1"
"Installed"="1"
@=""
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
@DACL=(02 0000)
"Installed"="1"
@=""
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Safer Networking Limited\HiveManager]
@DACL=(02 0000)
"Apps"=multi:"\00"
"ExternalUserHives"=multi:"\00"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Safer Networking Limited\PortableSupport]
@DACL=(02 0000)
"Firefox"=multi:"\00"
"GoogleChrome"=multi:"\00"
"Seamonkey"=multi:"\00"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Safer Networking Limited\SpybotSnD]
@DACL=(02 0000)
"TeaTimerHide"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-01-04 19:48:31
ComboFix-quarantined-files.txt 2014-01-04 18:48
.
Vor Suchlauf: 25 Verzeichnis(se), 11.292.246.016 Bytes frei
Nach Suchlauf: 30 Verzeichnis(se), 14.659.715.072 Bytes frei
.
- - End Of File - - 14CB5831A7F00A50E7AE760244F06878
A36C5E4F47E84449FF07ED3517B43A31 |