Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Windows 7: Laptop wurde sehr langsam

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 19.01.2014, 19:23   #1
Hilfe123
 
Windows 7: Laptop wurde sehr langsam - Standard

Windows 7: Laptop wurde sehr langsam



Ich hatte mit meinen Freunden eine Party wo wir ein bisschen gespielt haben. (Battlefield)
Seitdem lässt sich bei mir Garry's Mod nicht mehr öffnen (Keine Rückmeldung und Absturz)
und mein Laptop bleibt bei allem hängen und wurde Langsam(Keine Rückmeldung). Letztens wollte ich nachschauen wieviel Speicher noch frei ist und dabei ist mein Computer hängen geblieben (Keine Rückmeldung), das passiert bei jeder Kleinigkeit...
Was ich noch gemerkt habe ist, dass beim TaskManager fast nur 1-2% CPU-Auslastung angezeigt wird aber der Computer dabei immer hängen bleibt...

Logs habe ich schon gemacht: (Anhang)

Alt 19.01.2014, 20:37   #2
aharonov
/// TB-Ausbilder
 
Windows 7: Laptop wurde sehr langsam - Standard

Windows 7: Laptop wurde sehr langsam



Hi,

hänge die Logfiles bitte nicht an (das erschwert mir das Auswerten massiv), sondern füge deren Inhalt direkt innerhalb von Codetags ein: [code]Inhalt Logfile[/code]. (Anleitung))
Falls es zu viele Zeichen sind, verteile die Logs auf mehrere Posts.
__________________

__________________

Alt 19.01.2014, 20:49   #3
Hilfe123
 
Windows 7: Laptop wurde sehr langsam - Standard

Windows 7: Laptop wurde sehr langsam



Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-01-2014 03
Ran by ***** at 2014-01-19 19:28:50
Running from C:\Users\*****\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.43 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (x32 Version: 11.0.06 - Adobe Systems Incorporated)
Advertising Center (x32 Version: 0.0.0.1 - Nero AG) Hidden
Anytime USB Charge Utility (x32 Version: 1.00.00.001 - FUJITSU LIMITED)
Browser Stabilizer (x32 Version:  - WorldLoad)
Canon MP Navigator EX 1.0 (x32 Version:  - )
CCleaner (Version: 4.05 - Piriform)
ClamWin Free Antivirus 0.98 (x32 Version:  - alch)
Control ActiveX de Windows Live Mesh para conexiones remotas (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Counter-Strike: Source (x32 Version:  - Valve)
CPUID CPU-Z 1.68 (Version:  - )
Craften Terminal 3.4.5 (x32 Version: 3.4.5 - Craften.de)
CyberLink YouCam (x32 Version: 3.0.1908.7636 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.0.1908.7636 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DeskUpdate 4.11 (x32 Version: 4.11.0074 - Fujitsu Technology Solutions)
DownnSSave (x32 Version:  - DownaSAvve)
Entity Framework Designer für Visual Studio 2012 - DEU (x32 Version: 11.1.20810.00 - Microsoft Corporation)
Erforderliche Komponenten für SSDT  (x32 Version: 11.0.2100.60 - Microsoft Corporation)
FJ Camera (x32 Version: 5.8.52016.0 - Sonix)
Free YouTube to MP3 Converter version 3.12.4.622 (x32 Version: 3.12.4.622 - DVDVideoSoft Ltd.)
Fujitsu Display Manager (Version: 7.01.20.212 - FUJITSU LIMITED) Hidden
Fujitsu Display Manager (x32 Version:  - )
Fujitsu Hotkey Utility (x32 Version: 3.70.0.0 - FUJITSU LIMITED)
Fujitsu Hotkey Utility (x32 Version: 3.70.0.0 - FUJITSU LIMITED) Hidden
Fujitsu MobilityCenter Extension Utility (Version: 3.01.00.001 - FUJITSU LIMITED) Hidden
Fujitsu MobilityCenter Extension Utility (x32 Version: 3.01.00.001 - FUJITSU LIMITED)
Fujitsu System Extension Utility (Version: 3.3.0.0 - FUJITSU LIMITED) Hidden
Fujitsu System Extension Utility (x32 Version: 3.3.0.0 - FUJITSU LIMITED)
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Garry's Mod (x32 Version:  - Facepunch Studios) <==== ATTENTION
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
GIMP 2.8.6 (Version: 2.8.6 - The GIMP Team)
Google Chrome (x32 Version: 31.0.1650.63 - Google Inc.)
Google Earth Plug-in (x32 Version: 7.1.2.2041 - Google)
Google Talk Plugin (x32 Version: 4.9.1.16010 - Google)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
HP Photo Creations (x32 Version: 1.0.0.5192 - HP Photo Creations)
HP Photosmart 5510 series - Grundlegende Software für das Gerät (Version: 25.0.621.0 - Hewlett-Packard Co.)
HP Photosmart 5510 series Hilfe (x32 Version: 140.0.2.2 - Hewlett Packard)
HP Update (x32 Version: 5.003.000.004 - Hewlett-Packard)
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
Intel PROSet Wireless (Version:  - ) Hidden
Intel(R) Management Engine Components (x32 Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (x32 Version: 8.15.10.2372 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (Version: 1.0.0.0454 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi Software (Version: 14.0.2000 - Intel Corporation)
Intel(R) WiDi (x32 Version: 2.1.35.0 - Intel Corporation)
Intel(R) Wireless Display (Version:  - )
Java 7 Update 17 (64-bit) (Version: 7.0.170 - Oracle)
Java 7 Update 45 (x32 Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 29 (x32 Version: 6.0.290 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LifeBook Application Panel (Version: 8.2.1.0 - FUJITSU LIMITED) Hidden
LifeBook Application Panel (x32 Version: 8.2.1.0 - FUJITSU LIMITED)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Multi-Targeting Pack (x32 Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (x32 Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (x32 Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (x32 Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8402.2 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.0 (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (Version: 1.0.30319 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.0 Language Pack - DEU (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (Version: 1.0.30319 - Microsoft Corporation) Hidden
Microsoft Help Viewer 2.0 (x32 Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (x32 Version: 2.0.50727 - Microsoft Corporation) Hidden
Microsoft Help Viewer 2.0 Language Pack - DEU (x32 Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.0 Language Pack - DEU (x32 Version: 2.0.50727 - Microsoft Corporation) Hidden
Microsoft NuGet - Visual Studio Express 2012 for Windows Desktop (x32 Version: 2.0.30717.9005 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.4.0304.0 - Microsoft Corporation) Hidden
Microsoft Security Client DE-DE Language Pack (Version: 2.1.1116.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (Version: 4.4.304.0 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Small Basic v1.0 (x32 Version: 1.0.0.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (x32 Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x32 Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service  (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (x32 Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU  (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (11.1.20828.01) (x32 Version: 11.1.20828.01 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - DEU (11.1.20828.01) (x32 Version: 11.1.20828.01 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 32bit Compilers - DEU Resources (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Core Libraries (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Debug Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86-x64 Compilers (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Express Prerequisites x64 - DEU (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Shell (Minimum) (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Shell (Minimum) Interop Assemblies (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Shell-(Mindest)-Ressourcen (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Tools für SQL Server Compact 4.0 SP1 DEU (x32 Version: 4.0.8876.1 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012-Vorbereitung (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Express 2012 for Windows Desktop (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Express 2012 für Windows Desktop - DEU (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Express 2012 für Windows Desktop - DEU (x32 Version: 11.0.50727.42 - Microsoft Corporation)
Microsoft Visual Studio Team Foundation Server 2012 Object Model (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Object Model Language Pack - DEU (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Team Explorer (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Team Explorer Language Pack - DEU (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2012 XAML UI Designer Core (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2012 XAML UI Designer deu Resources (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft-System-CLR-Typen für SQL Server 2012 (x32 Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (Version: 11.0.2100.60 - Microsoft Corporation)
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
Nero 9 Essentials (x32 Version:  - Nero AG)
Nero BurnRights (x32 Version: 3.4.10.100 - Nero AG) Hidden
Nero BurnRights Help (x32 Version: 3.4.4.100 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 9.0.0.1 - Nero AG) Hidden
Nero CoverDesigner (x32 Version: 4.4.9.203 - Nero AG) Hidden
Nero CoverDesigner Help (x32 Version: 4.4.6.100 - Nero AG) Hidden
Nero DiscSpeed (x32 Version: 5.4.7.202 - Nero AG) Hidden
Nero DiscSpeed Help (x32 Version: 5.4.4.100 - Nero AG) Hidden
Nero DriveSpeed (x32 Version: 4.4.10.100 - Nero AG) Hidden
Nero DriveSpeed Help (x32 Version: 4.4.4.100 - Nero AG) Hidden
Nero InfoTool (x32 Version: 6.4.7.204 - Nero AG) Hidden
Nero InfoTool Help (x32 Version: 6.4.4.100 - Nero AG) Hidden
Nero Installer (x32 Version: 4.4.8.1 - Nero AG) Hidden
Nero StartSmart (x32 Version: 9.4.11.207 - Nero AG) Hidden
Nero StartSmart Help (x32 Version: 9.4.1.100 - Nero AG) Hidden
Nero StartSmart OEM (x32 Version: 9.4.10.100 - Nero AG) Hidden
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
Notepad++ (x32 Version: 6.5.1 - Notepad++ Team)
NVIDIA GeForce Experience 1.8.1 (Version: 1.8.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 332.21 (Version: 332.21 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.142.992 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus Update 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.0725 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.0725 (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA ShadowPlay 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 332.21 (Version: 332.21 - NVIDIA Corporation) Hidden
NVIDIA Update 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.19 (Version: 1.2.19 - NVIDIA Corporation)
PDF-Viewer (Version: 2.5.213.1 - Tracker Software Products Ltd)
Plugfree NETWORK (Version: 5.4.0.1 - FUJITSU LIMITED)
Plugfree NETWORK (Version: 5.4.001 - FUJITSU LIMITED) Hidden
Power Saving Utility (x32 Version: 32.01.10.009 - FUJITSU LIMITED)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6263 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (x32 Version: 6.1.7600.30120 - Realtek Semiconductor Corp.)
ScanSoft OmniPage SE 4 (x32 Version: 15.2.0020 - Nuance Communications, Inc.)
SHIELD Streaming (Version: 1.6.85 - NVIDIA Corporation) Hidden
Skype Click to Call (x32 Version: 5.10.9560 - Skype Technologies S.A.)
SkypEmoticons (x32 Version:  - )
Skype™ 6.0 (x32 Version: 6.0.126 - Skype Technologies S.A.)
Spotify (HKCU Version: 0.9.6.81.gd359a796 - Spotify AB)
Steam (x32 Version:  - Valve Corporation)
Studie zur Verbesserung von HP Photosmart 5510 series Produkten (Version: 25.0.621.0 - Hewlett-Packard Co.)
Synaptics Pointing Device Driver (Version: 14.0.16.0 - Synaptics Incorporated)
Update for Microsoft Visual Studio 2012 (KB2781514) (x32 Version: 11.0.51219 - Microsoft Corporation)
Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Software Development Kit (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x64 Remote (Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x86 Remote (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x64 Remote (Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x86 Remote (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
WinRAR 4.01 (32-Bit) (x32 Version: 4.01.0 - win.rar GmbH)

==================== Restore Points  =========================

19-01-2014 14:20:50 DirectX wurde installiert

==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {04682D1E-B998-440A-9E9F-786139A74E2D} - System32\Tasks\Fujitsu\DeskUpdate => c:\Fujitsu\Programs\DeskUpdate\ducmd.exe [2010-10-13] (Fujitsu Technology Solutions)
Task: {07D0796E-4AC5-447C-8B61-0C41267A2ABE} - System32\Tasks\{89F1831C-2FCB-4743-ACDB-171CAF6F2F80} => Chrome.exe 
Task: {0EAB6ED0-0D3C-45E3-9C88-96671F376E3D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-11-25] (Google Inc.)
Task: {29CAE71E-4139-4E9A-9B4E-DA56384A291B} - \AdobeFlashPlayerUpdate 2 No Task File
Task: {382DC7CB-5038-42A6-B311-877A581A2AF6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-18] (Adobe Systems Incorporated)
Task: {3FF846D6-9636-4282-8C42-D617F6DFF18D} - System32\Tasks\KMS Activation => C:\Program Files (x86)\KMSpico\RandomFile.exe
Task: {4D7FBDE9-6EF1-4163-9BF3-61B4B23A9BF5} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2109869091-239777414-2284813190-1001UA => C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-07] (Google Inc.)
Task: {4FA404BF-2491-4374-8A2E-6D282FFD3AB3} - System32\Tasks\Software Updater Ui => C:\Program Files (x86)\SelfUpdater\SoftwareUpdater.Ui.exe
Task: {578B0478-8895-4F80-AC3E-B0C878D39A79} - System32\Tasks\HPCustParticipation HP Photosmart 5510 series => C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPCustPartic.exe [2011-09-16] (Hewlett-Packard Co.)
Task: {62D7961C-7A94-4893-BA8F-43B9FF05236C} - \AdobeFlashPlayerUpdate No Task File
Task: {6A72B051-92F6-45B4-AA0D-10E79AA9D3B2} - System32\Tasks\YourFile Update => C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe <==== ATTENTION
Task: {77EC7A8C-7F2D-469D-9540-DEC96B1A7A5A} - System32\Tasks\{97BD9277-E868-4F1D-BDBF-108BBC496872} => Firefox.exe hxxp://ui.skype.com/ui/0/6.1.0.129.272/de/abandoninstall?page=tsProgressBar
Task: {7E747F27-EC37-4F35-95A9-4737965C5754} - System32\Tasks\{D6BB28D1-7725-4BA7-B189-F452A1687370} => Firefox.exe hxxp://ui.skype.com/ui/0/6.1.0.129.272/de/abandoninstall?page=tsProgressBar
Task: {8C6235A7-FD6F-4942-BDAA-E68E63DD8C1D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-08-21] (Piriform Ltd)
Task: {ADB38ECF-6014-4F4B-B47F-E209BFB01EAD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-11-25] (Google Inc.)
Task: {BDCEC4D7-A5C9-41BE-9060-A90B6761F4FE} - System32\Tasks\HP Photo Creations Messager => C:\ProgramData\HP Photo Creations\MessageCheck.exe [2011-02-15] ()
Task: {C16FCD7F-E8BA-4769-A143-742AEC75C548} - System32\Tasks\Fujitsu\DeskUpdateRetry => c:\Fujitsu\Programs\DeskUpdate\ducmd.exe [2010-10-13] (Fujitsu Technology Solutions)
Task: {C53B161B-7FB5-4D3E-B4E2-6EF74E0093A9} - System32\Tasks\{256938B0-4E57-434B-82C1-ACFF33706394} => Chrome.exe 
Task: {C56BDCF0-2D97-45BF-82A9-27D66A5EB153} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2109869091-239777414-2284813190-1001Core => C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-07] (Google Inc.)
Task: {C993F2C3-4C24-4C23-A022-C0A8D889BF4E} - System32\Tasks\{DBA49D7C-F2BC-4998-AC8F-FF277453767C} => Chrome.exe 
Task: {FF143291-5B3C-45F3-9466-017D09DF3883} - System32\Tasks\Software Updater => C:\Program Files (x86)\SelfUpdater\SoftwareUpdater.Bootstrapper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2109869091-239777414-2284813190-1001Core.job => C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2109869091-239777414-2284813190-1001UA.job => C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HP Photo Creations Messager.job => C:\ProgramData\HP Photo Creations\MessageCheck.exe

==================== Loaded Modules (whitelisted) =============

2011-11-17 15:14 - 2011-05-28 22:05 - 00164864 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2014-01-18 21:48 - 2008-04-19 17:35 - 00080384 _____ () C:\Program Files (x86)\ClamWin\bin\ExpShell64.dll
2012-06-18 16:24 - 2012-06-18 16:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2013-12-27 14:01 - 2013-12-27 14:01 - 04496384 _____ () C:\ProgramData\Browser Stabilizer\BrowserStabilizer_x64.dll
2011-05-02 01:21 - 2011-04-15 02:16 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-01-05 20:53 - 2011-01-05 20:53 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2013-12-27 14:01 - 2013-12-27 14:01 - 04531712 _____ () C:\ProgramData\Browser Stabilizer\BrowserStabilizer.dll
2013-12-27 14:01 - 2013-12-27 14:01 - 00181072 _____ () C:\ProgramData\Browser Stabilizer\BrowserStabilizerSvc.dll
2014-01-18 21:48 - 2005-02-08 17:23 - 00979005 _____ () C:\Program Files (x86)\ClamWin\bin\python23.dll
2014-01-18 21:48 - 2004-11-20 03:27 - 00069632 _____ () C:\Program Files (x86)\ClamWin\lib\win32api.pyd
2014-01-18 21:48 - 2004-10-11 20:21 - 00094208 _____ () C:\Program Files (x86)\ClamWin\lib\pywintypes23.dll
2014-01-18 21:48 - 2004-05-25 21:18 - 00057401 _____ () C:\Program Files (x86)\ClamWin\lib\_sre.pyd
2014-01-18 21:48 - 2004-11-20 03:27 - 00086016 _____ () C:\Program Files (x86)\ClamWin\lib\win32gui.pyd
2014-01-18 21:48 - 2004-11-20 03:27 - 00024576 _____ () C:\Program Files (x86)\ClamWin\lib\win32event.pyd
2014-01-18 21:48 - 2004-11-20 03:27 - 00036864 _____ () C:\Program Files (x86)\ClamWin\lib\win32process.pyd
2014-01-18 21:48 - 2004-05-25 21:18 - 00049212 _____ () C:\Program Files (x86)\ClamWin\lib\_socket.pyd
2014-01-18 21:48 - 2004-05-25 21:18 - 00495616 _____ () C:\Program Files (x86)\ClamWin\lib\_ssl.pyd
2014-01-18 21:48 - 2004-05-25 21:20 - 00036864 _____ () C:\Program Files (x86)\ClamWin\lib\_winreg.pyd
2014-01-18 21:48 - 2004-10-11 20:22 - 00315392 _____ () C:\Program Files (x86)\ClamWin\lib\pythoncom23.dll
2014-01-18 21:48 - 2004-11-20 03:27 - 00106496 _____ () C:\Program Files (x86)\ClamWin\lib\shell.pyd
2014-01-18 21:48 - 2004-11-20 03:27 - 00065536 _____ () C:\Program Files (x86)\ClamWin\lib\win32security.pyd
2014-01-18 21:48 - 2004-01-15 14:45 - 00061440 _____ () C:\Program Files (x86)\ClamWin\lib\_ctypes.pyd
2014-01-18 21:48 - 2004-11-20 03:27 - 00077824 _____ () C:\Program Files (x86)\ClamWin\lib\win32file.pyd
2014-01-18 21:48 - 2004-11-20 03:27 - 00024576 _____ () C:\Program Files (x86)\ClamWin\lib\win32pipe.pyd
2014-01-18 21:48 - 2003-10-01 13:40 - 02240512 _____ () C:\Program Files (x86)\ClamWin\lib\wxc.pyd
2014-01-18 21:48 - 2003-10-01 11:43 - 03239936 _____ () C:\Program Files (x86)\ClamWin\lib\wxmsw24h.dll
2014-01-18 21:48 - 2003-08-10 09:14 - 00061440 _____ () C:\Program Files (x86)\ClamWin\lib\mxDateTime.pyd
2014-01-18 21:48 - 2004-05-25 21:17 - 00622651 _____ () C:\Program Files (x86)\ClamWin\lib\_bsddb.pyd
2014-01-18 21:48 - 2004-05-25 21:19 - 00045117 _____ () C:\Program Files (x86)\ClamWin\lib\datetime.pyd
2013-12-23 12:30 - 2013-12-23 12:30 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============

Name: Hamachi Network Interface
Description: Hamachi Network Interface
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn, Inc.
Service: hamachi
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Microsoft Virtual WiFi Miniport Adapter #2
Description: Microsoft-Adapter für Miniports virtueller WiFis
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/19/2014 07:21:43 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (01/19/2014 07:21:43 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (01/19/2014 07:21:43 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (01/19/2014 07:17:30 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/19/2014 07:17:24 PM) (Source: NvStreamSvc) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (01/19/2014 07:17:24 PM) (Source: NvStreamSvc) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (01/19/2014 07:17:24 PM) (Source: NvStreamSvc) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]

Error: (01/19/2014 04:45:52 PM) (Source: Application Hang) (User: )
Description: Programm hl2.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 484

Startzeit: 01cf152cab89dfa5

Endzeit: 0

Anwendungspfad: C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe

Berichts-ID: 3f3fd3b7-8120-11e3-a2c8-ac728940f4a6

Error: (01/19/2014 04:00:54 PM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to compile Microsoft.SqlServer.BatchParser, Version=11.0.0.0, Culture=neutral, PublicKeyToken=89845dcd8080cc91 because of the following error: Internal CLR error. (Exception from HRESULT: 0x80131506).

Error: (01/19/2014 03:28:09 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.


System errors:
=============
Error: (01/19/2014 03:17:55 PM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden aufgrund eines E/A-Fehlers auf Volume "C:" abgebrochen.

Error: (01/19/2014 02:26:46 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (01/19/2014 02:26:46 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (01/19/2014 02:11:41 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (01/19/2014 02:11:41 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (01/19/2014 00:09:31 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (01/19/2014 00:09:31 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (01/18/2014 10:20:57 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (01/18/2014 10:20:57 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (01/18/2014 10:03:04 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Modules Installer" wurde mit folgendem Fehler beendet: 
%%19


Microsoft Office Sessions:
=========================
Error: (01/19/2014 07:21:43 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (01/19/2014 07:21:43 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000

Error: (01/19/2014 07:21:43 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000

Error: (01/19/2014 07:17:30 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/19/2014 07:17:24 PM) (Source: NvStreamSvc)(User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (01/19/2014 07:17:24 PM) (Source: NvStreamSvc)(User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (01/19/2014 07:17:24 PM) (Source: NvStreamSvc)(User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]

Error: (01/19/2014 04:45:52 PM) (Source: Application Hang)(User: )
Description: hl2.exe0.0.0.048401cf152cab89dfa50C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe3f3fd3b7-8120-11e3-a2c8-ac728940f4a6

Error: (01/19/2014 04:00:54 PM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to compile Microsoft.SqlServer.BatchParser, Version=11.0.0.0, Culture=neutral, PublicKeyToken=89845dcd8080cc91 because of the following error: Internal CLR error. (Exception from HRESULT: 0x80131506).
Microsoft.SqlServer.BatchParser, Version=11.0.0.0, Culture=neutral, PublicKeyToken=89845dcd8080cc91

Error: (01/19/2014 03:28:09 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: WmiApRplWmiApRpl8F20300004D070000


==================== Memory info =========================== 

Percentage of memory in use: 52%
Total physical RAM: 4008.62 MB
Available physical RAM: 1884.1 MB
Total Pagefile: 8015.42 MB
Available Pagefile: 5714.75 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:445.13 GB) (Free:370.89 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: F1E2CB29)
Partition 1: (Active) - (Size=2 GB) - (Type=27)
Partition 2: (Not Active) - (Size=464 GB) - (Type=OF Extended)

==================== End Of Log ============================
         

Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 19:25 on 19/01/2014 (Doerr)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
         


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-01-2014 03
Ran by ***** (administrator) on *****-NB01 on 19-01-2014 19:27:47
Running from C:\Users\*****\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\TrayManager.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Sonix) C:\Windows\vsnp2uvc.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Google Inc.) C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\PSUService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
() C:\Program Files (x86)\Tor\tor.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNetDm.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNTray.exe
(Spotify Ltd) C:\Users\*****\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(SkypEmoticons) C:\Users\*****\AppData\Roaming\SkypEmoticons\SE.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe
(alch) C:\Program Files (x86)\ClamWin\bin\ClamTray.exe
(FUJITSU LIMITED) C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
(Fujitsu Technology Solutions) C:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpWareSE4.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\wbengine.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1886504 2009-11-19] (Synaptics Incorporated)
HKLM\...\Run: [BTMTrayAgent] - C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [10228224 2010-11-03] (Intel Corporation)
HKLM\...\Run: [LoadFUJ02E3] - C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe [45680 2010-06-08] (FUJITSU LIMITED)
HKLM\...\Run: [FDM7] - C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe [164712 2009-11-26] (FUJITSU LIMITED)
HKLM\...\Run: [PSUTility] - C:\Program Files\Fujitsu\PSUtility\TrayManager.exe [199528 2010-11-13] (FUJITSU LIMITED)
HKLM\...\Run: [PfNet] - C:\Program Files\Fujitsu\Plugfree NETWORK\PfNet.exe [6311424 2010-10-07] (FUJITSU LIMITED)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11663464 2010-12-07] (Realtek Semiconductor)
HKLM\...\Run: [IntelWireless] - C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1933584 2011-01-05] (Intel(R) Corporation)
HKLM\...\Run: [snp2uvc] - C:\Windows\vsnp2uvc.exe [662016 2009-08-13] (Sonix)
HKLM\...\Run: [LoadFujitsuQuickTouch] - C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe [162416 2010-07-16] (FUJITSU LIMITED)
HKLM\...\Run: [LoadBtnHnd] - C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [21616 2010-07-09] (FUJITSU LIMITED)
HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-10] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\nvspcap64.dll [1100248 2013-12-10] (NVIDIA Corporation)
HKLM-x32\...\Run: [IndicatorUtility] - C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe [48752 2010-09-30] (FUJITSU LIMITED)
HKLM-x32\...\Run: [snp2uvc] - C:\Windows\vsnp2uvc.exe [662016 2009-08-13] (Sonix)
HKLM-x32\...\Run: [DeskUpdateNotifier] - c:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe [97560 2010-10-13] (Fujitsu Technology Solutions)
HKLM-x32\...\Run: [UCam_Menu] - C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [YouCam Mirror Tray icon] - C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe [162912 2009-07-08] (CyberLink Corp.)
HKLM-x32\...\Run: [SSBkgdUpdate] - C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [OpwareSE4] - C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpwareSE4.exe [79400 2007-02-04] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-03-24] (Hewlett-Packard)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [Google Update] - C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-11-07] (Google Inc.)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\*****\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1168896 2013-12-14] (Spotify Ltd)
HKCU\...\Run: [se] - C:\Users\*****\AppData\Roaming\SkypEmoticons\SE.exe [5827488 2013-10-24] (SkypEmoticons)
HKCU\...\Run: [HP Photosmart 5510 series (NET)] - C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe [2676584 2011-09-16] (Hewlett-Packard Co.)
HKCU\...\Run: [ClamWin] - C:\Program Files (x86)\ClamWin\bin\ClamTray.exe [86016 2013-10-18] (alch)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-12-19] (NVIDIA Corporation)
AppInit_DLLs: C:\PROGRA~3\BROWSE~1\BROWSE~2.DLL => C:\ProgramData\Browser Stabilizer\BrowserStabilizer_x64.dll [4496384 2013-12-27] ()
AppInit_DLLs-x32: ,c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [141336 2013-12-19] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\progra~3\browse~1\browse~1.dll,C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-12-19] (NVIDIA Corporation)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk
ShortcutTarget: LaunchCenter.lnk -> C:\Program Files\Fujitsu\LaunchCenter\LaunchCenter.exe (Fujitsu Technology Solutions)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk
ShortcutTarget: LaunchCenter.lnk -> C:\Program Files\Fujitsu\LaunchCenter\LaunchCenter.exe (Fujitsu Technology Solutions)

==================== Internet (Whitelisted) ====================

ProxyServer: 10.0.0.138:80
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://websearch.wisesearch.info/?pid=725&r=2013/10/24&hid=12088271798101284982&lg=EN&cc=AT&unqvl=39
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ts.fujitsu.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=FTSG&bmod=FTSG
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://websearch.wisesearch.info/?pid=725&r=2013/10/24&hid=12088271798101284982&lg=EN&cc=AT&unqvl=39
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.wisesearch.info/?l=1&q={searchTerms}&pid=725&r=2013/10/24&hid=12088271798101284982&lg=EN&cc=AT&unqvl=39
SearchScopes: HKCU - DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.wisesearch.info/?l=1&q={searchTerms}&pid=725&r=2013/10/24&hid=12088271798101284982&lg=EN&cc=AT&unqvl=39
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKCU - {AE592437-2644-4A6B-972C-8D5A23AF96C4} URL = hxxp://ecosia.org/search.php?q={searchTerms}&addon=opensearch
SearchScopes: HKCU - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.wisesearch.info/?l=1&q={searchTerms}&pid=725&r=2013/10/24&hid=12088271798101284982&lg=EN&cc=AT&unqvl=39
SearchScopes: HKCU - {BF15C0A1-A07F-470D-871A-6C8960C0ECBF} URL = 
BHO: DownnSSave - {2985237C-AC09-7404-8494-0072A6C90638} - C:\ProgramData\DownnSSave\_C.x64.dll ()
BHO-x32: DownnSSave - {2985237C-AC09-7404-8494-0072A6C90638} - C:\ProgramData\DownnSSave\_C.dll ()
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{41FD9069-21D6-40EB-9555-F0F6DDCFA8FB}: [NameServer]0.0.0.0

FireFox:
========
FF ProfilePath: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\ci75rvj2.default
FF user.js: detected! => C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\ci75rvj2.default\user.js
FF DefaultSearchEngine: WebSearch
FF SearchEngineOrder.1: WebSearch
FF SearchEngineOrder.user_pref("browser.search.order.1,S", "WebSearch");: user_pref("browser.search.order.1,S", "WebSearch");
FF SelectedSearchEngine: WebSearch
FF Homepage: https://www.google.com/
FF Keyword.URL: hxxp://websearch.wisesearch.info/?pid=725&r=2013/10/24&hid=12088271798101284982&lg=EN&cc=AT&unqvl=39&l=1&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @java.com/DTPlugin,version=10.17.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.17.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\*****\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\*****\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\*****\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\*****\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\*****\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\*****\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\*****\AppData\Roaming\mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin ProgramFiles/Appdata: C:\Users\*****\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\ci75rvj2.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\ci75rvj2.default\searchplugins\BrowserProtect.xml
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\ci75rvj2.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\ci75rvj2.default\searchplugins\WebSearch.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: General Crawler - C:\Users\*****\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com [2012-04-19]

Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR Extension: (No Name) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-02]
CHR Extension: (No Name) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-02]
CHR Extension: (No Name) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-02]
CHR Extension: (0) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\elgfababjopgjalkgbfndlempbfdiecf [2013-12-06]
CHR Extension: (Google Wallet) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-02]
CHR Extension: (No Name) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-02]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Users\*****\AppData\Roaming\DVDVideoSoft\dvsYoutubeDownload.crx [2012-10-31]
CHR HKLM-x32\...\Chrome\Extension: [dednnpigldgdbpgcdpfppmlcnnbjciel] - C:\Users\*****\AppData\Roaming\Media Finder\Extensions\gencrawler_gc.crx [2012-04-19]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-03-02]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 2db04d42; C:\ProgramData\Browser Stabilizer\BrowserStabilizerSvc.dll [181072 2013-12-27] ()
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-01-05] ()
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-10] (NVIDIA Corporation)
R2 PFNService; C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe [331776 2010-10-07] (FUJITSU LIMITED)
R2 PowerSavingUtilityService; C:\Program Files\Fujitsu\PSUtility\PSUService.exe [63336 2010-06-17] (FUJITSU LIMITED)
R2 tor; C:\Program Files (x86)\Tor\tor.exe [3233806 2013-08-31] ()

==================== Drivers (Whitelisted) ====================

R0 FBIOSDRV; C:\Windows\System32\Drivers\FBIOSDRV.sys [21104 2009-06-24] (FUJITSU LIMITED)
R3 FUJ02B1; C:\Windows\System32\DRIVERS\FUJ02B1.sys [7808 2006-11-01] (FUJITSU LIMITED)
R3 FUJ02E3; C:\Windows\system32\drivers\FUJ02E3.sys [7296 2006-11-01] (FUJITSU LIMITED)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)
S3 SMARTMouseFilterx64; C:\Windows\System32\DRIVERS\SMARTMouseFilterx64.sys [13168 2011-07-13] (SMART Technologies ULC)
S3 SMARTVHidMiniVistaAmd64; C:\Windows\System32\DRIVERS\SMARTVHidMiniVistaAmd64.sys [16368 2011-07-13] (SMART Technologies ULC)
S3 SMARTVTabletPCx64; C:\Windows\System32\DRIVERS\SMARTVTabletPCx64.sys [24944 2011-07-13] (SMART Technologies ULC)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1801216 2010-10-09] ()

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-19 19:27 - 2014-01-19 19:28 - 00021296 _____ C:\Users\*****\Desktop\FRST.txt
2014-01-19 19:27 - 2014-01-19 19:27 - 00000000 ____D C:\FRST
2014-01-19 19:26 - 2014-01-19 19:26 - 02076672 _____ (Farbar) C:\Users\*****\Desktop\FRST64.exe
2014-01-19 19:25 - 2014-01-19 19:25 - 00000472 _____ C:\Users\*****\Desktop\defogger_disable.log
2014-01-19 19:25 - 2014-01-19 19:25 - 00000000 _____ C:\Users\*****\defogger_reenable
2014-01-19 19:24 - 2014-01-19 19:24 - 00050477 _____ C:\Users\*****\Desktop\Defogger.exe
2014-01-19 15:39 - 2014-01-19 19:17 - 00000168 _____ C:\Windows\setupact.log
2014-01-19 15:39 - 2014-01-19 15:39 - 00000000 _____ C:\Windows\setuperr.log
2014-01-19 15:31 - 2014-01-19 15:31 - 00968392 _____ C:\Users\*****\Desktop\CR-FERNWARTUNG.exe
2014-01-19 15:24 - 2014-01-19 15:24 - 00000000 ____D C:\Users\*****\AppData\Local\NVIDIA Corporation
2014-01-19 15:23 - 2014-01-19 15:23 - 00000000 ____D C:\Windows\SysWOW64\NV
2014-01-19 15:23 - 2014-01-19 15:23 - 00000000 ____D C:\Windows\system32\NV
2014-01-19 15:21 - 2014-01-19 15:21 - 00001353 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2014-01-19 15:20 - 2013-12-10 03:15 - 00982232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-01-19 15:20 - 2013-12-10 03:14 - 01100248 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-01-19 15:19 - 2014-01-19 15:19 - 00000000 ____D C:\Users\*****\AppData\Local\NVIDIA
2014-01-19 15:19 - 2014-01-19 15:19 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2014-01-19 15:16 - 2013-12-19 21:33 - 30372640 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 22960416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 18310112 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 18222008 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 15877216 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 15230352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 12645664 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-01-19 15:16 - 2013-12-19 21:33 - 11605752 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 11554264 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 09700224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 09657464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 03132704 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 03125024 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 02947872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 02747680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433221.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433221.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 01436528 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 01242400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 00882464 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 00879392 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 00852768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 00847648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 00032544 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys
2014-01-19 15:16 - 2013-12-05 09:42 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-01-19 15:16 - 2013-12-05 09:42 - 00035104 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2014-01-19 15:16 - 2013-12-05 09:42 - 00032544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-01-19 15:15 - 2013-12-19 21:33 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-01-19 15:15 - 2013-12-19 21:33 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-01-19 15:15 - 2013-12-19 21:33 - 03071656 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-01-19 15:15 - 2013-12-19 21:33 - 02698272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-01-19 15:07 - 2014-01-19 15:13 - 266633424 _____ (NVIDIA Corporation) C:\Users\*****\Downloads\332.21-notebook-win8-win7-64bit-international-whql.exe
2014-01-19 14:36 - 2014-01-19 14:36 - 00000000 ____D C:\Program Files\CPUID
2014-01-19 14:35 - 2014-01-19 14:35 - 01466296 _____ (                                                            ) C:\Users\*****\Downloads\cpu-z_1.68-setup-en.exe
2014-01-19 12:10 - 2014-01-19 12:17 - 00000000 ____D C:\Windows\System32\Tasks\Aufgaben der Ereignisanzeige
2014-01-18 21:48 - 2014-01-18 21:49 - 00000000 ____D C:\Users\*****\AppData\Roaming\.clamwin
2014-01-18 21:48 - 2014-01-18 21:48 - 00000000 ____D C:\Program Files (x86)\ClamWin
2014-01-18 21:44 - 2014-01-18 21:47 - 84496144 _____ (alch                                                        ) C:\Users\*****\Downloads\clamwin-0.98-setup.exe
2014-01-18 19:14 - 2014-01-18 19:14 - 00000000 ____D C:\Program Files (x86)\Fuuni2Savue
2014-01-18 01:27 - 2014-01-18 01:27 - 00000000 ____D C:\Users\*****\AppData\Roaming\NVIDIA
2014-01-18 01:26 - 2014-01-18 01:26 - 00000000 ____D C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-01-17 21:41 - 2014-01-17 21:41 - 00000000 ____D C:\Users\*****\Documents\BFBC2
2014-01-15 18:20 - 2013-11-27 02:42 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 18:20 - 2013-11-27 02:42 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 18:20 - 2013-11-27 02:42 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 18:20 - 2013-11-27 02:42 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 18:20 - 2013-11-27 02:42 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 18:20 - 2013-11-27 02:42 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 18:20 - 2013-11-27 02:42 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 18:20 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 18:20 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-09 18:54 - 2014-01-09 18:54 - 01133552 _____ C:\Users\*****\Downloads\SteamSetup.exe
2014-01-06 21:51 - 2014-01-06 21:51 - 00001094 _____ C:\Users\*****\Downloads\Aufgabe8.zip
2014-01-06 21:51 - 2014-01-06 21:51 - 00001094 _____ C:\Users\*****\Downloads\Aufgabe8 (2).zip
2014-01-06 21:51 - 2014-01-06 21:51 - 00001094 _____ C:\Users\*****\Downloads\Aufgabe8 (1).zip
2014-01-06 21:46 - 2014-01-06 21:46 - 00001094 _____ C:\Users\*****\Downloads\Quelle2.zip
2014-01-05 23:04 - 2014-01-05 23:04 - 00004730 _____ C:\Users\*****\Documents\cc_20140105_230142.reg
2013-12-30 11:03 - 2014-01-18 19:18 - 00000000 ____D C:\ProgramData\Fuuni2Savue
2013-12-30 11:03 - 2014-01-18 19:14 - 00000000 ____D C:\ProgramData\e48e524463011d6f
2013-12-30 11:03 - 2013-12-30 11:03 - 00000000 ____D C:\ProgramData\DownnSSave
2013-12-30 11:03 - 2013-12-30 11:03 - 00000000 ____D C:\ProgramData\agcniifgcajngehbpgemhajfiohohdoc
2013-12-27 14:01 - 2013-12-27 14:01 - 00000000 ____D C:\ProgramData\Browser Stabilizer
2013-12-23 12:30 - 2013-12-23 12:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-23 12:02 - 2014-01-19 16:39 - 00000000 ____D C:\Program Files (x86)\Steam
2013-12-22 11:52 - 2013-12-22 11:52 - 00000000 ____D C:\Users\*****\Downloads\save
2013-12-22 11:50 - 2013-12-22 11:52 - 72106372 _____ ( ) C:\Users\*****\Downloads\iwbtgbeta_fs_.exe

==================== One Month Modified Files and Folders =======

2014-01-19 19:28 - 2014-01-19 19:27 - 00021296 _____ C:\Users\*****\Desktop\FRST.txt
2014-01-19 19:27 - 2014-01-19 19:27 - 00000000 ____D C:\FRST
2014-01-19 19:27 - 2011-10-27 12:01 - 01451243 _____ C:\Windows\WindowsUpdate.log
2014-01-19 19:26 - 2014-01-19 19:26 - 02076672 _____ (Farbar) C:\Users\*****\Desktop\FRST64.exe
2014-01-19 19:25 - 2014-01-19 19:25 - 00000472 _____ C:\Users\*****\Desktop\defogger_disable.log
2014-01-19 19:25 - 2014-01-19 19:25 - 00000000 _____ C:\Users\*****\defogger_reenable
2014-01-19 19:25 - 2011-11-07 20:18 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2109869091-239777414-2284813190-1001UA.job
2014-01-19 19:25 - 2011-10-27 12:04 - 00000000 ____D C:\Users\*****
2014-01-19 19:24 - 2014-01-19 19:24 - 00050477 _____ C:\Users\*****\Desktop\Defogger.exe
2014-01-19 19:24 - 2009-07-14 05:45 - 00020944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-19 19:24 - 2009-07-14 05:45 - 00020944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-19 19:23 - 2013-09-21 13:34 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-19 19:21 - 2011-04-11 18:26 - 04917602 _____ C:\Windows\system32\perfh007.dat
2014-01-19 19:21 - 2011-04-11 18:26 - 01533836 _____ C:\Windows\system32\perfc007.dat
2014-01-19 19:21 - 2009-07-14 06:13 - 00006520 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-19 19:17 - 2014-01-19 15:39 - 00000168 _____ C:\Windows\setupact.log
2014-01-19 19:17 - 2011-11-25 19:49 - 00001104 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-19 19:16 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-19 16:44 - 2011-11-25 19:49 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-19 16:39 - 2013-12-23 12:02 - 00000000 ____D C:\Program Files (x86)\Steam
2014-01-19 16:01 - 2013-11-09 17:35 - 00000256 _____ C:\Windows\Tasks\HP Photo Creations Messager.job
2014-01-19 15:39 - 2014-01-19 15:39 - 00000000 _____ C:\Windows\setuperr.log
2014-01-19 15:31 - 2014-01-19 15:31 - 00968392 _____ C:\Users\*****\Desktop\CR-FERNWARTUNG.exe
2014-01-19 15:25 - 2011-11-07 20:18 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2109869091-239777414-2284813190-1001Core.job
2014-01-19 15:24 - 2014-01-19 15:24 - 00000000 ____D C:\Users\*****\AppData\Local\NVIDIA Corporation
2014-01-19 15:24 - 2011-10-27 20:50 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2014-01-19 15:23 - 2014-01-19 15:23 - 00000000 ____D C:\Windows\SysWOW64\NV
2014-01-19 15:23 - 2014-01-19 15:23 - 00000000 ____D C:\Windows\system32\NV
2014-01-19 15:23 - 2011-10-27 20:51 - 00000000 ____D C:\ProgramData\NVIDIA
2014-01-19 15:23 - 2011-10-27 12:05 - 00113232 _____ C:\Users\*****\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-19 15:22 - 2009-07-14 05:45 - 00444208 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-19 15:21 - 2014-01-19 15:21 - 00001353 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2014-01-19 15:20 - 2011-10-27 20:50 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2014-01-19 15:20 - 2011-10-27 20:50 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2014-01-19 15:19 - 2014-01-19 15:19 - 00000000 ____D C:\Users\*****\AppData\Local\NVIDIA
2014-01-19 15:19 - 2014-01-19 15:19 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2014-01-19 15:13 - 2014-01-19 15:07 - 266633424 _____ (NVIDIA Corporation) C:\Users\*****\Downloads\332.21-notebook-win8-win7-64bit-international-whql.exe
2014-01-19 15:02 - 2012-01-24 15:09 - 00000000 ____D C:\ProgramData\Microsoft Help
2014-01-19 15:01 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2014-01-19 15:00 - 2010-11-21 08:16 - 00000000 ____D C:\Windows\ShellNew
2014-01-19 14:56 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\System
2014-01-19 14:56 - 2009-07-14 03:34 - 00000387 _____ C:\Windows\win.ini
2014-01-19 14:39 - 2013-11-04 13:36 - 00000000 ____D C:\Users\*****\Desktop\Felix
2014-01-19 14:36 - 2014-01-19 14:36 - 00000000 ____D C:\Program Files\CPUID
2014-01-19 14:35 - 2014-01-19 14:35 - 01466296 _____ (                                                            ) C:\Users\*****\Downloads\cpu-z_1.68-setup-en.exe
2014-01-19 14:14 - 2011-10-27 16:32 - 00000000 ____D C:\Users\*****\AppData\Local\CrashDumps
2014-01-19 12:17 - 2014-01-19 12:10 - 00000000 ____D C:\Windows\System32\Tasks\Aufgaben der Ereignisanzeige
2014-01-18 21:49 - 2014-01-18 21:48 - 00000000 ____D C:\Users\*****\AppData\Roaming\.clamwin
2014-01-18 21:48 - 2014-01-18 21:48 - 00000000 ____D C:\Program Files (x86)\ClamWin
2014-01-18 21:47 - 2014-01-18 21:44 - 84496144 _____ (alch                                                        ) C:\Users\*****\Downloads\clamwin-0.98-setup.exe
2014-01-18 19:18 - 2013-12-30 11:03 - 00000000 ____D C:\ProgramData\Fuuni2Savue
2014-01-18 19:14 - 2014-01-18 19:14 - 00000000 ____D C:\Program Files (x86)\Fuuni2Savue
2014-01-18 19:14 - 2013-12-30 11:03 - 00000000 ____D C:\ProgramData\e48e524463011d6f
2014-01-18 13:02 - 2013-09-21 13:34 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-01-18 13:02 - 2012-04-19 16:20 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-18 13:02 - 2011-11-09 10:30 - 00000000 ____D C:\Users\*****\AppData\Local\Adobe
2014-01-18 13:02 - 2011-10-27 16:32 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-18 01:27 - 2014-01-18 01:27 - 00000000 ____D C:\Users\*****\AppData\Roaming\NVIDIA
2014-01-18 01:26 - 2014-01-18 01:26 - 00000000 ____D C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-01-17 21:41 - 2014-01-17 21:41 - 00000000 ____D C:\Users\*****\Documents\BFBC2
2014-01-15 20:47 - 2013-08-15 10:03 - 00000000 ____D C:\Windows\system32\MRT
2014-01-15 20:44 - 2011-10-27 13:11 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-13 20:52 - 2013-10-25 20:21 - 00000000 ____D C:\Users\*****\Documents\Visual Studio 2012
2014-01-12 19:41 - 2011-11-05 12:48 - 00000000 ____D C:\Mama
2014-01-11 10:41 - 2011-10-27 17:05 - 00000000 ____D C:\Users\*****\AppData\Roaming\Skype
2014-01-09 19:15 - 2012-09-07 20:46 - 00000000 ____D C:\Users\*****\AppData\Roaming\Spotify
2014-01-09 18:55 - 2012-09-07 20:48 - 00000000 ____D C:\Users\*****\AppData\Local\Spotify
2014-01-09 18:54 - 2014-01-09 18:54 - 01133552 _____ C:\Users\*****\Downloads\SteamSetup.exe
2014-01-09 18:43 - 2011-12-04 10:45 - 00000000 ____D C:\Users\*****\Desktop\Neue Musik
2014-01-06 21:51 - 2014-01-06 21:51 - 00001094 _____ C:\Users\*****\Downloads\Aufgabe8.zip
2014-01-06 21:51 - 2014-01-06 21:51 - 00001094 _____ C:\Users\*****\Downloads\Aufgabe8 (2).zip
2014-01-06 21:51 - 2014-01-06 21:51 - 00001094 _____ C:\Users\*****\Downloads\Aufgabe8 (1).zip
2014-01-06 21:46 - 2014-01-06 21:46 - 00001094 _____ C:\Users\*****\Downloads\Quelle2.zip
2014-01-05 23:04 - 2014-01-05 23:04 - 00004730 _____ C:\Users\*****\Documents\cc_20140105_230142.reg
2013-12-30 11:03 - 2013-12-30 11:03 - 00000000 ____D C:\ProgramData\DownnSSave
2013-12-30 11:03 - 2013-12-30 11:03 - 00000000 ____D C:\ProgramData\agcniifgcajngehbpgemhajfiohohdoc
2013-12-27 14:01 - 2013-12-27 14:01 - 00000000 ____D C:\ProgramData\Browser Stabilizer
2013-12-27 14:01 - 2013-10-24 14:03 - 00000000 ____D C:\Program Files (x86)\Ss-Helper
2013-12-27 13:10 - 2011-10-27 12:09 - 00000000 ____D C:\Windows\System32\Tasks\Fujitsu
2013-12-25 18:15 - 2009-07-14 06:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-12-23 15:14 - 2012-05-31 16:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-23 12:31 - 2013-12-23 12:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-22 11:52 - 2013-12-22 11:52 - 00000000 ____D C:\Users\*****\Downloads\save
2013-12-22 11:52 - 2013-12-22 11:50 - 72106372 _____ ( ) C:\Users\*****\Downloads\iwbtgbeta_fs_.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-13 10:11

==================== End Of Log ============================
         
--- --- ---

--- --- ---
__________________

Alt 19.01.2014, 20:50   #4
Hilfe123
 
Windows 7: Laptop wurde sehr langsam - Standard

Windows 7: Laptop wurde sehr langsam



Code:
ATTFilter
GMER 2.1.19322 - hxxp://www.gmer.net
Rootkit scan 2014-01-19 19:44:29
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 Hitachi_ rev.JECO 465,76GB
Running: gmer.exe; Driver: C:\Users\*****\AppData\Local\Temp\kwriypob.sys


---- Kernel code sections - GMER 2.1 ----

INITKDBG  C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 528                                                                          fffff800031fb000 45 bytes [00, 00, 00, 00, 00, 00, 00, ...]
INITKDBG  C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 575                                                                          fffff800031fb02f 16 bytes [00, 00, 00, 00, 00, 00, 00, ...]

---- User code sections - GMER 2.1 ----

.text     C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1340] C:\Windows\system32\kernel32.dll!RegSetValueExW                              000000007704af40 7 bytes JMP 000000016fff0260
.text     C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1340] C:\Windows\system32\kernel32.dll!RegQueryValueExW                            0000000077054a60 5 bytes JMP 000000016fff01b8
.text     C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1340] C:\Windows\system32\kernel32.dll!RegDeleteValueW                             0000000077072990 5 bytes JMP 000000016fff01f0
.text     C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1340] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW                       000000007707efe0 5 bytes JMP 000000016fff0148
.text     C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1340] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx                     00000000770a99b0 7 bytes JMP 000000016fff00d8
.text     C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1340] C:\Windows\system32\kernel32.dll!K32GetModuleInformation                     00000000770b94d0 5 bytes JMP 000000016fff0180
.text     C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1340] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW                     00000000770b9640 5 bytes JMP 000000016fff0110
.text     C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1340] C:\Windows\system32\kernel32.dll!RegSetValueExA                              00000000770da500 7 bytes JMP 000000016fff0228
.text     C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1340] C:\Windows\system32\KERNELBASE.dll!FreeLibrary                               000007fefd232db0 5 bytes JMP 000007fffd220180
.text     C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1340] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW                          000007fefd2337d0 7 bytes JMP 000007fffd2200d8
.text     C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1340] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW                            000007fefd238ef0 6 bytes JMP 000007fffd220148
.text     C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1340] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW                        000007fefd24af60 5 bytes JMP 000007fffd220110
.text     C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1340] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo                         000007fefd4489e0 8 bytes JMP 000007fffd2201f0
.text     C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1340] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList                       000007fefd44be40 8 bytes JMP 000007fffd2201b8
.text     C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1340] C:\Windows\system32\ole32.dll!CoCreateInstance                               000007feff387490 11 bytes JMP 000007fffd220228
.text     C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1340] C:\Windows\system32\ole32.dll!CoSetProxyBlanket                              000007feff39bf00 7 bytes JMP 000007fffd220260
.text     C:\Windows\system32\Dwm.exe[1848] C:\Windows\system32\KERNELBASE.dll!FreeLibrary                                                            000007fefd232db0 5 bytes JMP 000007fffd220180
.text     C:\Windows\system32\Dwm.exe[1848] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW                                                       000007fefd2337d0 7 bytes JMP 000007fffd2200d8
.text     C:\Windows\system32\Dwm.exe[1848] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW                                                         000007fefd238ef0 6 bytes JMP 000007fffd220148
.text     C:\Windows\system32\Dwm.exe[1848] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW                                                     000007fefd24af60 5 bytes JMP 000007fffd220110
.text     C:\Windows\system32\Dwm.exe[1848] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo                                                      000007fefd4489e0 8 bytes JMP 000007fffd2201f0
.text     C:\Windows\system32\Dwm.exe[1848] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList                                                    000007fefd44be40 8 bytes JMP 000007fffd2201b8
.text     C:\Windows\system32\Dwm.exe[1848] C:\Windows\system32\dxgi.dll!CreateDXGIFactory                                                            000007fef7f1dc88 5 bytes JMP 000007fff7ef00d8
.text     C:\Windows\system32\Dwm.exe[1848] C:\Windows\system32\dxgi.dll!CreateDXGIFactory1                                                           000007fef7f1de10 5 bytes JMP 000007fff7ef0110
.text     C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2496] C:\Windows\system32\kernel32.dll!RegSetValueExW                                         000000007704af40 7 bytes JMP 000000016fff0260
.text     C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2496] C:\Windows\system32\kernel32.dll!RegQueryValueExW                                       0000000077054a60 5 bytes JMP 000000016fff01b8
.text     C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2496] C:\Windows\system32\kernel32.dll!RegDeleteValueW                                        0000000077072990 5 bytes JMP 000000016fff01f0
.text     C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2496] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW                                  000000007707efe0 5 bytes JMP 000000016fff0148
.text     C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2496] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx                                00000000770a99b0 7 bytes JMP 000000016fff00d8
.text     C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2496] C:\Windows\system32\kernel32.dll!K32GetModuleInformation                                00000000770b94d0 5 bytes JMP 000000016fff0180
.text     C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2496] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW                                00000000770b9640 5 bytes JMP 000000016fff0110
.text     C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2496] C:\Windows\system32\kernel32.dll!RegSetValueExA                                         00000000770da500 7 bytes JMP 000000016fff0228
.text     C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2496] C:\Windows\system32\KERNELBASE.dll!FreeLibrary                                          000007fefd232db0 5 bytes JMP 000007fffd220180
.text     C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2496] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW                                     000007fefd2337d0 7 bytes JMP 000007fffd2200d8
.text     C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2496] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW                                       000007fefd238ef0 6 bytes JMP 000007fffd220148
.text     C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2496] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW                                   000007fefd24af60 5 bytes JMP 000007fffd220110
.text     C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2496] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo                                    000007fefd4489e0 8 bytes JMP 000007fffd2201f0
.text     C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2496] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList                                  000007fefd44be40 8 bytes JMP 000007fffd2201b8
.text     C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2496] C:\Windows\system32\ole32.dll!CoCreateInstance                                          000007feff387490 11 bytes JMP 000007fffd220228
.text     C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2496] C:\Windows\system32\ole32.dll!CoSetProxyBlanket                                         000007feff39bf00 7 bytes JMP 000007fffd220260
.text     C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe[2516] C:\Windows\system32\KERNELBASE.dll!FreeLibrary                                           000007fefd232db0 5 bytes JMP 000007fffd220180
.text     C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe[2516] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW                                      000007fefd2337d0 7 bytes JMP 000007fffd2200d8
.text     C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe[2516] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW                                        000007fefd238ef0 6 bytes JMP 000007fffd220148
.text     C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe[2516] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW                                    000007fefd24af60 5 bytes JMP 000007fffd220110
.text     C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe[2516] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo                                     000007fefd4489e0 8 bytes JMP 000007fffd2201f0
.text     C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe[2516] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList                                   000007fefd44be40 8 bytes JMP 000007fffd2201b8
.text     C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe[2532] C:\Windows\system32\kernel32.dll!RegSetValueExW                                           000000007704af40 7 bytes JMP 000000016fff0260
.text     C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe[2532] C:\Windows\system32\kernel32.dll!RegQueryValueExW                                         0000000077054a60 5 bytes JMP 000000016fff01b8
.text     C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe[2532] C:\Windows\system32\kernel32.dll!RegDeleteValueW                                          0000000077072990 5 bytes JMP 000000016fff01f0
.text     C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe[2532] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW                                    000000007707efe0 5 bytes JMP 000000016fff0148
.text     C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe[2532] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx                                  00000000770a99b0 7 bytes JMP 000000016fff00d8
.text     C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe[2532] C:\Windows\system32\kernel32.dll!K32GetModuleInformation                                  00000000770b94d0 5 bytes JMP 000000016fff0180
.text     C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe[2532] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW                                  00000000770b9640 5 bytes JMP 000000016fff0110
.text     C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe[2532] C:\Windows\system32\kernel32.dll!RegSetValueExA                                           00000000770da500 7 bytes JMP 000000016fff0228
.text     C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe[2532] C:\Windows\system32\KERNELBASE.dll!FreeLibrary                                            000007fefd232db0 5 bytes JMP 000007fffd220180
.text     C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe[2532] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW                                       000007fefd2337d0 7 bytes JMP 000007fffd2200d8
.text     C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe[2532] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW                                         000007fefd238ef0 6 bytes JMP 000007fffd220148
.text     C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe[2532] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW                                     000007fefd24af60 5 bytes JMP 000007fffd220110
.text     C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe[2532] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo                                      000007fefd4489e0 8 bytes JMP 000007fffd2201f0
.text     C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe[2532] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList                                    000007fefd44be40 8 bytes JMP 000007fffd2201b8
.text     C:\Program Files\Fujitsu\PSUtility\TrayManager.exe[2540] C:\Windows\system32\kernel32.dll!RegSetValueExW                                    000000007704af40 7 bytes JMP 000000016fff0260
.text     C:\Program Files\Fujitsu\PSUtility\TrayManager.exe[2540] C:\Windows\system32\kernel32.dll!RegQueryValueExW                                  0000000077054a60 5 bytes JMP 000000016fff01b8
.text     C:\Program Files\Fujitsu\PSUtility\TrayManager.exe[2540] C:\Windows\system32\kernel32.dll!RegDeleteValueW                                   0000000077072990 5 bytes JMP 000000016fff01f0
.text     C:\Program Files\Fujitsu\PSUtility\TrayManager.exe[2540] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW                             000000007707efe0 5 bytes JMP 000000016fff0148
.text     C:\Program Files\Fujitsu\PSUtility\TrayManager.exe[2540] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx                           00000000770a99b0 7 bytes JMP 000000016fff00d8
.text     C:\Program Files\Fujitsu\PSUtility\TrayManager.exe[2540] C:\Windows\system32\kernel32.dll!K32GetModuleInformation                           00000000770b94d0 5 bytes JMP 000000016fff0180
.text     C:\Program Files\Fujitsu\PSUtility\TrayManager.exe[2540] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW                           00000000770b9640 5 bytes JMP 000000016fff0110
.text     C:\Program Files\Fujitsu\PSUtility\TrayManager.exe[2540] C:\Windows\system32\kernel32.dll!RegSetValueExA                                    00000000770da500 7 bytes JMP 000000016fff0228
.text     C:\Program Files\Fujitsu\PSUtility\TrayManager.exe[2540] C:\Windows\system32\KERNELBASE.dll!FreeLibrary                                     000007fefd232db0 5 bytes JMP 000007fffd220180
.text     C:\Program Files\Fujitsu\PSUtility\TrayManager.exe[2540] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW                                000007fefd2337d0 7 bytes JMP 000007fffd2200d8
.text     C:\Program Files\Fujitsu\PSUtility\TrayManager.exe[2540] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW                                  000007fefd238ef0 6 bytes JMP 000007fffd220148
.text     C:\Program Files\Fujitsu\PSUtility\TrayManager.exe[2540] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW                              000007fefd24af60 5 bytes JMP 000007fffd220110
.text     C:\Program Files\Fujitsu\PSUtility\TrayManager.exe[2540] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo                               000007fefd4489e0 8 bytes JMP 000007fffd2201f0
.text     C:\Program Files\Fujitsu\PSUtility\TrayManager.exe[2540] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList                             000007fefd44be40 8 bytes JMP 000007fffd2201b8
.text     C:\Program Files\Fujitsu\PSUtility\TrayManager.exe[2540] C:\Windows\system32\ole32.dll!CoCreateInstance                                     000007feff387490 11 bytes JMP 000007fffd220228
.text     C:\Program Files\Fujitsu\PSUtility\TrayManager.exe[2540] C:\Windows\system32\ole32.dll!CoSetProxyBlanket                                    000007feff39bf00 7 bytes JMP 000007fffd220260
.text     C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[2652] C:\Windows\system32\kernel32.dll!RegSetValueExW                                       000000007704af40 7 bytes JMP 000000016fff0260
.text     C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[2652] C:\Windows\system32\kernel32.dll!RegQueryValueExW                                     0000000077054a60 5 bytes JMP 000000016fff01b8
.text     C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[2652] C:\Windows\system32\kernel32.dll!RegDeleteValueW                                      0000000077072990 5 bytes JMP 000000016fff01f0
.text     C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[2652] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW                                000000007707efe0 5 bytes JMP 000000016fff0148
.text     C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[2652] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx                              00000000770a99b0 7 bytes JMP 000000016fff00d8
.text     C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[2652] C:\Windows\system32\kernel32.dll!K32GetModuleInformation                              00000000770b94d0 5 bytes JMP 000000016fff0180
.text     C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[2652] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW                              00000000770b9640 5 bytes JMP 000000016fff0110
.text     C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[2652] C:\Windows\system32\kernel32.dll!RegSetValueExA                                       00000000770da500 7 bytes JMP 000000016fff0228
.text     C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[2652] C:\Windows\system32\KERNELBASE.dll!FreeLibrary                                        000007fefd232db0 5 bytes JMP 000007fffd220180
.text     C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[2652] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW                                   000007fefd2337d0 7 bytes JMP 000007fffd2200d8
.text     C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[2652] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW                                     000007fefd238ef0 6 bytes JMP 000007fffd220148
.text     C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[2652] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW                                 000007fefd24af60 5 bytes JMP 000007fffd220110
.text     C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[2652] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo                                  000007fefd4489e0 8 bytes JMP 000007fffd2201f0
.text     C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[2652] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList                                000007fefd44be40 8 bytes JMP 000007fffd2201b8
.text     C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[2652] C:\Windows\system32\ole32.dll!CoCreateInstance                                        000007feff387490 11 bytes JMP 000007fffd220228
.text     C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[2652] C:\Windows\system32\ole32.dll!CoSetProxyBlanket                                       000007feff39bf00 7 bytes JMP 000007fffd220260
.text     C:\Windows\System32\igfxpers.exe[2680] C:\Windows\system32\kernel32.dll!RegSetValueExW                                                      000000007704af40 7 bytes JMP 000000016fff0260
.text     C:\Windows\System32\igfxpers.exe[2680] C:\Windows\system32\kernel32.dll!RegQueryValueExW                                                    0000000077054a60 5 bytes JMP 000000016fff01b8
.text     C:\Windows\System32\igfxpers.exe[2680] C:\Windows\system32\kernel32.dll!RegDeleteValueW                                                     0000000077072990 5 bytes JMP 000000016fff01f0
.text     C:\Windows\System32\igfxpers.exe[2680] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW                                               000000007707efe0 5 bytes JMP 000000016fff0148
.text     C:\Windows\System32\igfxpers.exe[2680] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx                                             00000000770a99b0 7 bytes JMP 000000016fff00d8
.text     C:\Windows\System32\igfxpers.exe[2680] C:\Windows\system32\kernel32.dll!K32GetModuleInformation                                             00000000770b94d0 5 bytes JMP 000000016fff0180
.text     C:\Windows\System32\igfxpers.exe[2680] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW                                             00000000770b9640 5 bytes JMP 000000016fff0110
.text     C:\Windows\System32\igfxpers.exe[2680] C:\Windows\system32\kernel32.dll!RegSetValueExA                                                      00000000770da500 7 bytes JMP 000000016fff0228
.text     C:\Windows\System32\igfxpers.exe[2680] C:\Windows\system32\KERNELBASE.dll!FreeLibrary                                                       000007fefd232db0 5 bytes JMP 000007fffd220180
.text     C:\Windows\System32\igfxpers.exe[2680] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW                                                  000007fefd2337d0 7 bytes JMP 000007fffd2200d8
.text     C:\Windows\System32\igfxpers.exe[2680] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW                                                    000007fefd238ef0 6 bytes JMP 000007fffd220148
.text     C:\Windows\System32\igfxpers.exe[2680] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW                                                000007fefd24af60 5 bytes JMP 000007fffd220110
.text     C:\Windows\System32\igfxpers.exe[2680] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo                                                 000007fefd4489e0 8 bytes JMP 000007fffd2201f0
.text     C:\Windows\System32\igfxpers.exe[2680] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList                                               000007fefd44be40 8 bytes JMP 000007fffd2201b8
.text     C:\Windows\System32\igfxpers.exe[2680] C:\Windows\system32\ole32.dll!CoCreateInstance                                                       000007feff387490 11 bytes JMP 000007fffd220228
.text     C:\Windows\System32\igfxpers.exe[2680] C:\Windows\system32\ole32.dll!CoSetProxyBlanket                                                      000007feff39bf00 7 bytes JMP 000007fffd220260
.text     C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[2708] C:\Windows\system32\kernel32.dll!RegSetValueExW                       000000007704af40 7 bytes JMP 000000016fff0260
.text     C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[2708] C:\Windows\system32\kernel32.dll!RegQueryValueExW                     0000000077054a60 5 bytes JMP 000000016fff01b8
.text     C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[2708] C:\Windows\system32\kernel32.dll!RegDeleteValueW                      0000000077072990 5 bytes JMP 000000016fff01f0
.text     C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[2708] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW                000000007707efe0 5 bytes JMP 000000016fff0148
.text     C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[2708] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx              00000000770a99b0 7 bytes JMP 000000016fff00d8
.text     C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[2708] C:\Windows\system32\kernel32.dll!K32GetModuleInformation              00000000770b94d0 5 bytes JMP 000000016fff0180
.text     C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[2708] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW              00000000770b9640 5 bytes JMP 000000016fff0110
.text     C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[2708] C:\Windows\system32\kernel32.dll!RegSetValueExA                       00000000770da500 7 bytes JMP 000000016fff0228
.text     C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[2708] C:\Windows\system32\KERNELBASE.dll!FreeLibrary                        000007fefd232db0 5 bytes JMP 000007fffd220180
.text     C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[2708] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW                   000007fefd2337d0 7 bytes JMP 000007fffd2200d8
.text     C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[2708] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW                     000007fefd238ef0 6 bytes JMP 000007fffd220148
.text     C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[2708] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW                 000007fefd24af60 5 bytes JMP 000007fffd220110
.text     C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[2708] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo                  000007fefd4489e0 8 bytes JMP 000007fffd2201f0
.text     C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[2708] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList                000007fefd44be40 8 bytes JMP 000007fffd2201b8
.text     C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[2708] C:\Windows\system32\ole32.dll!CoCreateInstance                        000007feff387490 11 bytes JMP 000007fffd220228
.text     C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[2708] C:\Windows\system32\ole32.dll!CoSetProxyBlanket                       000007feff39bf00 7 bytes JMP 000007fffd220260
.text     C:\Windows\vsnp2uvc.exe[2732] C:\Windows\syswow64\kernel32.dll!RegQueryValueExW                                                             00000000755f1eee 7 bytes JMP 00000001718d1695
.text     C:\Windows\vsnp2uvc.exe[2732] C:\Windows\syswow64\kernel32.dll!RegSetValueExW                                                               00000000755f5b85 7 bytes JMP 00000001718d11a9
.text     C:\Windows\vsnp2uvc.exe[2732] C:\Windows\syswow64\kernel32.dll!RegSetValueExA                                                               00000000756013e1 7 bytes JMP 00000001718d128a
.text     C:\Windows\vsnp2uvc.exe[2732] C:\Windows\syswow64\kernel32.dll!RegDeleteValueW                                                              000000007560ea0d 7 bytes JMP 00000001718d1244
.text     C:\Windows\vsnp2uvc.exe[2732] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW                                                      000000007561b1d3 5 bytes JMP 00000001718d15aa
.text     C:\Windows\vsnp2uvc.exe[2732] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx                                                      00000000756988b4 7 bytes JMP 00000001718d1339
.text     C:\Windows\vsnp2uvc.exe[2732] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation                                                      0000000075698939 5 bytes JMP 00000001718d16d6
.text     C:\Windows\vsnp2uvc.exe[2732] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW                                                        0000000075698c8f 5 bytes JMP 00000001718d170d
.text     C:\Windows\vsnp2uvc.exe[2732] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW                                                           0000000074ed1d1b 5 bytes JMP 00000001718d11c2
.text     C:\Windows\vsnp2uvc.exe[2732] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW                                                         0000000074ed1dc9 5 bytes JMP 00000001718d1014
.text     C:\Windows\vsnp2uvc.exe[2732] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW                                                             0000000074ed2aa4 5 bytes JMP 00000001718d1555
.text     C:\Windows\vsnp2uvc.exe[2732] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary                                                                0000000074ed2d0a 5 bytes JMP 00000001718d1271
.text     C:\Windows\vsnp2uvc.exe[2732] C:\Windows\syswow64\USER32.dll!CreateWindowExW                                                                0000000076ae8a29 5 bytes JMP 00000001718d1726
.text     C:\Windows\vsnp2uvc.exe[2732] C:\Windows\syswow64\USER32.dll!EnumDisplayDevicesA                                                            0000000076af4572 5 bytes JMP 00000001718d10a0
.text     C:\Windows\vsnp2uvc.exe[2732] C:\Windows\syswow64\USER32.dll!EnumDisplayDevicesW                                                            0000000076b0e567 5 bytes JMP 00000001718d1415
.text     C:\Windows\vsnp2uvc.exe[2732] C:\Windows\syswow64\USER32.dll!DisplayConfigGetDeviceInfo                                                     0000000076b47a5c 5 bytes JMP 00000001718d15d2
.text     C:\Windows\vsnp2uvc.exe[2732] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList                                                        000000007501e96b 5 bytes JMP 00000001718d15c3
.text     C:\Windows\vsnp2uvc.exe[2732] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo                                                          000000007501eba5 5 bytes JMP 00000001718d1186
.text     C:\Windows\vsnp2uvc.exe[2732] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket                                                               0000000075b05ea5 5 bytes JMP 00000001718d15fa
.text     C:\Windows\vsnp2uvc.exe[2732] C:\Windows\syswow64\ole32.dll!CoCreateInstance                                                                0000000075b39d0b 5 bytes JMP 00000001718d121c
.text     C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe[2792] C:\Windows\system32\KERNELBASE.dll!FreeLibrary                              000007fefd232db0 5 bytes JMP 000007fffd220180
.text     C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe[2792] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW                         000007fefd2337d0 7 bytes JMP 000007fffd2200d8
.text     C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe[2792] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW                           000007fefd238ef0 6 bytes JMP 000007fffd220148
.text     C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe[2792] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW                       000007fefd24af60 5 bytes JMP 000007fffd220110
.text     C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe[2792] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo                        000007fefd4489e0 8 bytes JMP 000007fffd2201f0
.text     C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe[2792] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList                      000007fefd44be40 8 bytes JMP 000007fffd2201b8
.text     C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe[2804] C:\Windows\system32\kernel32.dll!RegSetValueExW                                 000000007704af40 7 bytes JMP 000000016fff0260
.text     C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe[2804] C:\Windows\system32\kernel32.dll!RegQueryValueExW                               0000000077054a60 5 bytes JMP 000000016fff01b8
.text     C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe[2804] C:\Windows\system32\kernel32.dll!RegDeleteValueW                                0000000077072990 5 bytes JMP 000000016fff01f0
.text     C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe[2804] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW                          000000007707efe0 5 bytes JMP 000000016fff0148
.text     C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe[2804] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx                        00000000770a99b0 7 bytes JMP 000000016fff00d8
.text     C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe[2804] C:\Windows\system32\kernel32.dll!K32GetModuleInformation                        00000000770b94d0 5 bytes JMP 000000016fff0180
.text     C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe[2804] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW                        00000000770b9640 5 bytes JMP 000000016fff0110
.text     C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe[2804] C:\Windows\system32\kernel32.dll!RegSetValueExA                                 00000000770da500 7 bytes JMP 000000016fff0228
.text     C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe[2804] C:\Windows\system32\KERNELBASE.dll!FreeLibrary                                  000007fefd232db0 5 bytes JMP 000007fffd220180
.text     C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe[2804] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW                             000007fefd2337d0 7 bytes JMP 000007fffd2200d8
.text     C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe[2804] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW                               000007fefd238ef0 6 bytes JMP 000007fffd220148
.text     C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe[2804] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW                           000007fefd24af60 5 bytes JMP 000007fffd220110
.text     C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe[2804] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo                            000007fefd4489e0 8 bytes JMP 000007fffd2201f0
.text     C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe[2804] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList                          000007fefd44be40 8 bytes JMP 000007fffd2201b8
.text     C:\Program Files\Microsoft Security Client\msseces.exe[2816] C:\Windows\system32\kernel32.dll!RegSetValueExW                                000000007704af40 7 bytes JMP 000000016fff0260
.text     C:\Program Files\Microsoft Security Client\msseces.exe[2816] C:\Windows\system32\kernel32.dll!RegQueryValueExW                              0000000077054a60 5 bytes JMP 000000016fff01b8
.text     C:\Program Files\Microsoft Security Client\msseces.exe[2816] C:\Windows\system32\kernel32.dll!RegDeleteValueW                               0000000077072990 5 bytes JMP 000000016fff01f0
.text     C:\Program Files\Microsoft Security Client\msseces.exe[2816] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW                         000000007707efe0 5 bytes JMP 000000016fff0148
.text     C:\Program Files\Microsoft Security Client\msseces.exe[2816] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx                       00000000770a99b0 7 bytes JMP 000000016fff00d8
.text     C:\Program Files\Microsoft Security Client\msseces.exe[2816] C:\Windows\system32\kernel32.dll!K32GetModuleInformation                       00000000770b94d0 5 bytes JMP 000000016fff0180
.text     C:\Program Files\Microsoft Security Client\msseces.exe[2816] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW                       00000000770b9640 5 bytes JMP 000000016fff0110
.text     C:\Program Files\Microsoft Security Client\msseces.exe[2816] C:\Windows\system32\kernel32.dll!RegSetValueExA                                00000000770da500 7 bytes JMP 000000016fff0228
.text     C:\Program Files\Microsoft Security Client\msseces.exe[2816] C:\Windows\system32\KERNELBASE.dll!FreeLibrary                                 000007fefd232db0 5 bytes JMP 000007fffd0a0180
.text     C:\Program Files\Microsoft Security Client\msseces.exe[2816] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW                            000007fefd2337d0 7 bytes JMP 000007fffd0a00d8
.text     C:\Program Files\Microsoft Security Client\msseces.exe[2816] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW                              000007fefd238ef0 6 bytes JMP 000007fffd0a0148
.text     C:\Program Files\Microsoft Security Client\msseces.exe[2816] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW                          000007fefd24af60 5 bytes JMP 000007fffd0a0110
.text     C:\Program Files\Microsoft Security Client\msseces.exe[2816] C:\Windows\system32\ole32.dll!CoCreateInstance                                 000007feff387490 11 bytes JMP 000007fffd0a0228
.text     C:\Program Files\Microsoft Security Client\msseces.exe[2816] C:\Windows\system32\ole32.dll!CoSetProxyBlanket                                000007feff39bf00 7 bytes JMP 000007fffd0a0260
.text     C:\Program Files\Microsoft Security Client\msseces.exe[2816] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo                           000007fefd4489e0 8 bytes JMP 000007fffd0a01f0
.text     C:\Program Files\Microsoft Security Client\msseces.exe[2816] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList                         000007fefd44be40 8 bytes JMP 000007fffd0a01b8
.text     C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2856] C:\Windows\syswow64\kernel32.dll!RegQueryValueExW                 00000000755f1eee 7 bytes JMP 00000001718d1695
.text     C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2856] C:\Windows\syswow64\kernel32.dll!RegSetValueExW                   00000000755f5b85 7 bytes JMP 00000001718d11a9
.text     C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2856] C:\Windows\syswow64\kernel32.dll!RegSetValueExA                   00000000756013e1 7 bytes JMP 00000001718d128a
.text     C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2856] C:\Windows\syswow64\kernel32.dll!RegDeleteValueW                  000000007560ea0d 7 bytes JMP 00000001718d1244
.text     C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2856] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW          000000007561b1d3 5 bytes JMP 00000001718d15aa
.text     C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2856] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx          00000000756988b4 7 bytes JMP 00000001718d1339
.text     C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2856] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation          0000000075698939 5 bytes JMP 00000001718d16d6
.text     C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2856] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW            0000000075698c8f 5 bytes JMP 00000001718d170d
.text     C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2856] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW               0000000074ed1d1b 5 bytes JMP 00000001718d11c2
.text     C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2856] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW             0000000074ed1dc9 5 bytes JMP 00000001718d1014
.text     C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2856] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW                 0000000074ed2aa4 5 bytes JMP 00000001718d1555
.text     C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2856] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary                    0000000074ed2d0a 5 bytes JMP 00000001718d1271
.text     C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2856] C:\Windows\syswow64\USER32.dll!CreateWindowExW                    0000000076ae8a29 5 bytes JMP 00000001718d1726
.text     C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2856] C:\Windows\syswow64\USER32.dll!EnumDisplayDevicesA                0000000076af4572 5 bytes JMP 00000001718d10a0
.text     C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2856] C:\Windows\syswow64\USER32.dll!EnumDisplayDevicesW                0000000076b0e567 5 bytes JMP 00000001718d1415
.text     C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2856] C:\Windows\syswow64\USER32.dll!DisplayConfigGetDeviceInfo         0000000076b47a5c 5 bytes JMP 00000001718d15d2
.text     C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2856] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList            000000007501e96b 5 bytes JMP 00000001718d15c3
.text     C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2856] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo              000000007501eba5 5 bytes JMP 00000001718d1186
.text     C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2856] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket                   0000000075b05ea5 5 bytes JMP 00000001718d15fa
.text     C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2856] C:\Windows\syswow64\ole32.dll!CoCreateInstance                    0000000075b39d0b 5 bytes JMP 00000001718d121c
.text     C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2856] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69           00000000752d1465 2 bytes [2D, 75]
.text     C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2856] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155          00000000752d14bb 2 bytes [2D, 75]
.text     ...                                                                                                                                         * 2
.text     C:\Program Files\Windows Sidebar\sidebar.exe[2972] C:\Windows\system32\kernel32.dll!RegSetValueExW                                          000000007704af40 7 bytes JMP 000000016fff0260
.text     C:\Program Files\Windows Sidebar\sidebar.exe[2972] C:\Windows\system32\kernel32.dll!RegQueryValueExW                                        0000000077054a60 5 bytes JMP 000000016fff01b8
.text     C:\Program Files\Windows Sidebar\sidebar.exe[2972] C:\Windows\system32\kernel32.dll!RegDeleteValueW                                         0000000077072990 5 bytes JMP 000000016fff01f0
.text     C:\Program Files\Windows Sidebar\sidebar.exe[2972] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW                                   000000007707efe0 5 bytes JMP 000000016fff0148
.text     C:\Program Files\Windows Sidebar\sidebar.exe[2972] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx                                 00000000770a99b0 7 bytes JMP 000000016fff00d8
.text     C:\Program Files\Windows Sidebar\sidebar.exe[2972] C:\Windows\system32\kernel32.dll!K32GetModuleInformation                                 00000000770b94d0 5 bytes JMP 000000016fff0180
.text     C:\Program Files\Windows Sidebar\sidebar.exe[2972] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW                                 00000000770b9640 5 bytes JMP 000000016fff0110
.text     C:\Program Files\Windows Sidebar\sidebar.exe[2972] C:\Windows\system32\kernel32.dll!RegSetValueExA                                          00000000770da500 7 bytes JMP 000000016fff0228
.text     C:\Program Files\Windows Sidebar\sidebar.exe[2972] C:\Windows\system32\KERNELBASE.dll!FreeLibrary                                           000007fefd232db0 5 bytes JMP 000007fffd0a0180
.text     C:\Program Files\Windows Sidebar\sidebar.exe[2972] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW                                      000007fefd2337d0 7 bytes JMP 000007fffd0a00d8
.text     C:\Program Files\Windows Sidebar\sidebar.exe[2972] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW                                        000007fefd238ef0 6 bytes JMP 000007fffd0a0148
.text     C:\Program Files\Windows Sidebar\sidebar.exe[2972] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW                                    000007fefd24af60 5 bytes JMP 000007fffd0a0110
.text     C:\Program Files\Windows Sidebar\sidebar.exe[2972] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo                                     000007fefd4489e0 8 bytes JMP 000007fffd0a01f0
.text     C:\Program Files\Windows Sidebar\sidebar.exe[2972] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList                                   000007fefd44be40 8 bytes JMP 000007fffd0a01b8
.text     C:\Program Files\Windows Sidebar\sidebar.exe[2972] C:\Windows\system32\ole32.dll!CoCreateInstance                                           000007feff387490 11 bytes JMP 000007fffd0a0228
.text     C:\Program Files\Windows Sidebar\sidebar.exe[2972] C:\Windows\system32\ole32.dll!CoSetProxyBlanket                                          000007feff39bf00 7 bytes JMP 000007fffd0a0260
.text     C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe[3032] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                   00000000752d1465 2 bytes [2D, 75]
.text     C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe[3032] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                  00000000752d14bb 2 bytes [2D, 75]
.text     ...                                                                                                                                         * 2
.text     C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe[3696] C:\Windows\system32\kernel32.dll!RegSetValueExW                       000000007704af40 7 bytes JMP 000000016fff0260
.text     C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe[3696] C:\Windows\system32\kernel32.dll!RegQueryValueExW                     0000000077054a60 5 bytes JMP 000000016fff01b8
.text     C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe[3696] C:\Windows\system32\kernel32.dll!RegDeleteValueW                      0000000077072990 5 bytes JMP 000000016fff01f0
.text     C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe[3696] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW                000000007707efe0 5 bytes JMP 000000016fff0148
.text     C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe[3696] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx              00000000770a99b0 7 bytes JMP 000000016fff00d8
.text     C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe[3696] C:\Windows\system32\kernel32.dll!K32GetModuleInformation              00000000770b94d0 5 bytes JMP 000000016fff0180
.text     C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe[3696] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW              00000000770b9640 5 bytes JMP 000000016fff0110
.text     C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe[3696] C:\Windows\system32\kernel32.dll!RegSetValueExA                       00000000770da500 7 bytes JMP 000000016fff0228
.text     C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe[3696] C:\Windows\system32\KERNELBASE.dll!FreeLibrary                        000007fefd232db0 5 bytes JMP 000007fffd220180
.text     C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe[3696] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW                   000007fefd2337d0 7 bytes JMP 000007fffd2200d8
.text     C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe[3696] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW                     000007fefd238ef0 6 bytes JMP 000007fffd220148
.text     C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe[3696] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW                 000007fefd24af60 5 bytes JMP 000007fffd220110
.text     C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe[3696] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo                  000007fefd4489e0 8 bytes JMP 000007fffd2201f0
.text     C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe[3696] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList                000007fefd44be40 8 bytes JMP 000007fffd2201b8
.text     C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe[3696] C:\Windows\system32\d3d9.dll!Direct3DCreate9Ex                        000007feee7b2460 5 bytes JMP 000007fefd2202d0
.text     C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe[3696] C:\Windows\system32\d3d9.dll!Direct3DCreate9                          000007feee7e96b0 6 bytes JMP 000007fefd220298
.text     C:\Windows\system32\wbem\unsecapp.exe[3076] C:\Windows\system32\KERNELBASE.dll!FreeLibrary                                                  000007fefd232db0 5 bytes JMP 000007fffd220180
.text     C:\Windows\system32\wbem\unsecapp.exe[3076] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW                                             000007fefd2337d0 7 bytes JMP 000007fffd2200d8
.text     C:\Windows\system32\wbem\unsecapp.exe[3076] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW                                               000007fefd238ef0 6 bytes JMP 000007fffd220148
.text     C:\Windows\system32\wbem\unsecapp.exe[3076] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW                                           000007fefd24af60 5 bytes JMP 000007fffd220110
.text     C:\Windows\system32\wbem\unsecapp.exe[3076] C:\Windows\system32\ole32.dll!CoCreateInstance                                                  000007feff387490 11 bytes JMP 000007fffd220228
.text     C:\Windows\system32\wbem\unsecapp.exe[3076] C:\Windows\system32\ole32.dll!CoSetProxyBlanket                                                 000007feff39bf00 7 bytes JMP 000007fffd220260
.text     C:\Windows\system32\wbem\unsecapp.exe[3076] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo                                            000007fefd4489e0 8 bytes JMP 000007fffd2201f0
.text     C:\Windows\system32\wbem\unsecapp.exe[3076] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList                                          000007fefd44be40 8 bytes JMP 000007fffd2201b8
.text     C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3972] C:\Windows\system32\kernel32.dll!RegSetValueExW                                000000007704af40 7 bytes JMP 000000016fff0260
.text     C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3972] C:\Windows\system32\kernel32.dll!RegQueryValueExW                              0000000077054a60 5 bytes JMP 000000016fff01b8
.text     C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3972] C:\Windows\system32\kernel32.dll!RegDeleteValueW                               0000000077072990 5 bytes JMP 000000016fff01f0
.text     C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3972] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW                         000000007707efe0 5 bytes JMP 000000016fff0148
.text     C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3972] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx                       00000000770a99b0 7 bytes JMP 000000016fff00d8
.text     C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3972] C:\Windows\system32\kernel32.dll!K32GetModuleInformation                       00000000770b94d0 5 bytes JMP 000000016fff0180
.text     C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3972] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW                       00000000770b9640 5 bytes JMP 000000016fff0110
.text     C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3972] C:\Windows\system32\kernel32.dll!RegSetValueExA                                00000000770da500 7 bytes JMP 000000016fff0228
.text     C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3972] C:\Windows\system32\KERNELBASE.dll!FreeLibrary                                 000007fefd232db0 5 bytes JMP 000007fffd220180
.text     C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3972] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW                            000007fefd2337d0 7 bytes JMP 000007fffd2200d8
.text     C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3972] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW                              000007fefd238ef0 6 bytes JMP 000007fffd220148
.text     C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3972] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW                          000007fefd24af60 5 bytes JMP 000007fffd220110
.text     C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3972] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo                           000007fefd4489e0 8 bytes JMP 000007fffd2201f0
.text     C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3972] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList                         000007fefd44be40 8 bytes JMP 000007fffd2201b8
.text     C:\Program Files\Fujitsu\Plugfree NETWORK\PFNetDm.EXE[1888] C:\Windows\system32\KERNEL32.dll!RegSetValueExW                                 000000007704af40 7 bytes JMP 000000016fff0260
.text     C:\Program Files\Fujitsu\Plugfree NETWORK\PFNetDm.EXE[1888] C:\Windows\system32\KERNEL32.dll!RegQueryValueExW                               0000000077054a60 5 bytes JMP 000000016fff01b8
.text     C:\Program Files\Fujitsu\Plugfree NETWORK\PFNetDm.EXE[1888] C:\Windows\system32\KERNEL32.dll!RegDeleteValueW                                0000000077072990 5 bytes JMP 000000016fff01f0
.text     C:\Program Files\Fujitsu\Plugfree NETWORK\PFNetDm.EXE[1888] C:\Windows\system32\KERNEL32.dll!K32GetMappedFileNameW                          000000007707efe0 5 bytes JMP 000000016fff0148
.text     C:\Program Files\Fujitsu\Plugfree NETWORK\PFNetDm.EXE[1888] C:\Windows\system32\KERNEL32.dll!K32EnumProcessModulesEx                        00000000770a99b0 7 bytes JMP 000000016fff00d8
.text     C:\Program Files\Fujitsu\Plugfree NETWORK\PFNetDm.EXE[1888] C:\Windows\system32\KERNEL32.dll!K32GetModuleInformation                        00000000770b94d0 5 bytes JMP 000000016fff0180
.text     C:\Program Files\Fujitsu\Plugfree NETWORK\PFNetDm.EXE[1888] C:\Windows\system32\KERNEL32.dll!K32GetModuleFileNameExW                        00000000770b9640 5 bytes JMP 000000016fff0110
.text     C:\Program Files\Fujitsu\Plugfree NETWORK\PFNetDm.EXE[1888] C:\Windows\system32\KERNEL32.dll!RegSetValueExA                                 00000000770da500 7 bytes JMP 000000016fff0228
.text     C:\Program Files\Fujitsu\Plugfree NETWORK\PFNetDm.EXE[1888] C:\Windows\system32\KERNELBASE.dll!FreeLibrary                                  000007fefd232db0 5 bytes JMP 000007fffd220180
.text     C:\Program Files\Fujitsu\Plugfree NETWORK\PFNetDm.EXE[1888] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW                             000007fefd2337d0 7 bytes JMP 000007fffd2200d8
.text     C:\Program Files\Fujitsu\Plugfree NETWORK\PFNetDm.EXE[1888] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW                               000007fefd238ef0 6 bytes JMP 000007fffd220148
.text     C:\Program Files\Fujitsu\Plugfree NETWORK\PFNetDm.EXE[1888] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW                           000007fefd24af60 5 bytes JMP 000007fffd220110
.text     C:\Program Files\Fujitsu\Plugfree NETWORK\PFNetDm.EXE[1888] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo                            000007fefd4489e0 8 bytes JMP 000007fffd2201f0
.text     C:\Program Files\Fujitsu\Plugfree NETWORK\PFNetDm.EXE[1888] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList                          000007fefd44be40 8 bytes JMP 000007fffd2201b8
.text     C:\Program Files\Fujitsu\Plugfree NETWORK\PFNetDm.EXE[1888] C:\Windows\system32\ole32.dll!CoCreateInstance                                  000007feff387490 11 bytes JMP 000007fffd220228
.text     C:\Program Files\Fujitsu\Plugfree NETWORK\PFNetDm.EXE[1888] C:\Windows\system32\ole32.dll!CoSetProxyBlanket                                 000007feff39bf00 7 bytes JMP 000007fffd220260
.text     C:\Program Files\Fujitsu\Plugfree NETWORK\PFNTray.EXE[4232] C:\Windows\system32\KERNEL32.dll!RegSetValueExW                                 000000007704af40 7 bytes JMP 000000016fff0260
.text     C:\Program Files\Fujitsu\Plugfree NETWORK\PFNTray.EXE[4232] C:\Windows\system32\KERNEL32.dll!RegQueryValueExW                               0000000077054a60 5 bytes JMP 000000016fff01b8
.text     C:\Program Files\Fujitsu\Plugfree NETWORK\PFNTray.EXE[4232] C:\Windows\system32\KERNEL32.dll!RegDeleteValueW                                0000000077072990 5 bytes JMP 000000016fff01f0
.text     C:\Program Files\Fujitsu\Plugfree NETWORK\PFNTray.EXE[4232] C:\Windows\system32\KERNEL32.dll!K32GetMappedFileNameW                          000000007707efe0 5 bytes JMP 000000016fff0148
.text     C:\Program Files\Fujitsu\Plugfree NETWORK\PFNTray.EXE[4232] C:\Windows\system32\KERNEL32.dll!K32EnumProcessModulesEx                        00000000770a99b0 7 bytes JMP 000000016fff00d8
.text     C:\Program Files\Fujitsu\Plugfree NETWORK\PFNTray.EXE[4232] C:\Windows\system32\KERNEL32.dll!K32GetModuleInformation                        00000000770b94d0 5 bytes JMP 000000016fff0180
.text     C:\Program Files\Fujitsu\Plugfree NETWORK\PFNTray.EXE[4232] C:\Windows\system32\KERNEL32.dll!K32GetModuleFileNameExW                        00000000770b9640 5 bytes JMP 000000016fff0110
.text     C:\Program Files\Fujitsu\Plugfree NETWORK\PFNTray.EXE[4232] C:\Windows\system32\KERNEL32.dll!RegSetValueExA                                 00000000770da500 7 bytes JMP 000000016fff0228
.text     C:\Program Files\Fujitsu\Plugfree NETWORK\PFNTray.EXE[4232] C:\Windows\system32\KERNELBASE.dll!FreeLibrary                                  000007fefd232db0 5 bytes JMP 000007fffd220180
.text     C:\Program Files\Fujitsu\Plugfree NETWORK\PFNTray.EXE[4232] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW                             000007fefd2337d0 7 bytes JMP 000007fffd2200d8
.text     C:\Program Files\Fujitsu\Plugfree NETWORK\PFNTray.EXE[4232] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW                               000007fefd238ef0 6 bytes JMP 000007fffd220148
.text     C:\Program Files\Fujitsu\Plugfree NETWORK\PFNTray.EXE[4232] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW                           000007fefd24af60 5 bytes JMP 000007fffd220110
.text     C:\Program Files\Fujitsu\Plugfree NETWORK\PFNTray.EXE[4232] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo                            000007fefd4489e0 8 bytes JMP 000007fffd2201f0
.text     C:\Program Files\Fujitsu\Plugfree NETWORK\PFNTray.EXE[4232] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList                          000007fefd44be40 8 bytes JMP 000007fffd2201b8
.text     C:\Program Files\Fujitsu\Plugfree NETWORK\PFNTray.EXE[4232] C:\Windows\system32\ole32.dll!CoCreateInstance                                  000007feff387490 11 bytes JMP 000007fffd220228
.text     C:\Program Files\Fujitsu\Plugfree NETWORK\PFNTray.EXE[4232] C:\Windows\system32\ole32.dll!CoSetProxyBlanket                                 000007feff39bf00 7 bytes JMP 000007fffd220260
.text     C:\Users\*****\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe[4240] C:\Windows\syswow64\kernel32.dll!RegQueryValueExW                    00000000755f1eee 7 bytes JMP 00000001718d1695
.text     C:\Users\*****\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe[4240] C:\Windows\syswow64\kernel32.dll!RegSetValueExW                      00000000755f5b85 7 bytes JMP 00000001718d11a9
.text     C:\Users\*****\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe[4240] C:\Windows\syswow64\kernel32.dll!RegSetValueExA                      00000000756013e1 7 bytes JMP 00000001718d128a
.text     C:\Users\*****\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe[4240] C:\Windows\syswow64\kernel32.dll!RegDeleteValueW                     000000007560ea0d 7 bytes JMP 00000001718d1244
.text     C:\Users\*****\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe[4240] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW             000000007561b1d3 5 bytes JMP 00000001718d15aa
.text     C:\Users\*****\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe[4240] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx             00000000756988b4 7 bytes JMP 00000001718d1339
.text     C:\Users\*****\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe[4240] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation             0000000075698939 5 bytes JMP 00000001718d16d6
.text     C:\Users\*****\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe[4240] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW               0000000075698c8f 5 bytes JMP 00000001718d170d
.text     C:\Users\*****\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe[4240] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW                  0000000074ed1d1b 5 bytes JMP 00000001718d11c2
.text     C:\Users\*****\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe[4240] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW                0000000074ed1dc9 5 bytes JMP 00000001718d1014
.text     C:\Users\*****\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe[4240] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW                    0000000074ed2aa4 5 bytes JMP 00000001718d1555
.text     C:\Users\*****\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe[4240] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary                       0000000074ed2d0a 5 bytes JMP 00000001718d1271
.text     C:\Users\*****\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe[4240] C:\Windows\syswow64\USER32.dll!CreateWindowExW                       0000000076ae8a29 5 bytes JMP 00000001718d1726
.text     C:\Users\*****\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe[4240] C:\Windows\syswow64\USER32.dll!EnumDisplayDevicesA                   0000000076af4572 5 bytes JMP 00000001718d10a0
.text     C:\Users\*****\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe[4240] C:\Windows\syswow64\USER32.dll!EnumDisplayDevicesW                   0000000076b0e567 5 bytes JMP 00000001718d1415
.text     C:\Users\*****\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe[4240] C:\Windows\syswow64\USER32.dll!DisplayConfigGetDeviceInfo            0000000076b47a5c 5 bytes JMP 00000001718d15d2
.text     C:\Users\*****\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe[4240] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList               000000007501e96b 5 bytes JMP 00000001718d15c3
.text     C:\Users\*****\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe[4240] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo                 000000007501eba5 5 bytes JMP 00000001718d1186
.text     C:\Users\*****\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe[4240] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket                      0000000075b05ea5 5 bytes JMP 00000001718d15fa
.text     C:\Users\*****\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe[4240] C:\Windows\syswow64\ole32.dll!CoCreateInstance                       0000000075b39d0b 5 bytes JMP 00000001718d121c
.text     C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[4308] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                           00000000752d1465 2 bytes [2D, 75]
.text     C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[4308] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                          00000000752d14bb 2 bytes [2D, 75]
.text     ...                                                                                                                                         * 2
.text     C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[4568] C:\Windows\system32\KERNELBASE.dll!FreeLibrary                                       000007fefd232db0 5 bytes JMP 000007fffd220180
.text     C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[4568] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW                                  000007fefd2337d0 7 bytes JMP 000007fffd2200d8
.text     C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[4568] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW                                    000007fefd238ef0 6 bytes JMP 000007fffd220148
.text     C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[4568] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW                                000007fefd24af60 5 bytes JMP 000007fffd220110
.text     C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[4568] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo                                 000007fefd4489e0 8 bytes JMP 000007fffd2201f0
.text     C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[4568] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList                               000007fefd44be40 8 bytes JMP 000007fffd2201b8
.text     C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[3916] C:\Windows\syswow64\kernel32.dll!RegQueryValueExW                             00000000755f1eee 7 bytes JMP 00000001718d1695
.text     C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[3916] C:\Windows\syswow64\kernel32.dll!RegSetValueExW                               00000000755f5b85 7 bytes JMP 00000001718d11a9
.text     C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[3916] C:\Windows\syswow64\kernel32.dll!RegSetValueExA                               00000000756013e1 7 bytes JMP 00000001718d128a
.text     C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[3916] C:\Windows\syswow64\kernel32.dll!RegDeleteValueW                              000000007560ea0d 7 bytes JMP 00000001718d1244
.text     C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[3916] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW                      000000007561b1d3 5 bytes JMP 00000001718d15aa
.text     C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[3916] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx                      00000000756988b4 7 bytes JMP 00000001718d1339
.text     C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[3916] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation                      0000000075698939 5 bytes JMP 00000001718d16d6
.text     C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[3916] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW                        0000000075698c8f 5 bytes JMP 00000001718d170d
.text     C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[3916] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW                           0000000074ed1d1b 5 bytes JMP 00000001718d11c2
.text     C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[3916] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW                         0000000074ed1dc9 5 bytes JMP 00000001718d1014
.text     C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[3916] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW                             0000000074ed2aa4 5 bytes JMP 00000001718d1555
.text     C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[3916] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary                                0000000074ed2d0a 5 bytes JMP 00000001718d1271
.text     C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[3916] C:\Windows\syswow64\USER32.dll!CreateWindowExW                                0000000076ae8a29 5 bytes JMP 00000001718d1726
.text     C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[3916] C:\Windows\syswow64\USER32.dll!EnumDisplayDevicesA                            0000000076af4572 5 bytes JMP 00000001718d10a0
.text     C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[3916] C:\Windows\syswow64\USER32.dll!EnumDisplayDevicesW                            0000000076b0e567 5 bytes JMP 00000001718d1415
.text     C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[3916] C:\Windows\syswow64\USER32.dll!DisplayConfigGetDeviceInfo                     0000000076b47a5c 5 bytes JMP 00000001718d15d2
.text     C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[3916] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList                        000000007501e96b 5 bytes JMP 00000001718d15c3
.text     C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[3916] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo                          000000007501eba5 5 bytes JMP 00000001718d1186
.text     C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[3916] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket                               0000000075b05ea5 5 bytes JMP 00000001718d15fa
.text     C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[3916] C:\Windows\syswow64\ole32.dll!CoCreateInstance                                0000000075b39d0b 5 bytes JMP 00000001718d121c
.text     C:\Users\*****\AppData\Roaming\SkypEmoticons\SE.exe[3912] C:\Windows\syswow64\kernel32.dll!RegQueryValueExW                                 00000000755f1eee 7 bytes JMP 00000001718d1695
.text     C:\Users\*****\AppData\Roaming\SkypEmoticons\SE.exe[3912] C:\Windows\syswow64\kernel32.dll!RegSetValueExW                                   00000000755f5b85 7 bytes JMP 00000001718d11a9
.text     C:\Users\*****\AppData\Roaming\SkypEmoticons\SE.exe[3912] C:\Windows\syswow64\kernel32.dll!RegSetValueExA                                   00000000756013e1 7 bytes JMP 00000001718d128a
.text     C:\Users\*****\AppData\Roaming\SkypEmoticons\SE.exe[3912] C:\Windows\syswow64\kernel32.dll!RegDeleteValueW                                  000000007560ea0d 7 bytes JMP 00000001718d1244
.text     C:\Users\*****\AppData\Roaming\SkypEmoticons\SE.exe[3912] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW                          000000007561b1d3 5 bytes JMP 00000001718d15aa
.text     C:\Users\*****\AppData\Roaming\SkypEmoticons\SE.exe[3912] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx                          00000000756988b4 7 bytes JMP 00000001718d1339
.text     C:\Users\*****\AppData\Roaming\SkypEmoticons\SE.exe[3912] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation                          0000000075698939 5 bytes JMP 00000001718d16d6
.text     C:\Users\*****\AppData\Roaming\SkypEmoticons\SE.exe[3912] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW                            0000000075698c8f 5 bytes JMP 00000001718d170d
.text     C:\Users\*****\AppData\Roaming\SkypEmoticons\SE.exe[3912] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW                               0000000074ed1d1b 5 bytes JMP 00000001718d11c2
.text     C:\Users\*****\AppData\Roaming\SkypEmoticons\SE.exe[3912] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW                             0000000074ed1dc9 5 bytes JMP 00000001718d1014
.text     C:\Users\*****\AppData\Roaming\SkypEmoticons\SE.exe[3912] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW                                 0000000074ed2aa4 5 bytes JMP 00000001718d1555
.text     C:\Users\*****\AppData\Roaming\SkypEmoticons\SE.exe[3912] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary                                    0000000074ed2d0a 5 bytes JMP 00000001718d1271
.text     C:\Users\*****\AppData\Roaming\SkypEmoticons\SE.exe[3912] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList                            000000007501e96b 5 bytes JMP 00000001718d15c3
.text     C:\Users\*****\AppData\Roaming\SkypEmoticons\SE.exe[3912] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo                              000000007501eba5 5 bytes JMP 00000001718d1186
.text     C:\Users\*****\AppData\Roaming\SkypEmoticons\SE.exe[3912] C:\Windows\syswow64\USER32.dll!CreateWindowExW                                    0000000076ae8a29 5 bytes JMP 00000001718d1726
.text     C:\Users\*****\AppData\Roaming\SkypEmoticons\SE.exe[3912] C:\Windows\syswow64\USER32.dll!EnumDisplayDevicesA                                0000000076af4572 5 bytes JMP 00000001718d10a0
.text     C:\Users\*****\AppData\Roaming\SkypEmoticons\SE.exe[3912] C:\Windows\syswow64\USER32.dll!EnumDisplayDevicesW                                0000000076b0e567 5 bytes JMP 00000001718d1415
.text     C:\Users\*****\AppData\Roaming\SkypEmoticons\SE.exe[3912] C:\Windows\syswow64\USER32.dll!DisplayConfigGetDeviceInfo                         0000000076b47a5c 5 bytes JMP 00000001718d15d2
.text     C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe[3968] C:\Windows\system32\kernel32.dll!RegSetValueExW           000000007704af40 7 bytes JMP 000000016fff0260
.text     C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe[3968] C:\Windows\system32\kernel32.dll!RegQueryValueExW         0000000077054a60 5 bytes JMP 000000016fff01b8
.text     C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe[3968] C:\Windows\system32\kernel32.dll!RegDeleteValueW          0000000077072990 5 bytes JMP 000000016fff01f0
.text     C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe[3968] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW    000000007707efe0 5 bytes JMP 000000016fff0148
.text     C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe[3968] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx  00000000770a99b0 7 bytes JMP 000000016fff00d8
.text     C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe[3968] C:\Windows\system32\kernel32.dll!K32GetModuleInformation  00000000770b94d0 5 bytes JMP 000000016fff0180
.text     C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe[3968] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW  00000000770b9640 5 bytes JMP 000000016fff0110
.text     C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe[3968] C:\Windows\system32\kernel32.dll!RegSetValueExA           00000000770da500 7 bytes JMP 000000016fff0228
.text     C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe[3968] C:\Windows\system32\KERNELBASE.dll!FreeLibrary            000007fefd232db0 5 bytes JMP 000007fffd0a0180
.text     C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe[3968] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW       000007fefd2337d0 7 bytes JMP 000007fffd0a00d8
.text     C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe[3968] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW         000007fefd238ef0 6 bytes JMP 000007fffd0a0148
.text     C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe[3968] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW     000007fefd24af60 5 bytes JMP 000007fffd0a0110
.text     C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe[3968] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo      000007fefd4489e0 8 bytes JMP 000007fffd0a01f0
.text     C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe[3968] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList    000007fefd44be40 8 bytes JMP 000007fffd0a01b8
.text     C:\Program Files (x86)\ClamWin\bin\ClamTray.exe[4604] C:\Windows\syswow64\kernel32.dll!RegQueryValueExW                                     00000000755f1eee 7 bytes JMP 00000001718d1695
.text     C:\Program Files (x86)\ClamWin\bin\ClamTray.exe[4604] C:\Windows\syswow64\kernel32.dll!RegSetValueExW                                       00000000755f5b85 7 bytes JMP 00000001718d11a9
.text     C:\Program Files (x86)\ClamWin\bin\ClamTray.exe[4604] C:\Windows\syswow64\kernel32.dll!RegSetValueExA                                       00000000756013e1 7 bytes JMP 00000001718d128a
.text     C:\Program Files (x86)\ClamWin\bin\ClamTray.exe[4604] C:\Windows\syswow64\kernel32.dll!RegDeleteValueW                                      000000007560ea0d 7 bytes JMP 00000001718d1244
.text     C:\Program Files (x86)\ClamWin\bin\ClamTray.exe[4604] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW                              000000007561b1d3 5 bytes JMP 00000001718d15aa
.text     C:\Program Files (x86)\ClamWin\bin\ClamTray.exe[4604] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx                              00000000756988b4 7 bytes JMP 00000001718d1339
.text     C:\Program Files (x86)\ClamWin\bin\ClamTray.exe[4604] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation                              0000000075698939 5 bytes JMP 00000001718d16d6
.text     C:\Program Files (x86)\ClamWin\bin\ClamTray.exe[4604] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW                                0000000075698c8f 5 bytes JMP 00000001718d170d
.text     C:\Program Files (x86)\ClamWin\bin\ClamTray.exe[4604] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW                                   0000000074ed1d1b 5 bytes JMP 00000001718d11c2
.text     C:\Program Files (x86)\ClamWin\bin\ClamTray.exe[4604] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW                                 0000000074ed1dc9 5 bytes JMP 00000001718d1014
.text     C:\Program Files (x86)\ClamWin\bin\ClamTray.exe[4604] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW                                     0000000074ed2aa4 5 bytes JMP 00000001718d1555
.text     C:\Program Files (x86)\ClamWin\bin\ClamTray.exe[4604] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary                                        0000000074ed2d0a 5 bytes JMP 00000001718d1271
.text     C:\Program Files (x86)\ClamWin\bin\ClamTray.exe[4604] C:\Windows\syswow64\USER32.dll!CreateWindowExW                                        0000000076ae8a29 5 bytes JMP 00000001718d1726
.text     C:\Program Files (x86)\ClamWin\bin\ClamTray.exe[4604] C:\Windows\syswow64\USER32.dll!EnumDisplayDevicesA                                    0000000076af4572 5 bytes JMP 00000001718d10a0
.text     C:\Program Files (x86)\ClamWin\bin\ClamTray.exe[4604] C:\Windows\syswow64\USER32.dll!EnumDisplayDevicesW                                    0000000076b0e567 5 bytes JMP 00000001718d1415
.text     C:\Program Files (x86)\ClamWin\bin\ClamTray.exe[4604] C:\Windows\syswow64\USER32.dll!DisplayConfigGetDeviceInfo                             0000000076b47a5c 5 bytes JMP 00000001718d15d2
.text     C:\Program Files (x86)\ClamWin\bin\ClamTray.exe[4604] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList                                000000007501e96b 5 bytes JMP 00000001718d15c3
.text     C:\Program Files (x86)\ClamWin\bin\ClamTray.exe[4604] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo                                  000000007501eba5 5 bytes JMP 00000001718d1186
.text     C:\Program Files (x86)\ClamWin\bin\ClamTray.exe[4604] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket                                       0000000075b05ea5 5 bytes JMP 00000001718d15fa
.text     C:\Program Files (x86)\ClamWin\bin\ClamTray.exe[4604] C:\Windows\syswow64\ole32.dll!CoCreateInstance                                        0000000075b39d0b 5 bytes JMP 00000001718d121c
.text     C:\Program Files (x86)\ClamWin\bin\ClamTray.exe[4604] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 69                               00000000752d1465 2 bytes [2D, 75]
.text     C:\Program Files (x86)\ClamWin\bin\ClamTray.exe[4604] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 155                              00000000752d14bb 2 bytes [2D, 75]
.text     ...                                                                                                                                         * 2
.text     C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe[4556] C:\Windows\syswow64\kernel32.dll!RegQueryValueExW              00000000755f1eee 7 bytes JMP 00000001718d1695
.text     C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe[4556] C:\Windows\syswow64\kernel32.dll!RegSetValueExW                00000000755f5b85 7 bytes JMP 00000001718d11a9
.text     C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe[4556] C:\Windows\syswow64\kernel32.dll!RegSetValueExA                00000000756013e1 7 bytes JMP 00000001718d128a
.text     C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe[4556] C:\Windows\syswow64\kernel32.dll!RegDeleteValueW               000000007560ea0d 7 bytes JMP 00000001718d1244
.text     C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe[4556] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW       000000007561b1d3 5 bytes JMP 00000001718d15aa
.text     C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe[4556] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx       00000000756988b4 7 bytes JMP 00000001718d1339
.text     C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe[4556] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation       0000000075698939 5 bytes JMP 00000001718d16d6
.text     C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe[4556] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW         0000000075698c8f 5 bytes JMP 00000001718d170d
.text     C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe[4556] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW            0000000074ed1d1b 5 bytes JMP 00000001718d11c2
.text     C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe[4556] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW          0000000074ed1dc9 5 bytes JMP 00000001718d1014
.text     C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe[4556] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW              0000000074ed2aa4 5 bytes JMP 00000001718d1555
.text     C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe[4556] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary                 0000000074ed2d0a 5 bytes JMP 00000001718d1271
.text     C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe[4556] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList         000000007501e96b 5 bytes JMP 00000001718d15c3
.text     C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe[4556] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo           000000007501eba5 5 bytes JMP 00000001718d1186
.text     C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe[4556] C:\Windows\syswow64\USER32.dll!CreateWindowExW                 0000000076ae8a29 5 bytes JMP 00000001718d1726
.text     C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe[4556] C:\Windows\syswow64\USER32.dll!EnumDisplayDevicesA             0000000076af4572 5 bytes JMP 00000001718d10a0
.text     C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe[4556] C:\Windows\syswow64\USER32.dll!EnumDisplayDevicesW             0000000076b0e567 5 bytes JMP 00000001718d1415
.text     C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe[4556] C:\Windows\syswow64\USER32.dll!DisplayConfigGetDeviceInfo      0000000076b47a5c 5 bytes JMP 00000001718d15d2
.text     C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe[4556] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket                0000000075b05ea5 5 bytes JMP 00000001718d15fa
.text     C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe[4556] C:\Windows\syswow64\ole32.dll!CoCreateInstance                 0000000075b39d0b 5 bytes JMP 00000001718d121c
.text     C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe[4556] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69        00000000752d1465 2 bytes [2D, 75]
.text     C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe[4556] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155       00000000752d14bb 2 bytes [2D, 75]
.text     ...                                                                                                                                         * 2
.text     C:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe[4436] C:\Windows\syswow64\KERNEL32.dll!RegQueryValueExW                               00000000755f1eee 7 bytes JMP 00000001718d1695
.text     C:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe[4436] C:\Windows\syswow64\KERNEL32.dll!RegSetValueExW                                 00000000755f5b85 7 bytes JMP 00000001718d11a9
.text     C:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe[4436] C:\Windows\syswow64\KERNEL32.dll!RegSetValueExA                                 00000000756013e1 7 bytes JMP 00000001718d128a
.text     C:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe[4436] C:\Windows\syswow64\KERNEL32.dll!RegDeleteValueW                                000000007560ea0d 7 bytes JMP 00000001718d1244
.text     C:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe[4436] C:\Windows\syswow64\KERNEL32.dll!K32GetModuleFileNameExW                        000000007561b1d3 5 bytes JMP 00000001718d15aa
.text     C:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe[4436] C:\Windows\syswow64\KERNEL32.dll!K32EnumProcessModulesEx                        00000000756988b4 7 bytes JMP 00000001718d1339
.text     C:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe[4436] C:\Windows\syswow64\KERNEL32.dll!K32GetModuleInformation                        0000000075698939 5 bytes JMP 00000001718d16d6
.text     C:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe[4436] C:\Windows\syswow64\KERNEL32.dll!K32GetMappedFileNameW                          0000000075698c8f 5 bytes JMP 00000001718d170d
.text     C:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe[4436] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW                             0000000074ed1d1b 5 bytes JMP 00000001718d11c2
.text     C:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe[4436] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW                           0000000074ed1dc9 5 bytes JMP 00000001718d1014
.text     C:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe[4436] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW                               0000000074ed2aa4 5 bytes JMP 00000001718d1555
.text     C:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe[4436] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary                                  0000000074ed2d0a 5 bytes JMP 00000001718d1271
.text     C:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe[4436] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList                          000000007501e96b 5 bytes JMP 00000001718d15c3
.text     C:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe[4436] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo                            000000007501eba5 5 bytes JMP 00000001718d1186
.text     C:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe[4436] C:\Windows\syswow64\USER32.dll!CreateWindowExW                                  0000000076ae8a29 5 bytes JMP 00000001718d1726
.text     C:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe[4436] C:\Windows\syswow64\USER32.dll!EnumDisplayDevicesA                              0000000076af4572 5 bytes JMP 00000001718d10a0
.text     C:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe[4436] C:\Windows\syswow64\USER32.dll!EnumDisplayDevicesW                              0000000076b0e567 5 bytes JMP 00000001718d1415
.text     C:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe[4436] C:\Windows\syswow64\USER32.dll!DisplayConfigGetDeviceInfo                       0000000076b47a5c 5 bytes JMP 00000001718d15d2
.text     C:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe[4436] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket                                 0000000075b05ea5 5 bytes JMP 00000001718d15fa
.text     C:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe[4436] C:\Windows\syswow64\ole32.dll!CoCreateInstance                                  0000000075b39d0b 5 bytes JMP 00000001718d121c
.text     C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe[4512] C:\Windows\syswow64\kernel32.dll!RegQueryValueExW                              00000000755f1eee 7 bytes JMP 00000001718d1695
.text     C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe[4512] C:\Windows\syswow64\kernel32.dll!RegSetValueExW                                00000000755f5b85 7 bytes JMP 00000001718d11a9
.text     C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe[4512] C:\Windows\syswow64\kernel32.dll!RegSetValueExA                                00000000756013e1 7 bytes JMP 00000001718d128a
.text     C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe[4512] C:\Windows\syswow64\kernel32.dll!RegDeleteValueW                               000000007560ea0d 7 bytes JMP 00000001718d1244
.text     C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe[4512] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW                       000000007561b1d3 5 bytes JMP 00000001718d15aa
.text     C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe[4512] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx                       00000000756988b4 7 bytes JMP 00000001718d1339
.text     C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe[4512] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation                       0000000075698939 5 bytes JMP 00000001718d16d6
.text     C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe[4512] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW                         0000000075698c8f 5 bytes JMP 00000001718d170d
.text     C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe[4512] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW                            0000000074ed1d1b 5 bytes JMP 00000001718d11c2
.text     C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe[4512] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW                          0000000074ed1dc9 5 bytes JMP 00000001718d1014
.text     C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe[4512] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW                              0000000074ed2aa4 5 bytes JMP 00000001718d1555
.text     C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe[4512] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary                                 0000000074ed2d0a 5 bytes JMP 00000001718d1271
.text     C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe[4512] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList                         000000007501e96b 5 bytes JMP 00000001718d15c3
.text     C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe[4512] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo                           000000007501eba5 5 bytes JMP 00000001718d1186
.text     C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe[4512] C:\Windows\syswow64\USER32.dll!CreateWindowExW                                 0000000076ae8a29 5 bytes JMP 00000001718d1726
.text     C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe[4512] C:\Windows\syswow64\USER32.dll!EnumDisplayDevicesA                             0000000076af4572 5 bytes JMP 00000001718d10a0
.text     C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe[4512] C:\Windows\syswow64\USER32.dll!EnumDisplayDevicesW                             0000000076b0e567 5 bytes JMP 00000001718d1415
.text     C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe[4512] C:\Windows\syswow64\USER32.dll!DisplayConfigGetDeviceInfo                      0000000076b47a5c 5 bytes JMP 00000001718d15d2
.text     C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe[4512] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket                                0000000075b05ea5 5 bytes JMP 00000001718d15fa
.text     C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe[4512] C:\Windows\syswow64\ole32.dll!CoCreateInstance                                 0000000075b39d0b 5 bytes JMP 00000001718d121c
.text     C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpWareSE4.exe[4516] C:\Windows\syswow64\kernel32.dll!RegQueryValueExW                           00000000755f1eee 7 bytes JMP 00000001718d1695
.text     C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpWareSE4.exe[4516] C:\Windows\syswow64\kernel32.dll!RegSetValueExW                             00000000755f5b85 7 bytes JMP 00000001718d11a9
.text     C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpWareSE4.exe[4516] C:\Windows\syswow64\kernel32.dll!RegSetValueExA                             00000000756013e1 7 bytes JMP 00000001718d128a
.text     C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpWareSE4.exe[4516] C:\Windows\syswow64\kernel32.dll!RegDeleteValueW                            000000007560ea0d 7 bytes JMP 00000001718d1244
.text     C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpWareSE4.exe[4516] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW                    000000007561b1d3 5 bytes JMP 00000001718d15aa
.text     C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpWareSE4.exe[4516] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx                    00000000756988b4 7 bytes JMP 00000001718d1339
.text     C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpWareSE4.exe[4516] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation                    0000000075698939 5 bytes JMP 00000001718d16d6
.text     C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpWareSE4.exe[4516] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW                      0000000075698c8f 5 bytes JMP 00000001718d170d
.text     C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpWareSE4.exe[4516] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW                         0000000074ed1d1b 5 bytes JMP 00000001718d11c2
.text     C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpWareSE4.exe[4516] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW                       0000000074ed1dc9 5 bytes JMP 00000001718d1014
.text     C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpWareSE4.exe[4516] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW                           0000000074ed2aa4 5 bytes JMP 00000001718d1555
.text     C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpWareSE4.exe[4516] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary                              0000000074ed2d0a 5 bytes JMP 00000001718d1271
.text     C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpWareSE4.exe[4516] C:\Windows\syswow64\USER32.dll!CreateWindowExW                              0000000076ae8a29 5 bytes JMP 00000001718d1726
.text     C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpWareSE4.exe[4516] C:\Windows\syswow64\USER32.dll!EnumDisplayDevicesA                          0000000076af4572 5 bytes JMP 00000001718d10a0
.text     C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpWareSE4.exe[4516] C:\Windows\syswow64\USER32.dll!EnumDisplayDevicesW                          0000000076b0e567 5 bytes JMP 00000001718d1415
.text     C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpWareSE4.exe[4516] C:\Windows\syswow64\USER32.dll!DisplayConfigGetDeviceInfo                   0000000076b47a5c 5 bytes JMP 00000001718d15d2
.text     C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpWareSE4.exe[4516] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList                      000000007501e96b 5 bytes JMP 00000001718d15c3
.text     C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpWareSE4.exe[4516] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo                        000000007501eba5 5 bytes JMP 00000001718d1186
.text     C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpWareSE4.exe[4516] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket                             0000000075b05ea5 5 bytes JMP 00000001718d15fa
.text     C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpWareSE4.exe[4516] C:\Windows\syswow64\ole32.dll!CoCreateInstance                              0000000075b39d0b 5 bytes JMP 00000001718d121c
.text     C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[4500] C:\Windows\syswow64\kernel32.dll!RegQueryValueExW                          00000000755f1eee 7 bytes JMP 00000001718d1695
.text     C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[4500] C:\Windows\syswow64\kernel32.dll!RegSetValueExW                            00000000755f5b85 7 bytes JMP 00000001718d11a9
.text     C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[4500] C:\Windows\syswow64\kernel32.dll!RegSetValueExA                            00000000756013e1 7 bytes JMP 00000001718d128a
.text     C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[4500] C:\Windows\syswow64\kernel32.dll!RegDeleteValueW                           000000007560ea0d 7 bytes JMP 00000001718d1244
.text     C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[4500] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW                   000000007561b1d3 5 bytes JMP 00000001718d15aa
.text     C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[4500] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx                   00000000756988b4 7 bytes JMP 00000001718d1339
.text     C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[4500] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation                   0000000075698939 5 bytes JMP 00000001718d16d6
.text     C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[4500] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW                     0000000075698c8f 5 bytes JMP 00000001718d170d
.text     C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[4500] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW                        0000000074ed1d1b 5 bytes JMP 00000001718d11c2
.text     C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[4500] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW                      0000000074ed1dc9 5 bytes JMP 00000001718d1014
.text     C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[4500] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW                          0000000074ed2aa4 5 bytes JMP 00000001718d1555
.text     C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[4500] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary                             0000000074ed2d0a 5 bytes JMP 00000001718d1271
.text     C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[4500] C:\Windows\syswow64\USER32.dll!CreateWindowExW                             0000000076ae8a29 5 bytes JMP 00000001718d1726
.text     C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[4500] C:\Windows\syswow64\USER32.dll!EnumDisplayDevicesA                         0000000076af4572 5 bytes JMP 00000001718d10a0
.text     C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[4500] C:\Windows\syswow64\USER32.dll!EnumDisplayDevicesW                         0000000076b0e567 5 bytes JMP 00000001718d1415
.text     C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[4500] C:\Windows\syswow64\USER32.dll!DisplayConfigGetDeviceInfo                  0000000076b47a5c 5 bytes JMP 00000001718d15d2
.text     C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[4500] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList                     000000007501e96b 5 bytes JMP 00000001718d15c3
.text     C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[4500] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo                       000000007501eba5 5 bytes JMP 00000001718d1186
.text     C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[4500] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket                            0000000075b05ea5 5 bytes JMP 00000001718d15fa
.text     C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[4500] C:\Windows\syswow64\ole32.dll!CoCreateInstance                             0000000075b39d0b 5 bytes JMP 00000001718d121c
.text     C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[4504] C:\Windows\syswow64\kernel32.dll!RegQueryValueExW                    00000000755f1eee 7 bytes JMP 00000001718d1695
.text     C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[4504] C:\Windows\syswow64\kernel32.dll!RegSetValueExW                      00000000755f5b85 7 bytes JMP 00000001718d11a9
.text     C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[4504] C:\Windows\syswow64\kernel32.dll!RegSetValueExA                      00000000756013e1 7 bytes JMP 00000001718d128a
.text     C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[4504] C:\Windows\syswow64\kernel32.dll!RegDeleteValueW                     000000007560ea0d 7 bytes JMP 00000001718d1244
.text     C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[4504] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW             000000007561b1d3 5 bytes JMP 00000001718d15aa
.text     C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[4504] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx             00000000756988b4 7 bytes JMP 00000001718d1339
.text     C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[4504] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation             0000000075698939 5 bytes JMP 00000001718d16d6
.text     C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[4504] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW               0000000075698c8f 5 bytes JMP 00000001718d170d
.text     C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[4504] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW                  0000000074ed1d1b 5 bytes JMP 00000001718d11c2
.text     C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[4504] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW                0000000074ed1dc9 5 bytes JMP 00000001718d1014
.text     C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[4504] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW                    0000000074ed2aa4 5 bytes JMP 00000001718d1555
.text     C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[4504] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary                       0000000074ed2d0a 5 bytes JMP 00000001718d1271
.text     C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[4504] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList               000000007501e96b 5 bytes JMP 00000001718d15c3
.text     C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[4504] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo                 000000007501eba5 5 bytes JMP 00000001718d1186
.text     C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[4504] C:\Windows\syswow64\USER32.dll!CreateWindowExW                       0000000076ae8a29 5 bytes JMP 00000001718d1726
.text     C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[4504] C:\Windows\syswow64\USER32.dll!EnumDisplayDevicesA                   0000000076af4572 5 bytes JMP 00000001718d10a0
.text     C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[4504] C:\Windows\syswow64\USER32.dll!EnumDisplayDevicesW                   0000000076b0e567 5 bytes JMP 00000001718d1415
.text     C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[4504] C:\Windows\syswow64\USER32.dll!DisplayConfigGetDeviceInfo            0000000076b47a5c 5 bytes JMP 00000001718d15d2
.text     C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[4504] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket                      0000000075b05ea5 5 bytes JMP 00000001718d15fa
.text     C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[4504] C:\Windows\syswow64\ole32.dll!CoCreateInstance                       0000000075b39d0b 5 bytes JMP 00000001718d121c
.text     C:\Users\*****\Desktop\gmer.exe[1932] C:\Windows\syswow64\kernel32.dll!RegQueryValueExW                                                     00000000755f1eee 7 bytes JMP 00000001718d1695
.text     C:\Users\*****\Desktop\gmer.exe[1932] C:\Windows\syswow64\kernel32.dll!RegSetValueExW                                                       00000000755f5b85 7 bytes JMP 00000001718d11a9
.text     C:\Users\*****\Desktop\gmer.exe[1932] C:\Windows\syswow64\kernel32.dll!RegSetValueExA                                                       00000000756013e1 7 bytes JMP 00000001718d128a
.text     C:\Users\*****\Desktop\gmer.exe[1932] C:\Windows\syswow64\kernel32.dll!RegDeleteValueW                                                      000000007560ea0d 7 bytes JMP 00000001718d1244
.text     C:\Users\*****\Desktop\gmer.exe[1932] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW                                              000000007561b1d3 5 bytes JMP 00000001718d15aa
.text     C:\Users\*****\Desktop\gmer.exe[1932] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx                                              00000000756988b4 7 bytes JMP 00000001718d1339
.text     C:\Users\*****\Desktop\gmer.exe[1932] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation                                              0000000075698939 5 bytes JMP 00000001718d16d6
.text     C:\Users\*****\Desktop\gmer.exe[1932] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW                                                0000000075698c8f 5 bytes JMP 00000001718d170d
.text     C:\Users\*****\Desktop\gmer.exe[1932] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW                                                   0000000074ed1d1b 5 bytes JMP 00000001718d11c2
.text     C:\Users\*****\Desktop\gmer.exe[1932] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW                                                 0000000074ed1dc9 5 bytes JMP 00000001718d1014
.text     C:\Users\*****\Desktop\gmer.exe[1932] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW                                                     0000000074ed2aa4 5 bytes JMP 00000001718d1555
.text     C:\Users\*****\Desktop\gmer.exe[1932] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary                                                        0000000074ed2d0a 5 bytes JMP 00000001718d1271
.text     C:\Users\*****\Desktop\gmer.exe[1932] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList                                                000000007501e96b 5 bytes JMP 00000001718d15c3
.text     C:\Users\*****\Desktop\gmer.exe[1932] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo                                                  000000007501eba5 5 bytes JMP 00000001718d1186
.text     C:\Users\*****\Desktop\gmer.exe[1932] C:\Windows\syswow64\USER32.dll!CreateWindowExW                                                        0000000076ae8a29 5 bytes JMP 00000001718d1726
.text     C:\Users\*****\Desktop\gmer.exe[1932] C:\Windows\syswow64\USER32.dll!EnumDisplayDevicesA                                                    0000000076af4572 5 bytes JMP 00000001718d10a0
.text     C:\Users\*****\Desktop\gmer.exe[1932] C:\Windows\syswow64\USER32.dll!EnumDisplayDevicesW                                                    0000000076b0e567 5 bytes JMP 00000001718d1415
.text     C:\Users\*****\Desktop\gmer.exe[1932] C:\Windows\syswow64\USER32.dll!DisplayConfigGetDeviceInfo                                             0000000076b47a5c 5 bytes JMP 00000001718d15d2
.text     C:\Users\*****\Desktop\gmer.exe[1932] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket                                                       0000000075b05ea5 5 bytes JMP 00000001718d15fa
.text     C:\Users\*****\Desktop\gmer.exe[1932] C:\Windows\syswow64\ole32.dll!CoCreateInstance                                                        0000000075b39d0b 5 bytes JMP 00000001718d121c

---- Threads - GMER 2.1 ----

Thread    C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [5820:5804]                                                                      0000000075907587
Thread    C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [5820:5788]                                                                      000000006df97712
Thread    C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [5820:924]                                                                       0000000077492e65
Thread    C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [5820:5888]                                                                      0000000077493e85
Thread    C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [5820:1036]                                                                      0000000077493e85
Thread    C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [5820:4388]                                                                      0000000077493e85

---- Registry - GMER 2.1 ----

Reg       HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\00150079fe36                                                                 
Reg       HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\ac728940f4a6                                                                 
Reg       HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\ac728940f4a6@10683f2795f3                                                    0x70 0x61 0x7E 0x53 ...
Reg       HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\00150079fe36 (not active ControlSet)                                             
Reg       HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\ac728940f4a6 (not active ControlSet)                                             
Reg       HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\ac728940f4a6@10683f2795f3                                                        0x70 0x61 0x7E 0x53 ...

---- EOF - GMER 2.1 ----
         

Alt 19.01.2014, 21:07   #5
aharonov
/// TB-Ausbilder
 
Windows 7: Laptop wurde sehr langsam - Standard

Windows 7: Laptop wurde sehr langsam



ok.


Schritt 1
  • Gehe zu Start --> Systemsteuerung und öffne Programme und Funktionen.
  • Suche und deinstalliere dort der Reihe nach folgende Einträge:
    Browser Stabilizer
    DownnSSave
  • Schliesse das Fenster wieder und führe einen Neustart durch, wenn das gefordert wurde.



Schritt 2

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).



Schritt 3

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.




Schritt 4

Starte noch einmal FRST.
  • Ändere keine der Voreinstellungen und drücke auf Scan.
  • Wenn der Scan abgeschlossen ist, werden ein neues Logfile FRST.txt erstellt und auf dem Desktop gespeichert.
  • Poste den Inhalt dieses Logfiles bitte hier in deinen Thread.

__________________
cheers,
Leo

Alt 19.01.2014, 22:44   #6
Hilfe123
 
Windows 7: Laptop wurde sehr langsam - Standard

Windows 7: Laptop wurde sehr langsam



ich die Dateien deinstallieren oder kannst du mir einen Tipp geben wie?
Wenn ich über Systemsteuerung reingehe bleibt sofort alles hängen, also keine chance es zu deinstallieren...
LG


Nach langem Warten wurde die erste Datei deinstalliert, Infos folgen...


FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-01-2014 03
Ran by ***** (administrator) on *****-NB01 on 19-01-2014 23:21:12
Running from C:\Users\*****\Desktop\Felix
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\TrayManager.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\PSUService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNetDm.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe
(FUJITSU LIMITED) C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
(Fujitsu Technology Solutions) C:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpWareSE4.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPNetworkCommunicator.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1886504 2009-11-19] (Synaptics Incorporated)
HKLM\...\Run: [BTMTrayAgent] - C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [10228224 2010-11-03] (Intel Corporation)
HKLM\...\Run: [LoadFUJ02E3] - C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe [45680 2010-06-08] (FUJITSU LIMITED)
HKLM\...\Run: [FDM7] - C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe [164712 2009-11-26] (FUJITSU LIMITED)
HKLM\...\Run: [PSUTility] - C:\Program Files\Fujitsu\PSUtility\TrayManager.exe [199528 2010-11-13] (FUJITSU LIMITED)
HKLM\...\Run: [PfNet] - C:\Program Files\Fujitsu\Plugfree NETWORK\PfNet.exe [6311424 2010-10-07] (FUJITSU LIMITED)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11663464 2010-12-07] (Realtek Semiconductor)
HKLM\...\Run: [IntelWireless] - C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1933584 2011-01-05] (Intel(R) Corporation)
HKLM\...\Run: [snp2uvc] - C:\Windows\vsnp2uvc.exe [662016 2009-08-13] (Sonix)
HKLM\...\Run: [LoadFujitsuQuickTouch] - C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe [162416 2010-07-16] (FUJITSU LIMITED)
HKLM\...\Run: [LoadBtnHnd] - C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [21616 2010-07-09] (FUJITSU LIMITED)
HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-10] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\nvspcap64.dll [1100248 2013-12-10] (NVIDIA Corporation)
HKLM-x32\...\Run: [IndicatorUtility] - C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe [48752 2010-09-30] (FUJITSU LIMITED)
HKLM-x32\...\Run: [snp2uvc] - C:\Windows\vsnp2uvc.exe [662016 2009-08-13] (Sonix)
HKLM-x32\...\Run: [DeskUpdateNotifier] - c:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe [97560 2010-10-13] (Fujitsu Technology Solutions)
HKLM-x32\...\Run: [UCam_Menu] - C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [YouCam Mirror Tray icon] - C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe [162912 2009-07-08] (CyberLink Corp.)
HKLM-x32\...\Run: [SSBkgdUpdate] - C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [OpwareSE4] - C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpwareSE4.exe [79400 2007-02-04] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-03-24] (Hewlett-Packard)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\*****\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1168896 2013-12-14] (Spotify Ltd)
HKCU\...\Run: [HP Photosmart 5510 series (NET)] - C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe [2676584 2011-09-16] (Hewlett-Packard Co.)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [168616 2013-12-19] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\Windows\SysWOW64\nvinit.dll => c:\Windows\SysWOW64\nvinit.dll [141336 2013-12-19] (NVIDIA Corporation)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk
ShortcutTarget: LaunchCenter.lnk -> C:\Program Files\Fujitsu\LaunchCenter\LaunchCenter.exe (Fujitsu Technology Solutions)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk
ShortcutTarget: LaunchCenter.lnk -> C:\Program Files\Fujitsu\LaunchCenter\LaunchCenter.exe (Fujitsu Technology Solutions)

==================== Internet (Whitelisted) ====================

ProxyServer: 10.0.0.138:80
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=FTSG&bmod=FTSG
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {AE592437-2644-4A6B-972C-8D5A23AF96C4} URL = hxxp://ecosia.org/search.php?q={searchTerms}&addon=opensearch
SearchScopes: HKCU - {BF15C0A1-A07F-470D-871A-6C8960C0ECBF} URL = 
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{41FD9069-21D6-40EB-9555-F0F6DDCFA8FB}: [NameServer]0.0.0.0

FireFox:
========
FF ProfilePath: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\ci75rvj2.default
FF Homepage: https://www.google.com/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @java.com/DTPlugin,version=10.17.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.17.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\*****\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\*****\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\*****\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\*****\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\*****\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\*****\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\*****\AppData\Roaming\mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin ProgramFiles/Appdata: C:\Users\*****\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml

Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR Extension: (No Name) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-02]
CHR Extension: (No Name) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-02]
CHR Extension: (No Name) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-02]
CHR Extension: (0) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\elgfababjopgjalkgbfndlempbfdiecf [2013-12-06]
CHR Extension: (Google Wallet) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-02]
CHR Extension: (No Name) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-02]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Users\*****\AppData\Roaming\DVDVideoSoft\dvsYoutubeDownload.crx [2012-10-31]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-03-02]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-01-05] ()
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-10] (NVIDIA Corporation)
R2 PFNService; C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe [331776 2010-10-07] (FUJITSU LIMITED)
R2 PowerSavingUtilityService; C:\Program Files\Fujitsu\PSUtility\PSUService.exe [63336 2010-06-17] (FUJITSU LIMITED)
S2 tor; C:\Program Files (x86)\Tor\tor.exe [3233806 2013-08-31] ()

==================== Drivers (Whitelisted) ====================

R0 FBIOSDRV; C:\Windows\System32\Drivers\FBIOSDRV.sys [21104 2009-06-24] (FUJITSU LIMITED)
R3 FUJ02B1; C:\Windows\System32\DRIVERS\FUJ02B1.sys [7808 2006-11-01] (FUJITSU LIMITED)
R3 FUJ02E3; C:\Windows\system32\drivers\FUJ02E3.sys [7296 2006-11-01] (FUJITSU LIMITED)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)
S3 SMARTMouseFilterx64; C:\Windows\System32\DRIVERS\SMARTMouseFilterx64.sys [13168 2011-07-13] (SMART Technologies ULC)
S3 SMARTVHidMiniVistaAmd64; C:\Windows\System32\DRIVERS\SMARTVHidMiniVistaAmd64.sys [16368 2011-07-13] (SMART Technologies ULC)
S3 SMARTVTabletPCx64; C:\Windows\System32\DRIVERS\SMARTVTabletPCx64.sys [24944 2011-07-13] (SMART Technologies ULC)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1801216 2010-10-09] ()
U3 catchme; \??\C:\ComboFix\catchme.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-19 23:17 - 2014-01-19 23:17 - 00107630 _____ C:\ComboFix.txt
2014-01-19 22:58 - 2014-01-19 23:17 - 00000000 ____D C:\Qoobox
2014-01-19 22:58 - 2014-01-19 23:16 - 00000000 ____D C:\Windows\erdnt
2014-01-19 22:58 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2014-01-19 22:58 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2014-01-19 22:58 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-01-19 22:58 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-01-19 22:58 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-01-19 22:58 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2014-01-19 22:58 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2014-01-19 22:58 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2014-01-19 22:55 - 2014-01-19 22:55 - 00014232 _____ C:\Users\*****\Desktop\AdwCleaner[S0].txt
2014-01-19 22:51 - 2014-01-19 22:52 - 00000000 ____D C:\AdwCleaner
2014-01-19 22:42 - 2014-01-19 22:42 - 00000000 ____D C:\Program Files (x86)\DownnSSave
2014-01-19 20:09 - 2014-01-19 20:09 - 01110476 _____ C:\Users\*****\Downloads\7z920.exe
2014-01-19 20:09 - 2014-01-19 20:09 - 00000000 ____D C:\Program Files (x86)\7-Zip
2014-01-19 19:27 - 2014-01-19 19:27 - 00000000 ____D C:\FRST
2014-01-19 19:25 - 2014-01-19 19:25 - 00000000 _____ C:\Users\*****\defogger_reenable
2014-01-19 15:39 - 2014-01-19 22:54 - 00001008 _____ C:\Windows\setupact.log
2014-01-19 15:39 - 2014-01-19 15:39 - 00000000 _____ C:\Windows\setuperr.log
2014-01-19 15:31 - 2014-01-19 15:31 - 00968392 _____ C:\Users\*****\Desktop\CR-FERNWARTUNG.exe
2014-01-19 15:24 - 2014-01-19 15:24 - 00000000 ____D C:\Users\*****\AppData\Local\NVIDIA Corporation
2014-01-19 15:23 - 2014-01-19 15:23 - 00000000 ____D C:\Windows\SysWOW64\NV
2014-01-19 15:23 - 2014-01-19 15:23 - 00000000 ____D C:\Windows\system32\NV
2014-01-19 15:21 - 2014-01-19 15:21 - 00001353 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2014-01-19 15:20 - 2013-12-10 03:15 - 00982232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-01-19 15:20 - 2013-12-10 03:14 - 01100248 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-01-19 15:19 - 2014-01-19 15:19 - 00000000 ____D C:\Users\*****\AppData\Local\NVIDIA
2014-01-19 15:19 - 2014-01-19 15:19 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2014-01-19 15:16 - 2013-12-19 21:33 - 30372640 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 22960416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 18310112 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 18222008 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 15877216 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 15230352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 12645664 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-01-19 15:16 - 2013-12-19 21:33 - 11605752 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 11554264 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 09700224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 09657464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 03132704 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 03125024 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 02947872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 02747680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433221.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433221.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 01436528 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 01242400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 00882464 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 00879392 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 00852768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 00847648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 00032544 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys
2014-01-19 15:16 - 2013-12-05 09:42 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-01-19 15:16 - 2013-12-05 09:42 - 00035104 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2014-01-19 15:16 - 2013-12-05 09:42 - 00032544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-01-19 15:15 - 2013-12-19 21:33 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-01-19 15:15 - 2013-12-19 21:33 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-01-19 15:15 - 2013-12-19 21:33 - 03071656 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-01-19 15:15 - 2013-12-19 21:33 - 02698272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-01-19 15:07 - 2014-01-19 15:13 - 266633424 _____ (NVIDIA Corporation) C:\Users\*****\Downloads\332.21-notebook-win8-win7-64bit-international-whql.exe
2014-01-19 14:36 - 2014-01-19 14:36 - 00000000 ____D C:\Program Files\CPUID
2014-01-19 14:35 - 2014-01-19 14:35 - 01466296 _____ (                                                            ) C:\Users\*****\Downloads\cpu-z_1.68-setup-en.exe
2014-01-19 12:10 - 2014-01-19 12:17 - 00000000 ____D C:\Windows\System32\Tasks\Aufgaben der Ereignisanzeige
2014-01-18 21:44 - 2014-01-18 21:47 - 84496144 _____ (alch                                                        ) C:\Users\*****\Downloads\clamwin-0.98-setup.exe
2014-01-18 19:14 - 2014-01-18 19:14 - 00000000 ____D C:\Program Files (x86)\Fuuni2Savue
2014-01-18 01:27 - 2014-01-18 01:27 - 00000000 ____D C:\Users\*****\AppData\Roaming\NVIDIA
2014-01-18 01:26 - 2014-01-18 01:26 - 00000000 ____D C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-01-17 21:41 - 2014-01-17 21:41 - 00000000 ____D C:\Users\*****\Documents\BFBC2
2014-01-15 18:20 - 2013-11-27 02:42 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 18:20 - 2013-11-27 02:42 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 18:20 - 2013-11-27 02:42 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 18:20 - 2013-11-27 02:42 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 18:20 - 2013-11-27 02:42 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 18:20 - 2013-11-27 02:42 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 18:20 - 2013-11-27 02:42 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 18:20 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 18:20 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-09 18:54 - 2014-01-09 18:54 - 01133552 _____ C:\Users\*****\Downloads\SteamSetup.exe
2014-01-06 21:51 - 2014-01-06 21:51 - 00001094 _____ C:\Users\*****\Downloads\Aufgabe8.zip
2014-01-06 21:51 - 2014-01-06 21:51 - 00001094 _____ C:\Users\*****\Downloads\Aufgabe8 (2).zip
2014-01-06 21:51 - 2014-01-06 21:51 - 00001094 _____ C:\Users\*****\Downloads\Aufgabe8 (1).zip
2014-01-06 21:46 - 2014-01-06 21:46 - 00001094 _____ C:\Users\*****\Downloads\Quelle2.zip
2014-01-05 23:04 - 2014-01-05 23:04 - 00004730 _____ C:\Users\*****\Documents\cc_20140105_230142.reg
2013-12-30 11:03 - 2014-01-19 22:48 - 00000000 ____D C:\ProgramData\DownnSSave
2013-12-30 11:03 - 2014-01-19 22:42 - 00000000 ____D C:\ProgramData\e48e524463011d6f
2013-12-30 11:03 - 2014-01-18 19:18 - 00000000 ____D C:\ProgramData\Fuuni2Savue
2013-12-30 11:03 - 2013-12-30 11:03 - 00000000 ____D C:\ProgramData\agcniifgcajngehbpgemhajfiohohdoc
2013-12-23 12:30 - 2013-12-23 12:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-23 12:02 - 2014-01-19 16:39 - 00000000 ____D C:\Program Files (x86)\Steam
2013-12-22 11:52 - 2013-12-22 11:52 - 00000000 ____D C:\Users\*****\Downloads\save
2013-12-22 11:50 - 2013-12-22 11:52 - 72106372 _____ ( ) C:\Users\*****\Downloads\iwbtgbeta_fs_.exe

==================== One Month Modified Files and Folders =======

2014-01-19 23:21 - 2013-11-04 13:36 - 00000000 ____D C:\Users\*****\Desktop\Felix
2014-01-19 23:17 - 2014-01-19 23:17 - 00107630 _____ C:\ComboFix.txt
2014-01-19 23:17 - 2014-01-19 22:58 - 00000000 ____D C:\Qoobox
2014-01-19 23:17 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Default
2014-01-19 23:16 - 2014-01-19 22:58 - 00000000 ____D C:\Windows\erdnt
2014-01-19 23:15 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2014-01-19 23:01 - 2013-11-09 17:35 - 00000256 _____ C:\Windows\Tasks\HP Photo Creations Messager.job
2014-01-19 23:01 - 2009-07-14 05:45 - 00020944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-19 23:01 - 2009-07-14 05:45 - 00020944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-19 22:58 - 2011-04-11 18:26 - 04962518 _____ C:\Windows\system32\perfh007.dat
2014-01-19 22:58 - 2011-04-11 18:26 - 01548584 _____ C:\Windows\system32\perfc007.dat
2014-01-19 22:58 - 2009-07-14 06:13 - 00006520 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-19 22:57 - 2011-10-27 12:01 - 01495471 _____ C:\Windows\WindowsUpdate.log
2014-01-19 22:55 - 2014-01-19 22:55 - 00014232 _____ C:\Users\*****\Desktop\AdwCleaner[S0].txt
2014-01-19 22:54 - 2014-01-19 15:39 - 00001008 _____ C:\Windows\setupact.log
2014-01-19 22:53 - 2011-11-25 19:49 - 00001104 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-19 22:53 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-19 22:52 - 2014-01-19 22:51 - 00000000 ____D C:\AdwCleaner
2014-01-19 22:48 - 2013-12-30 11:03 - 00000000 ____D C:\ProgramData\DownnSSave
2014-01-19 22:43 - 2011-11-25 19:49 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-19 22:42 - 2014-01-19 22:42 - 00000000 ____D C:\Program Files (x86)\DownnSSave
2014-01-19 22:42 - 2013-12-30 11:03 - 00000000 ____D C:\ProgramData\e48e524463011d6f
2014-01-19 22:23 - 2013-09-21 13:34 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-19 20:25 - 2011-11-07 20:18 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2109869091-239777414-2284813190-1001UA.job
2014-01-19 20:09 - 2014-01-19 20:09 - 01110476 _____ C:\Users\*****\Downloads\7z920.exe
2014-01-19 20:09 - 2014-01-19 20:09 - 00000000 ____D C:\Program Files (x86)\7-Zip
2014-01-19 19:27 - 2014-01-19 19:27 - 00000000 ____D C:\FRST
2014-01-19 19:25 - 2014-01-19 19:25 - 00000000 _____ C:\Users\*****\defogger_reenable
2014-01-19 19:25 - 2011-10-27 12:04 - 00000000 ____D C:\Users\*****
2014-01-19 16:39 - 2013-12-23 12:02 - 00000000 ____D C:\Program Files (x86)\Steam
2014-01-19 15:39 - 2014-01-19 15:39 - 00000000 _____ C:\Windows\setuperr.log
2014-01-19 15:31 - 2014-01-19 15:31 - 00968392 _____ C:\Users\*****\Desktop\CR-FERNWARTUNG.exe
2014-01-19 15:25 - 2011-11-07 20:18 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2109869091-239777414-2284813190-1001Core.job
2014-01-19 15:24 - 2014-01-19 15:24 - 00000000 ____D C:\Users\*****\AppData\Local\NVIDIA Corporation
2014-01-19 15:24 - 2011-10-27 20:50 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2014-01-19 15:23 - 2014-01-19 15:23 - 00000000 ____D C:\Windows\SysWOW64\NV
2014-01-19 15:23 - 2014-01-19 15:23 - 00000000 ____D C:\Windows\system32\NV
2014-01-19 15:23 - 2011-10-27 20:51 - 00000000 ____D C:\ProgramData\NVIDIA
2014-01-19 15:23 - 2011-10-27 12:05 - 00113232 _____ C:\Users\*****\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-19 15:22 - 2009-07-14 05:45 - 00444208 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-19 15:21 - 2014-01-19 15:21 - 00001353 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2014-01-19 15:20 - 2011-10-27 20:50 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2014-01-19 15:20 - 2011-10-27 20:50 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2014-01-19 15:19 - 2014-01-19 15:19 - 00000000 ____D C:\Users\*****\AppData\Local\NVIDIA
2014-01-19 15:19 - 2014-01-19 15:19 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2014-01-19 15:13 - 2014-01-19 15:07 - 266633424 _____ (NVIDIA Corporation) C:\Users\*****\Downloads\332.21-notebook-win8-win7-64bit-international-whql.exe
2014-01-19 15:02 - 2012-01-24 15:09 - 00000000 ____D C:\ProgramData\Microsoft Help
2014-01-19 15:01 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2014-01-19 15:00 - 2010-11-21 08:16 - 00000000 ____D C:\Windows\ShellNew
2014-01-19 14:56 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\System
2014-01-19 14:56 - 2009-07-14 03:34 - 00000387 _____ C:\Windows\win.ini
2014-01-19 14:36 - 2014-01-19 14:36 - 00000000 ____D C:\Program Files\CPUID
2014-01-19 14:35 - 2014-01-19 14:35 - 01466296 _____ (                                                            ) C:\Users\*****\Downloads\cpu-z_1.68-setup-en.exe
2014-01-19 14:14 - 2011-10-27 16:32 - 00000000 ____D C:\Users\*****\AppData\Local\CrashDumps
2014-01-19 12:17 - 2014-01-19 12:10 - 00000000 ____D C:\Windows\System32\Tasks\Aufgaben der Ereignisanzeige
2014-01-19 08:33 - 2010-11-21 04:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-01-18 21:47 - 2014-01-18 21:44 - 84496144 _____ (alch                                                        ) C:\Users\*****\Downloads\clamwin-0.98-setup.exe
2014-01-18 19:18 - 2013-12-30 11:03 - 00000000 ____D C:\ProgramData\Fuuni2Savue
2014-01-18 19:14 - 2014-01-18 19:14 - 00000000 ____D C:\Program Files (x86)\Fuuni2Savue
2014-01-18 13:02 - 2013-09-21 13:34 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-01-18 13:02 - 2012-04-19 16:20 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-18 13:02 - 2011-11-09 10:30 - 00000000 ____D C:\Users\*****\AppData\Local\Adobe
2014-01-18 13:02 - 2011-10-27 16:32 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-18 01:27 - 2014-01-18 01:27 - 00000000 ____D C:\Users\*****\AppData\Roaming\NVIDIA
2014-01-18 01:26 - 2014-01-18 01:26 - 00000000 ____D C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-01-17 21:41 - 2014-01-17 21:41 - 00000000 ____D C:\Users\*****\Documents\BFBC2
2014-01-15 20:47 - 2013-08-15 10:03 - 00000000 ____D C:\Windows\system32\MRT
2014-01-15 20:44 - 2011-10-27 13:11 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-13 20:52 - 2013-10-25 20:21 - 00000000 ____D C:\Users\*****\Documents\Visual Studio 2012
2014-01-12 19:41 - 2011-11-05 12:48 - 00000000 ____D C:\Mama
2014-01-11 10:41 - 2011-10-27 17:05 - 00000000 ____D C:\Users\*****\AppData\Roaming\Skype
2014-01-09 19:15 - 2012-09-07 20:46 - 00000000 ____D C:\Users\*****\AppData\Roaming\Spotify
2014-01-09 18:55 - 2012-09-07 20:48 - 00000000 ____D C:\Users\*****\AppData\Local\Spotify
2014-01-09 18:54 - 2014-01-09 18:54 - 01133552 _____ C:\Users\*****\Downloads\SteamSetup.exe
2014-01-09 18:43 - 2011-12-04 10:45 - 00000000 ____D C:\Users\*****\Desktop\Neue Musik
2014-01-06 21:51 - 2014-01-06 21:51 - 00001094 _____ C:\Users\*****\Downloads\Aufgabe8.zip
2014-01-06 21:51 - 2014-01-06 21:51 - 00001094 _____ C:\Users\*****\Downloads\Aufgabe8 (2).zip
2014-01-06 21:51 - 2014-01-06 21:51 - 00001094 _____ C:\Users\*****\Downloads\Aufgabe8 (1).zip
2014-01-06 21:46 - 2014-01-06 21:46 - 00001094 _____ C:\Users\*****\Downloads\Quelle2.zip
2014-01-05 23:04 - 2014-01-05 23:04 - 00004730 _____ C:\Users\*****\Documents\cc_20140105_230142.reg
2013-12-30 11:03 - 2013-12-30 11:03 - 00000000 ____D C:\ProgramData\agcniifgcajngehbpgemhajfiohohdoc
2013-12-27 14:01 - 2013-10-24 14:03 - 00000000 ____D C:\Program Files (x86)\Ss-Helper
2013-12-27 13:10 - 2011-10-27 12:09 - 00000000 ____D C:\Windows\System32\Tasks\Fujitsu
2013-12-25 18:15 - 2009-07-14 06:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-12-23 15:14 - 2012-05-31 16:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-23 12:31 - 2013-12-23 12:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-22 11:52 - 2013-12-22 11:52 - 00000000 ____D C:\Users\*****\Downloads\save
2013-12-22 11:52 - 2013-12-22 11:50 - 72106372 _____ ( ) C:\Users\*****\Downloads\iwbtgbeta_fs_.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-13 10:11

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---

--- --- ---

Code:
ATTFilter
# AdwCleaner v3.017 - Bericht erstellt am 19/01/2014 um 22:52:44
# Aktualisiert 12/01/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : ***** - *****-NB01
# Gestartet von : C:\Users\*****\Desktop\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\apn
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\Partner
Ordner Gelöscht : C:\ProgramData\Tarma Installer
Ordner Gelöscht : C:\ProgramData\WinterSoft
Ordner Gelöscht : C:\ProgramData\DiOwinlOad keeeper
Ordner Gelöscht : C:\ProgramData\Download kkeeper
Ordner Gelöscht : C:\ProgramData\SearchNewTab
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SkypEmoticons
Ordner Gelöscht : C:\Program Files (x86)\SoftwareUpdater
Ordner Gelöscht : C:\Program Files (x86)\WebSearch
Ordner Gelöscht : C:\Users\*****\AppData\Local\PackageAware
Ordner Gelöscht : C:\Users\*****\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\*****\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\*****\AppData\Roaming\EZDownloader
Ordner Gelöscht : C:\Users\*****\AppData\Roaming\file scout
Ordner Gelöscht : C:\Users\*****\AppData\Roaming\Media Finder
Ordner Gelöscht : C:\Users\*****\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com
Ordner Gelöscht : C:\Users\*****\AppData\Roaming\OpenCandy
Ordner Gelöscht : C:\Users\*****\AppData\Roaming\SkypEmoticons
Ordner Gelöscht : C:\Users\*****\AppData\Roaming\yourfiledownloader
Datei Gelöscht : C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\ci75rvj2.default\invalidprefs.js
Datei Gelöscht : C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\ci75rvj2.default\searchplugins\Babylon.xml
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\Babylon.xml
Datei Gelöscht : C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\ci75rvj2.default\searchplugins\BrowserProtect.xml
Datei Gelöscht : C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\ci75rvj2.default\searchplugins\delta.xml
Datei Gelöscht : C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\ci75rvj2.default\searchplugins\WebSearch.xml
Datei Gelöscht : C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\ci75rvj2.default\user.js
Datei Gelöscht : C:\Windows\System32\Tasks\Software Updater Ui
Datei Gelöscht : C:\Windows\System32\Tasks\Software Updater
Datei Gelöscht : C:\Windows\System32\Tasks\YourFile Update

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\lpmkgpnbiojfaoklbkpfneikocaobfai
Schlüssel Gelöscht : HKCU\Software\Classes\iLivid.torrent
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Download with &Media Finder
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [se]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\*\shell\filescout
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\IEPlugin.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IEPlugin.IEWebHook
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IEPlugin.IEWebHook.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\MF
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\YourFile_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\YourFile_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\YourFileUpdater_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\YourFileUpdater_RASMANCS
Schlüssel Gelöscht : HKCU\Software\5255dadbe739ed40
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_minecraft_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_minecraft_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{3F39D17D-50C7-4AC4-A63A-CDF6CDBD0C61}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AE9908C1-3400-4B10-9061-C6C04D96E3D2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{71E3A30E-9444-49D9-ABDB-B4B531D0BBA3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{AE9908C1-3400-4B10-9061-C6C04D96E3D2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Schlüssel Gelöscht : HKCU\Software\BabSolution
Schlüssel Gelöscht : HKCU\Software\filescout
Schlüssel Gelöscht : HKCU\Software\ilivid
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\MediaFinder
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\AppDataLow\SProtector
Schlüssel Gelöscht : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\SP Global
Schlüssel Gelöscht : HKLM\Software\SProtector
Schlüssel Gelöscht : HKLM\Software\YourFileDownloader
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SkypEmoticons_is1
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Tarma Installer
Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - 127.0.0.1:9421;<local>

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16428

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v26.0 (de)

[ Datei : C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\ci75rvj2.default\prefs.js ]

Zeile gelöscht : user_pref("aol_toolbar.default.homepage.check", false);
Zeile gelöscht : user_pref("aol_toolbar.default.search.check", false);
Zeile gelöscht : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
Zeile gelöscht : user_pref("browser.search.defaultenginename", "WebSearch");
Zeile gelöscht : user_pref("browser.search.defaultenginename,S", "WebSearch");
Zeile gelöscht : user_pref("browser.search.defaulturl", "hxxp://websearch.wisesearch.info/?pid=725&r=2013/10/24&hid=12088271798101284982&lg=EN&cc=AT&unqvl=39&l=1&q=");
Zeile gelöscht : user_pref("browser.search.order.1", "WebSearch");
Zeile gelöscht : user_pref("browser.search.order.1,S", "WebSearch");
Zeile gelöscht : user_pref("browser.search.selectedEngine", "WebSearch");
Zeile gelöscht : user_pref("browser.search.selectedEngine,S", "WebSearch");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Zeile gelöscht : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.babExt", "");
Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=113480&tt=060612_6_");
Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.hardId", "9c42c511000000000000ac728940f4a3");
Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.id", "9c42c511000000000000ac728940f4a3");
Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.instlDay", "15505");
Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.newTab", true);
Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?affID=113480&tt=060612_6_&babsrc=NT_ss&mntrId=9c42c511000000000000ac728940f4a3");
Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.tlbrId", "tb9");
Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1714:09:14");
Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
Zeile gelöscht : user_pref("extensions._2d3.scode", "(function(){if(window.self.location.hostname.indexOf(\"acebook.co\")>-1){return};var _wlst={lsKey:\"ssjsmn2ja8ddw2a\",get:function(b,a){if(3<b)return a(!1);var d=th[...]
Zeile gelöscht : user_pref("extensions.delta.admin", false);
Zeile gelöscht : user_pref("extensions.delta.aflt", "babsst");
Zeile gelöscht : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Zeile gelöscht : user_pref("extensions.delta.autoRvrt", "false");
Zeile gelöscht : user_pref("extensions.delta.dfltLng", "en");
Zeile gelöscht : user_pref("extensions.delta.excTlbr", false);
Zeile gelöscht : user_pref("extensions.delta.ffxUnstlRst", true);
Zeile gelöscht : user_pref("extensions.delta.id", "9c42c511000000000000ac728940f4a3");
Zeile gelöscht : user_pref("extensions.delta.instlDay", "15828");
Zeile gelöscht : user_pref("extensions.delta.instlRef", "sst");
Zeile gelöscht : user_pref("extensions.delta.newTab", false);
Zeile gelöscht : user_pref("extensions.delta.prdct", "delta");
Zeile gelöscht : user_pref("extensions.delta.prtnrId", "delta");
Zeile gelöscht : user_pref("extensions.delta.rvrt", "false");
Zeile gelöscht : user_pref("extensions.delta.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.delta.tlbrId", "base");
Zeile gelöscht : user_pref("extensions.delta.tlbrSrchUrl", "");
Zeile gelöscht : user_pref("extensions.delta.vrsn", "1.8.16.16");
Zeile gelöscht : user_pref("extensions.delta.vrsnTs", "1.8.16.1621:35:13");
Zeile gelöscht : user_pref("extensions.delta.vrsni", "1.8.16.16");
Zeile gelöscht : user_pref("extensions.dp5fV_.scode", "(function(){if(window.self.location.hostname.indexOf(\"acebook.co\")>-1){return};var _wlst={lsKey:\"ssjsmn2ja8ddw2a\",get:function(b,a){if(3<b)return a(!1);var d=[...]
Zeile gelöscht : user_pref("keyword.URL", "hxxp://websearch.wisesearch.info/?pid=725&r=2013/10/24&hid=12088271798101284982&lg=EN&cc=AT&unqvl=39&l=1&q=");
Zeile gelöscht : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "WebSearch");
Zeile gelöscht : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "WebSearch");
Zeile gelöscht : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://websearch.wisesearch.info/?pid=725&r=2013/10/24&hid=12088271798101284982&lg=EN&cc=AT&unqvl=39");
Zeile gelöscht : user_pref("sweetim.toolbar.previous.keyword.URL", "hxxp://websearch.wisesearch.info/?pid=725&r=2013/10/24&hid=12088271798101284982&lg=EN&cc=AT&unqvl=39&l=1&q=");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Zeile gelöscht : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
Zeile gelöscht : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
Zeile gelöscht : user_pref("sweetim.toolbar.searchguard.enable", "");

-\\ Google Chrome v31.0.1650.63

[ Datei : C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [14839 octets] - [19/01/2014 22:51:40]
AdwCleaner[S0].txt - [14066 octets] - [19/01/2014 22:52:44]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [14127 octets] ##########
         

Alt 19.01.2014, 22:46   #7
Hilfe123
 
Windows 7: Laptop wurde sehr langsam - Standard

Windows 7: Laptop wurde sehr langsam



Code:
ATTFilter
ComboFix 14-01-16.03 - ***** 19.01.2014  23:00:34.1.4 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1252.43.1031.18.4009.2442 [GMT 1:00]
ausgeführt von:: c:\users\*****\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
c:\windows\SysWow64\drivers\10CF_FUJITSU_FTS_LIFEBOOK AH531 GFO_PI_FUJITSU_FJNBB10_Default System BIOS_FUJ - 1_1.18_Intel(R) HD Graphics Family_NVIDIA GeForce GT 525M .MRK
c:\windows\SysWow64\frapsvid.dll
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-12-19 bis 2014-01-19  ))))))))))))))))))))))))))))))
.
.
2014-01-19 22:15 . 2014-01-19 22:15	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-01-19 21:51 . 2014-01-19 21:52	--------	d-----w-	C:\AdwCleaner
2014-01-19 21:42 . 2014-01-19 21:42	--------	d-----w-	c:\program files (x86)\DownnSSave
2014-01-19 19:09 . 2014-01-19 19:09	--------	d-----w-	c:\program files (x86)\7-Zip
2014-01-19 18:46 . 2013-12-04 03:28	10315576	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BAEF2B38-238D-47A2-9D24-94E7357136F8}\mpengine.dll
2014-01-19 18:27 . 2014-01-19 18:27	--------	d-----w-	C:\FRST
2014-01-19 14:24 . 2014-01-19 14:24	--------	d-----w-	c:\users\*****\AppData\Local\NVIDIA Corporation
2014-01-19 14:23 . 2014-01-19 14:23	--------	d-----w-	c:\windows\SysWow64\NV
2014-01-19 14:23 . 2014-01-19 14:23	--------	d-----w-	c:\windows\system32\NV
2014-01-19 14:20 . 2013-12-10 02:15	982232	----a-w-	c:\windows\SysWow64\nvspcap.dll
2014-01-19 14:20 . 2013-12-10 02:14	1100248	----a-w-	c:\windows\system32\nvspcap64.dll
2014-01-19 14:19 . 2014-01-19 14:19	--------	d-----w-	c:\users\*****\AppData\Local\NVIDIA
2014-01-19 14:19 . 2014-01-19 14:19	--------	d-----w-	c:\program files (x86)\AGEIA Technologies
2014-01-19 14:15 . 2013-12-19 20:33	3071656	----a-w-	c:\windows\system32\nvapi64.dll
2014-01-19 14:15 . 2013-12-19 20:33	2698272	----a-w-	c:\windows\SysWow64\nvapi.dll
2014-01-19 14:15 . 2013-12-19 20:33	25257248	----a-w-	c:\windows\system32\nvcompiler.dll
2014-01-19 14:15 . 2013-12-19 20:33	17560352	----a-w-	c:\windows\SysWow64\nvcompiler.dll
2014-01-19 13:36 . 2014-01-19 13:36	--------	d-----w-	c:\program files\CPUID
2014-01-18 18:14 . 2014-01-18 18:14	--------	d-----w-	c:\program files (x86)\Fuuni2Savue
2014-01-18 14:47 . 2013-12-04 03:28	10315576	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-01-18 00:27 . 2014-01-18 00:27	--------	d-----w-	c:\users\*****\AppData\Roaming\NVIDIA
2014-01-15 17:20 . 2013-11-27 01:42	343040	----a-w-	c:\windows\system32\drivers\usbhub.sys
2014-01-15 17:20 . 2013-11-27 01:42	99840	----a-w-	c:\windows\system32\drivers\usbccgp.sys
2014-01-15 17:20 . 2013-11-27 01:42	325120	----a-w-	c:\windows\system32\drivers\usbport.sys
2014-01-15 17:20 . 2013-11-27 01:42	53248	----a-w-	c:\windows\system32\drivers\usbehci.sys
2014-01-15 17:20 . 2013-11-27 01:42	30720	----a-w-	c:\windows\system32\drivers\usbuhci.sys
2014-01-15 17:20 . 2013-11-27 01:42	25600	----a-w-	c:\windows\system32\drivers\usbohci.sys
2014-01-15 17:20 . 2013-11-27 01:42	7808	----a-w-	c:\windows\system32\drivers\usbd.sys
2014-01-15 17:20 . 2013-11-26 11:40	376768	----a-w-	c:\windows\system32\drivers\netio.sys
2014-01-15 17:20 . 2013-11-26 10:32	3156480	----a-w-	c:\windows\system32\win32k.sys
2013-12-30 10:03 . 2014-01-18 18:18	--------	d-----w-	c:\programdata\Fuuni2Savue
2013-12-30 10:03 . 2013-12-30 10:03	--------	d-----w-	c:\programdata\agcniifgcajngehbpgemhajfiohohdoc
2013-12-30 10:03 . 2014-01-19 21:48	--------	d-----w-	c:\programdata\DownnSSave
2013-12-30 10:03 . 2014-01-19 21:42	--------	d-----w-	c:\programdata\e48e524463011d6f
2013-12-23 11:02 . 2014-01-10 16:39	--------	d-----w-	c:\program files (x86)\Common Files\Steam
2013-12-23 11:02 . 2014-01-19 15:39	--------	d-----w-	c:\program files (x86)\Steam
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-19 07:33 . 2010-11-21 03:27	270496	------w-	c:\windows\system32\MpSigStub.exe
2014-01-18 12:02 . 2012-04-19 15:20	692616	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-01-18 12:02 . 2011-10-27 15:32	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-01-15 19:44 . 2011-10-27 12:11	86054176	----a-w-	c:\windows\system32\MRT.exe
2013-12-19 20:33 . 2013-03-18 18:32	141336	----a-w-	c:\windows\SysWow64\nvinit.dll
2013-12-19 20:33 . 2011-10-27 19:50	168616	----a-w-	c:\windows\system32\nvinitx.dll
2013-12-19 18:53 . 2010-11-18 00:41	6671648	----a-w-	c:\windows\system32\nvcpl.dll
2013-12-19 18:53 . 2010-11-18 00:40	3490080	----a-w-	c:\windows\system32\nvsvc64.dll
2013-12-19 18:53 . 2010-11-18 00:41	922912	----a-w-	c:\windows\system32\nvvsvc.exe
2013-12-19 18:53 . 2010-11-18 00:41	63776	----a-w-	c:\windows\system32\nvshext.dll
2013-12-19 18:53 . 2010-11-18 00:41	386336	----a-w-	c:\windows\system32\nvmctray.dll
2013-12-19 18:53 . 2010-11-18 00:41	67072	----a-w-	c:\windows\system32\nv3dappshextr.dll
2013-12-19 18:53 . 2010-11-18 00:41	2559776	----a-w-	c:\windows\system32\nvsvcr.dll
2013-12-19 18:53 . 2010-11-18 00:41	1065248	----a-w-	c:\windows\system32\nv3dappshext.dll
2013-12-19 05:01 . 2010-11-18 00:41	3539040	----a-w-	c:\windows\system32\nvcoproc.bin
2013-11-26 11:54 . 2013-12-12 20:36	23183360	----a-w-	c:\windows\system32\mshtml.dll
2013-11-26 10:19 . 2013-12-12 20:36	2724864	----a-w-	c:\windows\system32\mshtml.tlb
2013-11-26 10:18 . 2013-12-12 20:36	4096	----a-w-	c:\windows\system32\ieetwcollectorres.dll
2013-11-26 09:48 . 2013-12-12 20:36	66048	----a-w-	c:\windows\system32\iesetup.dll
2013-11-26 09:46 . 2013-12-12 20:36	48640	----a-w-	c:\windows\system32\ieetwproxystub.dll
2013-11-26 09:41 . 2013-12-12 20:36	2764288	----a-w-	c:\windows\system32\iertutil.dll
2013-11-26 09:29 . 2013-12-12 20:36	53760	----a-w-	c:\windows\system32\jsproxy.dll
2013-11-26 09:27 . 2013-12-12 20:36	33792	----a-w-	c:\windows\system32\iernonce.dll
2013-11-26 09:23 . 2013-12-12 20:36	2724864	----a-w-	c:\windows\SysWow64\mshtml.tlb
2013-11-26 09:21 . 2013-12-12 20:36	574976	----a-w-	c:\windows\system32\ieui.dll
2013-11-26 09:18 . 2013-12-12 20:36	139264	----a-w-	c:\windows\system32\ieUnatt.exe
2013-11-26 09:18 . 2013-12-12 20:36	111616	----a-w-	c:\windows\system32\ieetwcollector.exe
2013-11-26 09:16 . 2013-12-12 20:36	708608	----a-w-	c:\windows\system32\jscript9diag.dll
2013-11-26 08:57 . 2013-12-12 20:36	218624	----a-w-	c:\windows\system32\ie4uinit.exe
2013-11-26 08:35 . 2013-12-12 20:36	5769216	----a-w-	c:\windows\system32\jscript9.dll
2013-11-26 08:28 . 2013-12-12 20:36	553472	----a-w-	c:\windows\SysWow64\jscript9diag.dll
2013-11-26 08:16 . 2013-12-12 20:36	4243968	----a-w-	c:\windows\SysWow64\jscript9.dll
2013-11-26 08:02 . 2013-12-12 20:36	1995264	----a-w-	c:\windows\system32\inetcpl.cpl
2013-11-26 07:48 . 2013-12-12 20:36	12996608	----a-w-	c:\windows\system32\ieframe.dll
2013-11-26 07:32 . 2013-12-12 20:36	1928192	----a-w-	c:\windows\SysWow64\inetcpl.cpl
2013-11-26 07:07 . 2013-12-12 20:36	2334208	----a-w-	c:\windows\system32\wininet.dll
2013-11-26 06:40 . 2013-12-12 20:36	1395200	----a-w-	c:\windows\system32\urlmon.dll
2013-11-26 06:34 . 2013-12-12 20:36	817664	----a-w-	c:\windows\system32\ieapfltr.dll
2013-11-26 06:33 . 2013-12-12 20:36	1820160	----a-w-	c:\windows\SysWow64\wininet.dll
2013-11-23 18:26 . 2013-12-12 14:02	417792	----a-w-	c:\windows\SysWow64\WMPhoto.dll
2013-11-23 17:47 . 2013-12-12 14:02	465920	----a-w-	c:\windows\system32\WMPhoto.dll
2013-11-13 09:33 . 2013-11-13 09:33	940032	----a-w-	c:\windows\system32\MsSpellCheckingFacility.exe
2013-11-13 09:33 . 2013-11-13 09:33	194048	----a-w-	c:\windows\SysWow64\elshyph.dll
2013-11-13 09:33 . 2013-11-13 09:33	71680	----a-w-	c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-11-13 09:33 . 2013-11-13 09:33	645120	----a-w-	c:\windows\SysWow64\jsIntl.dll
2013-11-13 09:33 . 2013-11-13 09:33	235008	----a-w-	c:\windows\system32\elshyph.dll
2013-11-13 09:33 . 2013-11-13 09:33	182272	----a-w-	c:\windows\SysWow64\msls31.dll
2013-11-13 09:33 . 2013-11-13 09:33	62464	----a-w-	c:\windows\SysWow64\tdc.ocx
2013-11-13 09:33 . 2013-11-13 09:33	61952	----a-w-	c:\windows\SysWow64\iesetup.dll
2013-11-13 09:33 . 2013-11-13 09:33	454656	----a-w-	c:\windows\SysWow64\vbscript.dll
2013-11-13 09:33 . 2013-11-13 09:33	34816	----a-w-	c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2013-11-13 09:33 . 2013-11-13 09:33	337408	----a-w-	c:\windows\SysWow64\html.iec
2013-11-13 09:33 . 2013-11-13 09:33	24576	----a-w-	c:\windows\SysWow64\licmgr10.dll
2013-11-13 09:33 . 2013-11-13 09:33	151552	----a-w-	c:\windows\SysWow64\iexpress.exe
2013-11-13 09:33 . 2013-11-13 09:33	139264	----a-w-	c:\windows\SysWow64\wextract.exe
2013-11-13 09:33 . 2013-11-13 09:33	1051136	----a-w-	c:\windows\SysWow64\mshtmlmedia.dll
2013-11-13 09:33 . 2013-11-13 09:33	86016	----a-w-	c:\windows\SysWow64\iesysprep.dll
2013-11-13 09:33 . 2013-11-13 09:33	74240	----a-w-	c:\windows\SysWow64\SetIEInstalledDate.exe
2013-11-13 09:33 . 2013-11-13 09:33	61952	----a-w-	c:\windows\SysWow64\MshtmlDac.dll
2013-11-13 09:33 . 2013-11-13 09:33	51200	----a-w-	c:\windows\SysWow64\ieetwproxystub.dll
2013-11-13 09:33 . 2013-11-13 09:33	48640	----a-w-	c:\windows\SysWow64\mshtmler.dll
2013-11-13 09:33 . 2013-11-13 09:33	36352	----a-w-	c:\windows\SysWow64\imgutil.dll
2013-11-13 09:33 . 2013-11-13 09:33	13312	----a-w-	c:\windows\SysWow64\mshta.exe
2013-11-13 09:33 . 2013-11-13 09:33	112128	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2013-11-13 09:33 . 2013-11-13 09:33	111616	----a-w-	c:\windows\SysWow64\IEAdvpack.dll
2013-11-13 09:33 . 2013-11-13 09:33	942592	----a-w-	c:\windows\system32\jsIntl.dll
2013-11-13 09:33 . 2013-11-13 09:33	86016	----a-w-	c:\windows\system32\RegisterIEPKEYs.exe
2013-11-13 09:33 . 2013-11-13 09:33	247808	----a-w-	c:\windows\system32\msls31.dll
2013-11-13 09:33 . 2013-11-13 09:33	90112	----a-w-	c:\windows\system32\SetIEInstalledDate.exe
2013-11-13 09:33 . 2013-11-13 09:33	84992	----a-w-	c:\windows\system32\mshtmled.dll
2013-11-13 09:33 . 2013-11-13 09:33	81408	----a-w-	c:\windows\system32\icardie.dll
2013-11-13 09:33 . 2013-11-13 09:33	77312	----a-w-	c:\windows\system32\tdc.ocx
2013-11-13 09:33 . 2013-11-13 09:33	616104	----a-w-	c:\windows\system32\ieapfltr.dat
2013-11-13 09:33 . 2013-11-13 09:33	52224	----a-w-	c:\windows\system32\msfeedsbs.dll
2013-11-13 09:33 . 2013-11-13 09:33	48640	----a-w-	c:\windows\system32\mshtmler.dll
2013-11-13 09:33 . 2013-11-13 09:33	453120	----a-w-	c:\windows\system32\dxtmsft.dll
2013-11-13 09:33 . 2013-11-13 09:33	413696	----a-w-	c:\windows\system32\html.iec
2013-11-13 09:33 . 2013-11-13 09:33	40448	----a-w-	c:\windows\system32\JavaScriptCollectionAgent.dll
2013-11-13 09:33 . 2013-11-13 09:33	30208	----a-w-	c:\windows\system32\licmgr10.dll
2013-11-13 09:33 . 2013-11-13 09:33	296960	----a-w-	c:\windows\system32\dxtrans.dll
2013-11-13 09:33 . 2013-11-13 09:33	263376	----a-w-	c:\windows\system32\iedkcs32.dll
2013-11-13 09:33 . 2013-11-13 09:33	243200	----a-w-	c:\windows\system32\webcheck.dll
2013-11-13 09:33 . 2013-11-13 09:33	235520	----a-w-	c:\windows\system32\url.dll
2013-11-13 09:33 . 2013-11-13 09:33	195584	----a-w-	c:\windows\system32\msrating.dll
2013-11-13 09:33 . 2013-11-13 09:33	13312	----a-w-	c:\windows\system32\msfeedssync.exe
2013-11-13 09:33 . 2013-11-13 09:33	131072	----a-w-	c:\windows\system32\IEAdvpack.dll
2013-11-13 09:33 . 2013-11-13 09:33	1228800	----a-w-	c:\windows\system32\mshtmlmedia.dll
2013-11-13 09:33 . 2013-11-13 09:33	105984	----a-w-	c:\windows\system32\iesysprep.dll
2013-11-13 09:33 . 2013-11-13 09:33	101376	----a-w-	c:\windows\system32\inseng.dll
2013-11-13 09:33 . 2013-11-13 09:33	143872	----a-w-	c:\windows\system32\wextract.exe
2013-11-13 09:33 . 2013-11-13 09:33	83968	----a-w-	c:\windows\system32\MshtmlDac.dll
2013-11-13 09:33 . 2013-11-13 09:33	774144	----a-w-	c:\windows\system32\jscript.dll
2013-11-13 09:33 . 2013-11-13 09:33	626176	----a-w-	c:\windows\system32\msfeeds.dll
2013-11-13 09:33 . 2013-11-13 09:33	62464	----a-w-	c:\windows\system32\pngfilt.dll
2013-11-13 09:33 . 2013-11-13 09:33	548352	----a-w-	c:\windows\system32\vbscript.dll
2013-11-13 09:33 . 2013-11-13 09:33	48128	----a-w-	c:\windows\system32\imgutil.dll
2013-11-13 09:33 . 2013-11-13 09:33	167424	----a-w-	c:\windows\system32\iexpress.exe
2013-11-13 09:33 . 2013-11-13 09:33	147968	----a-w-	c:\windows\system32\occache.dll
2013-11-13 09:33 . 2013-11-13 09:33	13824	----a-w-	c:\windows\system32\mshta.exe
2013-11-13 09:33 . 2013-11-13 09:33	135680	----a-w-	c:\windows\system32\iepeers.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"Spotify Web Helper"="c:\users\*****\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2013-12-14 1168896]
"HP Photosmart 5510 series (NET)"="c:\program files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe" [2011-09-16 2676584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IndicatorUtility"="c:\program files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe" [2010-09-30 48752]
"snp2uvc"="c:\windows\vsnp2uvc.exe" [2009-08-13 662016]
"DeskUpdateNotifier"="c:\fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe" [2010-10-13 97560]
"UCam_Menu"="c:\program files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"YouCam Mirror Tray icon"="c:\program files (x86)\CyberLink\YouCam\YouCamTray.exe" [2009-07-08 162912]
"SSBkgdUpdate"="c:\program files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
"OpwareSE4"="c:\program files (x86)\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2007-02-04 79400]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2011-03-24 49208]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
LaunchCenter.lnk - c:\program files\Fujitsu\LaunchCenter\LaunchCenter.exe [2011-4-12 375296]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 tor;Tor Win32 Service;c:\program files (x86)\Tor\tor.exe;c:\program files (x86)\Tor\tor.exe [x]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys;c:\windows\SYSNATIVE\Drivers\ssadadb.sys [x]
R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys;c:\windows\SYSNATIVE\drivers\intelaud.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SMARTMouseFilterx64;HID-compliant mouse;c:\windows\system32\DRIVERS\SMARTMouseFilterx64.sys;c:\windows\SYSNATIVE\DRIVERS\SMARTMouseFilterx64.sys [x]
R3 SMARTVHidMiniVistaAmd64;SMART HID Device;c:\windows\system32\DRIVERS\SMARTVHidMiniVistaAmd64.sys;c:\windows\SYSNATIVE\DRIVERS\SMARTVHidMiniVistaAmd64.sys [x]
R3 SMARTVTabletPCx64;SMART Virtual TabletPC;c:\windows\system32\DRIVERS\SMARTVTabletPCx64.sys;c:\windows\SYSNATIVE\DRIVERS\SMARTVTabletPCx64.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 FBIOSDRV;Fujitsu BIOS Driver;c:\windows\System32\Drivers\FBIOSDRV.sys;c:\windows\SYSNATIVE\Drivers\FBIOSDRV.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 PFNService;PFNService;c:\program files\Fujitsu\Plugfree NETWORK\PFNService.exe;c:\program files\Fujitsu\Plugfree NETWORK\PFNService.exe [x]
S2 PowerSavingUtilityService;PowerSavingUtilityService;c:\program files\Fujitsu\PSUtility\PSUService.exe;c:\program files\Fujitsu\PSUtility\PSUService.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
S3 FUJ02E3;Fujitsu FUJ02E3 Device Driver;c:\windows\system32\drivers\FUJ02E3.sys;c:\windows\SYSNATIVE\drivers\FUJ02E3.sys [x]
S3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys;c:\windows\SYSNATIVE\DRIVERS\iwdbus.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-12-06 18:44	1210320	----a-w-	c:\program files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-01-19 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-21 12:02]
.
2014-01-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-25 18:49]
.
2014-01-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-25 18:49]
.
2014-01-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2109869091-239777414-2284813190-1001Core.job
- c:\users\*****\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-07 19:18]
.
2014-01-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2109869091-239777414-2284813190-1001UA.job
- c:\users\*****\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-07 19:18]
.
2014-01-19 c:\windows\Tasks\HP Photo Creations Messager.job
- c:\programdata\HP Photo Creations\MessageCheck.exe [2011-02-15 10:11]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2010-11-03 10228224]
"LoadFUJ02E3"="c:\program files\Fujitsu\FUJ02E3\FUJ02E3.exe" [2010-06-08 45680]
"FDM7"="c:\program files\Fujitsu\FDM7\FdmDaemon.exe" [2009-11-26 164712]
"PSUTility"="c:\program files\Fujitsu\PSUtility\TrayManager.exe" [2010-11-13 199528]
"PfNet"="c:\program files\Fujitsu\Plugfree NETWORK\PfNet.exe" [2010-10-07 6311424]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-12-07 11663464]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-04-20 168216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-04-20 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-04-20 416024]
"IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-01-05 1933584]
"snp2uvc"="c:\windows\vsnp2uvc.exe" [2009-08-13 662016]
"LoadFujitsuQuickTouch"="c:\program files\Fujitsu\Application Panel\QuickTouch.exe" [2010-07-16 162416]
"LoadBtnHnd"="c:\program files\Fujitsu\Application Panel\BtnHnd.exe" [2010-07-09 21616]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 1266912]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2013-12-10 2279712]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2013-12-10 1100248]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
uInternet Settings,ProxyServer = 10.0.0.138:80
IE: An OneNote s&enden - c:\progra~1\MICROS~2\Office15\ONBttnIE.dll/105
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~2\Office15\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.138
TCP: Interfaces\{41FD9069-21D6-40EB-9555-F0F6DDCFA8FB}: NameServer = 0.0.0.0
FF - ProfilePath - c:\users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\ci75rvj2.default\
FF - prefs.js: browser.startup.homepage - hxxps://www.google.com/
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001\Software\Microsoft\Internet Explorer\Approved Extensions]
@DACL=(02 0000)
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,3b,1b,0c,14,cc,
   01,93,b3,ea,06,b9,94,b9,17,8e,6e,f1,d8
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,3b,1b,74,c8,23,
   89,3c,17,d6,0e,92,ce,12,24,74,48,2f,dd
"{32004B8A-44A9-43E7-84E9-808838809519}"=hex:51,66,7a,6c,4c,1d,3b,1b,9a,57,13,
   2b,97,1f,8e,07,98,eb,c3,c8,3a,c0,d9,02
"{AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2}"=hex:51,66,7a,6c,4c,1d,3b,1b,00,ec,5e,
   b4,c3,b9,a7,07,9a,48,28,91,ef,85,d6,d9
"{4D2D3B0F-69BE-477A-90F5-FDDB05357975}"=hex:51,66,7a,6c,4c,1d,3b,1b,1f,27,3e,
   54,80,32,13,03,8c,f7,be,9b,07,75,35,6e
"{98889811-442D-49DD-99D7-DC866BE87DBC}"=hex:51,66,7a,6c,4c,1d,3b,1b,01,84,9b,
   81,13,1f,b4,0d,85,d5,9f,c6,69,a8,31,a7
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}]
@DACL=(02 0000)
@="Java Plug-in 10.17.2"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.0_03"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.0_04"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.0_05"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_01"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_01"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_02"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_02"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_03"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_03"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_04"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_04"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_05"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_05"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_06"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_06"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_07"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_07"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_08"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_08"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_09"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_09"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_10"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_10"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_11"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_11"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_12"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_12"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_13"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_13"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_14"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_14"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_15"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_15"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_16"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_16"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_17"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_17"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_18"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_18"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_19"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_19"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_20"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_20"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_21"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_21"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_01"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_01"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_02"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_02"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_03"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_03"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_04"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_04"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_01"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_01"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_02"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_02"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_03"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_03"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_04"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_04"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_05"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_05"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_06"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_06"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_07"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_07"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_01"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_01"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_02"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_02"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_03"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_03"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_04"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_04"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_05"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_05"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_06"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_06"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_07"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_07"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_08"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_08"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_09"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_09"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_10"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_10"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_11"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_11"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_12"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_12"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_13"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_13"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_14"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_14"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_15"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_15"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_16"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_16"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_17"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_17"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_18"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_18"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_19"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_19"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_20"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_20"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_21"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_21"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_22"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_22"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_23"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_23"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_24"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_24"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_25"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_25"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_26"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_26"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_27"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_27"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_28"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_28"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_29"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_29"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_30"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_30"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_31"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_31"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0032-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_32"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0032-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_32"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0033-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_33"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0033-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_33"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_34"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_34"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0035-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_35"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0035-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_35"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0036-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_36"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0036-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_36"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0037-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_37"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0037-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_37"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0038-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_38"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0038-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_38"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0039-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_39"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0039-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_39"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0040-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_40"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0040-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_40"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0041-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_41"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0041-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_41"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0042-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_42"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0042-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_42"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-FFFF-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_01"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_01"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_01"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_02"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_02"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_02"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_03"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_03"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_03"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_04"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_04"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_04"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_05"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_05"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_05"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_06"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_06"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_06"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_07"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_07"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_07"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_08"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_08"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_08"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_09"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_09"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_09"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_10"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_10"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_10"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_11"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_11"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_11"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_12"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_12"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_12"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_13"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_13"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_13"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_14"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_14"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_14"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_15"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_15"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_15"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_16"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_16"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_16"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_17"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_17"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_17"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_18"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_18"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_18"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_19"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_19"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_19"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_20"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_20"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_20"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_21"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_21"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_21"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_22"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_22"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_22"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_23"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_23"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_23"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_24"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_24"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_24"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_25"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_25"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_25"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_26"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_26"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_26"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_27"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_27"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_27"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_28"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_28"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_28"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_29"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_29"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_29"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_30"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_30"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_30"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_31"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_31"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_31"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_32"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_32"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_32"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_33"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_33"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_33"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_34"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_34"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_34"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_35"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_35"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_35"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_36"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_36"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_36"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_37"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_37"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_37"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_38"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_38"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_38"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_39"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_39"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_39"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_40"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_40"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_40"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_41"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_41"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_41"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-FFFF-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_01"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_01"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_01"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_02"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_02"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_02"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_03"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_03"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_03"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_04"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_04"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_04"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_05"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_05"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_05"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_06"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_06"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_06"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_07"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_07"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_07"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_08"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_08"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_08"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_09"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_09"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_09"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_10"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_10"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_10"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_11"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_11"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_11"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_12"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_12"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_12"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_13"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_13"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_13"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_14"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_14"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_14"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_15"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_15"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_15"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_16"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_16"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_16"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_17"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_17"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_17"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_18"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_18"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_18"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_19"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_19"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_19"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_20"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_20"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_20"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_21"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_21"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_21"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_22"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_22"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_22"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_23"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_23"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_23"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_24"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_24"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_24"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_25"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_25"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_25"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_26"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_26"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_26"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_27"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_27"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_27"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_28"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_28"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_28"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_29"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_29"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_29"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_30"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_30"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_30"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_31"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_31"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_31"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_32"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_32"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_32"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_33"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_33"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_33"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_34"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_34"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_34"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_35"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_35"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_35"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_36"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_36"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_36"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_37"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_37"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_37"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_38"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_38"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_38"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_39"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_39"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_39"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_40"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_40"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_40"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_41"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_41"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_41"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_42"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_42"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_42"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_43"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_43"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_43"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-FFFF-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_01"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_01"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_01"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_02"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_02"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_02"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_03"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_03"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_03"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_04"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_04"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_04"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_05"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_05"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_05"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_06"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_06"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_06"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_07"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_07"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_07"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_08"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_08"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_08"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_09"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_09"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_09"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_10"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_10"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_10"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_11"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_11"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_11"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_12"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_12"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_12"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_13"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_13"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_13"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_14"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_14"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_14"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_15"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_15"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_15"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_16"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_16"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_16"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_17"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_17"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_17"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-FFFF-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 10.17.2"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{E19F9331-3110-11D4-991C-005004D3B3DB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.0_02"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-01-19  23:17:35
ComboFix-quarantined-files.txt  2014-01-19 22:17
.
Vor Suchlauf: 19 Verzeichnis(se), 398.157.516.800 Bytes frei
Nach Suchlauf: 23 Verzeichnis(se), 397.858.271.232 Bytes frei
.
- - End Of File - - 4C90BCF9BEA4CA411BCDE972F3822767
         

Alt 19.01.2014, 23:29   #8
aharonov
/// TB-Ausbilder
 
Windows 7: Laptop wurde sehr langsam - Standard

Windows 7: Laptop wurde sehr langsam



Läuft der Rechner immer noch so schlecht?


Schritt 1

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
S2 tor; C:\Program Files (x86)\Tor\tor.exe [3233806 2013-08-31] ()
C:\Program Files (x86)\Tor
2014-01-19 22:42 - 2014-01-19 22:42 - 00000000 ____D C:\Program Files (x86)\DownnSSave
2014-01-18 19:14 - 2014-01-18 19:14 - 00000000 ____D C:\Program Files (x86)\Fuuni2Savue
2013-12-30 11:03 - 2014-01-19 22:48 - 00000000 ____D C:\ProgramData\DownnSSave
2013-12-30 11:03 - 2014-01-19 22:42 - 00000000 ____D C:\ProgramData\e48e524463011d6f
2013-12-30 11:03 - 2014-01-18 19:18 - 00000000 ____D C:\ProgramData\Fuuni2Savue
2013-12-30 11:03 - 2013-12-30 11:03 - 00000000 ____D C:\ProgramData\agcniifgcajngehbpgemhajfiohohdoc
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.




Schritt 2

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.




Schritt 3


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset




Schritt 4

Starte noch einmal FRST.
  • Ändere keine der Voreinstellungen und drücke auf Scan.
  • Wenn der Scan abgeschlossen ist, werden ein neues Logfile FRST.txt erstellt und auf dem Desktop gespeichert.
  • Poste den Inhalt dieses Logfiles bitte hier in deinen Thread.



Bitte poste in deiner nächsten Antwort:
  • Fixlog von FRST
  • Log von MBAM
  • Log von ESET
  • Log von FRST
__________________
cheers,
Leo

Alt 20.01.2014, 20:36   #9
Hilfe123
 
Windows 7: Laptop wurde sehr langsam - Standard

Windows 7: Laptop wurde sehr langsam



das mit dem fixen habe ich geschafft, aber Malwarebytee Anti-Malware bleibt immer hängen :/

Kannst du mir da helfen?

LG


Update:

Ich habe Malwarebytes ein paar mal versucht und es blieb immer hängen und der PC auch...

Ich weiß nicht ob mir das Programm gerade helfen kann :/

LG

Alt 20.01.2014, 21:00   #10
aharonov
/// TB-Ausbilder
 
Windows 7: Laptop wurde sehr langsam - Standard

Windows 7: Laptop wurde sehr langsam



Dann mach mal mit dem nächsten Schritte weiter.
__________________
cheers,
Leo

Alt 21.01.2014, 18:05   #11
Hilfe123
 
Windows 7: Laptop wurde sehr langsam - Standard

Windows 7: Laptop wurde sehr langsam



Ich habe Eset OnlineScanner auch versucht... Es ist soo erniedrigend...
Es war bei 93%, habe nebenbei ein paar Aufgaben für die Schule erledigt und dann Passierte das:

Nach ca. 3 h warten hat es sich einfach so geschlossen -.-

das macht mich langsam fertig... muss ich das jetzt nochmal machen oder hast du auch eine andere Lösung...

LG

Alt 22.01.2014, 20:10   #12
Hilfe123
 
Windows 7: Laptop wurde sehr langsam - Standard

Windows 7: Laptop wurde sehr langsam



Ich habe sie jetzt alle noch einmal versucht, Malewarebytes habe ich kurz bevor er abgestürtzt ist noch geschafft zu pausieren und eine log datei zu machen, ESET OnlineScanner
habe ich bis 68% geschafft... Mein Computer hängt sich bei den Programmen immer auf :/ ich habe auch nochmal FRST gemacht, wie es da gestanden ist, lass uns mal schauen ob die logs weiterhelfen

Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 19-01-2014 03
Ran by ***** at 2014-01-20 15:25:40 Run:1
Running from C:\Users\*****\Desktop\Felix
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
S2 tor; C:\Program Files (x86)\Tor\tor.exe [3233806 2013-08-31] ()
C:\Program Files (x86)\Tor
2014-01-19 22:42 - 2014-01-19 22:42 - 00000000 ____D C:\Program Files (x86)\DownnSSave
2014-01-18 19:14 - 2014-01-18 19:14 - 00000000 ____D C:\Program Files (x86)\Fuuni2Savue
2013-12-30 11:03 - 2014-01-19 22:48 - 00000000 ____D C:\ProgramData\DownnSSave
2013-12-30 11:03 - 2014-01-19 22:42 - 00000000 ____D C:\ProgramData\e48e524463011d6f
2013-12-30 11:03 - 2014-01-18 19:18 - 00000000 ____D C:\ProgramData\Fuuni2Savue
2013-12-30 11:03 - 2013-12-30 11:03 - 00000000 ____D C:\ProgramData\agcniifgcajngehbpgemhajfiohohdoc
*****************

tor => Service deleted successfully.
C:\Program Files (x86)\Tor => Moved successfully.
C:\Program Files (x86)\DownnSSave => Moved successfully.
C:\Program Files (x86)\Fuuni2Savue => Moved successfully.
C:\ProgramData\DownnSSave => Moved successfully.
C:\ProgramData\e48e524463011d6f => Moved successfully.
C:\ProgramData\Fuuni2Savue => Moved successfully.
C:\ProgramData\agcniifgcajngehbpgemhajfiohohdoc => Moved successfully.


The system needs a manual reboot. 

==== End of Fixlog ====
         
Code:
ATTFilter
 Malwarebytes Anti-Malware  (Test) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.01.22.08

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
***** :: *****-NB01 [Administrator]

Schutz: Aktiviert

22.01.2014 18:51:15
MBAM-log-2014-01-22 (18-51-59).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 24661
Laufzeit: 18 Sekunde(n) [Abgebrochen]

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 1
HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252} (PUP.Optional.GreatSaver.A) -> Keine Aktion durchgeführt.

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 2
C:\ProgramData\InstallMate\{84D28449-3079-4E93-AC78-785B5F31A6BF}\Custom.dll (PUP.Optional.InstalleRex) -> Keine Aktion durchgeführt.
C:\ProgramData\InstallMate\{AE6D961B-8554-429A-A071-CD76758EB4ED}\Custom.dll (PUP.Optional.InstalleRex) -> Keine Aktion durchgeführt.

(Ende)
         
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=f4f8bce9c0b52c4bb4529719aa7b2c9f
# engine=16733
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-01-21 02:57:23
# local_time=2014-01-21 03:57:23 (+0100, Mitteleuropäische Zeit)
# country="Austria"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 100 94 16776557 141946093 0 0
# scanned=1680
# found=2
# cleaned=0
# scan_time=372
sh=3AEF532A0211CE7869F0EB51E940D9E0C7CAE321 ft=1 fh=c7560653d3ee2314 vn="a variant of Win32/Adware.Yontoo.B application" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll.vir"
sh=A55B58C952BBE80889BBB83843AADED6831D6670 ft=1 fh=c388bfc9f940b095 vn="Win64/Adware.MediaFinder.A application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\\AppData\Roaming\Media Finder\Extensions\IEPlugin64.dll.vir"
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=f4f8bce9c0b52c4bb4529719aa7b2c9f
# engine=16736
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-01-21 05:58:03
# local_time=2014-01-21 06:58:03 (+0100, Mitteleuropäische Zeit)
# country="Austria"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 100 94 16787397 141956933 0 0
# scanned=1423
# found=2
# cleaned=0
# scan_time=39
sh=3AEF532A0211CE7869F0EB51E940D9E0C7CAE321 ft=1 fh=c7560653d3ee2314 vn="a variant of Win32/Adware.Yontoo.B application" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll.vir"
sh=A55B58C952BBE80889BBB83843AADED6831D6670 ft=1 fh=c388bfc9f940b095 vn="Win64/Adware.MediaFinder.A application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\\AppData\Roaming\Media Finder\Extensions\IEPlugin64.dll.vir"
ESETSmartInstaller@High as downloader log:
all ok
         
FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-01-2014 02
Ran by ***** (administrator) on *****-NB01 on 22-01-2014 21:04:16
Running from C:\Users\*****\Desktop\Felix\Ordner
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\PSUService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\TrayManager.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Sonix) C:\Windows\vsnp2uvc.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Spotify Ltd) C:\Users\*****\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe
(FUJITSU LIMITED) C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
(Fujitsu Technology Solutions) C:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpWareSE4.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNetDm.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1886504 2009-11-19] (Synaptics Incorporated)
HKLM\...\Run: [BTMTrayAgent] - C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [10228224 2010-11-03] (Intel Corporation)
HKLM\...\Run: [LoadFUJ02E3] - C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe [45680 2010-06-08] (FUJITSU LIMITED)
HKLM\...\Run: [FDM7] - C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe [164712 2009-11-26] (FUJITSU LIMITED)
HKLM\...\Run: [PSUTility] - C:\Program Files\Fujitsu\PSUtility\TrayManager.exe [199528 2010-11-13] (FUJITSU LIMITED)
HKLM\...\Run: [PfNet] - C:\Program Files\Fujitsu\Plugfree NETWORK\PfNet.exe [6311424 2010-10-07] (FUJITSU LIMITED)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11663464 2010-12-07] (Realtek Semiconductor)
HKLM\...\Run: [IntelWireless] - C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1933584 2011-01-05] (Intel(R) Corporation)
HKLM\...\Run: [snp2uvc] - C:\Windows\vsnp2uvc.exe [662016 2009-08-13] (Sonix)
HKLM\...\Run: [LoadFujitsuQuickTouch] - C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe [162416 2010-07-16] (FUJITSU LIMITED)
HKLM\...\Run: [LoadBtnHnd] - C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [21616 2010-07-09] (FUJITSU LIMITED)
HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-10] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\nvspcap64.dll [1100248 2013-12-10] (NVIDIA Corporation)
HKLM-x32\...\Run: [IndicatorUtility] - C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe [48752 2010-09-30] (FUJITSU LIMITED)
HKLM-x32\...\Run: [snp2uvc] - C:\Windows\vsnp2uvc.exe [662016 2009-08-13] (Sonix)
HKLM-x32\...\Run: [DeskUpdateNotifier] - c:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe [97560 2010-10-13] (Fujitsu Technology Solutions)
HKLM-x32\...\Run: [UCam_Menu] - C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [YouCam Mirror Tray icon] - C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe [162912 2009-07-08] (CyberLink Corp.)
HKLM-x32\...\Run: [SSBkgdUpdate] - C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [OpwareSE4] - C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpwareSE4.exe [79400 2007-02-04] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-03-24] (Hewlett-Packard)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\*****\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1168896 2013-12-14] (Spotify Ltd)
HKCU\...\Run: [HP Photosmart 5510 series (NET)] - C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe [2676584 2011-09-16] (Hewlett-Packard Co.)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [168616 2013-12-19] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\Windows\SysWOW64\nvinit.dll => c:\Windows\SysWOW64\nvinit.dll [141336 2013-12-19] (NVIDIA Corporation)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk
ShortcutTarget: LaunchCenter.lnk -> C:\Program Files\Fujitsu\LaunchCenter\LaunchCenter.exe (Fujitsu Technology Solutions)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk
ShortcutTarget: LaunchCenter.lnk -> C:\Program Files\Fujitsu\LaunchCenter\LaunchCenter.exe (Fujitsu Technology Solutions)

==================== Internet (Whitelisted) ====================

ProxyServer: 10.0.0.138:80
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=FTSG&bmod=FTSG
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {AE592437-2644-4A6B-972C-8D5A23AF96C4} URL = hxxp://ecosia.org/search.php?q={searchTerms}&addon=opensearch
SearchScopes: HKCU - {BF15C0A1-A07F-470D-871A-6C8960C0ECBF} URL = 
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{41FD9069-21D6-40EB-9555-F0F6DDCFA8FB}: [NameServer]0.0.0.0

FireFox:
========
FF ProfilePath: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\ci75rvj2.default
FF Homepage: https://www.google.com/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @java.com/DTPlugin,version=10.17.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.17.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\*****\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\*****\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\*****\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\*****\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\*****\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\*****\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\*****\AppData\Roaming\mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin ProgramFiles/Appdata: C:\Users\*****\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml

Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR Extension: (Google Drive) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-02]
CHR Extension: (YouTube) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-02]
CHR Extension: (Google Search) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-02]
CHR Extension: (No Name) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\elgfababjopgjalkgbfndlempbfdiecf [2013-12-06]
CHR Extension: (Google Wallet) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-02]
CHR Extension: (No Name) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-02]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Users\*****\AppData\Roaming\DVDVideoSoft\dvsYoutubeDownload.crx [2012-10-31]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-03-02]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-01-05] ()
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-10] (NVIDIA Corporation)
R2 PFNService; C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe [331776 2010-10-07] (FUJITSU LIMITED)
R2 PowerSavingUtilityService; C:\Program Files\Fujitsu\PSUtility\PSUService.exe [63336 2010-06-17] (FUJITSU LIMITED)

==================== Drivers (Whitelisted) ====================

R0 FBIOSDRV; C:\Windows\System32\Drivers\FBIOSDRV.sys [21104 2009-06-24] (FUJITSU LIMITED)
R3 FUJ02B1; C:\Windows\System32\DRIVERS\FUJ02B1.sys [7808 2006-11-01] (FUJITSU LIMITED)
R3 FUJ02E3; C:\Windows\system32\drivers\FUJ02E3.sys [7296 2006-11-01] (FUJITSU LIMITED)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)
S3 SMARTMouseFilterx64; C:\Windows\System32\DRIVERS\SMARTMouseFilterx64.sys [13168 2011-07-13] (SMART Technologies ULC)
S3 SMARTVHidMiniVistaAmd64; C:\Windows\System32\DRIVERS\SMARTVHidMiniVistaAmd64.sys [16368 2011-07-13] (SMART Technologies ULC)
S3 SMARTVTabletPCx64; C:\Windows\System32\DRIVERS\SMARTVTabletPCx64.sys [24944 2011-07-13] (SMART Technologies ULC)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1801216 2010-10-09] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-21 15:49 - 2014-01-21 15:49 - 00000000 ____D C:\Program Files (x86)\ESET
2014-01-20 15:28 - 2014-01-20 15:28 - 00000000 ____D C:\Users\*****\AppData\Roaming\Malwarebytes
2014-01-20 15:28 - 2014-01-20 15:28 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-20 15:28 - 2014-01-20 15:28 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-20 15:28 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-20 15:26 - 2014-01-20 15:26 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\*****\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-19 23:40 - 2014-01-22 18:52 - 00001246 _____ C:\Windows\PFRO.log
2014-01-19 23:17 - 2014-01-19 23:17 - 00107630 _____ C:\ComboFix.txt
2014-01-19 22:58 - 2014-01-19 23:17 - 00000000 ____D C:\Qoobox
2014-01-19 22:58 - 2014-01-19 23:16 - 00000000 ____D C:\Windows\erdnt
2014-01-19 22:58 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2014-01-19 22:58 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2014-01-19 22:58 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-01-19 22:58 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-01-19 22:58 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-01-19 22:58 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2014-01-19 22:58 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2014-01-19 22:58 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2014-01-19 22:51 - 2014-01-19 22:52 - 00000000 ____D C:\AdwCleaner
2014-01-19 20:09 - 2014-01-19 20:09 - 01110476 _____ C:\Users\*****\Downloads\7z920.exe
2014-01-19 20:09 - 2014-01-19 20:09 - 00000000 ____D C:\Program Files (x86)\7-Zip
2014-01-19 19:27 - 2014-01-22 21:03 - 00000000 ____D C:\FRST
2014-01-19 19:25 - 2014-01-19 19:25 - 00000000 _____ C:\Users\*****\defogger_reenable
2014-01-19 15:39 - 2014-01-22 21:00 - 00003528 _____ C:\Windows\setupact.log
2014-01-19 15:39 - 2014-01-19 15:39 - 00000000 _____ C:\Windows\setuperr.log
2014-01-19 15:31 - 2014-01-19 15:31 - 00968392 _____ C:\Users\*****\Desktop\CR-FERNWARTUNG.exe
2014-01-19 15:24 - 2014-01-19 15:24 - 00000000 ____D C:\Users\*****\AppData\Local\NVIDIA Corporation
2014-01-19 15:23 - 2014-01-19 15:23 - 00000000 ____D C:\Windows\SysWOW64\NV
2014-01-19 15:23 - 2014-01-19 15:23 - 00000000 ____D C:\Windows\system32\NV
2014-01-19 15:21 - 2014-01-19 15:21 - 00001353 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2014-01-19 15:20 - 2013-12-10 03:15 - 00982232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-01-19 15:20 - 2013-12-10 03:14 - 01100248 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-01-19 15:19 - 2014-01-19 15:19 - 00000000 ____D C:\Users\*****\AppData\Local\NVIDIA
2014-01-19 15:19 - 2014-01-19 15:19 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2014-01-19 15:16 - 2013-12-19 21:33 - 30372640 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 22960416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 18310112 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 18222008 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 15877216 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 15230352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 12645664 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-01-19 15:16 - 2013-12-19 21:33 - 11605752 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 11554264 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 09700224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 09657464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 03132704 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 03125024 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 02947872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 02747680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433221.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433221.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 01436528 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 01242400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 00882464 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 00879392 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 00852768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 00847648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 00032544 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys
2014-01-19 15:16 - 2013-12-05 09:42 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-01-19 15:16 - 2013-12-05 09:42 - 00035104 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2014-01-19 15:16 - 2013-12-05 09:42 - 00032544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-01-19 15:15 - 2013-12-19 21:33 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-01-19 15:15 - 2013-12-19 21:33 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-01-19 15:15 - 2013-12-19 21:33 - 03071656 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-01-19 15:15 - 2013-12-19 21:33 - 02698272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-01-19 15:07 - 2014-01-19 15:13 - 266633424 _____ (NVIDIA Corporation) C:\Users\*****\Downloads\332.21-notebook-win8-win7-64bit-international-whql.exe
2014-01-19 14:36 - 2014-01-19 14:36 - 00000000 ____D C:\Program Files\CPUID
2014-01-19 14:35 - 2014-01-19 14:35 - 01466296 _____ (                                                            ) C:\Users\*****\Downloads\cpu-z_1.68-setup-en.exe
2014-01-19 12:10 - 2014-01-19 12:17 - 00000000 ____D C:\Windows\System32\Tasks\Aufgaben der Ereignisanzeige
2014-01-18 21:44 - 2014-01-18 21:47 - 84496144 _____ (alch                                                        ) C:\Users\*****\Downloads\clamwin-0.98-setup.exe
2014-01-18 01:27 - 2014-01-18 01:27 - 00000000 ____D C:\Users\*****\AppData\Roaming\NVIDIA
2014-01-18 01:26 - 2014-01-18 01:26 - 00000000 ____D C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-01-17 21:41 - 2014-01-17 21:41 - 00000000 ____D C:\Users\*****\Documents\BFBC2
2014-01-15 18:20 - 2013-11-27 02:42 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 18:20 - 2013-11-27 02:42 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 18:20 - 2013-11-27 02:42 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 18:20 - 2013-11-27 02:42 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 18:20 - 2013-11-27 02:42 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 18:20 - 2013-11-27 02:42 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 18:20 - 2013-11-27 02:42 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 18:20 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 18:20 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-09 18:54 - 2014-01-09 18:54 - 01133552 _____ C:\Users\*****\Downloads\SteamSetup.exe
2014-01-06 21:51 - 2014-01-06 21:51 - 00001094 _____ C:\Users\*****\Downloads\Aufgabe8.zip
2014-01-06 21:51 - 2014-01-06 21:51 - 00001094 _____ C:\Users\*****\Downloads\Aufgabe8 (2).zip
2014-01-06 21:51 - 2014-01-06 21:51 - 00001094 _____ C:\Users\*****\Downloads\Aufgabe8 (1).zip
2014-01-06 21:46 - 2014-01-06 21:46 - 00001094 _____ C:\Users\*****\Downloads\Quelle2.zip
2014-01-05 23:04 - 2014-01-05 23:04 - 00004730 _____ C:\Users\*****\Documents\cc_20140105_230142.reg
2013-12-23 12:30 - 2013-12-23 12:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-23 12:02 - 2014-01-19 16:39 - 00000000 ____D C:\Program Files (x86)\Steam

==================== One Month Modified Files and Folders =======

2014-01-22 21:04 - 2013-11-04 13:36 - 00000000 ____D C:\Users\*****\Desktop\Felix
2014-01-22 21:03 - 2014-01-19 19:27 - 00000000 ____D C:\FRST
2014-01-22 21:01 - 2013-11-09 17:35 - 00000256 _____ C:\Windows\Tasks\HP Photo Creations Messager.job
2014-01-22 21:00 - 2014-01-19 15:39 - 00003528 _____ C:\Windows\setupact.log
2014-01-22 21:00 - 2011-11-25 19:49 - 00001104 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-22 20:59 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-22 19:28 - 2013-09-21 13:34 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-22 19:28 - 2011-11-07 20:18 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2109869091-239777414-2284813190-1001UA.job
2014-01-22 19:28 - 2011-10-27 12:01 - 01670322 _____ C:\Windows\WindowsUpdate.log
2014-01-22 19:22 - 2009-07-14 05:45 - 00020944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-22 19:22 - 2009-07-14 05:45 - 00020944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-22 18:52 - 2014-01-19 23:40 - 00001246 _____ C:\Windows\PFRO.log
2014-01-22 18:51 - 2011-04-11 18:26 - 05127210 _____ C:\Windows\system32\perfh007.dat
2014-01-22 18:51 - 2011-04-11 18:26 - 01602660 _____ C:\Windows\system32\perfc007.dat
2014-01-22 18:51 - 2009-07-14 06:13 - 00006520 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-22 15:36 - 2011-11-07 20:18 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2109869091-239777414-2284813190-1001Core.job
2014-01-21 18:43 - 2011-11-25 19:49 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-21 15:49 - 2014-01-21 15:49 - 00000000 ____D C:\Program Files (x86)\ESET
2014-01-21 15:43 - 2013-10-25 20:21 - 00000000 ____D C:\Users\*****\Documents\Visual Studio 2012
2014-01-20 15:28 - 2014-01-20 15:28 - 00000000 ____D C:\Users\*****\AppData\Roaming\Malwarebytes
2014-01-20 15:28 - 2014-01-20 15:28 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-20 15:28 - 2014-01-20 15:28 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-20 15:26 - 2014-01-20 15:26 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\*****\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-19 23:17 - 2014-01-19 23:17 - 00107630 _____ C:\ComboFix.txt
2014-01-19 23:17 - 2014-01-19 22:58 - 00000000 ____D C:\Qoobox
2014-01-19 23:17 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Default
2014-01-19 23:16 - 2014-01-19 22:58 - 00000000 ____D C:\Windows\erdnt
2014-01-19 23:15 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2014-01-19 22:52 - 2014-01-19 22:51 - 00000000 ____D C:\AdwCleaner
2014-01-19 20:09 - 2014-01-19 20:09 - 01110476 _____ C:\Users\*****\Downloads\7z920.exe
2014-01-19 20:09 - 2014-01-19 20:09 - 00000000 ____D C:\Program Files (x86)\7-Zip
2014-01-19 19:25 - 2014-01-19 19:25 - 00000000 _____ C:\Users\*****\defogger_reenable
2014-01-19 19:25 - 2011-10-27 12:04 - 00000000 ____D C:\Users\*****
2014-01-19 16:39 - 2013-12-23 12:02 - 00000000 ____D C:\Program Files (x86)\Steam
2014-01-19 15:39 - 2014-01-19 15:39 - 00000000 _____ C:\Windows\setuperr.log
2014-01-19 15:31 - 2014-01-19 15:31 - 00968392 _____ C:\Users\*****\Desktop\CR-FERNWARTUNG.exe
2014-01-19 15:24 - 2014-01-19 15:24 - 00000000 ____D C:\Users\*****\AppData\Local\NVIDIA Corporation
2014-01-19 15:24 - 2011-10-27 20:50 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2014-01-19 15:23 - 2014-01-19 15:23 - 00000000 ____D C:\Windows\SysWOW64\NV
2014-01-19 15:23 - 2014-01-19 15:23 - 00000000 ____D C:\Windows\system32\NV
2014-01-19 15:23 - 2011-10-27 20:51 - 00000000 ____D C:\ProgramData\NVIDIA
2014-01-19 15:23 - 2011-10-27 12:05 - 00113232 _____ C:\Users\*****\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-19 15:22 - 2009-07-14 05:45 - 00444208 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-19 15:21 - 2014-01-19 15:21 - 00001353 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2014-01-19 15:20 - 2011-10-27 20:50 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2014-01-19 15:20 - 2011-10-27 20:50 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2014-01-19 15:19 - 2014-01-19 15:19 - 00000000 ____D C:\Users\*****\AppData\Local\NVIDIA
2014-01-19 15:19 - 2014-01-19 15:19 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2014-01-19 15:13 - 2014-01-19 15:07 - 266633424 _____ (NVIDIA Corporation) C:\Users\*****\Downloads\332.21-notebook-win8-win7-64bit-international-whql.exe
2014-01-19 15:02 - 2012-01-24 15:09 - 00000000 ____D C:\ProgramData\Microsoft Help
2014-01-19 15:01 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2014-01-19 15:00 - 2010-11-21 08:16 - 00000000 ____D C:\Windows\ShellNew
2014-01-19 14:56 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\System
2014-01-19 14:56 - 2009-07-14 03:34 - 00000387 _____ C:\Windows\win.ini
2014-01-19 14:36 - 2014-01-19 14:36 - 00000000 ____D C:\Program Files\CPUID
2014-01-19 14:35 - 2014-01-19 14:35 - 01466296 _____ (                                                            ) C:\Users\*****\Downloads\cpu-z_1.68-setup-en.exe
2014-01-19 14:14 - 2011-10-27 16:32 - 00000000 ____D C:\Users\*****\AppData\Local\CrashDumps
2014-01-19 12:17 - 2014-01-19 12:10 - 00000000 ____D C:\Windows\System32\Tasks\Aufgaben der Ereignisanzeige
2014-01-19 08:33 - 2010-11-21 04:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-01-18 21:47 - 2014-01-18 21:44 - 84496144 _____ (alch                                                        ) C:\Users\*****\Downloads\clamwin-0.98-setup.exe
2014-01-18 13:02 - 2013-09-21 13:34 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-01-18 13:02 - 2012-04-19 16:20 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-18 13:02 - 2011-11-09 10:30 - 00000000 ____D C:\Users\*****\AppData\Local\Adobe
2014-01-18 13:02 - 2011-10-27 16:32 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-18 01:27 - 2014-01-18 01:27 - 00000000 ____D C:\Users\*****\AppData\Roaming\NVIDIA
2014-01-18 01:26 - 2014-01-18 01:26 - 00000000 ____D C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-01-17 21:41 - 2014-01-17 21:41 - 00000000 ____D C:\Users\*****\Documents\BFBC2
2014-01-15 20:47 - 2013-08-15 10:03 - 00000000 ____D C:\Windows\system32\MRT
2014-01-15 20:44 - 2011-10-27 13:11 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-12 19:41 - 2011-11-05 12:48 - 00000000 ____D C:\Mama
2014-01-11 10:41 - 2011-10-27 17:05 - 00000000 ____D C:\Users\*****\AppData\Roaming\Skype
2014-01-09 19:15 - 2012-09-07 20:46 - 00000000 ____D C:\Users\*****\AppData\Roaming\Spotify
2014-01-09 18:55 - 2012-09-07 20:48 - 00000000 ____D C:\Users\*****\AppData\Local\Spotify
2014-01-09 18:54 - 2014-01-09 18:54 - 01133552 _____ C:\Users\*****\Downloads\SteamSetup.exe
2014-01-09 18:43 - 2011-12-04 10:45 - 00000000 ____D C:\Users\*****\Desktop\Neue Musik
2014-01-06 21:51 - 2014-01-06 21:51 - 00001094 _____ C:\Users\*****\Downloads\Aufgabe8.zip
2014-01-06 21:51 - 2014-01-06 21:51 - 00001094 _____ C:\Users\*****\Downloads\Aufgabe8 (2).zip
2014-01-06 21:51 - 2014-01-06 21:51 - 00001094 _____ C:\Users\*****\Downloads\Aufgabe8 (1).zip
2014-01-06 21:46 - 2014-01-06 21:46 - 00001094 _____ C:\Users\*****\Downloads\Quelle2.zip
2014-01-05 23:04 - 2014-01-05 23:04 - 00004730 _____ C:\Users\*****\Documents\cc_20140105_230142.reg
2013-12-27 14:01 - 2013-10-24 14:03 - 00000000 ____D C:\Program Files (x86)\Ss-Helper
2013-12-27 13:10 - 2011-10-27 12:09 - 00000000 ____D C:\Windows\System32\Tasks\Fujitsu
2013-12-25 18:15 - 2009-07-14 06:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-12-23 15:14 - 2012-05-31 16:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-23 12:31 - 2013-12-23 12:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-13 10:11

==================== End Of Log ============================
         
--- --- ---

Alt 22.01.2014, 20:13   #13
aharonov
/// TB-Ausbilder
 
Windows 7: Laptop wurde sehr langsam - Standard

Windows 7: Laptop wurde sehr langsam



Hm, schau mal, was Emsisoft meint:


Lade dir bitte das Setup von Emsisoft Anti-Malware auf den Desktop herunter.
  • Führe die EmsisoftAntiMalwareSetup.exe aus.
  • Wähle die Sprache Deutsch und akzeptiere die Lizenzvereinbarungen.
  • Drücke dann auf Freeware Modus (nur Scanner, kein Schutz).
  • Belasse im nächsten Fenster die Einstellungen und drücke Weiter.
  • Nachdem der Updatevorgang abgeschlossen ist, klicke auf PC jetzt untersuchen.
  • Wähle bei "PUPs-Erkennung aktivieren" die Option Ja und drücke Weiter.
  • Wähle dann Detail Scan und drücke auf SCAN.
  • Wenn der Scan abgeschlossen ist, lass die Funde nicht entfernen, sondern drücke auf Bericht anzeigen.
  • Poste das sich öffnende Log bitte hier in den Thread.
    (Nachträglich findest du das Log unter Start -> Alle Programme -> Emsisoft Anti-Malware -> Scan Berichte als a2scan_<date>-<time>.txt.)
  • Du kannst Emsisoft danach über die Systemsteuerung deinstallieren, als Freeware On-Demand-Scanner zusätzlich zu deinem Antivirenprogramm behalten oder die Vollversion davon kaufen und dein bestehendes Antivirenprogramm damit ersetzen.
__________________
cheers,
Leo

Alt 22.01.2014, 20:57   #14
Hilfe123
 
Windows 7: Laptop wurde sehr langsam - Standard

Windows 7: Laptop wurde sehr langsam



Der Link von Emsisoft lässt sich nicht öffnen :0
Soll ich es von der Offiziellen Seite downloaden?

LG

Das Programm läuft schon, aber bei den wenigen Fotos braucht der computer sehr lang

Alt 25.01.2014, 14:35   #15
aharonov
/// TB-Ausbilder
 
Windows 7: Laptop wurde sehr langsam - Standard

Windows 7: Laptop wurde sehr langsam



Ja entschuldige, mein Link war tatsächlich leer.
Ist der Scan mittlerweile durch?
__________________
cheers,
Leo

Antwort

Themen zu Windows 7: Laptop wurde sehr langsam
absturz, angezeigt, anhang, bat, battlefield, compu, computer, cpu-auslastung, freunde, gemerkt, gen, hänge, hängen, keine rückmeldung, langsam, laptop, nicht mehr, party, rückmeldung, speicher, taskmanager, wieviel, windows, windows 7, öffnen



Ähnliche Themen: Windows 7: Laptop wurde sehr langsam


  1. Windows 8.1 Laptop auf einmal sehr langsam
    Plagegeister aller Art und deren Bekämpfung - 24.06.2016 (42)
  2. laptop läuft sehr langsam, Tastatureingabe oft zeitverzögert, windows 7, 64bit
    Plagegeister aller Art und deren Bekämpfung - 11.10.2015 (21)
  3. Windows 8: Datenträger 0 (C:) ständig auf 100% Leistung und Laptop sehr langsam.
    Log-Analyse und Auswertung - 30.05.2015 (5)
  4. Windows XP: Laptop sehr langsam geworden,oder er reagiert nicht mehr
    Log-Analyse und Auswertung - 30.05.2015 (41)
  5. Windows 7: Bildschirm friert dauernd ein, Laptop sehr langsam.
    Log-Analyse und Auswertung - 28.02.2015 (27)
  6. Windows 7: Task Host Window, Laptop sehr langsam
    Log-Analyse und Auswertung - 11.02.2015 (21)
  7. Laptop sehr langsam und wird schnell heiß wenn man games zockt virus? internet spackt auch oft ab (nur laptop)
    Plagegeister aller Art und deren Bekämpfung - 06.12.2014 (3)
  8. Kurz nach Update auf Windows 8.1 Laptop sehr langsam und scheinbar Arbeitsspeicher zu gering
    Plagegeister aller Art und deren Bekämpfung - 27.11.2014 (17)
  9. Laptop ist immer sehr sehr langsam
    Alles rund um Windows - 30.10.2014 (14)
  10. Windows 7 Laptop wird manchmal sehr langsam oder hängt sich ganz auf
    Log-Analyse und Auswertung - 26.08.2014 (15)
  11. Laptop ist sehr langsam
    Plagegeister aller Art und deren Bekämpfung - 30.07.2014 (3)
  12. Windows 7 / Virus entfernt/ Laptop und Firefox trotzdem sehr langsam
    Plagegeister aller Art und deren Bekämpfung - 06.12.2013 (9)
  13. Mein Laptop fährt nur noch langsam hoch bzw. ist während des Gebrauchs sehr langsam
    Plagegeister aller Art und deren Bekämpfung - 07.05.2013 (21)
  14. Windows 8 / neuer Laptop nach paar Tagen sehr langsam geworden!
    Plagegeister aller Art und deren Bekämpfung - 07.05.2013 (1)
  15. Laptop sehr langsam / sehr wahrscheinlich verseucht / Anti Viren Programme updaten nicht mehr
    Log-Analyse und Auswertung - 05.02.2013 (9)
  16. Laptop sehr schnell, sehr langsam
    Log-Analyse und Auswertung - 15.10.2012 (27)
  17. Laptop plötzlich sehr sehr langsam
    Log-Analyse und Auswertung - 24.09.2008 (1)

Zum Thema Windows 7: Laptop wurde sehr langsam - Ich hatte mit meinen Freunden eine Party wo wir ein bisschen gespielt haben. (Battlefield) Seitdem lässt sich bei mir Garry's Mod nicht mehr öffnen (Keine Rückmeldung und Absturz) und mein - Windows 7: Laptop wurde sehr langsam...
Archiv
Du betrachtest: Windows 7: Laptop wurde sehr langsam auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.