Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Windows 7: Neue E-Mail Adresse erstellt und gleich Spoof Mail bekommen... Ebay rät Trojaner Check!

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 27.01.2014, 20:36   #1
Vater Sohn
 
Windows 7: Neue E-Mail Adresse erstellt und gleich Spoof Mail bekommen... Ebay rät Trojaner Check! - Standard

Windows 7: Neue E-Mail Adresse erstellt und gleich Spoof Mail bekommen... Ebay rät Trojaner Check!



Hallo alle zusammen und schon mal Danke für´s helfen..

Ich habe vor kurzem eine neue E-mail Adresse eingerichtet (eine zweit/unter Mail meiner Haupt E-Mail adresee). Ich Brauche sie nur als Adresse für einen Verein. (Wollte nicht meine Haupt Adresse angeben)

Kurz danach habe ich dann Spoof Mails von Ebay(Fake) und PayPal(Fake) bekommen.
Ebay rät dazu nach Trojanern zu suchen.

Also nach einrichten der Mail Adresse Spoof Mails bekommen.
Von zeit zu zeit kommt es auch vor das nach dem PC Start nichts geht.. Browser , Mail programm Starten aber denn erscheint " Keine Rückmeldung" nach einem Neustart ist alles ok!

Ich wüßte aber nicht was ich falsch gemacht habe!! Da mein Sohn aber auch den PC zum Spielen nutzt bin ich mir nicht sicher... Ich hoffe ihr könnt helfen..

Ich bin keine leuchte am PC und bitte bei fehlern um nachsicht. Sollte mein Sohn fehler gemacht haben teilt mir das bitte per Mail mit ich werde das dann mit ihm klären..

DANKE...



Ich habe versucht die Logs in Code einzufügen habe dann eine fehlermeldung bekommen (Text zu Lang) .
Jetzt als Anhang eingefügt.
Hoffe das war richtig so ?
Angehängte Dateien
Dateityp: log defogger_disable.log (582 Bytes, 114x aufgerufen)
Dateityp: txt FRST.txt (50,1 KB, 137x aufgerufen)
Dateityp: txt Addition.txt (66,4 KB, 153x aufgerufen)
Dateityp: log Gmer.log (22,3 KB, 114x aufgerufen)

Geändert von Vater Sohn (27.01.2014 um 20:43 Uhr)

Alt 27.01.2014, 23:16   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 7: Neue E-Mail Adresse erstellt und gleich Spoof Mail bekommen... Ebay rät Trojaner Check! - Standard

Windows 7: Neue E-Mail Adresse erstellt und gleich Spoof Mail bekommen... Ebay rät Trojaner Check!



Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.


So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 28.01.2014, 18:20   #3
Vater Sohn
 
Windows 7: Neue E-Mail Adresse erstellt und gleich Spoof Mail bekommen... Ebay rät Trojaner Check! - Standard

Windows 7: Neue E-Mail Adresse erstellt und gleich Spoof Mail bekommen... Ebay rät Trojaner Check!



Hallo schrauber,

ich hoffe ich mache es jetzt richtig...

Defogger

Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 18:51 on 27/01/2014 (Admin)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...
SPTD -> Disabled (Service running -> reboot required)


-=E.O.F=-
         


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-01-2014
Ran by Admin (administrator) on ADMIN-PC on 27-01-2014 19:04:08
Running from C:\Users\Admin\Desktop\Trojanerbord\Programme
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\avmike.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\certsrv.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(GFI Software Ltd.) C:\Program Files (x86)\GFI\LANguard 9\lnssatt.exe
(GFI Software Ltd.) C:\Program Files (x86)\Common Files\GFI\ReportCenter\Framework v3.5\gfireporterservice.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(AVM Berlin) C:\Program Files\FRITZ!DSL\IGDCTRL.EXE
( ) C:\Windows\System32\lxducoms.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
() C:\ProgramData\TVersity\Media Server\MediaServer.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(VMLite, Inc.) C:\Program Files\VMLite\VMLite Workstation\VMLiteService.exe
(Tablet Driver) C:\Windows\System32\drivers\WTSrv.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Tablet Driver) C:\Windows\SysWOW64\WTClient.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(The Eraser Project) C:\Program Files\Eraser\Eraser.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\MediaSource5\MtdAcqu.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Akamai Technologies, Inc.) C:\Users\Admin\AppData\Local\Akamai\netsession_win.exe
(Spotify Ltd) C:\Users\Admin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Akamai Technologies, Inc.) C:\Users\Admin\AppData\Local\Akamai\netsession_win.exe
(Realtime Soft Ltd) C:\Program Files\UltraMon\UltraMon.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe
(Realtime Soft Ltd) C:\Program Files\UltraMon\UltraMonTaskbar.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(AVM Berlin) C:\Users\Admin\AppData\Local\Apps\2.0\YGD287R3.OLT\3Z9Z33T1.LMN\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Realtime Soft Ltd) C:\Program Files (x86)\Common Files\Realtime Soft\RTSHookInterop\x32\RTSHookInterop.exe
(Mozilla Corporation) C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Users\Admin\Desktop\Tor Browser\Tor\tor.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe
(Realtime Soft Ltd) C:\Program Files\UltraMon\UltraMonUiAcc.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IAAnotif] - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation)
HKLM\...\Run: [Eraser] - C:\Program Files\Eraser\Eraser.exe [980920 2012-05-22] (The Eraser Project)
HKLM-x32\...\Run: [JMB36X IDE Setup] - C:\Windows\RaidTool\xInsIDE.exe [36864 2007-03-20] ()
HKLM-x32\...\Run: [SPIRunE] - Rundll32 SPIRunE.dll,RunDLLEntry
HKLM-x32\...\Run: [VolPanel] - C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe [184320 2007-04-17] (Creative Technology Ltd)
HKLM-x32\...\Run: [WTClient] - C:\Windows\SysWOW64\WTClient.exe [32768 2009-08-19] (Tablet Driver)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-18] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [UnlockerAssistant] - C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe [17408 2010-07-04] ()
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [TkBellExe] - c:\program files (x86)\real\realplayer\Update\realsched.exe [295072 2013-01-10] (RealNetworks, Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM\...\Winlogon: [Userinit] c:\windows\system32\userinit.exe,c:\program files\soluto\soluto.exe /userinit
HKCU\...\Run: [AVMUSBFernanschluss] - C:\Users\Admin\AppData\Local\Apps\2.0\YGD287R3.OLT\3Z9Z33T1.LMN\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\AVMAutoStart.exe [139264 2012-12-26] (AVM Berlin)
HKCU\...\Run: [MtdAcqu] - C:\Program Files (x86)\Creative\MediaSource5\MtdAcqu.exe [278528 2006-03-08] (Creative Technology Ltd)
HKCU\...\Run: [ISUSPM Startup] - C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2004-06-14] (InstallShield Software Corporation)
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\Admin\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\Admin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1199576 2012-11-10] (Spotify Ltd)
HKCU\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x00000000
MountPoints2: I - I:\LaunchU3.exe -a
MountPoints2: {5132780b-3953-11e1-b452-90fba62bc3cb} - I:\setup.exe
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-22] ()

==================== Internet (Whitelisted) ====================

ProxyServer: 216.155.139.115:3128
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_m7810&r=17360110ln0597y263m25yh411cl4s
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Restore = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xD3DA056485D9CE01
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2413} URL = hxxp://www.searchqu.com/web?src=ieb&appid=0&systemid=413&sr=0&q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2413} URL = hxxp://www.searchqu.com/web?src=ieb&appid=0&systemid=413&sr=0&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2413} URL = hxxp://www.searchqu.com/web?src=ieb&appid=0&systemid=413&sr=0&q={searchTerms}
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
SearchScopes: HKLM-x32 - {90C03654-BF89-48C9-ABAB-3C6CFF9C7798} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2413} URL = hxxp://www.searchqu.com/web?src=ieb&appid=0&systemid=413&sr=0&q={searchTerms}
SearchScopes: HKCU - DefaultScope {B224AA02-F7C8-3A2B-859F-560B80767E4A} URL = hxxp://kl.startnow.com/s/?q={searchTerms}&src=defsearch&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=876&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.5.0&install_country=DE&install_date=20130323&user_guid=47BF190103454A438DAB3E559A1FE70D&machine_id=2e58b8b5997ea2b7d8d4aa7ea3d2fa9a&browser=IE&os=win&os_version=6.1-x64-SP1&iesrc={referrer:source}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://startsear.ch/?aff=1&src=sp&cf=ba3dfcf2-fcd0-11e0-b7ad-90fba62bc3cb&q={searchTerms}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKCU - {8BFD13C4-6B9B-4D79-80E6-65FEAE90B4A1} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=3a841be2-e9e4-43b3-8bdf-7bb43ffbf429&apn_sauid=0A2D11D3-53B3-45D5-A49D-D4D9E14347F4
SearchScopes: HKCU - {90C03654-BF89-48C9-ABAB-3C6CFF9C7798} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE368
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2413} URL = hxxp://www.searchqu.com/web?src=ieb&appid=0&systemid=413&sr=0&q={searchTerms}
SearchScopes: HKCU - {B224AA02-F7C8-3A2B-859F-560B80767E4A} URL = hxxp://kl.startnow.com/s/?q={searchTerms}&src=defsearch&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=876&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.5.0&install_country=DE&install_date=20130323&user_guid=47BF190103454A438DAB3E559A1FE70D&machine_id=2e58b8b5997ea2b7d8d4aa7ea3d2fa9a&browser=IE&os=win&os_version=6.1-x64-SP1&iesrc={referrer:source}
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: GetRight IE Helper - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program Files (x86)\GetRight\xx2gr.dll (Headlight Software, Inc.)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Lexmark  - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files (x86)\Lexmark Printable Web\bho.dll ()
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {EFEED92A-A33D-4873-BA8F-32BAA631E54D} -  No File
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - No Name - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} -  No File
Toolbar: HKCU - No Name - {EFEED92A-A33D-4873-BA8F-32BAA631E54D} -  No File
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15101/CTSUEng.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPID.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Winsock: Catalog5 09 %ProgramFiles(x86)%\FRITZ!DSL\\sarah.dll File Not found ()
Winsock: Catalog9 01 C:\Program Files (x86)\FRITZ!DSL\\sarah.dll [28472] (AVM Berlin)
Winsock: Catalog9 02 C:\Program Files (x86)\FRITZ!DSL\\sarah.dll [28472] (AVM Berlin)
Winsock: Catalog9 09 C:\Program Files (x86)\FRITZ!DSL\\sarah.dll [28472] (AVM Berlin)
Winsock: Catalog9 14 C:\Program Files (x86)\FRITZ!DSL\\sarah.dll [28472] (AVM Berlin)
Winsock: Catalog5-x64 09 %ProgramFiles%\FRITZ!DSL\\sarah.dll [34104] (AVM Berlin)
Winsock: Catalog9-x64 01 %ProgramFiles%\FRITZ!DSL\\sarah.dll [34104] (AVM Berlin)
Winsock: Catalog9-x64 02 %ProgramFiles%\FRITZ!DSL\\sarah.dll [34104] (AVM Berlin)
Winsock: Catalog9-x64 09 %ProgramFiles%\FRITZ!DSL\\sarah.dll [34104] (AVM Berlin)
Winsock: Catalog9-x64 14 %ProgramFiles%\FRITZ!DSL\\sarah.dll [34104] (AVM Berlin)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\vx5a6cwc.Battlefield
FF user.js: detected! => C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\vx5a6cwc.Battlefield\user.js
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=1.102.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.110.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.122.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8064.0206 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.0.282 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.0.282 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Admin\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Admin\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll (RealPlayer)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npvsharetvplg.dll (vShare.tv )
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\SearchResults.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Wörterbuch Deutsch (de-DE), Hunspell-unterstützt - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\profiles\extensions\de_DE@dicts.j3e.de [2011-03-18]
FF Extension: Integrated Gmail - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\profiles\extensions\{28197867-b1ef-4140-8e3b-55c45b9c8460} [2011-03-18]
FF Extension: NoScript - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\profiles\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232} [2011-03-18]
FF Extension: DownloadHelper - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\profiles\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2012-10-24]
FF Extension: Adblock Plus - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\profiles\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2012-10-24]
FF Extension: QuickStores-Toolbar - C:\Program Files (x86)\Mozilla Firefox\extensions\quickstores@quickstores.de [2013-12-20]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2013-12-20]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2013-12-20]
FF HKLM-x32\...\Firefox\Extensions: [{34712C68-7391-4c47-94F3-8F88D49AD632}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-01-10]
FF HKCU\...\Firefox\Extensions: [{12805837-47e5-429f-8db4-77fa8c07a0e1}] - C:\Program Files (x86)\bLyrics\130.xpi

Chrome: 
=======
CHR HomePage: hxxp://search.linkury.com/
CHR DefaultSearchKeyword: search.linkury.com
CHR DefaultSearchProvider: Linkury Smartbar Search
CHR DefaultSearchURL: hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:5731629158&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
CHR Plugin: (Shockwave Flash) - C:\Users\Admin\AppData\Local\Google\Chrome\Application\15.0.874.106\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.290.11) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U29) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll No File
CHR Plugin: (DivX Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll No File
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll No File
CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Admin\AppData\Local\Google\Chrome\Application\15.0.874.106\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Admin\AppData\Local\Google\Chrome\Application\15.0.874.106\pdf.dll No File
CHR Plugin: (vShare.tv plug-in) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\chvsharetvplg.dll (vShare.tv )
CHR Plugin: (vShare.tv plug-in) - C:\Program Files (x86)\Mozilla Firefox\plugins\npvsharetvplg.dll (vShare.tv )
CHR Plugin: (Windows Genuine Advantage) - C:\Program Files (x86)\Mozilla Firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll No File
CHR Plugin: (ESN Launch Mozilla Plugin) - C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll No File
CHR Plugin: (ESN Sonar API) - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (vshare plugin) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj [2011-11-08]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2012-11-29]
CHR HKLM-x32\...\Chrome\Extension: [kpionmjnkbpcdpcflammlgllecmejgjj] - C:\Program Files (x86)\vShare.tv plugin\vshareplg.crx [2011-08-31]
CHR HKLM-x32\...\Chrome\Extension: [okaclkhnjaebofijaabgiahinbajiekd] - C:\Program Files (x86)\bLyrics\130.crx [2011-08-31]

==================== Services (Whitelisted) =================

R2 Akamai; c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll [4569856 2013-07-02] (Akamai Technologies, Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-26] (Avira Operations GmbH & Co. KG)
R2 avmike; C:\Program Files\FRITZ!Fernzugang\avmike.exe [336248 2012-02-02] (AVM Berlin)
R2 certsrv; C:\Program Files\FRITZ!Fernzugang\certsrv.exe [143736 2011-10-31] (AVM Berlin)
R2 gfi_lanss9_attservice; C:\Program Files (x86)\GFI\LANguard 9\lnssatt.exe [329144 2010-11-13] (GFI Software Ltd.)
R2 GFI_ReportCenter35; C:\Program Files (x86)\Common Files\GFI\ReportCenter\Framework v3.5\gfireporterservice.exe [111912 2009-06-16] (GFI Software Ltd.)
R2 IGDCTRL; C:\Program Files\FRITZ!DSL\IGDCTRL.EXE [88888 2009-07-28] (AVM Berlin)
S2 lxduCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\x64\3\\lxduserv.exe [29184 2009-10-16] (Lexmark International, Inc.)
R2 lxdu_device; C:\Windows\system32\lxducoms.exe [1039360 2009-10-16] ( )
R2 lxdu_device; C:\Windows\SysWOW64\lxducoms.exe [589824 2009-10-16] ( )
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [58345832 2011-09-22] (Microsoft Corporation)
R2 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [311592 2009-08-06] (Egis Technology Inc.)
R2 nwtsrv; C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe [189304 2011-10-31] (AVM Berlin)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2013-08-13] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [189248 2013-08-13] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-11-29] ()
S4 sesvc; C:\Program Files (x86)\ShadowExplorer\sesvc.exe [9216 2011-01-02] (www.shadowexplorer.com)
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [431464 2011-09-22] (Microsoft Corporation)
R2 TVersityMediaServer; C:\ProgramData\TVersity\Media Server\MediaServer.exe [1249064 2011-07-29] ()
R2 VMLiteService; C:\Program Files\VMLite\VMLite Workstation\VMLiteService.exe [426600 2010-08-21] (VMLite, Inc.)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-26] (Avira Operations GmbH & Co. KG)
R3 avmaudio; C:\Windows\System32\DRIVERS\avmaudio.sys [116096 2011-01-22] (AVM Berlin)
R3 avmaura; C:\Windows\System32\DRIVERS\avmaura.sys [116096 2010-05-13] (AVM Berlin)
S3 ENTECH64; C:\Windows\system32\DRIVERS\ENTECH64.sys [12744 2008-04-22] (EnTech Taiwan)
S3 libusb0; C:\Windows\SysWOW64\drivers\libusb0.sys [33792 2005-03-09] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 NWIM; C:\Windows\System32\DRIVERS\avmnwim.sys [412024 2011-07-05] (AVM Berlin)
S3 papycpu; C:\Windows\SysWow64\Drivers\papycpu.sys [1984 1998-09-04] ()
S3 s125bus; C:\Windows\System32\DRIVERS\s125bus.sys [108296 2007-04-24] (MCCI Corporation)
S3 s125mdfl; C:\Windows\System32\DRIVERS\s125mdfl.sys [19720 2007-04-24] (MCCI Corporation)
S3 s125mdm; C:\Windows\System32\DRIVERS\s125mdm.sys [144648 2007-04-24] (MCCI Corporation)
S3 s125mgmt; C:\Windows\System32\DRIVERS\s125mgmt.sys [126216 2007-04-24] (MCCI Corporation)
S3 s125obex; C:\Windows\System32\DRIVERS\s125obex.sys [123656 2007-04-24] (MCCI Corporation)
S3 SaiHFF04; C:\Windows\System32\DRIVERS\SaiHFF04.sys [171144 2007-05-01] (Saitek)
S3 SaiIFF04; C:\Windows\System32\DRIVERS\SaiIFF04.sys [20608 2007-05-01] (Saitek)
R3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [16000 2009-06-10] (Saitek)
R3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [43264 2009-06-10] (Saitek)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [526392 2012-01-07] (Duplex Secure Ltd.)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-08-06] ()
R1 VBoxDrv; C:\Windows\System32\drivers\VBoxDrv.sys [204328 2010-08-11] (VMLite, Inc.)
R3 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp.sys [146216 2010-08-11] (VMLite, Inc.)
R3 VBoxNetFlt; C:\Windows\System32\DRIVERS\VBoxNetFlt.sys [165800 2010-08-11] (VMLite, Inc.)
R3 vmlitediskmp; C:\Windows\System32\DRIVERS\vmlitediskmp.sys [147560 2010-01-11] (VMLite, Inc.)
R1 vmlitedrv; C:\Windows\System32\drivers\vmlitedrv.sys [14952 2010-08-03] (VMLite, Inc.)
R3 vmlitestor; C:\Windows\System32\DRIVERS\vmlitestor.sys [177768 2010-08-11] (VMLite, Inc.)
R1 VMLiteUSBMon; C:\Windows\System32\drivers\vmliteusbmon.sys [135272 2010-08-18] (VMLite, Inc.)
S3 WFMC_VAD; C:\Windows\System32\DRIVERS\wfmcvad.sys [24064 2010-02-08] (WiFi Media Connect)
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [x]
U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2010-11-05] (Microsoft Corporation)
S0 Lbd; system32\DRIVERS\Lbd.sys [x]
S0x01000000 papycpu2; \SystemRoot\system32\drivers\papycpu2.sys [x]
U5 papyjoy; C:\Windows\SysWOW64\Drivers\papyjoy.sys [1888 1998-09-04] ()
S3 Tablet2k; "%SystemRoot%\System32\Drivers\Tablet2k.sys" [x]
U5 UnlockerDriver5; C:\Program Files (x86)\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] ()

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-27 19:04 - 2014-01-27 19:04 - 00000000 ____D C:\FRST
2014-01-27 18:51 - 2014-01-27 18:51 - 00000020 _____ C:\Users\Admin\defogger_reenable
2014-01-27 18:46 - 2014-01-27 18:48 - 00000000 ____D C:\Users\Admin\Desktop\Trojanerbord
2014-01-26 16:36 - 2014-01-27 18:55 - 00004005 _____ C:\Windows\avmacc.log
2014-01-26 16:30 - 2014-01-27 18:52 - 00000224 _____ C:\Windows\setupact.log
2014-01-26 16:30 - 2014-01-26 16:30 - 00000808 _____ C:\Windows\PFRO.log
2014-01-26 16:30 - 2014-01-26 16:30 - 00000000 _____ C:\Windows\setuperr.log
2014-01-26 09:24 - 2014-01-26 09:25 - 00000000 ____D C:\Users\Admin\Desktop\Tor Browser
2014-01-26 09:17 - 2014-01-26 09:17 - 00614784 _____ (Chip Digital GmbH) C:\Users\Admin\Downloads\Tor Browser Paket - CHIP-Downloader.exe
2014-01-26 08:35 - 2014-01-26 08:35 - 00196304 _____ C:\Users\Admin\Desktop\Extras.Txt
2014-01-26 08:34 - 2014-01-26 08:34 - 00176694 _____ C:\Users\Admin\Desktop\OTL.Txt
2014-01-26 08:22 - 2014-01-26 08:22 - 00602112 _____ (OldTimer Tools) C:\Users\Admin\Desktop\OTL.exe
2014-01-26 08:00 - 2014-01-26 08:00 - 00001688 _____ C:\Users\Public\Desktop\Defraggler.lnk
2014-01-26 08:00 - 2014-01-26 08:00 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Babylon
2014-01-26 08:00 - 2014-01-26 08:00 - 00000000 ____D C:\Users\Admin\AppData\Local\Babylon
2014-01-26 08:00 - 2014-01-26 08:00 - 00000000 ____D C:\ProgramData\Babylon
2014-01-26 07:54 - 2014-01-26 07:54 - 00921000 _____ (Oracle Corporation) C:\Users\Admin\Downloads\jxpiinstall.exe
2014-01-26 07:51 - 2014-01-26 07:51 - 09110456 _____ (The Eraser Project) C:\Users\Admin\Downloads\Eraser 6.0.10.2620.exe
2014-01-26 07:50 - 2014-01-26 07:51 - 04208656 _____ (Piriform Ltd) C:\Users\Admin\Downloads\dfsetup216.exe
2014-01-26 07:50 - 2014-01-26 07:50 - 04721920 _____ (Piriform Ltd) C:\Users\Admin\Downloads\ccsetup410.exe
2014-01-24 19:29 - 2014-01-24 19:29 - 00000000 ____D C:\download
2014-01-23 20:15 - 2014-01-23 20:15 - 00675594 _____ C:\ProgramData\SPL451C.tmp
2014-01-19 19:52 - 2014-01-19 19:53 - 16545600 _____ C:\Users\Admin\Desktop\▶ 5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 2013 - YouTube [360p].mp4
2014-01-19 19:36 - 2014-01-19 19:36 - 12235872 _____ C:\Users\Admin\Desktop\5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 20.mp4
2014-01-19 17:19 - 2014-01-19 17:22 - 16545600 _____ C:\Users\Admin\Downloads\5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 2013 - YouTube [360p].mp4
2014-01-19 17:18 - 2014-01-19 17:22 - 28680729 _____ C:\Users\Admin\Downloads\▶ Beste Qualität für Youtube - Film Rendern After Effects ( Tutorial Deutsch German ) - YouTube [720p].mp4
2014-01-19 14:57 - 2014-01-19 14:57 - 01175552 _____ C:\Users\Admin\Downloads\5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 20-2.flv
2014-01-19 14:41 - 2014-01-19 14:46 - 22009412 _____ C:\Users\Admin\Downloads\5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 20-1.flv
2014-01-19 14:05 - 2014-01-19 14:38 - 00000000 ____D C:\Users\Admin\Desktop\I Phone Foto´s
2014-01-19 08:49 - 2014-01-19 08:49 - 00000000 ____D C:\Users\Admin\AppData\Roaming\QuickScan
2014-01-18 21:47 - 2014-01-18 21:47 - 00359310 _____ C:\Users\Admin\AppData\Local\census.cache
2014-01-18 21:47 - 2014-01-18 21:47 - 00181174 _____ C:\Users\Admin\AppData\Local\ars.cache
2014-01-18 21:00 - 2014-01-18 21:04 - 15035430 _____ C:\Users\Admin\Downloads\5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 20.flv
2014-01-17 18:54 - 2014-01-21 17:23 - 00002033 _____ C:\Users\Admin\Desktop\Entfernen des Avira PC Cleaners.lnk
2014-01-17 18:54 - 2014-01-21 17:23 - 00001977 _____ C:\Users\Admin\Desktop\Avira PC Cleaner.lnk
2014-01-15 19:10 - 2014-01-15 19:10 - 00000206 _____ C:\Users\Admin\Documents\cc_20140115_191034.reg
2014-01-15 19:08 - 2014-01-15 19:08 - 00010598 _____ C:\Users\Admin\Documents\cc_20140115_190837.reg
2014-01-15 18:41 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 18:41 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 18:41 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 18:41 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 18:41 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 18:41 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 18:41 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 18:41 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 18:41 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-10 18:18 - 2014-01-10 18:18 - 00001077 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-10 18:18 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-09 21:37 - 2014-01-09 21:37 - 00000168 _____ C:\Users\Admin\Downloads\2591617_hd.flv
2013-12-29 17:30 - 2013-12-29 17:31 - 00000000 ____D C:\ProgramData\PMS
2013-12-29 17:29 - 2013-12-29 17:30 - 00000000 ____D C:\Program Files (x86)\PS3 Media Server


==================== One Month Modified Files and Folders =======

2014-01-27 19:04 - 2014-01-27 19:04 - 00000000 ____D C:\FRST
2014-01-27 19:01 - 2013-01-26 09:18 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2715126414-4153456669-2541334608-1000UA.job
2014-01-27 19:01 - 2009-07-14 05:45 - 00018512 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-27 19:01 - 2009-07-14 05:45 - 00018512 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-27 18:57 - 2012-11-27 17:10 - 01126733 _____ C:\Windows\WindowsUpdate.log
2014-01-27 18:55 - 2014-01-26 16:36 - 00004005 _____ C:\Windows\avmacc.log
2014-01-27 18:54 - 2010-02-26 13:10 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-27 18:53 - 2013-08-28 17:00 - 00000368 _____ C:\Windows\Tasks\B Lyrics Update.job
2014-01-27 18:53 - 2010-08-29 11:20 - 00000382 _____ C:\Windows\Tasks\Registry Reviver64-Admin-Startup.job
2014-01-27 18:53 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-27 18:52 - 2014-01-26 16:30 - 00000224 _____ C:\Windows\setupact.log
2014-01-27 18:51 - 2014-01-27 18:51 - 00000020 _____ C:\Users\Admin\defogger_reenable
2014-01-27 18:51 - 2010-02-08 10:13 - 00000000 ____D C:\Users\Admin
2014-01-27 18:48 - 2014-01-27 18:46 - 00000000 ____D C:\Users\Admin\Desktop\Trojanerbord
2014-01-27 18:25 - 2011-08-01 17:54 - 00000000 ____D C:\Users\Admin\AppData\Local\Adobe
2014-01-26 20:34 - 2010-02-26 13:10 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-26 20:14 - 2012-04-04 11:04 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-26 18:01 - 2013-01-26 09:18 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2715126414-4153456669-2541334608-1000Core.job
2014-01-26 16:30 - 2014-01-26 16:30 - 00000808 _____ C:\Windows\PFRO.log
2014-01-26 16:30 - 2014-01-26 16:30 - 00000000 _____ C:\Windows\setuperr.log
2014-01-26 09:57 - 2010-10-08 13:57 - 01746432 ___SH C:\Users\Admin\Desktop\Thumbs.db
2014-01-26 09:44 - 2013-10-25 16:34 - 00000000 ____D C:\Users\Admin\AppData\Local\CrashDumps
2014-01-26 09:34 - 2013-09-01 09:21 - 00000000 ____D C:\Users\Admin\Desktop\Tim Melzer
2014-01-26 09:25 - 2014-01-26 09:24 - 00000000 ____D C:\Users\Admin\Desktop\Tor Browser
2014-01-26 09:17 - 2014-01-26 09:17 - 00614784 _____ (Chip Digital GmbH) C:\Users\Admin\Downloads\Tor Browser Paket - CHIP-Downloader.exe
2014-01-26 08:35 - 2014-01-26 08:35 - 00196304 _____ C:\Users\Admin\Desktop\Extras.Txt
2014-01-26 08:34 - 2014-01-26 08:34 - 00176694 _____ C:\Users\Admin\Desktop\OTL.Txt
2014-01-26 08:22 - 2014-01-26 08:22 - 00602112 _____ (OldTimer Tools) C:\Users\Admin\Desktop\OTL.exe
2014-01-26 08:00 - 2014-01-26 08:00 - 00001688 _____ C:\Users\Public\Desktop\Defraggler.lnk
2014-01-26 08:00 - 2014-01-26 08:00 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Babylon
2014-01-26 08:00 - 2014-01-26 08:00 - 00000000 ____D C:\Users\Admin\AppData\Local\Babylon
2014-01-26 08:00 - 2014-01-26 08:00 - 00000000 ____D C:\ProgramData\Babylon
2014-01-26 08:00 - 2010-03-14 12:46 - 00000000 ____D C:\Program Files\Defraggler
2014-01-26 07:59 - 2012-11-27 17:17 - 00000000 ____D C:\Program Files\CCleaner
2014-01-26 07:54 - 2014-01-26 07:54 - 00921000 _____ (Oracle Corporation) C:\Users\Admin\Downloads\jxpiinstall.exe
2014-01-26 07:51 - 2014-01-26 07:51 - 09110456 _____ (The Eraser Project) C:\Users\Admin\Downloads\Eraser 6.0.10.2620.exe
2014-01-26 07:51 - 2014-01-26 07:50 - 04208656 _____ (Piriform Ltd) C:\Users\Admin\Downloads\dfsetup216.exe
2014-01-26 07:50 - 2014-01-26 07:50 - 04721920 _____ (Piriform Ltd) C:\Users\Admin\Downloads\ccsetup410.exe
2014-01-26 07:49 - 2012-11-10 18:10 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Spotify
2014-01-26 07:44 - 2012-11-10 18:10 - 00000000 ____D C:\Users\Admin\AppData\Local\Spotify
2014-01-25 18:14 - 2012-04-04 11:04 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-25 18:14 - 2012-04-04 11:04 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-01-25 18:14 - 2011-07-09 12:49 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-24 19:29 - 2014-01-24 19:29 - 00000000 ____D C:\download
2014-01-23 20:15 - 2014-01-23 20:15 - 00675594 _____ C:\ProgramData\SPL451C.tmp
2014-01-23 20:11 - 2010-01-07 06:55 - 00769136 _____ C:\Windows\system32\perfh007.dat
2014-01-23 20:11 - 2010-01-07 06:55 - 00175866 _____ C:\Windows\system32\perfc007.dat
2014-01-23 20:11 - 2009-07-14 06:13 - 01816162 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-21 17:23 - 2014-01-17 18:54 - 00002033 _____ C:\Users\Admin\Desktop\Entfernen des Avira PC Cleaners.lnk
2014-01-21 17:23 - 2014-01-17 18:54 - 00001977 _____ C:\Users\Admin\Desktop\Avira PC Cleaner.lnk
2014-01-19 19:53 - 2014-01-19 19:52 - 16545600 _____ C:\Users\Admin\Desktop\▶ 5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 2013 - YouTube [360p].mp4
2014-01-19 19:36 - 2014-01-19 19:36 - 12235872 _____ C:\Users\Admin\Desktop\5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 20.mp4
2014-01-19 17:22 - 2014-01-19 17:19 - 16545600 _____ C:\Users\Admin\Downloads\5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 2013 - YouTube [360p].mp4
2014-01-19 17:22 - 2014-01-19 17:18 - 28680729 _____ C:\Users\Admin\Downloads\▶ Beste Qualität für Youtube - Film Rendern After Effects ( Tutorial Deutsch German ) - YouTube [720p].mp4
2014-01-19 14:57 - 2014-01-19 14:57 - 01175552 _____ C:\Users\Admin\Downloads\5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 20-2.flv
2014-01-19 14:46 - 2014-01-19 14:41 - 22009412 _____ C:\Users\Admin\Downloads\5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 20-1.flv
2014-01-19 14:38 - 2014-01-19 14:05 - 00000000 ____D C:\Users\Admin\Desktop\I Phone Foto´s
2014-01-19 08:49 - 2014-01-19 08:49 - 00000000 ____D C:\Users\Admin\AppData\Roaming\QuickScan
2014-01-18 21:47 - 2014-01-18 21:47 - 00359310 _____ C:\Users\Admin\AppData\Local\census.cache
2014-01-18 21:47 - 2014-01-18 21:47 - 00181174 _____ C:\Users\Admin\AppData\Local\ars.cache
2014-01-18 21:04 - 2014-01-18 21:00 - 15035430 _____ C:\Users\Admin\Downloads\5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 20.flv
2014-01-16 17:57 - 2009-07-14 05:45 - 05002968 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-15 20:07 - 2009-09-17 22:29 - 00000000 ____D C:\ProgramData\Microsoft Help
2014-01-15 20:06 - 2013-07-27 09:49 - 00000000 ____D C:\Windows\system32\MRT
2014-01-15 20:03 - 2010-02-26 14:16 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-15 19:23 - 2011-01-07 19:20 - 00000000 ____D C:\Users\Admin\AppData\Roaming\TS3Client
2014-01-15 19:10 - 2014-01-15 19:10 - 00000206 _____ C:\Users\Admin\Documents\cc_20140115_191034.reg
2014-01-15 19:08 - 2014-01-15 19:08 - 00010598 _____ C:\Users\Admin\Documents\cc_20140115_190837.reg
2014-01-15 18:42 - 2010-06-26 09:07 - 00000000 ____D C:\Windows\pss
2014-01-11 03:01 - 2010-07-11 13:14 - 01789506 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2014-01-10 18:18 - 2014-01-10 18:18 - 00001077 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-10 18:18 - 2011-01-16 12:20 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-10 18:10 - 2011-06-27 17:42 - 00000000 ____D C:\Windows\System32\Tasks\Aufgaben der Ereignisanzeige
2014-01-10 17:54 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2014-01-10 17:28 - 2012-01-14 09:04 - 00283213 _____ C:\Windows\SysWOW64\TVersityMediaServer.log
2013-12-29 17:31 - 2013-12-29 17:30 - 00000000 ____D C:\ProgramData\PMS
2013-12-29 17:30 - 2013-12-29 17:29 - 00000000 ____D C:\Program Files (x86)\PS3 Media Server
2013-12-28 13:58 - 2013-01-10 16:58 - 00003340 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2715126414-4153456669-2541334608-1000
2013-12-28 13:58 - 2013-01-10 16:58 - 00003206 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2715126414-4153456669-2541334608-1000


Some content of TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\avgnt.exe
C:\Users\Admin\AppData\Local\Temp\DeltaTB.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-19 08:28

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---




Addition

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-01-2014
Ran by Admin at 2014-01-27 19:05:11
Running from C:\Users\Admin\Desktop\Trojanerbord\Programme
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

 Update for Microsoft Office 2007 (KB2508958) (x32 Version:  - Microsoft)
7-Zip 9.20 (x32 Version:  - )
Acer eRecovery Management (x32 Version: 4.05.3003 - Acer Incorporated)
Acer GameZone Console (x32 Version: 5.1.0.2 - Oberon Media, Inc.)
Acer Registration (x32 Version: 1.02.3004 - Acer Incorporated)
Acer ScreenSaver (x32 Version: 1.1.0812 - Acer Incorporated)
Acer Updater (x32 Version: 1.01.3014 - Acer Incorporated)
Adobe After Effects CS4 (x32 Version: 9 - Adobe Systems Incorporated)
Adobe After Effects CS4 (x32 Version: 9 - Adobe Systems Incorporated) Hidden
Adobe After Effects CS4 Presets (x32 Version: 9 - Adobe Systems Incorporated) Hidden
Adobe After Effects CS4 Third Party Content (x32 Version: 9 - Adobe Systems Incorporated) Hidden
Adobe AIR (x32 Version: 3.3.0.3670 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.3.0.3670 - Adobe Systems Incorporated) Hidden
Adobe Anchor Service CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Bridge CS4 (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe CMaps CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color Video Profiles AE CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Community Help (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Community Help (x32 Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe CSI CS4 (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe CSI CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Default Language CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Device Central CS4 (x32 Version: 2 - Adobe Systems Incorporated) Hidden
Adobe Download Assistant (x32 Version: 1.2.2 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.2.2 - Adobe Systems Incorporated) Hidden
Adobe Dreamweaver CS4 (x32 Version: 10.0 - Adobe Systems Incorporated)
Adobe Dreamweaver CS4 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Dynamiclink Support (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe ExtendScript Toolkit CS4 (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Extension Manager CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.43 - Adobe Systems Incorporated)
Adobe Fonts All (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 Additional Exporter (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 Exporter (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 Importer (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Media Player (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe Media Player (x32 Version: 1.1 - Adobe Systems Incorporated)
Adobe MotionPicture Color Files CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Output Module (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS5 (x32 Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (x32 Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Search for Help (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Service Manager Extension (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Setup (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Type Support CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Update Manager CS4 (x32 Version: 6.0.0 - Adobe Systems Incorporated) Hidden
Adobe XMP Panels CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
AdobeColorCommonSetRGB (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
Akamai NetSession Interface (HKCU Version:  - Akamai Technologies, Inc)
Akamai NetSession Interface Service (x32 Version:  - )
AMD Accelerated Video Transcoding (Version: 13.15.100.30830 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1084.4 - Advanced Micro Devices Inc.) Hidden
AMD AVIVO64 Codecs (Version: 11.7.0.11109 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.0830.1944.33589 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - ATI Technologies Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.80830.1925 - Advanced Micro Devices, Inc.) Hidden
AMD System Monitor (x32 Version: 1.0.0 - Advanced Micro Devices, Inc.)
Apple Application Support (x32 Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
Application Profiles (x32 Version: 2.0.4232.33935 - Advanced Micro Devices, Inc.)
Application Profiles (x32 Version: 2.0.4301.35982 - Advanced Micro Devices, Inc.)
Application Profiles (x32 Version: 2.0.4315.34200 - Advanced Micro Devices, Inc.)
Application Profiles (x32 Version: 2.0.4331.36041 - Advanced Micro Devices, Inc.)
Application Profiles (x32 Version: 2.0.4385.36018 - Advanced Micro Devices, Inc.)
Application Profiles (x32 Version: 2.0.4469.34733 - Advanced Micro Devices, Inc.)
Application Profiles (x32 Version: 2.0.4674.34053 - Advanced Micro Devices, Inc.)
Application Profiles (x32 Version: 2.0.4719.35969 - Advanced Micro Devices, Inc.)
Audacity 1.2.6 (x32 Version:  - )
Avira Free Antivirus (x32 Version: 14.0.2.286 - Avira)
AVM FRITZ!Box Dokumentation (x32 Version:  - AVM Berlin)
AVM FRITZ!Box Druckeranschluss (x32 Version:  - AVM Berlin)
AVS Update Manager 1.0 (x32 Version:  - Online Media Technologies Ltd.)
AVS Video Converter 6 (x32 Version:  - Online Media Technologies Ltd.)
AVS4YOU Software Navigator 1.4 (x32 Version:  - Online Media Technologies Ltd.)
Battlefield 2(TM) (x32 Version:  - )
Battlefield 2: Special Forces (x32 Version:  - )
Battlefield 3™ (x32 Version: 1.0.0.0 - Electronic Arts)
Battlefield: Bad Company™ 2 (x32 Version: 1.0.0.0 - Electronic Arts)
Battlelog Web Plugins (x32 Version: 2.1.7 - EA Digital Illusions CE AB)
Bonjour (Version: 3.0.0.10 - Apple Inc.)
Bonjour-Druckdienste (Version: 2.0.0.36 - Apple Inc.)
Borderlands (x32 Version: 1.0.295 - 2K Games)
Call of Duty: Modern Warfare 2 - Multiplayer (x32 Version:  - Infinity Ward)
Call of Duty: Modern Warfare 2 (x32 Version:  - Infinity Ward)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2009.1124.2131.38610 - ATI Technologies, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0930.2237.38732 - ATI Technologies, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.1026.2246.39002 - ATI Technologies, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.1125.2142.38865 - ATI Technologies, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2011.0524.2352.41027 - ATI Technologies, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
CCleaner (Version: 4.10 - Piriform)
Choice Guard (x32 Version: 1.2.87.0 - Microsoft Corporation) Hidden
Compatibility Pack für 2007 Office System (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Connect (x32 Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
ConvertHelper 2.2 (x32 Version:  - DownloadHelper)
ConvertXtoDVD 4.1.19.365 (x32 Version: 4.1.19.365 - )
Counter-Strike (x32 Version:  - Valve)
Counter-Strike: Global Offensive Beta (x32 Version:  - )
Counter-Strike: Source (x32 Version:  - Valve)
Counter-Strike: Source Beta (x32 Version:  - )
Creative Audio-Systemsteuerung (x32 Version: 3.00 - Creative Technology Limited)
Creative MediaSource 5 (x32 Version: 5.00 - )
Creative Software AutoUpdate (x32 Version: 1.40 - Creative Technology Limited)
Creative Sound Blaster Properties x64 Edition (x32 Version:  - Creative Technology Limited)
Dairy Dash (x32 Version:  - Oberon Media)
Darkest Hour: Europe '44-'45 (x32 Version:  - Darkest Hour Team)
DashCommand (x32 Version: 3.0.1 - Palmer Performance Engineering)
Day of Defeat (x32 Version:  - Valve)
Dead Island (x32 Version:  - Techland)
Dead Space (x32 Version:  - EA Redwood Shores)
Deathmatch Classic (x32 Version:  - Valve)
DebugMode Wax 2.0 (x32 Version:  - )
Defraggler (Version: 2.16 - Piriform)
DH Driver Cleaner Professional Edition (x32 Version: Version 1.5 - Ruud Ketelaars)
DiRT 2 (x32 Version:  - Codemasters)
DivX-Setup (x32 Version: 2.6.1.87 - DivX, LLC)
DivxToDVD 0.5.2b (x32 Version: 0.5.2b - VSO-Software SARL)
Dream Day First Home (x32 Version:  - Oberon Media)
DVDx 4.0 Open Edition (x32 Version: 4.0 (Open Edition) - labDV)
eBay Worldwide (x32 Version: 2.1.0703 - OEM)
Eraser 6.0.10.2620 (Version: 6.0.2620 - The Eraser Project)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESET Online Scanner v3 (x32 Version:  - )
ESN Sonar (x32 Version: 0.70.4 - ESN Social Software AB)
eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.)
eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.) Hidden
EVEMon (x32 Version: 1.8.4.4125 - battleclinic.com)
EVEREST Ultimate Edition v5.50 (x32 Version: 5.50 - Lavalys, Inc.)
Exact Audio Copy 1.0beta3 (x32 Version: 1.0beta3 - Andre Wiethoff)
Excel Protection Remover (x32 Version:  - )
EXIFeditor (x32 Version: 1.0.0 - kiwi.software.NET)
Exif-Viewer 2.50  (x32 Version: 2.50 - Ralf Bibinger)
FileZilla Client 3.5.3 (HKCU Version: 3.5.3 - FileZilla Project)
Firebird SQL Server - MAGIX Edition (x32 Version: 2.1.23.0 - MAGIX AG)
FLAC 1.2.1b (remove only) (x32 Version: 1.2.1b - Xiph.org)
FLV Player 2.0 (build 25) (x32 Version: 2.0 (build 25) - Martijn de Visser)
Free Video to MP3 Converter version 3.5 (x32 Version:  - DVDVideoSoft Limited.)
FRITZ!Box USB-Fernanschluss (HKCU Version: 2.3.0.2 - AVM Berlin)
FRITZ!DSL64 (Version: 2.04.03 - AVM Berlin)
FRITZ!Fernzugang (Version: 1.2.6 - AVM Berlin)
Futuremark SystemInfo (x32 Version: 4.0.0.0 - Futuremark Corporation)
GameShadow (x32 Version: 2.03.0000 - GameShadow Ltd)
GetRight (x32 Version:  - Headlight Software, Inc.)
GFI LANguard 9.0 ReportPack (x32 Version: 9.0.2009.0709 - GFI Software Ltd)
GFI LANguard 9.6 (x32 Version: 9.6.2010.1113 - GFI Software Ltd)
GFI LANguard 9.6 (x32 Version: 9.6.2010.1113 - GFI Software Ltd) Hidden
GFI ReportCenter Framework (x32 Version: 3.6.2009.0630 - GFI Software Ltd)
GIMP 2.6.10 (Version: 2.6.10 - The GIMP Team)
Google Earth (x32 Version: 7.0.2.8415 - Google)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Grand Prix Legends (x32 Version:  - )
Granny In Paradise (x32 Version:  - Oberon Media)
GRID (x32 Version: 1.00.0000 - Codemasters)
GTR Evolution (x32 Version:  - SimBin Studios)
Half-Life (x32 Version:  - Valve)
Half-Life 2 (x32 Version:  - Valve)
Half-Life 2: Deathmatch (x32 Version:  - Valve)
Half-Life 2: Episode One (x32 Version:  - Valve)
Half-Life 2: Episode Two (x32 Version:  - Valve)
Half-Life 2: Lost Coast (x32 Version:  - Valve)
Half-Life Deathmatch: Source (x32 Version:  - Valve)
Half-Life: Blue Shift (x32 Version:  - Gearbox)
Hama Cromo Pad (x32 Version: 1.00.0000 - GASIA)
Hitman: Sniper Challenge (x32 Version:  - IO Interactive)
HOMEFRONT (x32 Version:  - THQ)
Host OpenAL (x32 Version: 1.00 - Creative Technology Limited)
Hotfix für Microsoft Visual C++ 2010 Express - DEU (KB2565057) (x32 Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual C++ 2010 Express - DEU (KB2635973) (x32 Version: 1 - Microsoft Corporation)
Hotkey Utility (x32 Version: 1.00.3004 - Acer Incorporated)
iArt 3 (x32 Version:  - iPodSoft)
iCloud (Version: 3.1.0.40 - Apple Inc.)
ICQ7.2 (x32 Version: 7.2 - ICQ)
Identity Card (x32 Version: 1.00.3001 - Acer Incorporated)
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
ImTOO Video Converter Ultimate 6 (x32 Version: 6.8.0.1101 - ImTOO)
Intel® Matrix Storage Manager (Version:  - Intel Corporation)
iTunes (Version: 11.1.3.8 - Apple Inc.)
Java 7 Update 25 (64-bit) (Version: 7.0.250 - Oracle)
Java 7 Update 45 (x32 Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 35 (x32 Version: 6.0.350 - Oracle)
JDownloader 2 (Version: 2.0 - AppWork GmbH)
JMicron JMB36X Driver (x32 Version: 1.00.0000 - JMICRON Technology Corp.)
Junk Mail filter update (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
kuler (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Left 4 Dead (x32 Version:  - Valve)
Left 4 Dead 2 (x32 Version:  - Valve)
Left 4 Dead Authoring Tools (x32 Version:  - Valve)
Lexmark  (x32 Version: 1.0.0.0 - )
Lexmark 5600-6600 Series (Version:  - Lexmark International, Inc.)
Lexmark 5600-6600 Series (x32 Version:  - Lexmark International, Inc.)
Lidl-Fotos (x32 Version:  - )
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
Metro 2033 (x32 Version:  - THQ)
Microsoft .NET Framework 4 Multi-Targeting Pack (x32 Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Digital Image Library 9 - Blocker (x32 Version: 9.00.0000 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (Version: 1.0.30319 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.1 (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (Version: 1.1.40219 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.1 Language Pack - DEU (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 Language Pack - DEU (Version: 1.1.40219 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Language Pack 2007 - German/Deutsch (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office O MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (German) (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office SharePoint Designer MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Suite Activation Assistant (x32 Version: 2.9 - Microsoft Corporation)
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office X MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Picture It! Foto Premium 10 (x32 Version: 10.0.0715 - Microsoft Corporation)
Microsoft Picture It! Foto Premium 10 (x32 Version: 10.0.0715 - Microsoft Corporation) Hidden
Microsoft Picture It!-Bibliothek 10 (x32 Version: 10.0.0715 - Microsoft Corporation) Hidden
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (Version:  - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Browser (x32 Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Common Files (Version: 10.3.5500.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Services (Version: 10.3.5500.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Shared (Version: 10.3.5500.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Native Client (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 RsFx Driver (Version: 10.3.5500.0 - Microsoft Corporation) Hidden
Microsoft SQL Server Compact 3.5 SP2 DEU (x32 Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft Visual C++  Compilers 2010 Standard - enu - x86 (x32 Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.58298 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (x32 Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022.218 (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (x32 Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Express - DEU (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Express - DEU (x32 Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (x32 Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (x32 Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (x32 Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40303 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40308 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU (Version: 10.0.40303 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (Version: 10.0.40303 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
MozBackup 1.5.1 (x32 Version:  - Pavel Cvrcek)
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
Mozilla Thunderbird 24.0.1 (x86 de) (x32 Version: 24.0.1 - Mozilla)
Mp3tag v2.50 (x32 Version: v2.50 - Florian Heidenreich)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
Mumble and Murmur (x32 Version: 1.2.2 - Mumble)
Music Manager (HKCU Version:  - Google, Inc.)
MyPhoneExplorer (x32 Version: 1.8.0 - F.J. Wechselberger)
MyWinLocker (x32 Version: 3.1.72.0 - Egis Technology Inc.)
Need For Speed™ World (x32 Version: 1.0.0.659 - Electronic Arts)
Nero 9 Essentials (x32 Version:  - Nero AG)
Nero Burning ROM 10 (x32 Version: 10.2.11000.12.100 - Nero AG)
Nero Burning ROM 10 (x32 Version: 10.5.10300 - Nero AG)
Nero BurningROM 10 Help (CHM) (x32 Version: 10.5.10100 - Nero AG) Hidden
Nero BurnRights 10 (x32 Version: 4.2.10300.0.102 - Nero AG)
Nero BurnRights 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden
Nero Control Center 10 (x32 Version: 10.2.10600.0.6 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 9.0.0.1 - Nero AG) Hidden
Nero ControlCenter 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden
Nero Core Components 10 (x32 Version: 2.0.17400.8.2 - Nero AG) Hidden
Nero DiscSpeed (x32 Version: 5.4.7.201 - Nero AG) Hidden
Nero DiscSpeed Help (x32 Version: 5.4.4.100 - Nero AG) Hidden
Nero DriveSpeed (x32 Version: 4.4.7.201 - Nero AG) Hidden
Nero DriveSpeed Help (x32 Version: 4.4.4.100 - Nero AG) Hidden
Nero Express Help (x32 Version: 9.4.9.100 - Nero AG) Hidden
Nero InfoTool (x32 Version: 6.4.7.201 - Nero AG) Hidden
Nero InfoTool Help (x32 Version: 6.4.4.100 - Nero AG) Hidden
Nero Installer (x32 Version: 4.4.8.1 - Nero AG) Hidden
Nero Online Upgrade (x32 Version: 1.3.0.0 - Nero AG) Hidden
Nero StartSmart (x32 Version: 9.4.11.209 - Nero AG) Hidden
Nero StartSmart Help (x32 Version: 9.4.1.100 - Nero AG) Hidden
Nero StartSmart OEM (x32 Version: 9.16.0.100 - Nero AG) Hidden
Nero Update (x32 Version: 1.0.0018 - Nero AG)
NeroExpress (x32 Version: 9.4.10.505 - Nero AG) Hidden
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
No More Room in Hell (x32 Version:  - No More Room in Hell Team)
Norton Online Backup (x32 Version: 1.2.0.36 - Symantec)
NVIDIA Drivers (Version: 1.7 - )
NVIDIA PhysX (x32 Version: 9.12.0613 - NVIDIA Corporation)
OnlineFotoservice (x32 Version:  - )
OpenAL (x32 Version:  - )
Origin (x32 Version: 8.5.0.4550 - Electronic Arts, Inc.)
PageshotsPro 1.0.0 (x32 Version: 1.0.0 - PageshotsPro)
particleIllusion 3.0.4 (x32 Version: 3.0.4 - wondertouch LLC)
PAYDAY: The Heist (x32 Version:  - )
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden
Picasa 3 (x32 Version: 3.8 - Google, Inc.)
Pixel Bender Toolkit (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Portal (x32 Version:  - Valve)
PS3 Media Server (x32 Version: 1.90.1 - PS3 Media Server)
PunkBuster Services (x32 Version: 0.991 - Even Balance, Inc.)
QuickTime (x32 Version: 7.74.80.86 - Apple Inc.)
RACE 07 (x32 Version:  - SimBin Studios)
Race: The WTCC Game (x32 Version:  - SimBin Studios)
Rapture3D 2.3.26 Game (x32 Version:  - Blue Ripple Sound)
RealDownloader (x32 Version: 1.3.0 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (x32 Version: 16.0.0 - RealNetworks)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recuva (Version: 1.44 - Piriform)
Red Orchestra: Ostfront 41-45 (x32 Version:  - Tripwire Interactive)
RESIDENT EVIL 5 (x32 Version: 1.0.0.129 - CAPCOM CO., LTD.)
Ricochet (x32 Version:  - Valve)
S.T.A.L.K.E.R. - Shadow of Chernobyl (x32 Version: 1.0000 - THQ)
Saitek SD6 Programming Software 6.6.6.9 (Version: 6.6.6.9 - Saitek)
Service Pack 3 für SQL Server 2008 (KB2546951) (64-bit) (Version: 10.3.5500.0 - Microsoft Corporation)
ShadowExplorer 0.8 (x32 Version: 0.8.430.0 - ShadowExplorer.com)
Sierra Utilities (x32 Version:  - )
Silent Hunter 4 Wolves of the Pacific (x32 Version: 1.03.0000 - Ubisoft)
SIW version 2010.07.14 (x32 Version: 2010.07.14 - Topala Software Solutions)
SmartCopy (x32 Version:  - Northstar Systems Corp.)
SmartLauncher (x32 Version:  - Northstar Systems Corp.)
Sniper: Ghost Warrior (x32 Version:  - City Interactive S.A.)
Sound Blaster X-Fi (x32 Version: 1.0 - )
Source SDK (x32 Version:  - Valve)
Source SDK Base 2007 (x32 Version:  - Valve)
Speccy (Version: 1.10 - Piriform)
Spotify (HKCU Version: 0.8.5.1333.g822e0de8 - Spotify AB)
Sql Server Customer Experience Improvement Program (Version: 10.3.5500.0 - Microsoft Corporation) Hidden
Star Defender 4 (x32 Version:  - Oberon Media)
Steam (x32 Version: 1.0.0.0 - Valve Corporation)
StreamTransport version: 1.0.2.2171 (x32 Version:  - )
Suite Shared Configuration CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Sweet Home 3D version 3.3 (x32 Version:  - eTeks)
TCPEye 1.0 (x32 Version:  - Free Software Relase)
Team Fortress Classic (x32 Version:  - Valve)
TeamSpeak 2 RC2 (x32 Version: 2.0.32.60 - Dominating Bytes Design)
TeamSpeak 3 Client (x32 Version: 3.0.13.1 - TeamSpeak Systems GmbH)
Tom Clancy's H.A.W.X (x32 Version: 1.02.00000 - Ubisoft)
TomTom HOME Visual Studio Merge Modules (x32 Version: 1.0.2 - TomTom International B.V.)
Trust Tablet Driver (x32 Version:  - )
TVAnts 1.0 (x32 Version:  - )
TVersity Codec Pack 1.7 (x32 Version: 1.7 - TVersity Inc.)
TVersity Media Server 1.9.7 (x32 Version: 1.9.7 - TVersity)
Überwachungstool für die Intel® Turbo-Boost-Technologie (Version: 1.0.115.11 - Intel)
Ubisoft Game Launcher (x32 Version: 1.0.0.0 - UBISOFT)
UltraMon (Version: 3.0.10 - Realtime Soft Ltd)
Unlocker 1.9.1 (x32 Version: 1.9.1 - Cedrick Collomb)
Unlocker 1.9.2 (Version: 1.9.2 - Cedrick Collomb)
Unterstützungsdateien für Microsoft SQL Server 2008-Setup  (Version: 10.3.5500.0 - Microsoft Corporation)
Update for 2007 Microsoft Office System (KB967642) (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (x32 Version:  - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (x32 Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (x32 Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (x32 Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (x32 Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (x32 Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (x32 Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (x32 Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (x32 Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Visual C++ 2008 x86 Runtime - (v9.0.30729) (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (x32 Version: 9.0.30729.01 - Microsoft Corporation)
VMLite Workstation (Version: 3.2.6 - VMLite)
vShare.tv plugin 1.3 (x32 Version: 1.3 - vShare.tv, Inc.) <==== ATTENTION
Welcome Center (x32 Version: 1.00.3005 - Acer Incorporated)
WinCDEmu (x32 Version: 3.6 - Bazis)
Windows Live Call (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 14.0.8064.0206 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live Mail (x32 Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Sync (x32 Version: 14.0.8064.206 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (x32 Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Player Firefox Plugin (x32 Version: 1.0.0.8 - Microsoft Corp)
Windows XP Mode (Version: 1.3.7600.16422 - Microsoft Corporation)
WinRAR (Version:  - )
World of Padman (x32 Version: 1.1 - Padworld Entertainment)
XBMC (HKCU Version:  - Team XBMC)
Xiph.Org Open Codecs 0.85.17777 (x32 Version: 0.85.17777 - Xiph.Org)

==================== Restore Points  =========================

26-01-2014 12:34:43 Geplanter Prüfpunkt

==================== Hosts content: ==========================

2009-07-14 03:34 - 2013-01-24 17:34 - 00005320 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 validation.sls.microsoft.com
127.0.0.1 www.nero.com
127.0.0.1 www.nero.com/rus/index.html
127.0.0.1 www.nero.com/rus/support.html
127.0.0.1 hxxp://www.nero.com/rus/support-cust...istration.html
127.0.0.1 www.nero.com/rus/store-upgrade-center.html
127.0.0.1 www.nero.com/rus/store-volume-licensing.html
127.0.0.1 hxxp://www.nero.com/eng/support.html...b47525e97a3b80
127.0.0.1 hxxp://www.nero.com/eng/store-upgrad...b47525e97a3b80
127.0.0.1 hxxp://www.nero.com/eng/support-cust...b47525e97a3b80
127.0.0.1 www.nero.com/eng/index.html
127.0.0.1 hxxp://www.nero.com/eng/store-upgrad...7pPYNNBYCFbXkg
127.0.0.1 www.nero.com/enu/support-nero8.html
127.0.0.1 my.nero.com
127.0.0.1 secure.nero.com/us/secure.asp
127.0.0.1 activation@nero.com
127.0.0.1 registernero.com
127.0.0.1 www.registernero.com
127.0.0.1 nero.com
127.0.0.1 www.nero.com/eng/privacy.html.
127.0.0.1 legal@nero.com
127.0.0.1 support.nero.com
127.0.0.1 nero.net
127.0.0.1 nero.com
127.0.0.1 Nero - CD DVD Burning, Video Editing Software, Backup Software - Official Site
127.0.0.1 activate.nero.com
127.0.0.1 www.activate.nero.com
127.0.0.1 nero.de
127.0.0.1 Die Nehls-Roszak Werbung GmbH

There are 112 more lines.


==================== Scheduled Tasks (whitelisted) =============

Task: {0115A5A6-E64A-403E-ACAA-CC03CCEA8961} - System32\Tasks\{BEC36182-3C31-41AF-903B-DA5417E01792} => C:\Users\Admin\Downloads\tomtom\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Binaries\Borderlands.exe
Task: {0286D2A2-1E63-4032-841E-4B977FBD7810} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2715126414-4153456669-2541334608-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-11-30] (RealNetworks, Inc.)
Task: {03720371-86AE-43B6-B7F3-CCCD57810264} - System32\Tasks\{1C5F50C9-41C0-4A0A-A6B2-3E2F0B13CB70} => C:\Users\Admin\Downloads\tomtom\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Binaries\Borderlands.exe
Task: {1564EC25-AE28-46D9-8059-13CA9E8BCFA4} - System32\Tasks\Installation App Launcher => C:\Program Files (x86) (x86)\Lexmark 5600-6600 Series\ezprint.exe [2010-02-04] (Lexmark International Inc.)
Task: {213B6E15-7BE6-418F-8F75-647F45A8AD3C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-02-26] (Google Inc.)
Task: {235F1315-633F-499C-BF8D-B6181DF4CCE6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd)
Task: {38A89AE3-A38B-4CD6-8BDC-5975B69B9DE2} - System32\Tasks\{0D6D11F9-1C40-46D7-8CA3-4C7C0D126EBD} => C:\Users\Admin\Downloads\tomtom\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Binaries\Borderlands.exe
Task: {3B9857BE-320A-4982-BFEE-A6C0E0C60B7F} - System32\Tasks\{A399484D-F591-4733-818C-DC7338273965} => C:\SIERRA\gpl\gpl.exe [2007-03-22] (Sierra On-Line Inc.
Bellevue, WA 98007)
Task: {67515F07-1A0A-47FE-9B94-EA2CAD86617B} - System32\Tasks\B Lyrics Update => C:\Program Files (x86)\bLyrics\bLyrics.exe <==== ATTENTION
Task: {70577F12-FB82-400B-AE8A-2F65F7CA8ECC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-02-26] (Google Inc.)
Task: {71E9F36C-EAFA-43DE-9D06-E10AD4DAB409} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {729350B7-1537-4BD9-800C-4747F4334C0D} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2715126414-4153456669-2541334608-1010
Task: {8B0B1CDA-71D1-48E7-A959-E5E3773CB4A5} - System32\Tasks\{A9F987D8-E27B-4A6E-AF95-591274BBCFE1} => C:\Users\Admin\Downloads\tomtom\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Binaries\Borderlands.exe
Task: {8D9B1BA3-47A8-40DA-BF16-BEE94378AE41} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2715126414-4153456669-2541334608-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-11-30] (RealNetworks, Inc.)
Task: {8EC55220-8702-49AC-A22D-1920809C22C3} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2715126414-4153456669-2541334608-1000UA => C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe [2013-01-26] (Google Inc.)
Task: {91C39897-7AD6-452A-9089-B91838183D53} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2715126414-4153456669-2541334608-1000Core => C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe [2013-01-26] (Google Inc.)
Task: {94925380-9B7E-4D9C-A1AD-FB6D689E26DF} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2715126414-4153456669-2541334608-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-11-30] (RealNetworks, Inc.)
Task: {99CE50B9-986C-46A7-B0DB-F48DEE09F083} - System32\Tasks\AdobeAAMUpdater-1.0-Admin-PC-Admin => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {9A2FD0BA-7ABB-4DCF-B0FC-0C513C3C9B3A} - System32\Tasks\{0D305426-792B-4830-AD55-34D63689F52D} => C:\Adobe After Effects CS5.5\Set-up.exe
Task: {9E14EB50-1670-438F-9CFE-D6355012E8C3} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {B3D8EFCE-EDB2-4762-A8B7-26B125B8D4E1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-25] (Adobe Systems Incorporated)
Task: {BA83B7BA-EB12-4347-B67A-BAF1C658BAE0} - System32\Tasks\{42B98F6C-E6A1-449C-864F-8840083F92D0} => C:\Users\Admin\Downloads\tomtom\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Binaries\Borderlands.exe
Task: {BF24A726-5A9A-4E70-BFBF-DD3F82A8C814} - System32\Tasks\{19667509-9130-4E49-922E-3A85A064D196} => C:\Users\Admin\Downloads\tomtom\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Binaries\Borderlands.exe
Task: {C0F6313F-C440-45B2-8CD7-C7A9DAD819B1} - System32\Tasks\{C26A75A3-8B13-4FA8-9F1E-A1E2761ABEDB} => C:\SIERRA\gpl\gpl.exe [2007-03-22] (Sierra On-Line Inc.
Bellevue, WA 98007)
Task: {C3B15D4E-F036-45FA-B197-E9157035C5C5} - System32\Tasks\{40252C16-B304-4946-A21A-A72C62710961} => C:\Users\Admin\Downloads\tomtom\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Binaries\Borderlands.exe
Task: {C3BA5DA4-6B3E-4D2F-B2B1-E1844B234BFA} - System32\Tasks\{B049F9BB-5F69-4D85-8268-E17D45B6EEBA} => C:\Users\Admin\Downloads\Sony Ericsson PC Suite 2.10.46.exe
Task: {D50D10AA-5B1D-439D-92C1-91346CDE732F} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2715126414-4153456669-2541334608-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-11-30] (RealNetworks, Inc.)
Task: {DD8F72FA-2BD2-4376-9223-B2ACAF44D269} - System32\Tasks\{FA0972CC-1C72-4D7D-B73F-EA0731EAA574} => C:\Adobe After Effects CS5.5\Set-up.exe
Task: {E1D0CF52-AE3F-4B90-A040-F7F7DCFFD02B} - System32\Tasks\{E69133B3-03F7-47EA-9DD3-C1E9E8FB0D20} => C:\SIERRA\gpl\gpl.exe [2007-03-22] (Sierra On-Line Inc.
Bellevue, WA 98007)
Task: {EB4083E4-CBD1-4EC2-8221-216EBBDDF344} - System32\Tasks\Registry Reviver64-Admin-Startup => C:\Program Files\ReviverSoft\Registry Reviver\RegistryReviver64.exe
Task: {EC0F8BBE-33EC-4DFB-AA57-AF4A72872C88} - System32\Tasks\Recovery Management\Burn Notification => C:\Program Files\Acer\Acer eRecovery Management\NotificationCenter\Notification.exe [2009-07-09] (Acer)
Task: {F25783B2-2843-4A07-A384-80AD1BF7669B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\B Lyrics Update.job => C:\Program Files (x86)\bLyrics\bLyrics.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2715126414-4153456669-2541334608-1000Core.job => C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2715126414-4153456669-2541334608-1000UA.job => C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Registry Reviver64-Admin-Startup.job => C:\Program Files\ReviverSoft\Registry Reviver\RegistryReviver64.exe

==================== Loaded Modules (whitelisted) =============

2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2010-05-08 17:20 - 2010-03-15 10:28 - 00166400 _____ () C:\Program Files\WinRAR\rarext.dll
2010-07-15 05:44 - 2010-07-15 05:44 - 00020032 _____ () C:\Program Files (x86)\Unlocker\UnlockerCOM.dll
2013-05-20 11:32 - 2013-01-25 09:25 - 00397704 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2013-04-21 20:44 - 2013-04-21 20:44 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-04-21 20:44 - 2013-04-21 20:44 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2010-11-10 09:55 - 2010-11-10 09:55 - 00360960 _____ () C:\Program Files (x86)\GFI\LANguard 9\lnssalerter.dll
2010-10-20 18:25 - 2010-10-20 18:25 - 00233984 _____ () C:\Program Files (x86)\GFI\LANguard 9\apistrings.dll
2010-11-01 10:32 - 2010-11-01 10:32 - 00142336 _____ () C:\Program Files (x86)\GFI\LANguard 9\modlop.dll
2010-05-10 10:58 - 2010-05-10 10:58 - 00640512 _____ () C:\Program Files (x86)\GFI\LANguard 9\exporter.dll
2010-11-11 15:54 - 2010-11-11 15:54 - 01691136 _____ () C:\Program Files (x86)\GFI\LANguard 9\crmimodule.dll
2010-05-07 13:36 - 2010-05-07 13:36 - 00221696 _____ () C:\Program Files (x86)\GFI\LANguard 9\schedcompactdb.dll
2010-11-11 15:29 - 2010-11-11 15:29 - 00181760 _____ () C:\Program Files (x86)\GFI\LANguard 9\patchautodownload.dll
2010-11-10 19:12 - 2010-11-10 19:12 - 00434176 _____ () C:\Program Files (x86)\GFI\LANguard 9\patchdeployment.dll
2006-06-02 16:37 - 2006-06-02 16:37 - 00741376 _____ () C:\Program Files (x86)\GFI\LANguard 9\TntUnicodeVcl_R90.bpl
2010-05-06 09:14 - 2010-05-06 09:14 - 00256000 _____ () C:\Program Files (x86)\GFI\LANguard 9\scheduledscans.dll
2009-07-13 22:03 - 2009-07-14 02:15 - 00364544 _____ () C:\Windows\SysWOW64\msjetoledb40.dll
2010-05-07 14:27 - 2010-05-07 14:27 - 00065024 _____ () C:\Program Files (x86)\GFI\LANguard 9\schedupdates.dll
2003-05-08 15:17 - 2003-05-08 15:17 - 00098304 _____ () C:\Program Files (x86)\Common Files\GFI\ReportCenter\Framework v3.5\gfi_log.dll
2009-07-09 15:17 - 2009-07-09 15:17 - 00131072 _____ () C:\Program Files (x86)\GFI\LANguard 9.0 ReportPack\LNSS9PlugIn.dll
2006-09-12 17:39 - 2006-09-12 17:39 - 00002560 _____ () C:\Program Files (x86)\Common Files\GFI\ReportCenter\Framework v3.5\invoke.dll
2009-06-18 13:22 - 2009-06-18 13:22 - 00136704 _____ () C:\Program Files (x86)\GFI\LANguard 9.0 ReportPack\modlop9.dll
2008-09-30 15:19 - 2008-09-30 15:19 - 00010240 _____ () C:\Program Files (x86)\GFI\LANguard 9.0 ReportPack\nsslc9.dll
2011-07-13 19:36 - 2011-07-13 19:36 - 00347944 _____ () C:\ProgramData\TVersity\Media Server\taglib.dll
2011-07-13 19:36 - 2011-07-13 19:36 - 00225064 _____ () C:\ProgramData\TVersity\Media Server\CORE_RL_lcms_.dll
2011-07-13 19:36 - 2011-07-13 19:36 - 00031528 _____ () C:\ProgramData\TVersity\Media Server\CORE_RL_xlib_.dll
2011-07-13 19:36 - 2011-07-13 19:36 - 00716584 _____ () C:\ProgramData\TVersity\Media Server\log4cxx.dll
2011-07-13 19:35 - 2011-07-13 19:35 - 04534072 _____ () C:\ProgramData\TVersity\Media Server\avcodec-52.dll
2011-07-13 19:36 - 2011-07-13 19:36 - 00083768 _____ () C:\ProgramData\TVersity\Media Server\avutil-50.dll
2011-07-13 19:36 - 2011-07-13 19:36 - 00313640 _____ () C:\ProgramData\TVersity\Media Server\libmp3lame-0.dll
2011-07-13 19:36 - 2011-07-13 19:36 - 00795448 _____ () C:\ProgramData\TVersity\Media Server\avformat-52.dll
2011-07-13 19:35 - 2011-07-13 19:35 - 00203064 _____ () C:\ProgramData\TVersity\Media Server\swscale-0.dll
2011-07-13 19:36 - 2011-07-13 19:36 - 00509720 _____ () C:\ProgramData\TVersity\Media Server\sqlite3.dll
2009-09-24 16:17 - 2009-09-24 16:17 - 00267264 _____ () C:\Windows\system32\WinTab32.DLL
2009-09-24 16:16 - 2009-09-24 16:16 - 00200704 _____ () C:\Windows\SysWOW64\WinTab32.DLL
2010-07-04 22:32 - 2010-07-04 22:32 - 00004608 _____ () C:\Program Files (x86)\Unlocker\UnlockerHook.dll
2010-09-24 17:06 - 2009-02-06 18:52 - 00073728 _____ () C:\Windows\SysWOW64\CmdRtr.DLL
2010-09-24 17:06 - 2009-03-26 14:46 - 00148480 _____ () C:\Windows\SysWOW64\APOMngr.DLL
2009-08-26 04:29 - 2009-08-26 04:29 - 00150016 _____ () C:\Windows\SysWOW64\OemSpiE.dll
2000-01-01 01:00 - 2000-01-01 01:00 - 04531726 _____ () C:\Users\Admin\Desktop\Tor Browser\Browser\mozjs.dll
2013-12-20 18:54 - 2013-12-20 18:54 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2000-01-01 01:00 - 2000-01-01 01:00 - 00505859 _____ () C:\Users\Admin\Desktop\Tor Browser\Tor\libevent-2-0-5.dll
2000-01-01 01:00 - 2000-01-01 01:00 - 00090112 _____ () C:\Users\Admin\Desktop\Tor Browser\Tor\zlib1.dll
2000-01-01 01:00 - 2000-01-01 01:00 - 00104451 _____ () C:\Users\Admin\Desktop\Tor Browser\Tor\libssp-0.dll
2014-01-25 18:14 - 2014-01-25 18:14 - 16287624 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Windows:FB92BB6B6E4828F1
AlternateDataStreams: C:\ProgramData\Temp:1D32EC29

==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============

Name: Standardtastatur (PS/2)
Description: Standardtastatur (PS/2)
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardtastaturen)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Microsoft PS/2-Maus
Description: Microsoft PS/2-Maus
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/26/2014 09:36:29 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/25/2014 06:12:42 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (01/24/2014 07:38:35 PM) (Source: ATIeRecord) (User: )
Description: ATI EEU Client has failed to start

Error: (01/23/2014 08:20:46 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 26.0.0.5087, Zeitstempel: 0x52a0d273
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc000000d
Fehleroffset: 0x00095873
ID des fehlerhaften Prozesses: 0x1334
Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0
Pfad der fehlerhaften Anwendung: firefox.exe1
Pfad des fehlerhaften Moduls: firefox.exe2
Berichtskennung: firefox.exe3

Error: (01/23/2014 06:29:44 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (01/20/2014 08:52:47 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: WTClient.exe, Version: 8.19.2009.1, Zeitstempel: 0x4a8bd2d7
Name des fehlerhaften Moduls: WinTab32.DLL_unloaded, Version: 0.0.0.0, Zeitstempel: 0x4abb38dd
Ausnahmecode: 0xc0000005
Fehleroffset: 0x100194f0
ID des fehlerhaften Prozesses: 0xc18
Startzeit der fehlerhaften Anwendung: 0xWTClient.exe0
Pfad der fehlerhaften Anwendung: WTClient.exe1
Pfad des fehlerhaften Moduls: WTClient.exe2
Berichtskennung: WTClient.exe3

Error: (01/20/2014 08:40:23 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/20/2014 08:40:23 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/20/2014 07:56:09 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (01/20/2014 07:45:58 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (01/27/2014 06:53:51 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
Lbd
papycpu2

Error: (01/27/2014 06:53:16 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "lxduCATSCustConnectService" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (01/27/2014 06:53:16 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst lxduCATSCustConnectService erreicht.

Error: (01/27/2014 06:52:51 PM) (Source: Application Popup) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\papycpu2.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (01/27/2014 06:36:00 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
Lbd
papycpu2

Error: (01/27/2014 06:34:52 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "lxduCATSCustConnectService" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (01/27/2014 06:34:52 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst lxduCATSCustConnectService erreicht.

Error: (01/27/2014 06:34:27 PM) (Source: Application Popup) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\papycpu2.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (01/27/2014 06:34:35 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎27.‎01.‎2014 um 18:33:23 unerwartet heruntergefahren.

Error: (01/27/2014 06:23:21 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Akamai erreicht.


Microsoft Office Sessions:
=========================
Error: (12/04/2010 07:32:51 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 28 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (10/10/2010 04:07:29 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6535.5002, Microsoft Office Version: 12.0.6425.1000. This session lasted 560 seconds with 420 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2014-01-19 18:31:31.406
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume6\Windows\winsxs\wow64_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6002.18005_none_56eb524ed945a70c\bcrypt.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-19 18:31:31.288
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume6\Windows\winsxs\wow64_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6002.18005_none_56eb524ed945a70c\bcrypt.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-19 18:31:31.165
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume6\Windows\winsxs\wow64_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6002.18005_none_56eb524ed945a70c\bcrypt.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-16 22:29:18.949
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume6\Windows\winsxs\wow64_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.0.6001.18000_none_d6005436ad01f9a3\Win32_Tpm.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-16 22:29:18.840
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume6\Windows\winsxs\wow64_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.0.6001.18000_none_d6005436ad01f9a3\Win32_Tpm.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-16 22:29:18.731
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume6\Windows\winsxs\wow64_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.0.6001.18000_none_d6005436ad01f9a3\Win32_Tpm.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-16 22:28:18.921
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume6\Windows\winsxs\wow64_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6002.18005_none_56eb524ed945a70c\bcrypt.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-16 22:28:18.811
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume6\Windows\winsxs\wow64_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6002.18005_none_56eb524ed945a70c\bcrypt.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-16 22:28:18.702
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume6\Windows\winsxs\wow64_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6002.18005_none_56eb524ed945a70c\bcrypt.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-16 22:28:18.531
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume6\Windows\winsxs\wow64_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6001.18000_none_54ffd942dc23dbc0\bcrypt.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 57%
Total physical RAM: 4087.08 MB
Available physical RAM: 1732.69 MB
Total Pagefile: 8172.34 MB
Available Pagefile: 4892.39 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:455.95 GB) (Free:127.49 GB) NTFS
Drive d: (DATA) (Fixed) (Total:456.46 GB) (Free:243.3 GB) NTFS
Drive f: (ACER) (Fixed) (Total:366.76 GB) (Free:193.9 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive g: (Volume) (Fixed) (Total:274.98 GB) (Free:234.68 GB) NTFS
Drive h: (Games) (Fixed) (Total:275.12 GB) (Free:77.51 GB) NTFS
Drive q: (Iomega HDD) (Fixed) (Total:596.17 GB) (Free:367.05 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 1226C5E7)
Partition 1: (Not Active) - (Size=19 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=456 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=456 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 932 GB) (Disk ID: 7E8E1FA3)
Partition 1: (Not Active) - (Size=15 GB) - (Type=27)
Partition 2: (Active) - (Size=367 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=275 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=275 GB) - (Type=OF Extended)

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 596 GB) (Disk ID: CBD306F8)
Partition 1: (Not Active) - (Size=596 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
weiter im Zweiten post....
__________________

Geändert von Vater Sohn (28.01.2014 um 18:27 Uhr)

Alt 28.01.2014, 18:23   #4
Vater Sohn
 
Windows 7: Neue E-Mail Adresse erstellt und gleich Spoof Mail bekommen... Ebay rät Trojaner Check! - Standard

Windows 7: Neue E-Mail Adresse erstellt und gleich Spoof Mail bekommen... Ebay rät Trojaner Check!



hier das GMER log

Code:
ATTFilter
GMER 2.1.19355 - hxxp://www.gmer.net
Rootkit scan 2014-01-27 19:34:05
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 WDC_WD10 rev.05.0 931,51GB
Running: gmer.exe; Driver: C:\Users\Admin\AppData\Local\Temp\pwlorpod.sys


---- Kernel code sections - GMER 2.1 ----

INITKDBG  C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 528                                                                                                                                                                                                    fffff800035a2000 45 bytes [00, 00, 00, 00, 00, 00, 00, ...]
INITKDBG  C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 575                                                                                                                                                                                                    fffff800035a202f 16 bytes [00, 00, 00, 00, 00, 00, 00, ...]

---- User code sections - GMER 2.1 ----

.text     C:\Windows\SysWOW64\svchost.exe[1952] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                                                                                                                                         0000000075d21465 2 bytes [D2, 75]
.text     C:\Windows\SysWOW64\svchost.exe[1952] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                                                                                                                                        0000000075d214bb 2 bytes [D2, 75]
.text     ...                                                                                                                                                                                                                                                                   * 2
.text     C:\Program Files (x86)\Common Files\GFI\ReportCenter\Framework v3.5\gfireporterservice.exe[1920] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69                                                                                                              0000000075d21465 2 bytes [D2, 75]
.text     C:\Program Files (x86)\Common Files\GFI\ReportCenter\Framework v3.5\gfireporterservice.exe[1920] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155                                                                                                             0000000075d214bb 2 bytes [D2, 75]
.text     ...                                                                                                                                                                                                                                                                   * 2
.text     C:\Windows\SysWOW64\PnkBstrA.exe[2332] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 322                                                                                                                                                                               00000000725a1a22 2 bytes [5A, 72]
.text     C:\Windows\SysWOW64\PnkBstrA.exe[2332] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 496                                                                                                                                                                               00000000725a1ad0 2 bytes [5A, 72]
.text     C:\Windows\SysWOW64\PnkBstrA.exe[2332] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 552                                                                                                                                                                               00000000725a1b08 2 bytes [5A, 72]
.text     C:\Windows\SysWOW64\PnkBstrA.exe[2332] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 730                                                                                                                                                                               00000000725a1bba 2 bytes [5A, 72]
.text     C:\Windows\SysWOW64\PnkBstrA.exe[2332] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 762                                                                                                                                                                               00000000725a1bda 2 bytes [5A, 72]
.text     C:\Windows\SysWOW64\PnkBstrB.exe[2768] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 322                                                                                                                                                                               00000000725a1a22 2 bytes [5A, 72]
.text     C:\Windows\SysWOW64\PnkBstrB.exe[2768] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 496                                                                                                                                                                               00000000725a1ad0 2 bytes [5A, 72]
.text     C:\Windows\SysWOW64\PnkBstrB.exe[2768] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 552                                                                                                                                                                               00000000725a1b08 2 bytes [5A, 72]
.text     C:\Windows\SysWOW64\PnkBstrB.exe[2768] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 730                                                                                                                                                                               00000000725a1bba 2 bytes [5A, 72]
.text     C:\Windows\SysWOW64\PnkBstrB.exe[2768] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 762                                                                                                                                                                               00000000725a1bda 2 bytes [5A, 72]
.text     C:\Users\Admin\AppData\Local\Akamai\netsession_win.exe[4940] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                                                                                                                  0000000075d21465 2 bytes [D2, 75]
.text     C:\Users\Admin\AppData\Local\Akamai\netsession_win.exe[4940] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                                                                                                                 0000000075d214bb 2 bytes [D2, 75]
.text     ...                                                                                                                                                                                                                                                                   * 2
.text     C:\Users\Admin\AppData\Local\Akamai\netsession_win.exe[304] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                                                                                                                   0000000075d21465 2 bytes [D2, 75]
.text     C:\Users\Admin\AppData\Local\Akamai\netsession_win.exe[304] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                                                                                                                  0000000075d214bb 2 bytes [D2, 75]
.text     ...                                                                                                                                                                                                                                                                   * 2
.text     C:\Windows\SysWOW64\rundll32.exe[5116] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathW + 26                                                                                                                                                                         0000000073c213c6 2 bytes [C2, 73]
.text     C:\Windows\SysWOW64\rundll32.exe[5116] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathW + 74                                                                                                                                                                         0000000073c213f6 2 bytes [C2, 73]
.text     C:\Windows\SysWOW64\rundll32.exe[5116] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathW + 257                                                                                                                                                                        0000000073c214ad 2 bytes [C2, 73]
.text     C:\Windows\SysWOW64\rundll32.exe[5116] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathW + 303                                                                                                                                                                        0000000073c214db 2 bytes [C2, 73]
.text     ...                                                                                                                                                                                                                                                                   * 2
.text     C:\Windows\SysWOW64\rundll32.exe[5116] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathA + 79                                                                                                                                                                         0000000073c21577 2 bytes [C2, 73]
.text     C:\Windows\SysWOW64\rundll32.exe[5116] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathA + 175                                                                                                                                                                        0000000073c215d7 2 bytes [C2, 73]
.text     C:\Windows\SysWOW64\rundll32.exe[5116] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathA + 620                                                                                                                                                                        0000000073c21794 2 bytes [C2, 73]
.text     C:\Windows\SysWOW64\rundll32.exe[5116] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathA + 921                                                                                                                                                                        0000000073c218c1 2 bytes [C2, 73]
.text     C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe[3052] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathW + 26                                                                                                                             0000000073c213c6 2 bytes [C2, 73]
.text     C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe[3052] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathW + 74                                                                                                                             0000000073c213f6 2 bytes [C2, 73]
.text     C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe[3052] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathW + 257                                                                                                                            0000000073c214ad 2 bytes [C2, 73]
.text     C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe[3052] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathW + 303                                                                                                                            0000000073c214db 2 bytes [C2, 73]
.text     ...                                                                                                                                                                                                                                                                   * 2
.text     C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe[3052] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathA + 79                                                                                                                             0000000073c21577 2 bytes [C2, 73]
.text     C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe[3052] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathA + 175                                                                                                                            0000000073c215d7 2 bytes [C2, 73]
.text     C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe[3052] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathA + 620                                                                                                                            0000000073c21794 2 bytes [C2, 73]
.text     C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe[3052] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathA + 921                                                                                                                            0000000073c218c1 2 bytes [C2, 73]
.text     C:\Users\Admin\AppData\Local\Apps\2.0\YGD287R3.OLT\3Z9Z33T1.LMN\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe[1560] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                   0000000075d21465 2 bytes [D2, 75]
.text     C:\Users\Admin\AppData\Local\Apps\2.0\YGD287R3.OLT\3Z9Z33T1.LMN\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe[1560] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                  0000000075d214bb 2 bytes [D2, 75]
.text     ...                                                                                                                                                                                                                                                                   * 2

---- Threads - GMER 2.1 ----

Thread    C:\Windows\system32\svchost.exe [1296:1376]                                                                                                                                                                                                                           000007fefa708274
Thread    C:\Windows\system32\svchost.exe [1296:3456]                                                                                                                                                                                                                           000007fefa708274
Thread    C:\Windows\System32\spoolsv.exe [1616:3160]                                                                                                                                                                                                                           0000000051074ba0
Thread    C:\Windows\System32\spoolsv.exe [1616:3412]                                                                                                                                                                                                                           000000006508e0e0
Thread    C:\Windows\System32\spoolsv.exe [1616:3076]                                                                                                                                                                                                                           000007fef7a910c8
Thread    C:\Windows\System32\spoolsv.exe [1616:3280]                                                                                                                                                                                                                           000007fef7616144
Thread    C:\Windows\System32\spoolsv.exe [1616:3380]                                                                                                                                                                                                                           000007fef7405fd0
Thread    C:\Windows\System32\spoolsv.exe [1616:3304]                                                                                                                                                                                                                           000007fef7aa3438
Thread    C:\Windows\System32\spoolsv.exe [1616:3488]                                                                                                                                                                                                                           000007fef74063ec
Thread    C:\Windows\System32\spoolsv.exe [1616:3552]                                                                                                                                                                                                                           000007fef82c5e5c
Thread    C:\Windows\System32\spoolsv.exe [1616:3772]                                                                                                                                                                                                                           000007fef79a5074
Thread    C:\Windows\System32\spoolsv.exe [1616:4204]                                                                                                                                                                                                                           000007fef7a12288
Thread    C:\Windows\System32\spoolsv.exe [1616:4392]                                                                                                                                                                                                                           000007fef7978760
Thread    C:\Windows\System32\WUDFHost.exe [4508:4164]                                                                                                                                                                                                                          000007fef38224a0
---- Processes - GMER 2.1 ----

Process   C:\Users\Admin\AppData\Local\Akamai\netsession_win.exe (*** suspicious ***) @ C:\Users\Admin\AppData\Local\Akamai\netsession_win.exe [4940]                                                                                                                           0000000000400000
Process   C:\Users\Admin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (*** suspicious ***) @ C:\Users\Admin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [4252]                                                                                                       0000000000400000
Process   C:\Users\Admin\AppData\Local\Akamai\netsession_win.exe (*** suspicious ***) @ C:\Users\Admin\AppData\Local\Akamai\netsession_win.exe [304]                                                                                                                            0000000000400000
Process   C:\Users\Admin\AppData\Local\Apps\2.0\YGD287R3.OLT\3Z9Z33T1.LMN\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe (*** suspicious ***) @ C:\Users\Admin\AppData\Local\Apps\2.0\YGD287R3.OLT\3Z9Z33T1.LMN\frit..tion_8488884cfbce  0000000001200000
Library   C:\Users\Admin\AppData\Local\Apps\2.0\YGD287R3.OLT\3Z9Z33T1.LMN\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\avmacc32.dll (*** suspicious ***) @ C:\Users\Admin\AppData\Local\Apps\2.0\YGD287R3.OLT\3Z9Z33T1.LMN\frit..tion_8488884cfbcefd60_0002.0003_f40  0000000073e30000
Library   C:\Users\Admin\AppData\Local\Apps\2.0\YGD287R3.OLT\3Z9Z33T1.LMN\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\managedupnp.DLL (*** suspicious ***) @ C:\Users\Admin\AppData\Local\Apps\2.0\YGD287R3.OLT\3Z9Z33T1.LMN\frit..tion_8488884cfbcefd60_0002.0003_  00000000005d0000
Library   C:\Users\Admin\AppData\Local\Apps\2.0\YGD287R3.OLT\3Z9Z33T1.LMN\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\avmcsock.dll (*** suspicious ***) @ C:\Users\Admin\AppData\Local\Apps\2.0\YGD287R3.OLT\3Z9Z33T1.LMN\frit..tion_8488884cfbcefd60_0002.0003_f40  0000000006720000
Library   C:\Users\Admin\AppData\Local\Apps\2.0\YGD287R3.OLT\3Z9Z33T1.LMN\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\upnpapicli.dll (*** suspicious ***) @ C:\Users\Admin\AppData\Local\Apps\2.0\YGD287R3.OLT\3Z9Z33T1.LMN\frit..tion_8488884cfbcefd60_0002.0003_f  0000000000f40000

---- Registry - GMER 2.1 ----

Reg       HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC                                                                                                                                                                                      
Reg       HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0                                                                                                                                                                                   0x00 0x00 0x00 0x00 ...
Reg       HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                                                                                                                                                                   0
Reg       HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                                                                                                                                                                                0x2E 0x06 0x94 0x46 ...
Reg       HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)                                                                                                                                                                  
Reg       HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0                                                                                                                                                                                       0x00 0x00 0x00 0x00 ...
Reg       HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                                                                                                                                                                       0
Reg       HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                                                                                                                                                                                    0x2E 0x06 0x94 0x46 ...

---- EOF - GMER 2.1 ----
         
so das war es glaub ich...

Danke für hilfe...

Alt 29.01.2014, 11:54   #5
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 7: Neue E-Mail Adresse erstellt und gleich Spoof Mail bekommen... Ebay rät Trojaner Check! - Standard

Windows 7: Neue E-Mail Adresse erstellt und gleich Spoof Mail bekommen... Ebay rät Trojaner Check!



hi,

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.


__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 29.01.2014, 20:04   #6
Vater Sohn
 
Windows 7: Neue E-Mail Adresse erstellt und gleich Spoof Mail bekommen... Ebay rät Trojaner Check! - Standard

Windows 7: Neue E-Mail Adresse erstellt und gleich Spoof Mail bekommen... Ebay rät Trojaner Check!



Hallo Schrauber, danke für deine hilfe...

beim Scannen gab es zweimal eine meldung von Avira... obwohl ich den EchtzeitScanner abgeschaltet hatte...

Avira meldung
Code:
ATTFilter
Der Administrator hat per Sicherheitsrichtlinie den Zugriff auf die Registry blockiert.
         
Hoffe das ist kein problem...

Das ComboFix log ist leider zu groß ... wird mir bei der Vorschau angezeigt !
Ich füge es als datei an! Ich weiß nicht ob ich es Splitten soll?


Gruß Vater Sohn

Alt 30.01.2014, 16:23   #7
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 7: Neue E-Mail Adresse erstellt und gleich Spoof Mail bekommen... Ebay rät Trojaner Check! - Standard

Windows 7: Neue E-Mail Adresse erstellt und gleich Spoof Mail bekommen... Ebay rät Trojaner Check!



Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.


So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.




Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 30.01.2014, 19:29   #8
Vater Sohn
 
Windows 7: Neue E-Mail Adresse erstellt und gleich Spoof Mail bekommen... Ebay rät Trojaner Check! - Standard

Windows 7: Neue E-Mail Adresse erstellt und gleich Spoof Mail bekommen... Ebay rät Trojaner Check!



OK ..


ComboFix LOG


Teil 1
Code:
ATTFilter
ComboFix 14-01-29.01 - Admin 29.01.2014  18:41:02.1.8 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.4087.2362 [GMT 1:00]
ausgeführt von:: c:\users\Admin\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
 ADS - Windows: deleted 24 bytes in 1 streams. 
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\END
c:\program files (x86)\Common Files\Acer GameZone online.ico
c:\program files (x86)\XingHaoLyrics
c:\programdata\SPL147.tmp
c:\programdata\SPL1872.tmp
c:\programdata\SPL1E84.tmp
c:\programdata\SPL27AB.tmp
c:\programdata\SPL2BC1.tmp
c:\programdata\SPL451C.tmp
c:\programdata\SPL6ED8.tmp
c:\programdata\SPL6FC3.tmp
c:\programdata\SPL7399.tmp
c:\programdata\SPL7723.tmp
c:\programdata\SPL7FC9.tmp
c:\programdata\SPL94DF.tmp
c:\programdata\SPL9531.tmp
c:\programdata\SPL9656.tmp
c:\programdata\SPL9961.tmp
c:\programdata\SPLB09.tmp
c:\programdata\SPLC2B7.tmp
c:\programdata\SPLC5BE.tmp
c:\programdata\SPLC80F.tmp
c:\programdata\SPLCC37.tmp
c:\programdata\SPLCC53.tmp
c:\programdata\SPLD2A.tmp
c:\programdata\SPLD32A.tmp
c:\programdata\SPLE994.tmp
c:\programdata\SPLEA5E.tmp
c:\users\Admin\AppData\Roaming\vso_ts_preview.xml
c:\users\Admin\Benz Gold .xcf
c:\windows\SysWow64\frapsvid.dll
c:\windows\SysWow64\ST~1DE2.tmp
c:\windows\SysWow64\ST~1DF3.tmp
c:\windows\SysWow64\ST~2BED.tmp
c:\windows\SysWow64\ST~2BFD.tmp
c:\windows\SysWow64\ST~74F3.tmp
c:\windows\SysWow64\ST~74F4.tmp
c:\windows\SysWow64\tmp26D3.tmp
c:\windows\SysWow64\tmp26E3.tmp
c:\windows\SysWow64\tmp3DBD.tmp
c:\windows\SysWow64\tmp3E4A.tmp
c:\windows\SysWow64\tmp5B99.tmp
c:\windows\SysWow64\tmp5BAA.tmp
c:\windows\SysWow64\tmpE199.tmp
c:\windows\SysWow64\tmpF0E3.tmp
c:\windows\SysWow64\tmpF9A9.tmp
c:\windows\wininit.ini
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-12-28 bis 2014-01-29  ))))))))))))))))))))))))))))))
.
.
2014-01-29 17:50 . 2014-01-29 17:50	--------	d-----w-	c:\users\Surf and Gaming\AppData\Local\temp
2014-01-29 17:50 . 2014-01-29 17:50	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-01-27 18:04 . 2014-01-27 18:04	--------	d-----w-	C:\FRST
2014-01-26 07:00 . 2014-01-26 07:00	--------	d-----w-	c:\users\Admin\AppData\Local\Babylon
2014-01-26 07:00 . 2014-01-26 07:00	--------	d-----w-	c:\users\Admin\AppData\Roaming\Babylon
2014-01-26 07:00 . 2014-01-26 07:00	--------	d-----w-	c:\programdata\Babylon
2014-01-24 18:29 . 2014-01-24 18:29	--------	d-----w-	C:\download
2014-01-19 07:49 . 2014-01-19 07:49	--------	d-----w-	c:\users\Admin\AppData\Roaming\QuickScan
2014-01-15 17:41 . 2013-11-27 01:41	343040	----a-w-	c:\windows\system32\drivers\usbhub.sys
2014-01-15 17:41 . 2013-11-27 01:41	99840	----a-w-	c:\windows\system32\drivers\usbccgp.sys
2014-01-15 17:41 . 2013-11-27 01:41	53248	----a-w-	c:\windows\system32\drivers\usbehci.sys
2014-01-15 17:41 . 2013-11-27 01:41	325120	----a-w-	c:\windows\system32\drivers\usbport.sys
2014-01-15 17:41 . 2013-11-27 01:41	25600	----a-w-	c:\windows\system32\drivers\usbohci.sys
2014-01-15 17:41 . 2013-11-27 01:41	30720	----a-w-	c:\windows\system32\drivers\usbuhci.sys
2014-01-15 17:41 . 2013-11-27 01:41	7808	----a-w-	c:\windows\system32\drivers\usbd.sys
2014-01-15 17:41 . 2013-11-26 10:32	3156480	----a-w-	c:\windows\system32\win32k.sys
2014-01-15 17:41 . 2013-11-26 11:40	376768	----a-w-	c:\windows\system32\drivers\netio.sys
2014-01-10 17:18 . 2013-04-04 13:50	25928	----a-w-	c:\windows\system32\drivers\mbam.sys
2014-01-02 19:21 . 2014-01-02 19:21	--------	d-----w-	c:\windows\Migration
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-25 17:14 . 2012-04-04 10:04	692616	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-01-25 17:14 . 2011-07-09 11:49	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-01-15 19:03 . 2010-02-26 13:16	86054176	----a-w-	c:\windows\system32\MRT.exe
2013-12-18 18:03 . 2013-05-20 10:33	84720	----a-w-	c:\windows\system32\drivers\avnetflt.sys
2013-12-18 18:03 . 2013-05-20 10:32	131576	----a-w-	c:\windows\system32\drivers\avipbb.sys
2013-12-18 18:03 . 2013-05-20 10:32	108440	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2013-12-11 17:14 . 2013-12-11 17:14	9272200	----a-w-	c:\windows\SysWow64\FlashPlayerInstaller.exe
2013-11-26 11:54 . 2013-12-11 21:11	23183360	----a-w-	c:\windows\system32\mshtml.dll
2013-11-26 10:19 . 2013-12-11 21:11	2724864	----a-w-	c:\windows\system32\mshtml.tlb
2013-11-26 10:18 . 2013-12-11 21:11	4096	----a-w-	c:\windows\system32\ieetwcollectorres.dll
2013-11-26 09:48 . 2013-12-11 21:11	66048	----a-w-	c:\windows\system32\iesetup.dll
2013-11-26 09:46 . 2013-12-11 21:11	48640	----a-w-	c:\windows\system32\ieetwproxystub.dll
2013-11-26 09:41 . 2013-12-11 21:11	2764288	----a-w-	c:\windows\system32\iertutil.dll
2013-11-26 09:29 . 2013-12-11 21:11	53760	----a-w-	c:\windows\system32\jsproxy.dll
2013-11-26 09:27 . 2013-12-11 21:11	33792	----a-w-	c:\windows\system32\iernonce.dll
2013-11-26 09:23 . 2013-12-11 21:11	2724864	----a-w-	c:\windows\SysWow64\mshtml.tlb
2013-11-26 09:21 . 2013-12-11 21:11	574976	----a-w-	c:\windows\system32\ieui.dll
2013-11-26 09:18 . 2013-12-11 21:11	139264	----a-w-	c:\windows\system32\ieUnatt.exe
2013-11-26 09:18 . 2013-12-11 21:11	111616	----a-w-	c:\windows\system32\ieetwcollector.exe
2013-11-26 09:16 . 2013-12-11 21:11	708608	----a-w-	c:\windows\system32\jscript9diag.dll
2013-11-26 08:57 . 2013-12-11 21:11	218624	----a-w-	c:\windows\system32\ie4uinit.exe
2013-11-26 08:35 . 2013-12-11 21:11	5769216	----a-w-	c:\windows\system32\jscript9.dll
2013-11-26 08:28 . 2013-12-11 21:11	553472	----a-w-	c:\windows\SysWow64\jscript9diag.dll
2013-11-26 08:16 . 2013-12-11 21:11	4243968	----a-w-	c:\windows\SysWow64\jscript9.dll
2013-11-26 08:02 . 2013-12-11 21:11	1995264	----a-w-	c:\windows\system32\inetcpl.cpl
2013-11-26 07:50 . 2013-05-20 10:32	28600	----a-w-	c:\windows\system32\drivers\avkmgr.sys
2013-11-26 07:48 . 2013-12-11 21:11	12996608	----a-w-	c:\windows\system32\ieframe.dll
2013-11-26 07:32 . 2013-12-11 21:11	1928192	----a-w-	c:\windows\SysWow64\inetcpl.cpl
2013-11-26 07:07 . 2013-12-11 21:11	2334208	----a-w-	c:\windows\system32\wininet.dll
2013-11-26 06:40 . 2013-12-11 21:11	1395200	----a-w-	c:\windows\system32\urlmon.dll
2013-11-26 06:34 . 2013-12-11 21:11	817664	----a-w-	c:\windows\system32\ieapfltr.dll
2013-11-26 06:33 . 2013-12-11 21:11	1820160	----a-w-	c:\windows\SysWow64\wininet.dll
2013-11-23 18:26 . 2013-12-11 16:55	417792	----a-w-	c:\windows\SysWow64\WMPhoto.dll
2013-11-23 17:47 . 2013-12-11 16:55	465920	----a-w-	c:\windows\system32\WMPhoto.dll
2013-11-13 17:25 . 2013-11-13 17:25	940032	----a-w-	c:\windows\system32\MsSpellCheckingFacility.exe
2013-11-13 17:25 . 2013-11-13 17:25	194048	----a-w-	c:\windows\SysWow64\elshyph.dll
2013-11-13 17:25 . 2013-11-13 17:25	71680	----a-w-	c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-11-13 17:25 . 2013-11-13 17:25	645120	----a-w-	c:\windows\SysWow64\jsIntl.dll
2013-11-13 17:25 . 2013-11-13 17:25	235008	----a-w-	c:\windows\system32\elshyph.dll
2013-11-13 17:25 . 2013-11-13 17:25	182272	----a-w-	c:\windows\SysWow64\msls31.dll
2013-11-13 17:25 . 2013-11-13 17:25	942592	----a-w-	c:\windows\system32\jsIntl.dll
2013-11-13 17:25 . 2013-11-13 17:25	86016	----a-w-	c:\windows\SysWow64\iesysprep.dll
2013-11-13 17:25 . 2013-11-13 17:25	86016	----a-w-	c:\windows\system32\RegisterIEPKEYs.exe
2013-11-13 17:25 . 2013-11-13 17:25	74240	----a-w-	c:\windows\SysWow64\SetIEInstalledDate.exe
2013-11-13 17:25 . 2013-11-13 17:25	62464	----a-w-	c:\windows\SysWow64\tdc.ocx
2013-11-13 17:25 . 2013-11-13 17:25	61952	----a-w-	c:\windows\SysWow64\MshtmlDac.dll
2013-11-13 17:25 . 2013-11-13 17:25	61952	----a-w-	c:\windows\SysWow64\iesetup.dll
2013-11-13 17:25 . 2013-11-13 17:25	52224	----a-w-	c:\windows\system32\msfeedsbs.dll
2013-11-13 17:25 . 2013-11-13 17:25	51200	----a-w-	c:\windows\SysWow64\ieetwproxystub.dll
2013-11-13 17:25 . 2013-11-13 17:25	48640	----a-w-	c:\windows\SysWow64\mshtmler.dll
2013-11-13 17:25 . 2013-11-13 17:25	454656	----a-w-	c:\windows\SysWow64\vbscript.dll
2013-11-13 17:25 . 2013-11-13 17:25	36352	----a-w-	c:\windows\SysWow64\imgutil.dll
2013-11-13 17:25 . 2013-11-13 17:25	34816	----a-w-	c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2013-11-13 17:25 . 2013-11-13 17:25	337408	----a-w-	c:\windows\SysWow64\html.iec
2013-11-13 17:25 . 2013-11-13 17:25	247808	----a-w-	c:\windows\system32\msls31.dll
2013-11-13 17:25 . 2013-11-13 17:25	24576	----a-w-	c:\windows\SysWow64\licmgr10.dll
2013-11-13 17:25 . 2013-11-13 17:25	195584	----a-w-	c:\windows\system32\msrating.dll
2013-11-13 17:25 . 2013-11-13 17:25	151552	----a-w-	c:\windows\SysWow64\iexpress.exe
2013-11-13 17:25 . 2013-11-13 17:25	139264	----a-w-	c:\windows\SysWow64\wextract.exe
2013-11-13 17:25 . 2013-11-13 17:25	13312	----a-w-	c:\windows\SysWow64\mshta.exe
2013-11-13 17:25 . 2013-11-13 17:25	13312	----a-w-	c:\windows\system32\msfeedssync.exe
2013-11-13 17:25 . 2013-11-13 17:25	131072	----a-w-	c:\windows\system32\IEAdvpack.dll
2013-11-13 17:25 . 2013-11-13 17:25	112128	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2013-11-13 17:25 . 2013-11-13 17:25	111616	----a-w-	c:\windows\SysWow64\IEAdvpack.dll
2013-11-13 17:25 . 2013-11-13 17:25	1051136	----a-w-	c:\windows\SysWow64\mshtmlmedia.dll
2013-11-13 17:25 . 2013-11-13 17:25	90112	----a-w-	c:\windows\system32\SetIEInstalledDate.exe
2013-11-13 17:25 . 2013-11-13 17:25	84992	----a-w-	c:\windows\system32\mshtmled.dll
2013-11-13 17:25 . 2013-11-13 17:25	83968	----a-w-	c:\windows\system32\MshtmlDac.dll
2013-11-13 17:25 . 2013-11-13 17:25	81408	----a-w-	c:\windows\system32\icardie.dll
2013-11-13 17:25 . 2013-11-13 17:25	774144	----a-w-	c:\windows\system32\jscript.dll
2013-11-13 17:25 . 2013-11-13 17:25	77312	----a-w-	c:\windows\system32\tdc.ocx
2013-11-13 17:25 . 2013-11-13 17:25	626176	----a-w-	c:\windows\system32\msfeeds.dll
2013-11-13 17:25 . 2013-11-13 17:25	62464	----a-w-	c:\windows\system32\pngfilt.dll
2013-11-13 17:25 . 2013-11-13 17:25	616104	----a-w-	c:\windows\system32\ieapfltr.dat
2013-11-13 17:25 . 2013-11-13 17:25	548352	----a-w-	c:\windows\system32\vbscript.dll
2013-11-13 17:25 . 2013-11-13 17:25	48640	----a-w-	c:\windows\system32\mshtmler.dll
2013-11-13 17:25 . 2013-11-13 17:25	48128	----a-w-	c:\windows\system32\imgutil.dll
2013-11-13 17:25 . 2013-11-13 17:25	453120	----a-w-	c:\windows\system32\dxtmsft.dll
2013-11-13 17:25 . 2013-11-13 17:25	413696	----a-w-	c:\windows\system32\html.iec
2013-11-13 17:25 . 2013-11-13 17:25	40448	----a-w-	c:\windows\system32\JavaScriptCollectionAgent.dll
2013-11-13 17:25 . 2013-11-13 17:25	30208	----a-w-	c:\windows\system32\licmgr10.dll
2013-11-13 17:25 . 2013-11-13 17:25	296960	----a-w-	c:\windows\system32\dxtrans.dll
2013-11-13 17:25 . 2013-11-13 17:25	263376	----a-w-	c:\windows\system32\iedkcs32.dll
2013-11-13 17:25 . 2013-11-13 17:25	243200	----a-w-	c:\windows\system32\webcheck.dll
2013-11-13 17:25 . 2013-11-13 17:25	235520	----a-w-	c:\windows\system32\url.dll
2013-11-13 17:25 . 2013-11-13 17:25	167424	----a-w-	c:\windows\system32\iexpress.exe
2013-11-13 17:25 . 2013-11-13 17:25	147968	----a-w-	c:\windows\system32\occache.dll
2013-11-13 17:25 . 2013-11-13 17:25	143872	----a-w-	c:\windows\system32\wextract.exe
2013-11-13 17:25 . 2013-11-13 17:25	13824	----a-w-	c:\windows\system32\mshta.exe
2013-11-13 17:25 . 2013-11-13 17:25	135680	----a-w-	c:\windows\system32\iepeers.dll
2013-11-13 17:25 . 2013-11-13 17:25	1228800	----a-w-	c:\windows\system32\mshtmlmedia.dll
2013-11-13 17:25 . 2013-11-13 17:25	105984	----a-w-	c:\windows\system32\iesysprep.dll
2013-11-13 17:25 . 2013-11-13 17:25	101376	----a-w-	c:\windows\system32\inseng.dll
2013-11-12 02:23 . 2013-12-11 16:55	2048	----a-w-	c:\windows\system32\tzres.dll
2013-11-12 02:07 . 2013-12-11 16:55	2048	----a-w-	c:\windows\SysWow64\tzres.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2009-08-06 17:18	120104	----a-w-	c:\program files (x86)\EgisTec\MyWinLocker 3\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVMUSBFernanschluss"="c:\users\Admin\AppData\Local\Apps\2.0\YGD287R3.OLT\3Z9Z33T1.LMN\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\AVMAutoStart.exe" [2012-12-26 139264]
"MtdAcqu"="c:\program files (x86)\Creative\MediaSource5\MtdAcqu.exe" [2006-03-08 278528]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"ISUSPM Startup"="c:\progra~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-06-14 221184]
"Akamai NetSession Interface"="c:\users\Admin\AppData\Local\Akamai\netsession_win.exe" [2013-06-04 4489472]
"Spotify Web Helper"="c:\users\Admin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2012-11-10 1199576]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2007-03-20 36864]
"SPIRunE"="SPIRunE.dll" [2009-03-05 18432]
"VolPanel"="c:\program files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" [2007-04-17 184320]
"WTClient"="WTClient.exe" [2009-08-19 32768]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-12-18 684600]
"UnlockerAssistant"="c:\program files (x86)\Unlocker\UnlockerAssistant.exe" [2010-07-04 17408]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"TkBellExe"="c:\program files (x86)\real\realplayer\Update\realsched.exe" [2013-01-10 295072]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2013-08-30 766208]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-11-01 152392]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
UltraMon.lnk - c:\windows\Installer\{B49673F8-7AB6-4A14-8213-C8A7BE370010}\IcoUltraMon.ico /auto [2010-7-23 29310]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys;c:\windows\SYSNATIVE\DRIVERS\Lbd.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 lxduCATSCustConnectService;lxduCATSCustConnectService;c:\windows\system32\spool\DRIVERS\x64\3\\lxduserv.exe;c:\windows\SYSNATIVE\spool\DRIVERS\x64\3\\lxduserv.exe [x]
R3 cpuz136;cpuz136;c:\windows\TEMP\cpuz136\cpuz136_x64.sys;c:\windows\TEMP\cpuz136\cpuz136_x64.sys [x]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [x]
R3 ENTECH64;ENTECH64;c:\windows\system32\DRIVERS\ENTECH64.sys;c:\windows\SYSNATIVE\DRIVERS\ENTECH64.sys [x]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [x]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1;c:\windows\system32\drivers\libusb0.sys;c:\windows\SYSNATIVE\drivers\libusb0.sys [x]
R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys;c:\windows\SYSNATIVE\DRIVERS\MijXfilt.sys [x]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
R3 papycpu;papycpu; [x]
R3 PTSimHid;PenTablet Simulated HID MiniDriver;c:\windows\System32\Drivers\PTSimHid.sys;c:\windows\SYSNATIVE\Drivers\PTSimHid.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTL8187;Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\rtl8187.sys;c:\windows\SYSNATIVE\DRIVERS\rtl8187.sys [x]
R3 SaiHFF04;SaiHFF04;c:\windows\system32\DRIVERS\SaiHFF04.sys;c:\windows\SYSNATIVE\DRIVERS\SaiHFF04.sys [x]
R3 SaiIFF04;Immersion's HID USB Driver (FF04);c:\windows\system32\DRIVERS\SaiIFF04.sys;c:\windows\SYSNATIVE\DRIVERS\SaiIFF04.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TurboBoost;TurboBoost;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WFMC_VAD;WFMCVAD (WDM);c:\windows\system32\DRIVERS\wfmcvad.sys;c:\windows\SYSNATIVE\DRIVERS\wfmcvad.sys [x]
R4 MSSQLServerADHelper100;SQL Server Hilfsdienst für Active Directory;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [x]
R4 RsFx0105;RsFx0105 Driver;c:\windows\system32\DRIVERS\RsFx0105.sys;c:\windows\SYSNATIVE\DRIVERS\RsFx0105.sys [x]
R4 sesvc;ShadowExplorer Service;c:\program files (x86)\ShadowExplorer\sesvc.exe;c:\program files (x86)\ShadowExplorer\sesvc.exe [x]
R4 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
R4 SQLAgent$SQLEXPRESS;SQL Server-Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE;c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDVDisk.sys [x]
S1 VBoxDrv;VBoxDrv;c:\windows\system32\drivers\VBoxDrv.sys;c:\windows\SYSNATIVE\drivers\VBoxDrv.sys [x]
S1 vmlitedrv;vmlitedrv;c:\windows\system32\drivers\vmlitedrv.sys;c:\windows\SYSNATIVE\drivers\vmlitedrv.sys [x]
S1 VMLiteUSBMon;VMLiteUSBMon;c:\windows\system32\drivers\vmliteusbmon.sys;c:\windows\SYSNATIVE\drivers\vmliteusbmon.sys [x]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 avmike;AVM FRITZ!Fernzugang IKE Service;c:\program files\FRITZ!Fernzugang\avmike.exe;c:\program files\FRITZ!Fernzugang\avmike.exe [x]
S2 certsrv;AVM FRITZ!Fernzugang Cert Service;c:\program files\FRITZ!Fernzugang\certsrv.exe;c:\program files\FRITZ!Fernzugang\certsrv.exe [x]
S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [x]
S2 gfi_lanss9_attservice;GFI LANguard 9 Attendant Service;c:\program files (x86)\GFI\LANguard 9\lnssatt.exe;c:\program files (x86)\GFI\LANguard 9\lnssatt.exe [x]
S2 GFI_ReportCenter35;GFI ReportCenter 3.5;c:\program files (x86)\Common Files\GFI\ReportCenter\Framework v3.5\gfireporterservice.exe;c:\program files (x86)\Common Files\GFI\ReportCenter\Framework v3.5\gfireporterservice.exe [x]
S2 Greg_Service;GRegService;c:\program files (x86)\Acer\Registration\GregHSRW.exe;c:\program files (x86)\Acer\Registration\GregHSRW.exe [x]
S2 IGDCTRL;AVM IGD CTRL Service;c:\program files\FRITZ!DSL\IGDCTRL.EXE;c:\program files\FRITZ!DSL\IGDCTRL.EXE [x]
S2 lxdu_device;lxdu_device;c:\windows\system32\lxducoms.exe;c:\windows\SYSNATIVE\lxducoms.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe;c:\program files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 nwtsrv;AVM FRITZ!Fernzugang Client;c:\program files\FRITZ!Fernzugang\nwtsrv.exe;c:\program files\FRITZ!Fernzugang\nwtsrv.exe [x]
S2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe;c:\program files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
S2 UltraMonUtility;UltraMon Utility Driver;c:\program files (x86)\Common Files\Realtime Soft\UltraMonMirrorDrv\x64\UltraMonUtility.sys;c:\program files (x86)\Common Files\Realtime Soft\UltraMonMirrorDrv\x64\UltraMonUtility.sys [x]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
S2 VMLiteService;VMLiteService;c:\program files\VMLite\VMLite Workstation\VMLiteService.exe;c:\program files\VMLite\VMLite Workstation\VMLiteService.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 avmaudio;AVM Audio;c:\windows\system32\DRIVERS\avmaudio.sys;c:\windows\SYSNATIVE\DRIVERS\avmaudio.sys [x]
S3 avmaura;AVM USB-Fernanschluss;c:\windows\system32\DRIVERS\avmaura.sys;c:\windows\SYSNATIVE\DRIVERS\avmaura.sys [x]
S3 BazisVirtualCDBus;WinCDEmu Virtual Bus Driver;c:\windows\system32\DRIVERS\BazisVirtualCDBus.sys;c:\windows\SYSNATIVE\DRIVERS\BazisVirtualCDBus.sys [x]
S3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\DRIVERS\e1k62x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1k62x64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 NWIM;AVM VPN Miniport;c:\windows\system32\DRIVERS\avmnwim.sys;c:\windows\SYSNATIVE\DRIVERS\avmnwim.sys [x]
S3 PTSimBus;PenTablet Bus Enumerator;c:\windows\system32\DRIVERS\PTSimBus.sys;c:\windows\SYSNATIVE\DRIVERS\PTSimBus.sys [x]
S3 t3;Sound Blaster X-Fi Xtreme Audio;c:\windows\system32\drivers\t3.sys;c:\windows\SYSNATIVE\drivers\t3.sys [x]
S3 VBoxNetAdp;VMLite Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
S3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
S3 vmlitediskmp;vmlitediskmp;c:\windows\system32\DRIVERS\vmlitediskmp.sys;c:\windows\SYSNATIVE\DRIVERS\vmlitediskmp.sys [x]
S3 vmlitestor;vmlitestor;c:\windows\system32\DRIVERS\vmlitestor.sys;c:\windows\SYSNATIVE\DRIVERS\vmlitestor.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Akamai	REG_MULTI_SZ   	Akamai
.
Inhalt des "geplante Tasks" Ordners
.
2014-01-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-04 17:14]
.
2014-01-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-26 12:10]
.
2014-01-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-26 12:10]
.
2014-01-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2715126414-4153456669-2541334608-1000Core.job
- c:\users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe [2013-01-26 08:18]
.
2014-01-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2715126414-4153456669-2541334608-1000UA.job
- c:\users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe [2013-01-26 08:18]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2009-08-06 17:19	137512	----a-w-	c:\program files (x86)\EgisTec\MyWinLocker 3\x64\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
"Eraser"="c:\progra~1\Eraser\Eraser.exe" [2012-05-22 980920]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyServer = 216.155.139.115:3128
uInternet Settings,ProxyOverride = 127.0.0.1:9421;<local>;*.local
uSearchAssistant = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: An vorhandene PDF-Datei anfügen - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Download with GetRight - c:\program files (x86)\GetRight\GRdownload.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
IE: In Adobe PDF konvertieren - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Linkziel an vorhandene PDF-Datei anhängen - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Linkziel in Adobe PDF konvertieren - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Open with GetRight Browser - c:\program files (x86)\GetRight\GRbrowse.htm
LSP: %ProgramFiles%\FRITZ!DSL\\sarah.dll
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\gmvoaa5b.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/|https://secure.eveonline.com/AdventCalendar/|www.facebook.com/pages/DCG-Custom-Guitars/227014413998080
FF - prefs.js: network.proxy.socks - localhost
FF - prefs.js: network.proxy.socks_port - 9050
FF - prefs.js: network.proxy.type - 0
FF - user.js: extensions.autoDisableScopes - 0
FF - user.js: extensions.shownSelectionUI - true
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
Toolbar-{EFEED92A-A33D-4873-BA8F-32BAA631E54D} - (no file)
Toolbar-10 - (no file)
WebBrowser-{EFEED92A-A33D-4873-BA8F-32BAA631E54D} - (no file)
AddRemove-Free Video to MP3 Converter_is1 - n:\free video to mp3 converter\unins000.exe
AddRemove-Grand Prix Legends - c:\sierra\gpl\Uninst.isu
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Akamai]
"ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll"
.
         
ComboFIX LOG

Teil 2

Code:
ATTFilter
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.0_03"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.0_04"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.0_05"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_01"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_01"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_02"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_02"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_03"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_03"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_04"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_04"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_05"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_05"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_06"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_06"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_07"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_07"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_08"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_08"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_09"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_09"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_10"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_10"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_11"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_11"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_12"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_12"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_13"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_13"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_14"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_14"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_15"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_15"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_16"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_16"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_17"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_17"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_18"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_18"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_19"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_19"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_20"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_20"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_21"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_21"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_01"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_01"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_02"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_02"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_03"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_03"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_04"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_04"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_01"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_01"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_02"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_02"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_03"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_03"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_04"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_04"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_05"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_05"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_06"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_06"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_07"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_07"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_01"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_01"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_02"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_02"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_03"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_03"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_04"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_04"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_05"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_05"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_06"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_06"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_07"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_07"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_08"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_08"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_09"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_09"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_10"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_10"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_11"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_11"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_12"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_12"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_13"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_13"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_14"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_14"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_15"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_15"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_16"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_16"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_17"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_17"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_18"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_18"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_19"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_19"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_20"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_20"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_21"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_21"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_22"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_22"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_23"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_23"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_24"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_24"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_25"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_25"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_26"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_26"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_27"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_27"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_28"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_28"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_29"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_29"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_30"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_30"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_31"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_31"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0032-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_32"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0032-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_32"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0033-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_33"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0033-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_33"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_34"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_34"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0035-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_35"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0035-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_35"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0036-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_36"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0036-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_36"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0037-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_37"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0037-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_37"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0038-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_38"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0038-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_38"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0039-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_39"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0039-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_39"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0040-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_40"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0040-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_40"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0041-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_41"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0041-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_41"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0042-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_42"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0042-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_42"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0043-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_43"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0043-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_43"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-FFFF-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_01"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_01"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_01"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_02"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_02"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_02"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_03"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_03"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_03"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_04"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_04"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_04"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_05"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_05"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_05"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_06"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_06"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_06"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_07"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_07"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_07"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_08"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_08"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_08"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_09"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_09"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_09"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_10"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_10"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_10"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_11"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_11"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_11"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_12"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_12"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_12"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_13"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_13"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_13"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_14"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_14"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_14"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_15"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_15"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_15"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_16"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_16"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_16"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_17"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_17"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_17"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_18"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_18"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_18"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_19"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_19"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_19"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_20"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_20"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_20"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_21"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_21"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_21"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_22"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_22"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_22"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_23"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_23"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_23"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_24"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_24"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_24"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_25"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_25"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_25"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_26"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_26"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_26"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_27"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_27"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_27"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_28"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_28"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_28"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_29"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_29"
         

Alt 30.01.2014, 19:32   #9
Vater Sohn
 
Windows 7: Neue E-Mail Adresse erstellt und gleich Spoof Mail bekommen... Ebay rät Trojaner Check! - Standard

Windows 7: Neue E-Mail Adresse erstellt und gleich Spoof Mail bekommen... Ebay rät Trojaner Check!



ComboFIX LOG

Teil 3

Code:
ATTFilter
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_29"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_30"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_30"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_30"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_31"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_31"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_31"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_32"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_32"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_32"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_33"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_33"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_33"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_34"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_34"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_34"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_35"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_35"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_35"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_36"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_36"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_36"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_37"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_37"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_37"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_38"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_38"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_38"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_39"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_39"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_39"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_40"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_40"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_40"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_41"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_41"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_41"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0042-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_42"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0042-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_42"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0042-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_42"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0043-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_43"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0043-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_43"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0043-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_43"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0044-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_44"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0044-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_44"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0044-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_44"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0045-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_45"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0045-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_45"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0045-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_45"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0046-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_46"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0046-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_46"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0046-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_46"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0047-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_47"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0047-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_47"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0047-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_47"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0048-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_48"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0048-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_48"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0048-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_48"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0049-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_49"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0049-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_49"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0049-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_49"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0050-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_50"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0050-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_50"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0050-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_50"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0051-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_51"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0051-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_51"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0051-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_51"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-FFFF-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_01"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_01"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_01"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_02"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_02"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_02"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_03"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_03"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_03"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_04"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_04"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_04"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_05"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_05"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_05"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_06"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_06"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_06"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_07"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_07"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_07"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_08"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_08"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_08"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_09"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_09"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_09"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_10"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_10"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_10"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_11"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_11"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_11"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_12"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_12"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_12"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_13"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_13"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_13"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_14"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_14"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_14"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_15"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_15"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_15"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_16"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_16"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_16"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_17"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_17"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_17"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_18"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_18"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_18"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_19"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_19"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_19"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_20"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_20"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_20"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_21"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_21"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_21"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_22"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_22"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_22"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_23"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_23"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_23"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_24"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_24"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_24"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_25"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_25"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_25"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_26"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_26"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_26"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_27"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_27"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_27"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_28"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_28"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_28"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_29"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_29"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_29"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_30"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_30"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_30"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_31"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_31"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_31"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_32"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_32"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_32"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_33"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_33"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_33"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_34"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_34"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_34"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_35"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_35"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_35"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_36"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_36"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_36"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_37"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_37"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_37"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_38"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_38"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_38"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_39"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_39"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_39"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_40"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_40"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_40"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_41"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_41"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_41"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_42"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_42"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_42"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_43"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_43"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_43"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0044-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_44"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0044-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_44"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0044-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_44"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_45"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_45"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_45"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0046-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_46"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0046-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_46"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0046-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_46"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0047-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_47"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0047-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_47"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0047-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_47"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0048-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_48"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0048-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_48"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0048-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_48"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0049-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_49"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0049-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_49"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0049-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_49"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0050-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_50"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0050-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_50"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0050-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_50"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0051-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_51"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0051-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_51"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0051-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_51"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-FFFF-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_01"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_01"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_01"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_02"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_02"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_02"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_03"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_03"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_03"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_04"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_04"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_04"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_05"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_05"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_05"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_06"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_06"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_06"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_07"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_07"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_07"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_08"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_08"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_08"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_09"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_09"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_09"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_10"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_10"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_10"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_11"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_11"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_11"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_12"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_12"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_12"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_13"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_13"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_13"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_14"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_14"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_14"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_15"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_15"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_15"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_16"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_16"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_16"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_17"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_17"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_17"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0018-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_18"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0018-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_18"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0018-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_18"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0019-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_19"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0019-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_19"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0019-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_19"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0020-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_20"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0020-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_20"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0020-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_20"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_21"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_21"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_21"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0022-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_22"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0022-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_22"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0022-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_22"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0023-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_23"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0023-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_23"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0023-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_23"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0024-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_24"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0024-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_24"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0024-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_24"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_25"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_25"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_25"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-FFFF-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{E19F9331-3110-11D4-991C-005004D3B3DB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.0_02"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-01-29  18:54:35
ComboFix-quarantined-files.txt  2014-01-29 17:54
.
Vor Suchlauf: 18 Verzeichnis(se), 135.527.223.296 Bytes frei
Nach Suchlauf: 23 Verzeichnis(se), 134.882.144.256 Bytes frei
.
- - End Of File - - C73742BA3FA4029770CA4F52D66377CD
A36C5E4F47E84449FF07ED3517B43A31
         
Außerdem kamm bei Start de PC heute

OY3Y6RH LOG

Code:
ATTFilter
INFO ZUR PLATTFORMVERSION
	Windows 			: 6.1.7601.65536 (Win32NT)
	Common Language Runtime 	: 4.0.30319.18408
	System.Deployment.dll 		: 4.0.30319.18408 built by: FX451RTMGREL
	clr.dll 			: 4.0.30319.18408 built by: FX451RTMGREL
	dfdll.dll 			: 4.0.30319.18408 built by: FX451RTMGREL
	dfshim.dll 			: 4.0.31106.0 (Main.031106-0000)

QUELLEN
	Bereitstellungs-URL			: file:///C:/Users/Admin/AppData/Roaming/Microsoft/Windows/Start%20Menu/Programs/FRITZ!Box/FRITZ!Box%20USB-Fernanschluss.appref-ms%7C

FEHLERZUSAMMENFASSUNG
	Es folgt eine Zusammenfassung der Fehler. Details zu diesen Fehlern werden später im Protokoll aufgelistet.
	* Die Aktivierung von C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FRITZ!Box\FRITZ!Box USB-Fernanschluss.appref-ms| führte zu einer Ausnahme. Folgende Fehlermeldungen wurden entdeckt:
		+ 'hxxp://clickonce.avm.de/usb-fernanschluss2/deutsch/fritzbox-usb-fernanschluss.application' konnte nicht heruntergeladen werden.
		+ Der Remotename konnte nicht aufgelöst werden: 'clickonce.avm.de'

FEHLERZUSAMMENFASSUNG FÜR DIE SPEICHERTRANSAKTION DER KOMPONENTE
	Es wurde kein Transaktionsfehler festgestellt.

WARNUNGEN
	Während dieses Vorgangs gab es keine Warnungen.

FORTSCHRITTSSTATUS DES VORGANGS
	* [30.01.2014 19:06:47] : Die Aktivierung von C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FRITZ!Box\FRITZ!Box USB-Fernanschluss.appref-ms| wurde gestartet.

FEHLERDETAILS
	Folgende Fehler wurden bei diesem Vorgang entdeckt.
	* [30.01.2014 19:08:32] System.Deployment.Application.DeploymentDownloadException (unbekannter Untertyp)
		- 'hxxp://clickonce.avm.de/usb-fernanschluss2/deutsch/fritzbox-usb-fernanschluss.application' konnte nicht heruntergeladen werden.
		- Quelle: System.Deployment
		- Stapelüberwachung:
			bei System.Deployment.Application.SystemNetDownloader.DownloadSingleFile(DownloadQueueItem next)
			bei System.Deployment.Application.SystemNetDownloader.DownloadAllFiles()
			bei System.Deployment.Application.FileDownloader.Download(SubscriptionState subState)
			bei System.Deployment.Application.DownloadManager.DownloadManifestAsRawFile(Uri& sourceUri, String targetPath, IDownloadNotification notification, DownloadOptions options, ServerInformation& serverInformation)
			bei System.Deployment.Application.DownloadManager.DownloadManifest(Uri& sourceUri, String targetPath, IDownloadNotification notification, DownloadOptions options, ManifestType manifestType, ServerInformation& serverInformation)
			bei System.Deployment.Application.DownloadManager.DownloadDeploymentManifestDirect(SubscriptionStore subStore, Uri& sourceUri, TempFile& tempFile, IDownloadNotification notification, DownloadOptions options, ServerInformation& serverInformation)
			bei System.Deployment.Application.DownloadManager.DownloadDeploymentManifest(SubscriptionStore subStore, Uri& sourceUri, TempFile& tempFile, IDownloadNotification notification, DownloadOptions options)
			bei System.Deployment.Application.ApplicationActivator.ProcessOrFollowShortcut(String shortcutFile, String& errorPageUrl, TempFile& deployFile)
			bei System.Deployment.Application.ApplicationActivator.PerformDeploymentActivation(Uri activationUri, Boolean isShortcut, String textualSubId, String deploymentProviderUrlFromExtension, BrowserSettings browserSettings, String& errorPageUrl)
			bei System.Deployment.Application.ApplicationActivator.ActivateDeploymentWorker(Object state)
		--- Interne Ausnahme ---
		System.Net.WebException
		- Der Remotename konnte nicht aufgelöst werden: 'clickonce.avm.de'
		- Quelle: System
		- Stapelüberwachung:
			bei System.Net.HttpWebRequest.GetResponse()
			bei System.Deployment.Application.SystemNetDownloader.DownloadSingleFile(DownloadQueueItem next)

DETAILS ZUR SPEICHERTRANSAKTION DER KOMPONENTE
	Es sind keine Transaktionsinformationen verfügbar.
         
Gruß Vater Sohn

Alt 31.01.2014, 12:23   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 7: Neue E-Mail Adresse erstellt und gleich Spoof Mail bekommen... Ebay rät Trojaner Check! - Standard

Windows 7: Neue E-Mail Adresse erstellt und gleich Spoof Mail bekommen... Ebay rät Trojaner Check!



dann den Rest von oben bitte
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 31.01.2014, 15:53   #11
Vater Sohn
 
Windows 7: Neue E-Mail Adresse erstellt und gleich Spoof Mail bekommen... Ebay rät Trojaner Check! - Standard

Windows 7: Neue E-Mail Adresse erstellt und gleich Spoof Mail bekommen... Ebay rät Trojaner Check!



Das habe ich wohl übersehen... Sorry

Das Malware Log:

Code:
ATTFilter
 Malwarebytes Anti-Malware  (PRO) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.01.31.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Admin :: ADMIN-PC [Administrator]

Schutz: Aktiviert

31.01.2014 13:53:06
mbam-log-2014-01-31 (13-53-06).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 251199
Laufzeit: 7 Minute(n), 17 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
         

Da der AdwareCleaner beim ersten mal abgestürzt ist poste ich mal alle log´s:
AdwCleaner[R0]
Code:
ATTFilter
# AdwCleaner v3.018 - Bericht erstellt am 31/01/2014 um 14:08:45
# Updated 28/01/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Admin - ADMIN-PC
# Gestartet von : C:\Users\Admin\Desktop\Trojanerbord\Programme\adwcleaner.exe
# Option : Suchen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Datei Gefunden : C:\Program Files (x86)\Mozilla Firefox\Plugins\npvsharetvplg.dll
Datei Gefunden : C:\Program Files (x86)\Mozilla Firefox\searchplugins\SearchResults.xml
Datei Gefunden : C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QuickStores.url
Datei Gefunden : C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\QuickStores.url
Datei Gefunden : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ABE\user.js
Datei Gefunden : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\adblockplus\user.js
Datei Gefunden : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bookmarkbackups\user.js
Datei Gefunden : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\chrome\user.js
Datei Gefunden : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\cxrm1w8f.default\user.js
Datei Gefunden : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\user.js
Datei Gefunden : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\Firefox 3.6 (de) - 2010-02-24.default\user.js
Datei Gefunden : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\forecastfox\user.js
Datei Gefunden : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\fv9c09ua.Jack Test Default\searchplugins\SearchResults.xml
Datei Gefunden : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\fv9c09ua.Jack Test Default\searchplugins\Startsear.xml
Datei Gefunden : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\fv9c09ua.Jack Test Default\user.js
Datei Gefunden : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\gmvoaa5b.default\foxydeal.sqlite
Datei Gefunden : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\gmvoaa5b.default\searchplugins\Askcom.xml
Datei Gefunden : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\gmvoaa5b.default\searchplugins\SearchResults.xml
Datei Gefunden : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\gmvoaa5b.default\searchplugins\Startsear.xml
Datei Gefunden : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\gmvoaa5b.default\searchplugins\yahoo-zugo.xml
Datei Gefunden : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\gmvoaa5b.default\user.js
Datei Gefunden : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\minidumps\user.js
Datei Gefunden : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\searchplugins\user.js
Datei Gefunden : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\TESTgmvoaa5b.default\user.js
Datei Gefunden : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\Testmhbi057c.default - Kopie\user.js
Datei Gefunden : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\TestPilotExperimentFiles\user.js
Datei Gefunden : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\viyggzvf.BF3\user.js
Datei Gefunden : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\vx5a6cwc.Battlefield\user.js
Ordner Gefunden : C:\Program Files (x86)\Mozilla Firefox\Extensions\quickstores@quickstores.de
Ordner Gefunden : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj
Ordner Gefunden : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\fv9c09ua.Jack Test Default\Extensions\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Ordner Gefunden C:\Program Files (x86)\vShare.tv plugin
Ordner Gefunden C:\ProgramData\Babylon
Ordner Gefunden C:\ProgramData\boost_interprocess
Ordner Gefunden C:\ProgramData\ICQ\ICQToolbar
Ordner Gefunden C:\ProgramData\Partner
Ordner Gefunden C:\Users\Admin\AppData\Local\Babylon
Ordner Gefunden C:\Users\Admin\AppData\Local\OpenCandy
Ordner Gefunden C:\Users\Admin\AppData\Local\PackageAware
Ordner Gefunden C:\Users\Admin\AppData\LocalLow\boost_interprocess
Ordner Gefunden C:\Users\Admin\AppData\Roaming\Babylon
Ordner Gefunden C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\fv9c09ua.Jack Test Default\Searchqutoolbar
Ordner Gefunden C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\TESTgmvoaa5b.default\Searchqutoolbar
Ordner Gefunden C:\Windows\assembly\GAC_MSIL\QuickStoresToolbar

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\bLyrics
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Headlight
Schlüssel Gefunden : HKCU\Software\BI
Schlüssel Gefunden : HKCU\Software\Conduit
Schlüssel Gefunden : HKCU\Software\Headlight
Schlüssel Gefunden : HKCU\Software\ICQ\ICQToolbar
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2413}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Schlüssel Gefunden : HKCU\Software\OCS
Schlüssel Gefunden : HKCU\Software\SearchCore for Browsers
Schlüssel Gefunden : HKCU\Software\Softonic
Schlüssel Gefunden : HKCU\Software\StartSearch
Schlüssel Gefunden : HKCU\Software\vShare.tv
Schlüssel Gefunden : HKCU\Software\YahooPartnerToolbar
Schlüssel Gefunden : [x64] HKCU\Software\BI
Schlüssel Gefunden : [x64] HKCU\Software\Conduit
Schlüssel Gefunden : [x64] HKCU\Software\Headlight
Schlüssel Gefunden : [x64] HKCU\Software\ICQ\ICQToolbar
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2413}
Schlüssel Gefunden : [x64] HKCU\Software\OCS
Schlüssel Gefunden : [x64] HKCU\Software\SearchCore for Browsers
Schlüssel Gefunden : [x64] HKCU\Software\Softonic
Schlüssel Gefunden : [x64] HKCU\Software\StartSearch
Schlüssel Gefunden : [x64] HKCU\Software\vShare.tv
Schlüssel Gefunden : [x64] HKCU\Software\YahooPartnerToolbar
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{79D60450-56C5-4A8C-9321-6D5BC2A81E5A}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{99C22A61-21BA-4F81-85FF-CDC9EB5DB10B}
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj
Schlüssel Gefunden : HKLM\Software\Headlight
Schlüssel Gefunden : HKLM\Software\ICQ\ICQToolbar
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2413}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader40696_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader40696_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader54435_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader54435_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2413}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\SearchCore for Browsers
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Wert Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16428

Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search] - hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL] - hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant] - hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default] - hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com

-\\ Mozilla Firefox v26.0 (de)

[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\Firefox 3.6 (de) - 2010-02-24.default\prefs.js ]


[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\fv9c09ua.Jack Test Default\prefs.js ]

Zeile gefunden : user_pref("browser.search.defaultengine", "Web Search");
Zeile gefunden : user_pref("browser.search.defaultenginename", "Searchqu Web Search");
Zeile gefunden : user_pref("browser.search.order.1", "Searchqu Web Search");
Zeile gefunden : user_pref("extensions.enabledItems", "linkuryfirefoxremoteplugin@linkury.com:1.0,{9AA46F4F-4DC7-4c06-97AF-5035170633FE}:20.1.0.4,{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20,{CAFEEFAC-0016-0000-0021-[...]
Zeile gefunden : user_pref("keyword.URL", "hxxp://www.searchqu.com/web?src=ffb&appid=0&systemid=413&sr=0&q=");

[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\gmvoaa5b.default\prefs.js ]

Zeile gefunden : user_pref("extensions.enabledItems", "linkuryfirefoxremoteplugin@linkury.com:1.0,{9AA46F4F-4DC7-4c06-97AF-5035170633FE}:20.1.0.4,{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20,{CAFEEFAC-0016-0000-0021-[...]

[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\TESTgmvoaa5b.default\prefs.js ]


[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\Testmhbi057c.default - Kopie\prefs.js ]


[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\viyggzvf.BF3\prefs.js ]


[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\vx5a6cwc.Battlefield\prefs.js ]


[ Datei : C:\Users\Surf and Gaming\AppData\Roaming\Mozilla\Firefox\Profiles\jajdv218.default\prefs.js ]


-\\ Google Chrome v

[ Datei : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gefunden : homepage
Gefunden : icon_url
Gefunden : search_url
Gefunden : keyword

*************************

AdwCleaner[R0].txt - [12448 octets] - [31/01/2014 14:08:45]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [12509 octets] ##########
         
AdwCleaner[R1]

Code:
ATTFilter
# AdwCleaner v3.018 - Bericht erstellt am 31/01/2014 um 15:09:06
# Updated 28/01/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Admin - ADMIN-PC
# Gestartet von : C:\Users\Admin\Desktop\Trojanerbord\Programme\adwcleaner.exe
# Option : Suchen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gefunden : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v26.0 (de)

[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\Firefox 3.6 (de) - 2010-02-24.default\prefs.js ]


[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\fv9c09ua.Jack Test Default\prefs.js ]


[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\gmvoaa5b.default\prefs.js ]


[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\TESTgmvoaa5b.default\prefs.js ]


[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\Testmhbi057c.default - Kopie\prefs.js ]


[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\viyggzvf.BF3\prefs.js ]


[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\vx5a6cwc.Battlefield\prefs.js ]


[ Datei : C:\Users\Surf and Gaming\AppData\Roaming\Mozilla\Firefox\Profiles\jajdv218.default\prefs.js ]


-\\ Google Chrome v

[ Datei : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [12654 octets] - [31/01/2014 14:08:45]
AdwCleaner[R1].txt - [1808 octets] - [31/01/2014 15:09:06]
AdwCleaner[S0].txt - [11465 octets] - [31/01/2014 15:05:31]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [1929 octets] ##########
         
weiter:

AdwCleaner[S0]:

Code:
ATTFilter
# AdwCleaner v3.018 - Bericht erstellt am 31/01/2014 um 15:05:31
# Updated 28/01/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Admin - ADMIN-PC
# Gestartet von : C:\Users\Admin\Desktop\Trojanerbord\Programme\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\boost_interprocess
Ordner Gelöscht : C:\ProgramData\ICQ\ICQToolbar
Ordner Gelöscht : C:\ProgramData\Partner
Ordner Gelöscht : C:\Program Files (x86)\vShare.tv plugin
Ordner Gelöscht : C:\Windows\assembly\GAC_MSIL\QuickStoresToolbar
Ordner Gelöscht : C:\Users\Admin\AppData\Local\Babylon
Ordner Gelöscht : C:\Users\Admin\AppData\Local\OpenCandy
Ordner Gelöscht : C:\Users\Admin\AppData\Local\PackageAware
Ordner Gelöscht : C:\Users\Admin\AppData\LocalLow\boost_interprocess
Ordner Gelöscht : C:\Users\Admin\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\fv9c09ua.Jack Test Default\Searchqutoolbar
Ordner Gelöscht : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\TESTgmvoaa5b.default\Searchqutoolbar
Ordner Gelöscht : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\fv9c09ua.Jack Test Default\Extensions\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Ordner Gelöscht : C:\Program Files (x86)\Mozilla Firefox\Extensions\quickstores@quickstores.de
Ordner Gelöscht : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj
Datei Gelöscht : C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QuickStores.url
Datei Gelöscht : C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\QuickStores.url
Datei Gelöscht : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\gmvoaa5b.default\foxydeal.sqlite
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\Plugins\npvsharetvplg.dll
Datei Gelöscht : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\gmvoaa5b.default\searchplugins\Askcom.xml
Datei Gelöscht : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\fv9c09ua.Jack Test Default\searchplugins\SearchResults.xml
Datei Gelöscht : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\gmvoaa5b.default\searchplugins\SearchResults.xml
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\SearchResults.xml
Datei Gelöscht : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\fv9c09ua.Jack Test Default\searchplugins\Startsear.xml
Datei Gelöscht : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\gmvoaa5b.default\searchplugins\Startsear.xml
Datei Gelöscht : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\gmvoaa5b.default\searchplugins\yahoo-zugo.xml
Datei Gelöscht : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ABE\user.js
Datei Gelöscht : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\adblockplus\user.js
Datei Gelöscht : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bookmarkbackups\user.js
Datei Gelöscht : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\chrome\user.js
Datei Gelöscht : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\cxrm1w8f.default\user.js
Datei Gelöscht : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\user.js
Datei Gelöscht : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\Firefox 3.6 (de) - 2010-02-24.default\user.js
Datei Gelöscht : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\forecastfox\user.js
Datei Gelöscht : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\fv9c09ua.Jack Test Default\user.js
Datei Gelöscht : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\gmvoaa5b.default\user.js
Datei Gelöscht : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\minidumps\user.js
Datei Gelöscht : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\searchplugins\user.js
Datei Gelöscht : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\TESTgmvoaa5b.default\user.js
Datei Gelöscht : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\Testmhbi057c.default - Kopie\user.js
Datei Gelöscht : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\TestPilotExperimentFiles\user.js
Datei Gelöscht : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\viyggzvf.BF3\user.js
Datei Gelöscht : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\vx5a6cwc.Battlefield\user.js

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader40696_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader40696_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader54435_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader54435_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{79D60450-56C5-4A8C-9321-6D5BC2A81E5A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{99C22A61-21BA-4F81-85FF-CDC9EB5DB10B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2413}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2413}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2413}
Schlüssel Gelöscht : HKCU\Software\BI
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\Headlight
Schlüssel Gelöscht : HKCU\Software\ICQ\ICQToolbar
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\SearchCore for Browsers
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\StartSearch
Schlüssel Gelöscht : HKCU\Software\vShare.tv
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\bLyrics
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Headlight
Schlüssel Gelöscht : HKLM\Software\Headlight
Schlüssel Gelöscht : HKLM\Software\ICQ\ICQToolbar
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\SearchCore for Browsers

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16428

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]

-\\ Mozilla Firefox v26.0 (de)

[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\Firefox 3.6 (de) - 2010-02-24.default\prefs.js ]


[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\fv9c09ua.Jack Test Default\prefs.js ]

Zeile gelöscht : user_pref("browser.search.defaultengine", "Web Search");
Zeile gelöscht : user_pref("browser.search.defaultenginename", "Searchqu Web Search");
Zeile gelöscht : user_pref("browser.search.order.1", "Searchqu Web Search");
Zeile gelöscht : user_pref("extensions.enabledItems", "linkuryfirefoxremoteplugin@linkury.com:1.0,{9AA46F4F-4DC7-4c06-97AF-5035170633FE}:20.1.0.4,{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20,{CAFEEFAC-0016-0000-0021-[...]
Zeile gelöscht : user_pref("keyword.URL", "hxxp://www.searchqu.com/web?src=ffb&appid=0&systemid=413&sr=0&q=");

[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\gmvoaa5b.default\prefs.js ]

Zeile gelöscht : user_pref("extensions.enabledItems", "linkuryfirefoxremoteplugin@linkury.com:1.0,{9AA46F4F-4DC7-4c06-97AF-5035170633FE}:20.1.0.4,{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20,{CAFEEFAC-0016-0000-0021-[...]

[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\TESTgmvoaa5b.default\prefs.js ]


[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\Testmhbi057c.default - Kopie\prefs.js ]


[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\viyggzvf.BF3\prefs.js ]


[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\vx5a6cwc.Battlefield\prefs.js ]


[ Datei : C:\Users\Surf and Gaming\AppData\Roaming\Mozilla\Firefox\Profiles\jajdv218.default\prefs.js ]


-\\ Google Chrome v

[ Datei : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht : homepage
Gelöscht : icon_url
Gelöscht : search_url
Gelöscht : keyword

*************************

AdwCleaner[R0].txt - [12654 octets] - [31/01/2014 14:08:45]
AdwCleaner[S0].txt - [11307 octets] - [31/01/2014 15:05:31]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [11368 octets] ##########
         
AdwCleaner[S1](2):

Code:
ATTFilter
# AdwCleaner v3.018 - Bericht erstellt am 31/01/2014 um 15:10:03
# Updated 28/01/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Admin - ADMIN-PC
# Gestartet von : C:\Users\Admin\Desktop\Trojanerbord\Programme\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v26.0 (de)

[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\Firefox 3.6 (de) - 2010-02-24.default\prefs.js ]


[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\fv9c09ua.Jack Test Default\prefs.js ]


[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\gmvoaa5b.default\prefs.js ]


[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\TESTgmvoaa5b.default\prefs.js ]


[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\Testmhbi057c.default - Kopie\prefs.js ]


[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\viyggzvf.BF3\prefs.js ]


[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\vx5a6cwc.Battlefield\prefs.js ]


[ Datei : C:\Users\Surf and Gaming\AppData\Roaming\Mozilla\Firefox\Profiles\jajdv218.default\prefs.js ]


-\\ Google Chrome v

[ Datei : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [12654 octets] - [31/01/2014 14:08:45]
AdwCleaner[R1].txt - [2009 octets] - [31/01/2014 15:09:06]
AdwCleaner[S0].txt - [11465 octets] - [31/01/2014 15:05:31]
AdwCleaner[S1].txt - [1930 octets] - [31/01/2014 15:10:03]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1990 octets] ##########
         
AdwCleaner[S1]:

Code:
ATTFilter
# AdwCleaner v3.018 - Bericht erstellt am 31/01/2014 um 15:10:03
# Updated 28/01/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Admin - ADMIN-PC
# Gestartet von : C:\Users\Admin\Desktop\Trojanerbord\Programme\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v26.0 (de)

[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\Firefox 3.6 (de) - 2010-02-24.default\prefs.js ]


[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\fv9c09ua.Jack Test Default\prefs.js ]


[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\gmvoaa5b.default\prefs.js ]


[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\TESTgmvoaa5b.default\prefs.js ]


[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\Testmhbi057c.default - Kopie\prefs.js ]


[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\viyggzvf.BF3\prefs.js ]


[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\vx5a6cwc.Battlefield\prefs.js ]


[ Datei : C:\Users\Surf and Gaming\AppData\Roaming\Mozilla\Firefox\Profiles\jajdv218.default\prefs.js ]


-\\ Google Chrome v

[ Datei : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [12654 octets] - [31/01/2014 14:08:45]
AdwCleaner[R1].txt - [2009 octets] - [31/01/2014 15:09:06]
AdwCleaner[S0].txt - [11465 octets] - [31/01/2014 15:05:31]
AdwCleaner[S1].txt - [1930 octets] - [31/01/2014 15:10:03]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1990 octets] ##########
         
Weiter mit JRT:

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 7 Home Premium x64
Ran by Admin on 31.01.2014 at 15:21:14,18
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\dt soft\daemon tools toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\LyricsMonkeyUpdater_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\LyricsMonkeyUpdater_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\LyricsPal_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\LyricsPal_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\LyricsMonkeyUpdater_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\LyricsMonkeyUpdater_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\LyricsPal_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\LyricsPal_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{8BFD13C4-6B9B-4D79-80E6-65FEAE90B4A1}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{B224AA02-F7C8-3A2B-859F-560B80767E4A}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Admin\AppData\Roaming\getrighttogo"



~~~ FireFox

Emptied folder: C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\gmvoaa5b.default\minidumps [133 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 31.01.2014 at 15:25:44,14
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

und FRST:


FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-01-2014 01
Ran by Admin (administrator) on ADMIN-PC on 31-01-2014 15:35:23
Running from C:\Users\Admin\Desktop\Trojanerbord\Programme
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\avmike.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\certsrv.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(GFI Software Ltd.) C:\Program Files (x86)\GFI\LANguard 9\lnssatt.exe
(GFI Software Ltd.) C:\Program Files (x86)\Common Files\GFI\ReportCenter\Framework v3.5\gfireporterservice.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(AVM Berlin) C:\Program Files\FRITZ!DSL\IGDCTRL.EXE
( ) C:\Windows\System32\lxducoms.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
() C:\ProgramData\TVersity\Media Server\MediaServer.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(VMLite, Inc.) C:\Program Files\VMLite\VMLite Workstation\VMLiteService.exe
(Tablet Driver) C:\Windows\System32\drivers\WTSrv.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Tablet Driver) C:\Windows\SysWOW64\WTClient.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(The Eraser Project) C:\Program Files\Eraser\Eraser.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\MediaSource5\MtdAcqu.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Akamai Technologies, Inc.) C:\Users\Admin\AppData\Local\Akamai\netsession_win.exe
(Spotify Ltd) C:\Users\Admin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Akamai Technologies, Inc.) C:\Users\Admin\AppData\Local\Akamai\netsession_win.exe
(Realtime Soft Ltd) C:\Program Files\UltraMon\UltraMon.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe
(Realtime Soft Ltd) C:\Program Files\UltraMon\UltraMonTaskbar.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\dfsvc.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(AVM Berlin) C:\Users\Admin\AppData\Local\Apps\2.0\12HOTO9J.7NP\8LLHM2D0.AMZ\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\fritzbox-usb-fernanschluss.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Realtime Soft Ltd) C:\Program Files\UltraMon\UltraMonUiAcc.exe
(Realtime Soft Ltd) C:\Program Files (x86)\Common Files\Realtime Soft\RTSHookInterop\x32\RTSHookInterop.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IAAnotif] - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation)
HKLM\...\Run: [Eraser] - C:\Program Files\Eraser\Eraser.exe [980920 2012-05-22] (The Eraser Project)
HKLM-x32\...\Run: [JMB36X IDE Setup] - C:\Windows\RaidTool\xInsIDE.exe [36864 2007-03-20] ()
HKLM-x32\...\Run: [SPIRunE] - Rundll32 SPIRunE.dll,RunDLLEntry
HKLM-x32\...\Run: [VolPanel] - C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe [184320 2007-04-17] (Creative Technology Ltd)
HKLM-x32\...\Run: [WTClient] - C:\Windows\SysWOW64\WTClient.exe [32768 2009-08-19] (Tablet Driver)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-18] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [UnlockerAssistant] - C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe [17408 2010-07-04] ()
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [TkBellExe] - c:\program files (x86)\real\realplayer\Update\realsched.exe [295072 2013-01-10] (RealNetworks, Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-01-20] (Apple Inc.)
HKLM\...\Winlogon: [Userinit] c:\windows\system32\userinit.exe,c:\program files\soluto\soluto.exe /userinit
HKCU\...\Run: [AVMUSBFernanschluss] - C:\Users\Admin\AppData\Local\Apps\2.0\12HOTO9J.7NP\8LLHM2D0.AMZ\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\AVMAutoStart.exe [139264 2014-01-30] (AVM Berlin)
HKCU\...\Run: [MtdAcqu] - C:\Program Files (x86)\Creative\MediaSource5\MtdAcqu.exe [278528 2006-03-08] (Creative Technology Ltd)
HKCU\...\Run: [ISUSPM Startup] - C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2004-06-14] (InstallShield Software Corporation)
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\Admin\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\Admin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1199576 2012-11-10] (Spotify Ltd)
HKCU\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x00000000
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-22] ()

==================== Internet (Whitelisted) ====================

ProxyServer: 216.155.139.115:3128
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xD3DA056485D9CE01
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2413} URL = 
SearchScopes: HKLM-x32 - {90C03654-BF89-48C9-ABAB-3C6CFF9C7798} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKCU - {90C03654-BF89-48C9-ABAB-3C6CFF9C7798} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE368
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: GetRight IE Helper - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program Files (x86)\GetRight\xx2gr.dll (Headlight Software, Inc.)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Lexmark  - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files (x86)\Lexmark Printable Web\bho.dll ()
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {EFEED92A-A33D-4873-BA8F-32BAA631E54D} -  No File
Toolbar: HKCU - No Name - {EFEED92A-A33D-4873-BA8F-32BAA631E54D} -  No File
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15101/CTSUEng.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPID.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Winsock: Catalog5 09 %ProgramFiles(x86)%\FRITZ!DSL\\sarah.dll File Not found ()
Winsock: Catalog9 01 C:\Program Files (x86)\FRITZ!DSL\\sarah.dll [28472] (AVM Berlin)
Winsock: Catalog9 02 C:\Program Files (x86)\FRITZ!DSL\\sarah.dll [28472] (AVM Berlin)
Winsock: Catalog9 09 C:\Program Files (x86)\FRITZ!DSL\\sarah.dll [28472] (AVM Berlin)
Winsock: Catalog9 14 C:\Program Files (x86)\FRITZ!DSL\\sarah.dll [28472] (AVM Berlin)
Winsock: Catalog5-x64 09 %ProgramFiles%\FRITZ!DSL\\sarah.dll [34104] (AVM Berlin)
Winsock: Catalog9-x64 01 %ProgramFiles%\FRITZ!DSL\\sarah.dll [34104] (AVM Berlin)
Winsock: Catalog9-x64 02 %ProgramFiles%\FRITZ!DSL\\sarah.dll [34104] (AVM Berlin)
Winsock: Catalog9-x64 09 %ProgramFiles%\FRITZ!DSL\\sarah.dll [34104] (AVM Berlin)
Winsock: Catalog9-x64 14 %ProgramFiles%\FRITZ!DSL\\sarah.dll [34104] (AVM Berlin)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\vx5a6cwc.Battlefield
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=1.102.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.110.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.122.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8064.0206 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.0.282 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.0.282 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Admin\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Admin\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll (RealPlayer)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Wörterbuch Deutsch (de-DE), Hunspell-unterstützt - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\profiles\extensions\de_DE@dicts.j3e.de [2011-03-18]
FF Extension: Integrated Gmail - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\profiles\extensions\{28197867-b1ef-4140-8e3b-55c45b9c8460} [2011-03-18]
FF Extension: NoScript - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\profiles\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232} [2011-03-18]
FF Extension: DownloadHelper - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\profiles\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2012-10-24]
FF Extension: Adblock Plus - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\profiles\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2012-10-24]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2013-12-20]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2013-12-20]
FF HKLM-x32\...\Firefox\Extensions: [{34712C68-7391-4c47-94F3-8F88D49AD632}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-01-10]
FF HKCU\...\Firefox\Extensions: [{12805837-47e5-429f-8db4-77fa8c07a0e1}] - C:\Program Files (x86)\bLyrics\130.xpi

Chrome: 
=======
CHR HomePage: hxxp://www.google.com
CHR DefaultSearchProvider: Linkury Smartbar Search
CHR DefaultSearchURL: hxxp://www.google.com
CHR Plugin: (Shockwave Flash) - C:\Users\Admin\AppData\Local\Google\Chrome\Application\15.0.874.106\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.290.11) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U29) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll No File
CHR Plugin: (DivX Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll No File
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll No File
CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Admin\AppData\Local\Google\Chrome\Application\15.0.874.106\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Admin\AppData\Local\Google\Chrome\Application\15.0.874.106\pdf.dll No File
CHR Plugin: (vShare.tv plug-in) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\chvsharetvplg.dll No File
CHR Plugin: (vShare.tv plug-in) - C:\Program Files (x86)\Mozilla Firefox\plugins\npvsharetvplg.dll No File
CHR Plugin: (Windows Genuine Advantage) - C:\Program Files (x86)\Mozilla Firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll No File
CHR Plugin: (ESN Launch Mozilla Plugin) - C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll No File
CHR Plugin: (ESN Sonar API) - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2012-11-29]
CHR HKLM-x32\...\Chrome\Extension: [okaclkhnjaebofijaabgiahinbajiekd] - C:\Program Files (x86)\bLyrics\130.crx [2012-11-29]

==================== Services (Whitelisted) =================

R2 Akamai; c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll [4569856 2013-07-02] (Akamai Technologies, Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-26] (Avira Operations GmbH & Co. KG)
R2 avmike; C:\Program Files\FRITZ!Fernzugang\avmike.exe [336248 2012-02-02] (AVM Berlin)
R2 certsrv; C:\Program Files\FRITZ!Fernzugang\certsrv.exe [143736 2011-10-31] (AVM Berlin)
R2 gfi_lanss9_attservice; C:\Program Files (x86)\GFI\LANguard 9\lnssatt.exe [329144 2010-11-13] (GFI Software Ltd.)
R2 GFI_ReportCenter35; C:\Program Files (x86)\Common Files\GFI\ReportCenter\Framework v3.5\gfireporterservice.exe [111912 2009-06-16] (GFI Software Ltd.)
R2 IGDCTRL; C:\Program Files\FRITZ!DSL\IGDCTRL.EXE [88888 2009-07-28] (AVM Berlin)
S2 lxduCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\x64\3\\lxduserv.exe [29184 2009-10-16] (Lexmark International, Inc.)
R2 lxdu_device; C:\Windows\system32\lxducoms.exe [1039360 2009-10-16] ( )
R2 lxdu_device; C:\Windows\SysWOW64\lxducoms.exe [589824 2009-10-16] ( )
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [58345832 2011-09-22] (Microsoft Corporation)
R2 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [311592 2009-08-06] (Egis Technology Inc.)
R2 nwtsrv; C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe [189304 2011-10-31] (AVM Berlin)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2013-08-13] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [189248 2013-08-13] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-11-29] ()
S4 sesvc; C:\Program Files (x86)\ShadowExplorer\sesvc.exe [9216 2011-01-02] (www.shadowexplorer.com)
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [431464 2011-09-22] (Microsoft Corporation)
R2 TVersityMediaServer; C:\ProgramData\TVersity\Media Server\MediaServer.exe [1249064 2011-07-29] ()
R2 VMLiteService; C:\Program Files\VMLite\VMLite Workstation\VMLiteService.exe [426600 2010-08-21] (VMLite, Inc.)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-26] (Avira Operations GmbH & Co. KG)
R3 avmaudio; C:\Windows\System32\DRIVERS\avmaudio.sys [116096 2011-01-22] (AVM Berlin)
R3 avmaura; C:\Windows\System32\DRIVERS\avmaura.sys [116096 2010-05-13] (AVM Berlin)
S3 ENTECH64; C:\Windows\system32\DRIVERS\ENTECH64.sys [12744 2008-04-22] (EnTech Taiwan)
S3 libusb0; C:\Windows\SysWOW64\drivers\libusb0.sys [33792 2005-03-09] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 NWIM; C:\Windows\System32\DRIVERS\avmnwim.sys [412024 2011-07-05] (AVM Berlin)
S3 papycpu; C:\Windows\SysWow64\Drivers\papycpu.sys [1984 1998-09-04] ()
S3 s125bus; C:\Windows\System32\DRIVERS\s125bus.sys [108296 2007-04-24] (MCCI Corporation)
S3 s125mdfl; C:\Windows\System32\DRIVERS\s125mdfl.sys [19720 2007-04-24] (MCCI Corporation)
S3 s125mdm; C:\Windows\System32\DRIVERS\s125mdm.sys [144648 2007-04-24] (MCCI Corporation)
S3 s125mgmt; C:\Windows\System32\DRIVERS\s125mgmt.sys [126216 2007-04-24] (MCCI Corporation)
S3 s125obex; C:\Windows\System32\DRIVERS\s125obex.sys [123656 2007-04-24] (MCCI Corporation)
S3 SaiHFF04; C:\Windows\System32\DRIVERS\SaiHFF04.sys [171144 2007-05-01] (Saitek)
S3 SaiIFF04; C:\Windows\System32\DRIVERS\SaiIFF04.sys [20608 2007-05-01] (Saitek)
R3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [16000 2009-06-10] (Saitek)
R3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [43264 2009-06-10] (Saitek)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [526392 2012-01-07] (Duplex Secure Ltd.)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-08-06] ()
R1 VBoxDrv; C:\Windows\System32\drivers\VBoxDrv.sys [204328 2010-08-11] (VMLite, Inc.)
R3 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp.sys [146216 2010-08-11] (VMLite, Inc.)
R3 VBoxNetFlt; C:\Windows\System32\DRIVERS\VBoxNetFlt.sys [165800 2010-08-11] (VMLite, Inc.)
R3 vmlitediskmp; C:\Windows\System32\DRIVERS\vmlitediskmp.sys [147560 2010-01-11] (VMLite, Inc.)
R1 vmlitedrv; C:\Windows\System32\drivers\vmlitedrv.sys [14952 2010-08-03] (VMLite, Inc.)
R3 vmlitestor; C:\Windows\System32\DRIVERS\vmlitestor.sys [177768 2010-08-11] (VMLite, Inc.)
R1 VMLiteUSBMon; C:\Windows\System32\drivers\vmliteusbmon.sys [135272 2010-08-18] (VMLite, Inc.)
S3 WFMC_VAD; C:\Windows\System32\DRIVERS\wfmcvad.sys [24064 2010-02-08] (WiFi Media Connect)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [x]
U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2010-11-05] (Microsoft Corporation)
S0 Lbd; system32\DRIVERS\Lbd.sys [x]
S0x01000000 papycpu2; \SystemRoot\system32\drivers\papycpu2.sys [x]
U5 papyjoy; C:\Windows\SysWOW64\Drivers\papyjoy.sys [1888 1998-09-04] ()
S3 Tablet2k; "%SystemRoot%\System32\Drivers\Tablet2k.sys" [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-31 15:25 - 2014-01-31 15:25 - 00002758 _____ C:\Users\Admin\Desktop\JRT.txt
2014-01-31 15:21 - 2014-01-31 15:21 - 00000000 ____D C:\Windows\ERUNT
2014-01-31 14:08 - 2014-01-31 15:10 - 00000000 ____D C:\AdwCleaner
2014-01-31 13:42 - 2014-01-31 13:42 - 00001747 _____ C:\Users\Public\Desktop\iTunes.lnk
2014-01-31 13:41 - 2014-01-31 13:42 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-31 13:41 - 2014-01-31 13:41 - 00000000 ____D C:\Program Files\iTunes
2014-01-31 13:41 - 2014-01-31 13:41 - 00000000 ____D C:\Program Files\iPod
2014-01-31 13:41 - 2014-01-31 13:41 - 00000000 ____D C:\Program Files (x86)\iTunes
2014-01-30 20:26 - 2014-01-31 15:32 - 00005020 _____ C:\Windows\avmacc.log
2014-01-30 20:26 - 2014-01-30 20:26 - 00000902 _____ C:\Windows\avmacc1.log
2014-01-29 20:11 - 2014-01-29 20:11 - 00000062 _____ C:\Windows\wininit.ini
2014-01-29 19:09 - 2014-01-31 15:29 - 00000504 _____ C:\Windows\setupact.log
2014-01-29 19:09 - 2014-01-29 19:09 - 00000546 _____ C:\Windows\PFRO.log
2014-01-29 19:09 - 2014-01-29 19:09 - 00000000 _____ C:\Windows\setuperr.log
2014-01-29 18:54 - 2014-01-29 18:54 - 00124294 _____ C:\ComboFix.txt
2014-01-29 18:37 - 2014-01-29 18:54 - 00000000 ____D C:\Qoobox
2014-01-29 18:37 - 2014-01-29 18:50 - 00000000 ____D C:\Windows\erdnt
2014-01-29 18:37 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2014-01-29 18:37 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2014-01-29 18:37 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-01-29 18:37 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-01-29 18:37 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-01-29 18:37 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2014-01-29 18:37 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2014-01-29 18:37 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2014-01-28 20:45 - 2014-01-28 20:45 - 00000000 _____ C:\Users\Admin\Desktop\Neues Textdokument (8).txt
2014-01-27 19:11 - 2014-01-21 21:56 - 00380416 _____ C:\Users\Admin\Desktop\gmer.exe
2014-01-27 19:04 - 2014-01-31 15:35 - 00000000 ____D C:\FRST
2014-01-27 18:51 - 2014-01-27 18:51 - 00000020 _____ C:\Users\Admin\defogger_reenable
2014-01-27 18:46 - 2014-01-29 19:07 - 00000000 ____D C:\Users\Admin\Desktop\Trojanerbord
2014-01-26 09:24 - 2014-01-26 09:25 - 00000000 ____D C:\Users\Admin\Desktop\Tor Browser
2014-01-26 09:17 - 2014-01-26 09:17 - 00614784 _____ (Chip Digital GmbH) C:\Users\Admin\Downloads\Tor Browser Paket - CHIP-Downloader.exe
2014-01-26 08:35 - 2014-01-26 08:35 - 00196304 _____ C:\Users\Admin\Desktop\Extras.Txt
2014-01-26 08:34 - 2014-01-26 08:34 - 00176694 _____ C:\Users\Admin\Desktop\OTL.Txt
2014-01-26 08:22 - 2014-01-26 08:22 - 00602112 _____ (OldTimer Tools) C:\Users\Admin\Desktop\OTL.exe
2014-01-26 08:00 - 2014-01-26 08:00 - 00001688 _____ C:\Users\Public\Desktop\Defraggler.lnk
2014-01-26 07:54 - 2014-01-26 07:54 - 00921000 _____ (Oracle Corporation) C:\Users\Admin\Downloads\jxpiinstall.exe
2014-01-26 07:51 - 2014-01-26 07:51 - 09110456 _____ (The Eraser Project) C:\Users\Admin\Downloads\Eraser 6.0.10.2620.exe
2014-01-26 07:50 - 2014-01-26 07:51 - 04208656 _____ (Piriform Ltd) C:\Users\Admin\Downloads\dfsetup216.exe
2014-01-26 07:50 - 2014-01-26 07:50 - 04721920 _____ (Piriform Ltd) C:\Users\Admin\Downloads\ccsetup410.exe
2014-01-24 19:29 - 2014-01-24 19:29 - 00000000 ____D C:\download
2014-01-19 19:52 - 2014-01-19 19:53 - 16545600 _____ C:\Users\Admin\Desktop\▶ 5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 2013 - YouTube [360p].mp4
2014-01-19 19:36 - 2014-01-19 19:36 - 12235872 _____ C:\Users\Admin\Desktop\5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 20.mp4
2014-01-19 17:19 - 2014-01-19 17:22 - 16545600 _____ C:\Users\Admin\Downloads\5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 2013 - YouTube [360p].mp4
2014-01-19 17:18 - 2014-01-19 17:22 - 28680729 _____ C:\Users\Admin\Downloads\▶ Beste Qualität für Youtube - Film Rendern After Effects ( Tutorial Deutsch German ) - YouTube [720p].mp4
2014-01-19 14:57 - 2014-01-19 14:57 - 01175552 _____ C:\Users\Admin\Downloads\5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 20-2.flv
2014-01-19 14:41 - 2014-01-19 14:46 - 22009412 _____ C:\Users\Admin\Downloads\5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 20-1.flv
2014-01-19 14:05 - 2014-01-19 14:38 - 00000000 ____D C:\Users\Admin\Desktop\I Phone Foto´s
2014-01-19 08:49 - 2014-01-19 08:49 - 00000000 ____D C:\Users\Admin\AppData\Roaming\QuickScan
2014-01-18 21:47 - 2014-01-18 21:47 - 00359310 _____ C:\Users\Admin\AppData\Local\census.cache
2014-01-18 21:47 - 2014-01-18 21:47 - 00181174 _____ C:\Users\Admin\AppData\Local\ars.cache
2014-01-18 21:00 - 2014-01-18 21:04 - 15035430 _____ C:\Users\Admin\Downloads\5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 20.flv
2014-01-17 18:54 - 2014-01-21 17:23 - 00002033 _____ C:\Users\Admin\Desktop\Entfernen des Avira PC Cleaners.lnk
2014-01-17 18:54 - 2014-01-21 17:23 - 00001977 _____ C:\Users\Admin\Desktop\Avira PC Cleaner.lnk
2014-01-15 19:10 - 2014-01-15 19:10 - 00000206 _____ C:\Users\Admin\Documents\cc_20140115_191034.reg
2014-01-15 19:08 - 2014-01-15 19:08 - 00010598 _____ C:\Users\Admin\Documents\cc_20140115_190837.reg
2014-01-15 18:41 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 18:41 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 18:41 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 18:41 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 18:41 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 18:41 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 18:41 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 18:41 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 18:41 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-10 18:18 - 2014-01-10 18:18 - 00001077 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-10 18:18 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-09 21:37 - 2014-01-09 21:37 - 00000168 _____ C:\Users\Admin\Downloads\2591617_hd.flv

==================== One Month Modified Files and Folders =======

2014-01-31 15:35 - 2014-01-27 19:04 - 00000000 ____D C:\FRST
2014-01-31 15:34 - 2010-02-26 13:10 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-31 15:32 - 2014-01-30 20:26 - 00005020 _____ C:\Windows\avmacc.log
2014-01-31 15:32 - 2010-05-13 17:34 - 00000000 ____D C:\Users\Admin\AppData\Local\Deployment
2014-01-31 15:32 - 2010-05-12 19:49 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FRITZ!Box
2014-01-31 15:31 - 2010-02-26 13:10 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-31 15:29 - 2014-01-29 19:09 - 00000504 _____ C:\Windows\setupact.log
2014-01-31 15:29 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-31 15:28 - 2012-11-27 17:10 - 01226094 _____ C:\Windows\WindowsUpdate.log
2014-01-31 15:25 - 2014-01-31 15:25 - 00002758 _____ C:\Users\Admin\Desktop\JRT.txt
2014-01-31 15:21 - 2014-01-31 15:21 - 00000000 ____D C:\Windows\ERUNT
2014-01-31 15:20 - 2009-07-14 05:45 - 00018512 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-31 15:20 - 2009-07-14 05:45 - 00018512 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-31 15:14 - 2012-04-04 11:04 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-31 15:10 - 2014-01-31 14:08 - 00000000 ____D C:\AdwCleaner
2014-01-31 15:08 - 2013-10-25 16:34 - 00000000 ____D C:\Users\Admin\AppData\Local\CrashDumps
2014-01-31 15:05 - 2010-03-28 15:38 - 00000000 ____D C:\ProgramData\ICQ
2014-01-31 15:01 - 2013-01-26 09:18 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2715126414-4153456669-2541334608-1000UA.job
2014-01-31 13:42 - 2014-01-31 13:42 - 00001747 _____ C:\Users\Public\Desktop\iTunes.lnk
2014-01-31 13:42 - 2014-01-31 13:41 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-31 13:41 - 2014-01-31 13:41 - 00000000 ____D C:\Program Files\iTunes
2014-01-31 13:41 - 2014-01-31 13:41 - 00000000 ____D C:\Program Files\iPod
2014-01-31 13:41 - 2014-01-31 13:41 - 00000000 ____D C:\Program Files (x86)\iTunes
2014-01-31 13:37 - 2010-07-11 11:10 - 00000000 ____D C:\ProgramData\Apple
2014-01-31 13:23 - 2011-08-01 17:54 - 00000000 ____D C:\Users\Admin\AppData\Local\Adobe
2014-01-30 20:26 - 2014-01-30 20:26 - 00000902 _____ C:\Windows\avmacc1.log
2014-01-30 19:59 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2014-01-30 19:07 - 2012-01-14 09:04 - 00283829 _____ C:\Windows\SysWOW64\TVersityMediaServer.log
2014-01-29 20:11 - 2014-01-29 20:11 - 00000062 _____ C:\Windows\wininit.ini
2014-01-29 19:11 - 2010-05-13 17:34 - 00000000 ____D C:\Users\Admin\AppData\Local\Apps\2.0
2014-01-29 19:09 - 2014-01-29 19:09 - 00000546 _____ C:\Windows\PFRO.log
2014-01-29 19:09 - 2014-01-29 19:09 - 00000000 _____ C:\Windows\setuperr.log
2014-01-29 19:07 - 2014-01-27 18:46 - 00000000 ____D C:\Users\Admin\Desktop\Trojanerbord
2014-01-29 18:54 - 2014-01-29 18:54 - 00124294 _____ C:\ComboFix.txt
2014-01-29 18:54 - 2014-01-29 18:37 - 00000000 ____D C:\Qoobox
2014-01-29 18:54 - 2010-10-08 13:57 - 01746432 ___SH C:\Users\Admin\Desktop\Thumbs.db
2014-01-29 18:50 - 2014-01-29 18:37 - 00000000 ____D C:\Windows\erdnt
2014-01-29 18:50 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2014-01-29 18:49 - 2010-02-08 10:13 - 00000000 ____D C:\Users\Admin
2014-01-29 18:26 - 2010-11-04 18:49 - 00000000 ____D C:\Windows\Minidump
2014-01-29 18:01 - 2013-01-26 09:18 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2715126414-4153456669-2541334608-1000Core.job
2014-01-28 20:45 - 2014-01-28 20:45 - 00000000 _____ C:\Users\Admin\Desktop\Neues Textdokument (8).txt
2014-01-27 18:51 - 2014-01-27 18:51 - 00000020 _____ C:\Users\Admin\defogger_reenable
2014-01-26 09:34 - 2013-09-01 09:21 - 00000000 ____D C:\Users\Admin\Desktop\Tim Melzer
2014-01-26 09:25 - 2014-01-26 09:24 - 00000000 ____D C:\Users\Admin\Desktop\Tor Browser
2014-01-26 09:17 - 2014-01-26 09:17 - 00614784 _____ (Chip Digital GmbH) C:\Users\Admin\Downloads\Tor Browser Paket - CHIP-Downloader.exe
2014-01-26 08:35 - 2014-01-26 08:35 - 00196304 _____ C:\Users\Admin\Desktop\Extras.Txt
2014-01-26 08:34 - 2014-01-26 08:34 - 00176694 _____ C:\Users\Admin\Desktop\OTL.Txt
2014-01-26 08:22 - 2014-01-26 08:22 - 00602112 _____ (OldTimer Tools) C:\Users\Admin\Desktop\OTL.exe
2014-01-26 08:00 - 2014-01-26 08:00 - 00001688 _____ C:\Users\Public\Desktop\Defraggler.lnk
2014-01-26 08:00 - 2010-03-14 12:46 - 00000000 ____D C:\Program Files\Defraggler
2014-01-26 07:59 - 2012-11-27 17:17 - 00000000 ____D C:\Program Files\CCleaner
2014-01-26 07:54 - 2014-01-26 07:54 - 00921000 _____ (Oracle Corporation) C:\Users\Admin\Downloads\jxpiinstall.exe
2014-01-26 07:51 - 2014-01-26 07:51 - 09110456 _____ (The Eraser Project) C:\Users\Admin\Downloads\Eraser 6.0.10.2620.exe
2014-01-26 07:51 - 2014-01-26 07:50 - 04208656 _____ (Piriform Ltd) C:\Users\Admin\Downloads\dfsetup216.exe
2014-01-26 07:50 - 2014-01-26 07:50 - 04721920 _____ (Piriform Ltd) C:\Users\Admin\Downloads\ccsetup410.exe
2014-01-26 07:49 - 2012-11-10 18:10 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Spotify
2014-01-26 07:44 - 2012-11-10 18:10 - 00000000 ____D C:\Users\Admin\AppData\Local\Spotify
2014-01-25 18:14 - 2012-04-04 11:04 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-25 18:14 - 2012-04-04 11:04 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-01-25 18:14 - 2011-07-09 12:49 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-24 19:29 - 2014-01-24 19:29 - 00000000 ____D C:\download
2014-01-23 20:11 - 2010-01-07 06:55 - 00769136 _____ C:\Windows\system32\perfh007.dat
2014-01-23 20:11 - 2010-01-07 06:55 - 00175866 _____ C:\Windows\system32\perfc007.dat
2014-01-23 20:11 - 2009-07-14 06:13 - 01816162 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-21 21:56 - 2014-01-27 19:11 - 00380416 _____ C:\Users\Admin\Desktop\gmer.exe
2014-01-21 17:23 - 2014-01-17 18:54 - 00002033 _____ C:\Users\Admin\Desktop\Entfernen des Avira PC Cleaners.lnk
2014-01-21 17:23 - 2014-01-17 18:54 - 00001977 _____ C:\Users\Admin\Desktop\Avira PC Cleaner.lnk
2014-01-19 19:53 - 2014-01-19 19:52 - 16545600 _____ C:\Users\Admin\Desktop\▶ 5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 2013 - YouTube [360p].mp4
2014-01-19 19:36 - 2014-01-19 19:36 - 12235872 _____ C:\Users\Admin\Desktop\5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 20.mp4
2014-01-19 17:22 - 2014-01-19 17:19 - 16545600 _____ C:\Users\Admin\Downloads\5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 2013 - YouTube [360p].mp4
2014-01-19 17:22 - 2014-01-19 17:18 - 28680729 _____ C:\Users\Admin\Downloads\▶ Beste Qualität für Youtube - Film Rendern After Effects ( Tutorial Deutsch German ) - YouTube [720p].mp4
2014-01-19 14:57 - 2014-01-19 14:57 - 01175552 _____ C:\Users\Admin\Downloads\5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 20-2.flv
2014-01-19 14:46 - 2014-01-19 14:41 - 22009412 _____ C:\Users\Admin\Downloads\5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 20-1.flv
2014-01-19 14:38 - 2014-01-19 14:05 - 00000000 ____D C:\Users\Admin\Desktop\I Phone Foto´s
2014-01-19 08:49 - 2014-01-19 08:49 - 00000000 ____D C:\Users\Admin\AppData\Roaming\QuickScan
2014-01-18 21:47 - 2014-01-18 21:47 - 00359310 _____ C:\Users\Admin\AppData\Local\census.cache
2014-01-18 21:47 - 2014-01-18 21:47 - 00181174 _____ C:\Users\Admin\AppData\Local\ars.cache
2014-01-18 21:04 - 2014-01-18 21:00 - 15035430 _____ C:\Users\Admin\Downloads\5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 20.flv
2014-01-16 17:57 - 2009-07-14 05:45 - 05002968 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-15 20:07 - 2009-09-17 22:29 - 00000000 ____D C:\ProgramData\Microsoft Help
2014-01-15 20:06 - 2013-07-27 09:49 - 00000000 ____D C:\Windows\system32\MRT
2014-01-15 20:03 - 2010-02-26 14:16 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-15 19:23 - 2011-01-07 19:20 - 00000000 ____D C:\Users\Admin\AppData\Roaming\TS3Client
2014-01-15 19:10 - 2014-01-15 19:10 - 00000206 _____ C:\Users\Admin\Documents\cc_20140115_191034.reg
2014-01-15 19:08 - 2014-01-15 19:08 - 00010598 _____ C:\Users\Admin\Documents\cc_20140115_190837.reg
2014-01-15 18:42 - 2010-06-26 09:07 - 00000000 ____D C:\Windows\pss
2014-01-11 03:01 - 2010-07-11 13:14 - 01789506 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2014-01-10 18:18 - 2014-01-10 18:18 - 00001077 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-10 18:18 - 2011-01-16 12:20 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-10 18:10 - 2011-06-27 17:42 - 00000000 ____D C:\Windows\System32\Tasks\Aufgaben der Ereignisanzeige
2014-01-09 21:37 - 2014-01-09 21:37 - 00000168 _____ C:\Users\Admin\Downloads\2591617_hd.flv

Some content of TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\avgnt.exe
C:\Users\Admin\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-29 17:31

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---


Eine Addition´s Datei habe ich nicht bekommen.

Aufgefallen ist mir das jetzt beim PC Start ein Fenster öffnet
mit dem Text: Anwendungsanforderugen werden geprüft. Diese vorgang kann länger dauern!

Alt 01.02.2014, 11:12   #12
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 7: Neue E-Mail Adresse erstellt und gleich Spoof Mail bekommen... Ebay rät Trojaner Check! - Standard

Windows 7: Neue E-Mail Adresse erstellt und gleich Spoof Mail bekommen... Ebay rät Trojaner Check!




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 02.02.2014, 09:04   #13
Vater Sohn
 
Windows 7: Neue E-Mail Adresse erstellt und gleich Spoof Mail bekommen... Ebay rät Trojaner Check! - Standard

Windows 7: Neue E-Mail Adresse erstellt und gleich Spoof Mail bekommen... Ebay rät Trojaner Check!



Hallo Schrauber ... schon mal für die Hilfe- bis jetzt

nun zu den logs..
EST_Log

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=c19e49ab6d109645bf0798d89dd10d3d
# end=stopped
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-05-07 08:07:00
# local_time=2012-05-07 10:07:00 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=5.1.2600 NT Service Pack 2
# compatibility_mode=512 16777215 100 0 66267222 66267222 0 0
# compatibility_mode=1280 16777215 100 0 7820334 7820334 0 0
# compatibility_mode=4096 16777215 100 0 7821015 7821015 0 0
# compatibility_mode=5893 16776574 100 94 217768 88049375 0 0
# compatibility_mode=8192 67108863 100 0 627 627 0 0
# scanned=4374
# found=2
# cleaned=2
# scan_time=1695
C:\$Recycle.Bin\S-1-5-21-2715126414-4153456669-2541334608-1000\$RFYEOKO.exe	Win32/Adware.ADON application (deleted - quarantined)	00000000000000000000000000000000	C
C:\$Recycle.Bin\S-1-5-21-2715126414-4153456669-2541334608-1000\$R0K9U7S\Aktivierung\KeyGen Methode(Empfohlen)\CS4MCLG.EXE	probably a variant of Win32/Spy.Agent.FFETUNH trojan (cleaned by deleting - quarantined)	00000000000000000000000000000000	C
ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=53251
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=c19e49ab6d109645bf0798d89dd10d3d
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-05-08 02:02:05
# local_time=2012-05-08 04:02:05 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=5.1.2600 NT Service Pack 2
# compatibility_mode=512 16777215 100 0 66269129 66269129 0 0
# compatibility_mode=1280 16777215 100 0 7822241 7822241 0 0
# compatibility_mode=4096 16777215 100 0 7822922 7822922 0 0
# compatibility_mode=5893 16776574 100 94 219675 88051282 0 0
# compatibility_mode=8192 67108863 100 0 2534 2534 0 0
# scanned=1178296
# found=8
# cleaned=8
# scan_time=21093
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19\f04713-227e6b8f	Java/Exploit.CVE-2011-3544.AU trojan (deleted - quarantined)	00000000000000000000000000000000	C
C:\Users\Admin\AppData\Roaming\OpenCandy\OpenCandy_F54C405323294543AA149C6E7362FBA9\LinkuryInstaller.msi	Win32/Toolbar.Linkury application (deleted - quarantined)	00000000000000000000000000000000	C
F:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Trial Creator\Export\SoftDMA_Trial\Autorun.inf	INF/Autorun.gen trojan (cleaned by deleting - quarantined)	00000000000000000000000000000000	C
F:\Program Files (x86)\AntiBrowserSpy\PvLogiciels.dotNetProtector.RuntimeX86.dll	a variant of MSIL/Packed.PvLogNetProtector.A application (cleaned by deleting - quarantined)	00000000000000000000000000000000	C
Q:\ACER\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Trial Creator\Export\SoftDMA_Trial\Autorun.inf	INF/Autorun.gen trojan (cleaned by deleting - quarantined)	00000000000000000000000000000000	C
Q:\ADMIN-PC\Backup Set 2011-04-09 110733\Backup Files 2011-04-09 110733\Backup files 14.zip	probably a variant of Win32/Spy.Agent.FFETUNH trojan (deleted - quarantined)	00000000000000000000000000000000	C
Q:\ADMIN-PC\Backup Set 2011-04-09 110733\Backup Files 2011-04-09 110733\Backup files 2.zip	a variant of Win32/SlowPCfighter application (deleted - quarantined)	00000000000000000000000000000000	C
Q:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Trial Creator\Export\SoftDMA_Trial\Autorun.inf	INF/Autorun.gen trojan (cleaned by deleting - quarantined)	00000000000000000000000000000000	C
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=c19e49ab6d109645bf0798d89dd10d3d
# engine=16721
# end=stopped
# remove_checked=false
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-01-20 06:44:28
# local_time=2014-01-20 07:44:28 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1799 16775165 100 96 43380 255666758 36115 0
# compatibility_mode=5893 16776574 100 94 16673183 141873318 0 0
# scanned=2172
# found=0
# cleaned=0
# scan_time=10
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=c19e49ab6d109645bf0798d89dd10d3d
# engine=16721
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=true
# antistealth_checked=false
# utc_time=2014-01-20 06:48:49
# local_time=2014-01-20 07:48:49 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1799 16775165 100 96 43641 255667019 36376 0
# compatibility_mode=5893 16776574 100 94 16673444 141873579 0 0
# scanned=2380
# found=0
# cleaned=0
# scan_time=55
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=c19e49ab6d109645bf0798d89dd10d3d
# engine=16901
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-02-01 09:00:25
# local_time=2014-02-01 10:00:25 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1799 16775165 100 96 16037 256711715 8791 0
# compatibility_mode=5893 16776574 100 94 17718140 142918275 0 0
# scanned=1053856
# found=1
# cleaned=0
# scan_time=11179
sh=81E4D6C73D512607C41C1A558BFEDC122014254D ft=0 fh=0000000000000000 vn="INF/Autorun.gen worm" ac=I fn="Q:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Trial Creator\Export\SoftDMA_Trial\Autorun.inf"
         
Security Check_Log

Code:
ATTFilter
  Results of screen317's Security Check version 0.99.79  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Avira Desktop   
 Antivirus up to date!  (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
 Malwarebytes Anti-Malware Version 1.75.0.1300  
 DH Driver Cleaner Professional Edition 
 Java(TM) 6 Update 35  
 Java 7 Update 45  
 Java version out of Date! 
  Adobe Flash Player 12.0.0.43 Flash Player out of Date!  
 Adobe Reader XI  
 Mozilla Firefox (26.0) 
 Mozilla Thunderbird (24.0.1) 
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbamgui.exe  
 Avira Antivir avgnt.exe 
 Avira Antivir avguard.exe 
 Malwarebytes' Anti-Malware mbamscheduler.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
         
FRST_Log


FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-02-2014 04
Ran by Admin (administrator) on ADMIN-PC on 02-02-2014 08:45:33
Running from C:\Users\Admin\Desktop\Trojanerbord\Programme
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\avmike.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\certsrv.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(GFI Software Ltd.) C:\Program Files (x86)\GFI\LANguard 9\lnssatt.exe
(GFI Software Ltd.) C:\Program Files (x86)\Common Files\GFI\ReportCenter\Framework v3.5\gfireporterservice.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(AVM Berlin) C:\Program Files\FRITZ!DSL\IGDCTRL.EXE
( ) C:\Windows\System32\lxducoms.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
() C:\ProgramData\TVersity\Media Server\MediaServer.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(VMLite, Inc.) C:\Program Files\VMLite\VMLite Workstation\VMLiteService.exe
(Tablet Driver) C:\Windows\System32\drivers\WTSrv.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Tablet Driver) C:\Windows\SysWOW64\WTClient.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(The Eraser Project) C:\Program Files\Eraser\Eraser.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\MediaSource5\MtdAcqu.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Akamai Technologies, Inc.) C:\Users\Admin\AppData\Local\Akamai\netsession_win.exe
(Spotify Ltd) C:\Users\Admin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Realtime Soft Ltd) C:\Program Files\UltraMon\UltraMon.exe
(Akamai Technologies, Inc.) C:\Users\Admin\AppData\Local\Akamai\netsession_win.exe
(Realtime Soft Ltd) C:\Program Files\UltraMon\UltraMonTaskbar.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\dfsvc.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(AVM Berlin) C:\Users\Admin\AppData\Local\Apps\2.0\12HOTO9J.7NP\8LLHM2D0.AMZ\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\fritzbox-usb-fernanschluss.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Realtime Soft Ltd) C:\Program Files (x86)\Common Files\Realtime Soft\RTSHookInterop\x32\RTSHookInterop.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe
(Realtime Soft Ltd) C:\Program Files\UltraMon\UltraMonUiAcc.exe
(Realtime Soft Ltd) C:\Program Files (x86)\Common Files\Realtime Soft\RTSHookInterop\x32\RTSHookInterop.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IAAnotif] - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation)
HKLM\...\Run: [Eraser] - C:\Program Files\Eraser\Eraser.exe [980920 2012-05-22] (The Eraser Project)
HKLM-x32\...\Run: [JMB36X IDE Setup] - C:\Windows\RaidTool\xInsIDE.exe [36864 2007-03-20] ()
HKLM-x32\...\Run: [SPIRunE] - Rundll32 SPIRunE.dll,RunDLLEntry
HKLM-x32\...\Run: [VolPanel] - C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe [184320 2007-04-17] (Creative Technology Ltd)
HKLM-x32\...\Run: [WTClient] - C:\Windows\SysWOW64\WTClient.exe [32768 2009-08-19] (Tablet Driver)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-18] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [UnlockerAssistant] - C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe [17408 2010-07-04] ()
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [TkBellExe] - c:\program files (x86)\real\realplayer\Update\realsched.exe [295072 2013-01-10] (RealNetworks, Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-01-20] (Apple Inc.)
HKLM\...\Winlogon: [Userinit] c:\windows\system32\userinit.exe,c:\program files\soluto\soluto.exe /userinit
HKU\S-1-5-21-2715126414-4153456669-2541334608-1000\...\Run: [AVMUSBFernanschluss] - C:\Users\Admin\AppData\Local\Apps\2.0\12HOTO9J.7NP\8LLHM2D0.AMZ\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\AVMAutoStart.exe [139264 2014-01-30] (AVM Berlin)
HKU\S-1-5-21-2715126414-4153456669-2541334608-1000\...\Run: [MtdAcqu] - C:\Program Files (x86)\Creative\MediaSource5\MtdAcqu.exe [278528 2006-03-08] (Creative Technology Ltd)
HKU\S-1-5-21-2715126414-4153456669-2541334608-1000\...\Run: [ISUSPM Startup] - C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2004-06-14] (InstallShield Software Corporation)
HKU\S-1-5-21-2715126414-4153456669-2541334608-1000\...\Run: [Akamai NetSession Interface] - C:\Users\Admin\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2715126414-4153456669-2541334608-1000\...\Run: [Spotify Web Helper] - C:\Users\Admin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1199576 2012-11-10] (Spotify Ltd)
HKU\S-1-5-21-2715126414-4153456669-2541334608-1000\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x00000000

==================== Internet (Whitelisted) ====================

ProxyServer: 216.155.139.115:3128
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xD3DA056485D9CE01
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2413} URL = 
SearchScopes: HKLM-x32 - {90C03654-BF89-48C9-ABAB-3C6CFF9C7798} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKCU - {90C03654-BF89-48C9-ABAB-3C6CFF9C7798} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE368
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: GetRight IE Helper - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program Files (x86)\GetRight\xx2gr.dll (Headlight Software, Inc.)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Lexmark  - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files (x86)\Lexmark Printable Web\bho.dll ()
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {EFEED92A-A33D-4873-BA8F-32BAA631E54D} -  No File
Toolbar: HKCU - No Name - {EFEED92A-A33D-4873-BA8F-32BAA631E54D} -  No File
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15101/CTSUEng.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPID.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Winsock: Catalog5 09 %ProgramFiles(x86)%\FRITZ!DSL\\sarah.dll File Not found ()
Winsock: Catalog9 01 C:\Program Files (x86)\FRITZ!DSL\\sarah.dll [28472] (AVM Berlin)
Winsock: Catalog9 02 C:\Program Files (x86)\FRITZ!DSL\\sarah.dll [28472] (AVM Berlin)
Winsock: Catalog9 09 C:\Program Files (x86)\FRITZ!DSL\\sarah.dll [28472] (AVM Berlin)
Winsock: Catalog9 14 C:\Program Files (x86)\FRITZ!DSL\\sarah.dll [28472] (AVM Berlin)
Winsock: Catalog5-x64 09 %ProgramFiles%\FRITZ!DSL\\sarah.dll [34104] (AVM Berlin)
Winsock: Catalog9-x64 01 %ProgramFiles%\FRITZ!DSL\\sarah.dll [34104] (AVM Berlin)
Winsock: Catalog9-x64 02 %ProgramFiles%\FRITZ!DSL\\sarah.dll [34104] (AVM Berlin)
Winsock: Catalog9-x64 09 %ProgramFiles%\FRITZ!DSL\\sarah.dll [34104] (AVM Berlin)
Winsock: Catalog9-x64 14 %ProgramFiles%\FRITZ!DSL\\sarah.dll [34104] (AVM Berlin)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\vx5a6cwc.Battlefield
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=1.102.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.110.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.122.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8064.0206 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.0.282 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.0.282 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Admin\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Admin\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll (RealPlayer)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Wörterbuch Deutsch (de-DE), Hunspell-unterstützt - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\profiles\extensions\de_DE@dicts.j3e.de [2011-03-18]
FF Extension: Integrated Gmail - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\profiles\extensions\{28197867-b1ef-4140-8e3b-55c45b9c8460} [2011-03-18]
FF Extension: NoScript - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\profiles\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232} [2011-03-18]
FF Extension: DownloadHelper - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\profiles\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2012-10-24]
FF Extension: Adblock Plus - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\profiles\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2012-10-24]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2013-12-20]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2013-12-20]
FF HKLM-x32\...\Firefox\Extensions: [{34712C68-7391-4c47-94F3-8F88D49AD632}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-01-10]
FF HKCU\...\Firefox\Extensions: [{12805837-47e5-429f-8db4-77fa8c07a0e1}] - C:\Program Files (x86)\bLyrics\130.xpi

Chrome: 
=======
CHR HomePage: hxxp://www.google.com
CHR DefaultSearchProvider: Linkury Smartbar Search
CHR DefaultSearchURL: hxxp://www.google.com
CHR Plugin: (Shockwave Flash) - C:\Users\Admin\AppData\Local\Google\Chrome\Application\15.0.874.106\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.290.11) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U29) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll No File
CHR Plugin: (DivX Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll No File
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll No File
CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Admin\AppData\Local\Google\Chrome\Application\15.0.874.106\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Admin\AppData\Local\Google\Chrome\Application\15.0.874.106\pdf.dll No File
CHR Plugin: (vShare.tv plug-in) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\chvsharetvplg.dll No File
CHR Plugin: (vShare.tv plug-in) - C:\Program Files (x86)\Mozilla Firefox\plugins\npvsharetvplg.dll No File
CHR Plugin: (Windows Genuine Advantage) - C:\Program Files (x86)\Mozilla Firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll No File
CHR Plugin: (ESN Launch Mozilla Plugin) - C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll No File
CHR Plugin: (ESN Sonar API) - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2012-11-29]
CHR HKLM-x32\...\Chrome\Extension: [okaclkhnjaebofijaabgiahinbajiekd] - C:\Program Files (x86)\bLyrics\130.crx [2012-11-29]

==================== Services (Whitelisted) =================

R2 Akamai; c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll [4569856 2013-07-02] (Akamai Technologies, Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-26] (Avira Operations GmbH & Co. KG)
R2 avmike; C:\Program Files\FRITZ!Fernzugang\avmike.exe [336248 2012-02-02] (AVM Berlin)
R2 certsrv; C:\Program Files\FRITZ!Fernzugang\certsrv.exe [143736 2011-10-31] (AVM Berlin)
R2 gfi_lanss9_attservice; C:\Program Files (x86)\GFI\LANguard 9\lnssatt.exe [329144 2010-11-13] (GFI Software Ltd.)
R2 GFI_ReportCenter35; C:\Program Files (x86)\Common Files\GFI\ReportCenter\Framework v3.5\gfireporterservice.exe [111912 2009-06-16] (GFI Software Ltd.)
R2 IGDCTRL; C:\Program Files\FRITZ!DSL\IGDCTRL.EXE [88888 2009-07-28] (AVM Berlin)
S2 lxduCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\x64\3\\lxduserv.exe [29184 2009-10-16] (Lexmark International, Inc.)
R2 lxdu_device; C:\Windows\system32\lxducoms.exe [1039360 2009-10-16] ( )
R2 lxdu_device; C:\Windows\SysWOW64\lxducoms.exe [589824 2009-10-16] ( )
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [58345832 2011-09-22] (Microsoft Corporation)
R2 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [311592 2009-08-06] (Egis Technology Inc.)
R2 nwtsrv; C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe [189304 2011-10-31] (AVM Berlin)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2013-08-13] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [189248 2013-08-13] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-11-29] ()
S4 sesvc; C:\Program Files (x86)\ShadowExplorer\sesvc.exe [9216 2011-01-02] (www.shadowexplorer.com)
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [431464 2011-09-22] (Microsoft Corporation)
R2 TVersityMediaServer; C:\ProgramData\TVersity\Media Server\MediaServer.exe [1249064 2011-07-29] ()
R2 VMLiteService; C:\Program Files\VMLite\VMLite Workstation\VMLiteService.exe [426600 2010-08-21] (VMLite, Inc.)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-26] (Avira Operations GmbH & Co. KG)
R3 avmaudio; C:\Windows\System32\DRIVERS\avmaudio.sys [116096 2011-01-22] (AVM Berlin)
R3 avmaura; C:\Windows\System32\DRIVERS\avmaura.sys [116096 2010-05-13] (AVM Berlin)
S3 ENTECH64; C:\Windows\system32\DRIVERS\ENTECH64.sys [12744 2008-04-22] (EnTech Taiwan)
S3 libusb0; C:\Windows\SysWOW64\drivers\libusb0.sys [33792 2005-03-09] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 NWIM; C:\Windows\System32\DRIVERS\avmnwim.sys [412024 2011-07-05] (AVM Berlin)
S3 papycpu; C:\Windows\SysWow64\Drivers\papycpu.sys [1984 1998-09-04] ()
S3 s125bus; C:\Windows\System32\DRIVERS\s125bus.sys [108296 2007-04-24] (MCCI Corporation)
S3 s125mdfl; C:\Windows\System32\DRIVERS\s125mdfl.sys [19720 2007-04-24] (MCCI Corporation)
S3 s125mdm; C:\Windows\System32\DRIVERS\s125mdm.sys [144648 2007-04-24] (MCCI Corporation)
S3 s125mgmt; C:\Windows\System32\DRIVERS\s125mgmt.sys [126216 2007-04-24] (MCCI Corporation)
S3 s125obex; C:\Windows\System32\DRIVERS\s125obex.sys [123656 2007-04-24] (MCCI Corporation)
S3 SaiHFF04; C:\Windows\System32\DRIVERS\SaiHFF04.sys [171144 2007-05-01] (Saitek)
S3 SaiIFF04; C:\Windows\System32\DRIVERS\SaiIFF04.sys [20608 2007-05-01] (Saitek)
R3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [16000 2009-06-10] (Saitek)
R3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [43264 2009-06-10] (Saitek)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [526392 2012-01-07] (Duplex Secure Ltd.)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-08-06] ()
R1 VBoxDrv; C:\Windows\System32\drivers\VBoxDrv.sys [204328 2010-08-11] (VMLite, Inc.)
R3 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp.sys [146216 2010-08-11] (VMLite, Inc.)
R3 VBoxNetFlt; C:\Windows\System32\DRIVERS\VBoxNetFlt.sys [165800 2010-08-11] (VMLite, Inc.)
R3 vmlitediskmp; C:\Windows\System32\DRIVERS\vmlitediskmp.sys [147560 2010-01-11] (VMLite, Inc.)
R1 vmlitedrv; C:\Windows\System32\drivers\vmlitedrv.sys [14952 2010-08-03] (VMLite, Inc.)
R3 vmlitestor; C:\Windows\System32\DRIVERS\vmlitestor.sys [177768 2010-08-11] (VMLite, Inc.)
R1 VMLiteUSBMon; C:\Windows\System32\drivers\vmliteusbmon.sys [135272 2010-08-18] (VMLite, Inc.)
S3 WFMC_VAD; C:\Windows\System32\DRIVERS\wfmcvad.sys [24064 2010-02-08] (WiFi Media Connect)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [x]
U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2010-11-05] (Microsoft Corporation)
S0 Lbd; system32\DRIVERS\Lbd.sys [x]
S0x01000000 papycpu2; \SystemRoot\system32\drivers\papycpu2.sys [x]
U5 papyjoy; C:\Windows\SysWOW64\Drivers\papyjoy.sys [1888 1998-09-04] ()
S3 Tablet2k; "%SystemRoot%\System32\Drivers\Tablet2k.sys" [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-31 19:51 - 2014-01-31 19:51 - 02630806 _____ () C:\Users\Admin\Desktop\tyres_iii_by_katha83_by_katha83-d427yim.abr
2014-01-31 15:25 - 2014-01-31 15:25 - 00002758 _____ () C:\Users\Admin\Desktop\JRT.txt
2014-01-31 15:21 - 2014-01-31 15:21 - 00000000 ____D () C:\Windows\ERUNT
2014-01-31 14:08 - 2014-01-31 15:10 - 00000000 ____D () C:\AdwCleaner
2014-01-31 13:42 - 2014-01-31 13:42 - 00001747 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-01-31 13:41 - 2014-01-31 13:42 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-31 13:41 - 2014-01-31 13:41 - 00000000 ____D () C:\Program Files\iTunes
2014-01-31 13:41 - 2014-01-31 13:41 - 00000000 ____D () C:\Program Files\iPod
2014-01-31 13:41 - 2014-01-31 13:41 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-01-30 20:26 - 2014-02-02 08:32 - 00010035 _____ () C:\Windows\avmacc.log
2014-01-30 20:26 - 2014-01-30 20:26 - 00000902 _____ () C:\Windows\avmacc1.log
2014-01-29 20:11 - 2014-01-29 20:11 - 00000062 _____ () C:\Windows\wininit.ini
2014-01-29 19:09 - 2014-02-02 08:29 - 00000840 _____ () C:\Windows\setupact.log
2014-01-29 19:09 - 2014-01-29 19:09 - 00000546 _____ () C:\Windows\PFRO.log
2014-01-29 19:09 - 2014-01-29 19:09 - 00000000 _____ () C:\Windows\setuperr.log
2014-01-29 18:54 - 2014-01-29 18:54 - 00124294 _____ () C:\ComboFix.txt
2014-01-29 18:37 - 2014-01-29 18:54 - 00000000 ____D () C:\Qoobox
2014-01-29 18:37 - 2014-01-29 18:50 - 00000000 ____D () C:\Windows\erdnt
2014-01-29 18:37 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-01-29 18:37 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-01-29 18:37 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-01-29 18:37 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-01-29 18:37 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-01-29 18:37 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-01-29 18:37 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-01-29 18:37 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-01-28 20:45 - 2014-01-28 20:45 - 00000000 _____ () C:\Users\Admin\Desktop\Neues Textdokument (8).txt
2014-01-27 19:11 - 2014-01-21 21:56 - 00380416 _____ () C:\Users\Admin\Desktop\gmer.exe
2014-01-27 19:04 - 2014-02-02 08:45 - 00000000 ____D () C:\FRST
2014-01-27 18:51 - 2014-01-27 18:51 - 00000020 _____ () C:\Users\Admin\defogger_reenable
2014-01-27 18:46 - 2014-01-29 19:07 - 00000000 ____D () C:\Users\Admin\Desktop\Trojanerbord
2014-01-26 09:24 - 2014-01-26 09:25 - 00000000 ____D () C:\Users\Admin\Desktop\Tor Browser
2014-01-26 09:17 - 2014-01-26 09:17 - 00614784 _____ (Chip Digital GmbH) C:\Users\Admin\Downloads\Tor Browser Paket - CHIP-Downloader.exe
2014-01-26 08:35 - 2014-01-26 08:35 - 00196304 _____ () C:\Users\Admin\Desktop\Extras.Txt
2014-01-26 08:34 - 2014-01-26 08:34 - 00176694 _____ () C:\Users\Admin\Desktop\OTL.Txt
2014-01-26 08:22 - 2014-01-26 08:22 - 00602112 _____ (OldTimer Tools) C:\Users\Admin\Desktop\OTL.exe
2014-01-26 08:00 - 2014-01-26 08:00 - 00001688 _____ () C:\Users\Public\Desktop\Defraggler.lnk
2014-01-26 07:54 - 2014-01-26 07:54 - 00921000 _____ (Oracle Corporation) C:\Users\Admin\Downloads\jxpiinstall.exe
2014-01-26 07:51 - 2014-01-26 07:51 - 09110456 _____ (The Eraser Project) C:\Users\Admin\Downloads\Eraser 6.0.10.2620.exe
2014-01-26 07:50 - 2014-01-26 07:51 - 04208656 _____ (Piriform Ltd) C:\Users\Admin\Downloads\dfsetup216.exe
2014-01-26 07:50 - 2014-01-26 07:50 - 04721920 _____ (Piriform Ltd) C:\Users\Admin\Downloads\ccsetup410.exe
2014-01-24 19:29 - 2014-01-24 19:29 - 00000000 ____D () C:\download
2014-01-19 19:52 - 2014-01-19 19:53 - 16545600 _____ () C:\Users\Admin\Desktop\▶ 5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 2013 - YouTube [360p].mp4
2014-01-19 19:36 - 2014-01-19 19:36 - 12235872 _____ () C:\Users\Admin\Desktop\5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 20.mp4
2014-01-19 17:19 - 2014-01-19 17:22 - 16545600 _____ () C:\Users\Admin\Downloads\5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 2013 - YouTube [360p].mp4
2014-01-19 17:18 - 2014-01-19 17:22 - 28680729 _____ () C:\Users\Admin\Downloads\▶ Beste Qualität für Youtube - Film Rendern After Effects ( Tutorial Deutsch German ) - YouTube [720p].mp4
2014-01-19 14:57 - 2014-01-19 14:57 - 01175552 _____ () C:\Users\Admin\Downloads\5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 20-2.flv
2014-01-19 14:41 - 2014-01-19 14:46 - 22009412 _____ () C:\Users\Admin\Downloads\5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 20-1.flv
2014-01-19 14:05 - 2014-01-19 14:38 - 00000000 ____D () C:\Users\Admin\Desktop\I Phone Foto´s
2014-01-19 08:49 - 2014-01-19 08:49 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\QuickScan
2014-01-18 21:47 - 2014-01-18 21:47 - 00359310 _____ () C:\Users\Admin\AppData\Local\census.cache
2014-01-18 21:47 - 2014-01-18 21:47 - 00181174 _____ () C:\Users\Admin\AppData\Local\ars.cache
2014-01-18 21:00 - 2014-01-18 21:04 - 15035430 _____ () C:\Users\Admin\Downloads\5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 20.flv
2014-01-17 18:54 - 2014-01-21 17:23 - 00002033 _____ () C:\Users\Admin\Desktop\Entfernen des Avira PC Cleaners.lnk
2014-01-17 18:54 - 2014-01-21 17:23 - 00001977 _____ () C:\Users\Admin\Desktop\Avira PC Cleaner.lnk
2014-01-15 19:10 - 2014-01-15 19:10 - 00000206 _____ () C:\Users\Admin\Documents\cc_20140115_191034.reg
2014-01-15 19:08 - 2014-01-15 19:08 - 00010598 _____ () C:\Users\Admin\Documents\cc_20140115_190837.reg
2014-01-15 18:41 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 18:41 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 18:41 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 18:41 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 18:41 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 18:41 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 18:41 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 18:41 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 18:41 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-10 18:18 - 2014-01-10 18:18 - 00001077 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-10 18:18 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-09 21:37 - 2014-01-09 21:37 - 00000168 _____ () C:\Users\Admin\Downloads\2591617_hd.flv

==================== One Month Modified Files and Folders =======

2014-02-02 08:45 - 2014-01-27 19:04 - 00000000 ____D () C:\FRST
2014-02-02 08:37 - 2009-07-14 05:45 - 00018512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-02 08:37 - 2009-07-14 05:45 - 00018512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-02 08:34 - 2012-11-27 17:10 - 01258912 _____ () C:\Windows\WindowsUpdate.log
2014-02-02 08:34 - 2010-02-26 13:10 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-02 08:32 - 2014-01-30 20:26 - 00010035 _____ () C:\Windows\avmacc.log
2014-02-02 08:31 - 2010-05-13 17:34 - 00000000 ____D () C:\Users\Admin\AppData\Local\Deployment
2014-02-02 08:31 - 2010-05-12 19:49 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FRITZ!Box
2014-02-02 08:31 - 2010-02-26 13:10 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-02 08:29 - 2014-01-29 19:09 - 00000840 _____ () C:\Windows\setupact.log
2014-02-02 08:29 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-02 08:27 - 2011-08-01 17:54 - 00000000 ____D () C:\Users\Admin\AppData\Local\Adobe
2014-02-01 22:14 - 2012-04-04 11:04 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-01 22:01 - 2013-01-26 09:18 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2715126414-4153456669-2541334608-1000UA.job
2014-01-31 19:51 - 2014-01-31 19:51 - 02630806 _____ () C:\Users\Admin\Desktop\tyres_iii_by_katha83_by_katha83-d427yim.abr
2014-01-31 18:01 - 2013-01-26 09:18 - 00001068 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2715126414-4153456669-2541334608-1000Core.job
2014-01-31 17:17 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-01-31 15:25 - 2014-01-31 15:25 - 00002758 _____ () C:\Users\Admin\Desktop\JRT.txt
2014-01-31 15:21 - 2014-01-31 15:21 - 00000000 ____D () C:\Windows\ERUNT
2014-01-31 15:10 - 2014-01-31 14:08 - 00000000 ____D () C:\AdwCleaner
2014-01-31 15:08 - 2013-10-25 16:34 - 00000000 ____D () C:\Users\Admin\AppData\Local\CrashDumps
2014-01-31 15:05 - 2010-03-28 15:38 - 00000000 ____D () C:\ProgramData\ICQ
2014-01-31 13:42 - 2014-01-31 13:42 - 00001747 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-01-31 13:42 - 2014-01-31 13:41 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-31 13:41 - 2014-01-31 13:41 - 00000000 ____D () C:\Program Files\iTunes
2014-01-31 13:41 - 2014-01-31 13:41 - 00000000 ____D () C:\Program Files\iPod
2014-01-31 13:41 - 2014-01-31 13:41 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-01-31 13:37 - 2010-07-11 11:10 - 00000000 ____D () C:\ProgramData\Apple
2014-01-30 20:26 - 2014-01-30 20:26 - 00000902 _____ () C:\Windows\avmacc1.log
2014-01-30 19:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-01-30 19:07 - 2012-01-14 09:04 - 00283829 _____ () C:\Windows\SysWOW64\TVersityMediaServer.log
2014-01-29 20:11 - 2014-01-29 20:11 - 00000062 _____ () C:\Windows\wininit.ini
2014-01-29 19:11 - 2010-05-13 17:34 - 00000000 ____D () C:\Users\Admin\AppData\Local\Apps\2.0
2014-01-29 19:09 - 2014-01-29 19:09 - 00000546 _____ () C:\Windows\PFRO.log
2014-01-29 19:09 - 2014-01-29 19:09 - 00000000 _____ () C:\Windows\setuperr.log
2014-01-29 19:07 - 2014-01-27 18:46 - 00000000 ____D () C:\Users\Admin\Desktop\Trojanerbord
2014-01-29 18:54 - 2014-01-29 18:54 - 00124294 _____ () C:\ComboFix.txt
2014-01-29 18:54 - 2014-01-29 18:37 - 00000000 ____D () C:\Qoobox
2014-01-29 18:54 - 2010-10-08 13:57 - 01746432 ___SH () C:\Users\Admin\Desktop\Thumbs.db
2014-01-29 18:50 - 2014-01-29 18:37 - 00000000 ____D () C:\Windows\erdnt
2014-01-29 18:50 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-01-29 18:49 - 2010-02-08 10:13 - 00000000 ____D () C:\Users\Admin
2014-01-29 18:26 - 2010-11-04 18:49 - 00000000 ____D () C:\Windows\Minidump
2014-01-28 20:45 - 2014-01-28 20:45 - 00000000 _____ () C:\Users\Admin\Desktop\Neues Textdokument (8).txt
2014-01-27 18:51 - 2014-01-27 18:51 - 00000020 _____ () C:\Users\Admin\defogger_reenable
2014-01-26 09:34 - 2013-09-01 09:21 - 00000000 ____D () C:\Users\Admin\Desktop\Tim Melzer
2014-01-26 09:25 - 2014-01-26 09:24 - 00000000 ____D () C:\Users\Admin\Desktop\Tor Browser
2014-01-26 09:17 - 2014-01-26 09:17 - 00614784 _____ (Chip Digital GmbH) C:\Users\Admin\Downloads\Tor Browser Paket - CHIP-Downloader.exe
2014-01-26 08:35 - 2014-01-26 08:35 - 00196304 _____ () C:\Users\Admin\Desktop\Extras.Txt
2014-01-26 08:34 - 2014-01-26 08:34 - 00176694 _____ () C:\Users\Admin\Desktop\OTL.Txt
2014-01-26 08:22 - 2014-01-26 08:22 - 00602112 _____ (OldTimer Tools) C:\Users\Admin\Desktop\OTL.exe
2014-01-26 08:00 - 2014-01-26 08:00 - 00001688 _____ () C:\Users\Public\Desktop\Defraggler.lnk
2014-01-26 08:00 - 2010-03-14 12:46 - 00000000 ____D () C:\Program Files\Defraggler
2014-01-26 07:59 - 2012-11-27 17:17 - 00000000 ____D () C:\Program Files\CCleaner
2014-01-26 07:54 - 2014-01-26 07:54 - 00921000 _____ (Oracle Corporation) C:\Users\Admin\Downloads\jxpiinstall.exe
2014-01-26 07:51 - 2014-01-26 07:51 - 09110456 _____ (The Eraser Project) C:\Users\Admin\Downloads\Eraser 6.0.10.2620.exe
2014-01-26 07:51 - 2014-01-26 07:50 - 04208656 _____ (Piriform Ltd) C:\Users\Admin\Downloads\dfsetup216.exe
2014-01-26 07:50 - 2014-01-26 07:50 - 04721920 _____ (Piriform Ltd) C:\Users\Admin\Downloads\ccsetup410.exe
2014-01-26 07:49 - 2012-11-10 18:10 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Spotify
2014-01-26 07:44 - 2012-11-10 18:10 - 00000000 ____D () C:\Users\Admin\AppData\Local\Spotify
2014-01-25 18:14 - 2012-04-04 11:04 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-25 18:14 - 2012-04-04 11:04 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-01-25 18:14 - 2011-07-09 12:49 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-24 19:29 - 2014-01-24 19:29 - 00000000 ____D () C:\download
2014-01-23 20:11 - 2010-01-07 06:55 - 00769136 _____ () C:\Windows\system32\perfh007.dat
2014-01-23 20:11 - 2010-01-07 06:55 - 00175866 _____ () C:\Windows\system32\perfc007.dat
2014-01-23 20:11 - 2009-07-14 06:13 - 01816162 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-01-21 21:56 - 2014-01-27 19:11 - 00380416 _____ () C:\Users\Admin\Desktop\gmer.exe
2014-01-21 17:23 - 2014-01-17 18:54 - 00002033 _____ () C:\Users\Admin\Desktop\Entfernen des Avira PC Cleaners.lnk
2014-01-21 17:23 - 2014-01-17 18:54 - 00001977 _____ () C:\Users\Admin\Desktop\Avira PC Cleaner.lnk
2014-01-19 19:53 - 2014-01-19 19:52 - 16545600 _____ () C:\Users\Admin\Desktop\▶ 5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 2013 - YouTube [360p].mp4
2014-01-19 19:36 - 2014-01-19 19:36 - 12235872 _____ () C:\Users\Admin\Desktop\5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 20.mp4
2014-01-19 17:22 - 2014-01-19 17:19 - 16545600 _____ () C:\Users\Admin\Downloads\5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 2013 - YouTube [360p].mp4
2014-01-19 17:22 - 2014-01-19 17:18 - 28680729 _____ () C:\Users\Admin\Downloads\▶ Beste Qualität für Youtube - Film Rendern After Effects ( Tutorial Deutsch German ) - YouTube [720p].mp4
2014-01-19 14:57 - 2014-01-19 14:57 - 01175552 _____ () C:\Users\Admin\Downloads\5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 20-2.flv
2014-01-19 14:46 - 2014-01-19 14:41 - 22009412 _____ () C:\Users\Admin\Downloads\5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 20-1.flv
2014-01-19 14:38 - 2014-01-19 14:05 - 00000000 ____D () C:\Users\Admin\Desktop\I Phone Foto´s
2014-01-19 08:49 - 2014-01-19 08:49 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\QuickScan
2014-01-18 21:47 - 2014-01-18 21:47 - 00359310 _____ () C:\Users\Admin\AppData\Local\census.cache
2014-01-18 21:47 - 2014-01-18 21:47 - 00181174 _____ () C:\Users\Admin\AppData\Local\ars.cache
2014-01-18 21:04 - 2014-01-18 21:00 - 15035430 _____ () C:\Users\Admin\Downloads\5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 20.flv
2014-01-16 17:57 - 2009-07-14 05:45 - 05002968 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-01-15 20:07 - 2009-09-17 22:29 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-01-15 20:06 - 2013-07-27 09:49 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-15 20:03 - 2010-02-26 14:16 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-15 19:23 - 2011-01-07 19:20 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\TS3Client
2014-01-15 19:10 - 2014-01-15 19:10 - 00000206 _____ () C:\Users\Admin\Documents\cc_20140115_191034.reg
2014-01-15 19:08 - 2014-01-15 19:08 - 00010598 _____ () C:\Users\Admin\Documents\cc_20140115_190837.reg
2014-01-15 18:42 - 2010-06-26 09:07 - 00000000 ____D () C:\Windows\pss
2014-01-11 03:01 - 2010-07-11 13:14 - 01789506 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-01-10 18:18 - 2014-01-10 18:18 - 00001077 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-10 18:18 - 2011-01-16 12:20 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-10 18:10 - 2011-06-27 17:42 - 00000000 ____D () C:\Windows\System32\Tasks\Aufgaben der Ereignisanzeige
2014-01-09 21:37 - 2014-01-09 21:37 - 00000168 _____ () C:\Users\Admin\Downloads\2591617_hd.flv

Some content of TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\avgnt.exe
C:\Users\Admin\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-29 17:31

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---

Zu den Problemen...

heute beim PC Start...
Nach dem Hochfahren beliebt der PC bei 1%-3% CPU Leistung stehen..
es lassen sich Programmen starten die dann im Tanksmanager angezeigt werden aber nicht starten.. Um mit dem PC arbeiten zu können muss ich einen Neustart machen!
Dann geht alles normal... ( Das ist schon öfter vorgekommen )

Beim PC Start öffnet sich ein Fenster ( Siehe Foto ) war sonnst nicht da..



Grade im diesem -moment ist mir wieder ein der Windows Explorer hängen geblieben.Ich wollte eine neue Text Datei erstellen.. Jetzt steht da kein Rückmeldung..

Gruß Vater Sohn

Alt 03.02.2014, 10:05   #14
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 7: Neue E-Mail Adresse erstellt und gleich Spoof Mail bekommen... Ebay rät Trojaner Check! - Standard

Windows 7: Neue E-Mail Adresse erstellt und gleich Spoof Mail bekommen... Ebay rät Trojaner Check!



Java und Flash updaten.

Downloade dir bitte Windows Repair (All In One) von hier.
  • Installiere das Programm. Starte es, nachdem die Installation abgeschlossen wurde.
  • Klicke auf Step 2 und drücke unter Check Disk auf Do It.

  • Wenn der Vorgang abgeschlossen ist, klicke auf Step 3 und drücke unter System File Check auf Do It.

  • Nachdem der Vorgang abgeschlossen ist, klicke auf Start Repairs, wähle den Advanced Mode und drücke Start.

  • Gehe bitte sicher, dass die Kästchen wie unten zu sehen angehakt sind. Bitte hake zusätzlich noch Set Windows Services to Default Startup an.
  • Hake Restart System when Finished an.
  • Drücke Start.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 05.02.2014, 17:10   #15
Vater Sohn
 
Windows 7: Neue E-Mail Adresse erstellt und gleich Spoof Mail bekommen... Ebay rät Trojaner Check! - Standard

Windows 7: Neue E-Mail Adresse erstellt und gleich Spoof Mail bekommen... Ebay rät Trojaner Check!



Hallo Schrauber,

habe die Windows Repair (All In One) geladen und nach der Anleitung abgearbeitet.
beim ersten mal ist das Programm bei Start Repairs abgestürzt nach dem das Programm die ganze Nacht gelaufen ist und keinen schritt weiter war. Habe ich es abgebrochen.

Bei Neustart des Programms hab ich dann auf die neu Version geladen 2.2 war das glaube ich.. wird in dem Programm angezeigt!

Habe alle schritte wiederholt, dann lief alles durch.... hat aber auch gedauert!
Ein LogFile konnte ich nicht finden, sofern vorhanden...

Nun denke ich das der PC Schneller arbeitet (Startet).



Die Meldung

erscheint immer noch..

Gruß Vater Sohn


Update: PC jetzt gerade wieder ohne Reaktion... CPU Auslastung 1%-3% Programme z.b. Firefox sind im Taksmanager zu sehen aber starten nicht.. nach Neustart alles wieder ok hmmm :-(

Geändert von Vater Sohn (05.02.2014 um 17:27 Uhr)

Antwort

Themen zu Windows 7: Neue E-Mail Adresse erstellt und gleich Spoof Mail bekommen... Ebay rät Trojaner Check!
brauche, browser, check, code, e-mail, ebay, erstellt, fake, falsch, fehler, fehlermeldung, keine rückmeldung, mails, neue, neustart, paypal, programm, rückmeldung, spiele, spielen, start, starten, suche, trojaner, windows, windows 7



Ähnliche Themen: Windows 7: Neue E-Mail Adresse erstellt und gleich Spoof Mail bekommen... Ebay rät Trojaner Check!


  1. Seltsame E-Mail zurück bekommen (failure notice) beim E-Mail-Versand
    Überwachung, Datenschutz und Spam - 14.09.2015 (7)
  2. Telekom Trojaner Mail geöffnet / Log-Dateine erstellt und nun?
    Log-Analyse und Auswertung - 13.11.2014 (1)
  3. Windows 7: E-Mail Adresse war betroffen / Verdacht auf Malware
    Plagegeister aller Art und deren Bekämpfung - 05.02.2014 (21)
  4. habe E-mail von BSI bekommen
    Log-Analyse und Auswertung - 27.01.2014 (7)
  5. BSI hat E-Mail Adresse im Bot-Netzwerk gefunden
    Plagegeister aller Art und deren Bekämpfung - 25.01.2014 (3)
  6. Mail-Adresse gehackt? - "keineantwortadresse@web.de" - Mail-Flut
    Plagegeister aller Art und deren Bekämpfung - 12.12.2013 (5)
  7. Mail delivery failed, aber nur in Windows live mail
    Plagegeister aller Art und deren Bekämpfung - 15.08.2013 (8)
  8. brauche hilfe habe e-mail bekommen mit anhang meine mutter hat es geofnet und da warn trojaner drin
    Log-Analyse und Auswertung - 30.06.2013 (2)
  9. Dritter erstellt Account über meine E-mail Adresse
    Plagegeister aller Art und deren Bekämpfung - 22.09.2012 (8)
  10. Spam-Mail von meiner web.de-E-Mail-Adresse an alle Kontakte gesendet
    Log-Analyse und Auswertung - 22.02.2012 (27)
  11. Spam von meiner e-mail-Adresse?
    Plagegeister aller Art und deren Bekämpfung - 19.02.2009 (3)
  12. Spam-Mail mit eigener E-Mail Adresse
    Plagegeister aller Art und deren Bekämpfung - 09.01.2009 (2)
  13. E-Mail, Ebay etc
    Plagegeister aller Art und deren Bekämpfung - 11.12.2008 (2)
  14. Heute schon über 30 "Mail Delivery System "Mail Delivery System" Mail bekommen
    Log-Analyse und Auswertung - 26.05.2008 (4)
  15. Seltsame e-mail bekommen
    Plagegeister aller Art und deren Bekämpfung - 24.03.2007 (2)
  16. E-Mail immer gleich doppelt
    Alles rund um Windows - 25.12.2006 (5)
  17. E-Mail Adresse abmelden?
    Plagegeister aller Art und deren Bekämpfung - 15.04.2003 (4)

Zum Thema Windows 7: Neue E-Mail Adresse erstellt und gleich Spoof Mail bekommen... Ebay rät Trojaner Check! - Hallo alle zusammen und schon mal Danke für´s helfen.. Ich habe vor kurzem eine neue E-mail Adresse eingerichtet (eine zweit/unter Mail meiner Haupt E-Mail adresee). Ich Brauche sie nur als - Windows 7: Neue E-Mail Adresse erstellt und gleich Spoof Mail bekommen... Ebay rät Trojaner Check!...
Archiv
Du betrachtest: Windows 7: Neue E-Mail Adresse erstellt und gleich Spoof Mail bekommen... Ebay rät Trojaner Check! auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.