Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Add-on Namens TubEItAdBlloCkAp geht nicht weg

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 31.01.2014, 16:06   #1
boust
 
Add-on Namens TubEItAdBlloCkAp geht nicht weg - Standard

Add-on Namens TubEItAdBlloCkAp geht nicht weg



Hallo,

ich habe mich hier angemeldet, weil ich mittlerweile recht verzweifelt bin.
Seit ungefähr einem Monat plage ich mich mit lauter Add-on Malware auf meinem PC herum.
Ich versuche das alles mal möglichst genau zu beschreiben:
Gemerkt, dass etwas nicht stimmt habe ich, als ich plötzlich unfassbar viele Popups überall bekommen habe; an einigen stand unten am rand "brought to you by safesaver".
Als ich danach googelte, kam ich auf das Programm "Spyhunter", was wie ich nun weis auch Schadsoftware ist, und habe es durchlaufen lassen, was die ganze sache nicht verbessert hat.
Dann habe ich den Spyhunter wieder deinstalliert und schließlich bei Google Chrome unter Erweiterungen zwei mit unbekannte Erweiterungen entdeckt. "SweetIM" und "bestaveefoaryou" (so ungefähr lauteten die Namen).
Über Systemsteuerungen habe ich dann die beiden Programme gelöscht und sie im Chrome Menü entfernt.
SweetIM war danach weg, aber mit jedem Start von Chrome kam dieser bestsaveefoaryu wieder, sodass ich es einfach jedes Mal wieder gelöscht habe, da ich keine Zeit hatte, mich weiter darum zu kümmern.
Zwischendurch habe ich Zahlreiche Scans durchlaufen lassen: Malwarebytes Anti Malware, Avira PC Cleaner, IObit Malware Fighter und adwcleaner.
Das hat alles nichts genützt.
Heute habe ich dann ein neues Add-On in Chrome entdeckt: "TubEItAdBlloCkAp", welches sich noch nicht mal mehr entfernen lässt; "Durch Unternehmensrichtlinie installiert" steht daneben.
Daraufhin wollte ich Chrome deinstallieren, was aber komischerweise nicht ging.
Dann habe ich meinen PC im abgesicherten Modus gestartet und darin Chrome deinstalliert (da ging es dann), Malwarebytes erneut durchlaufen lassen, wobei es 14 bedrohungen enteckte, die ich alle löschte, schließlich habe ich Chrome wieder installiert.
Nach dem Neustart habe ich dann Chrome wieder gestartet und "TubEItAdBlloCkAp" war wieder da aber "bestsaveefoaryu" ist jetzt anscheinend weg.
Da sich das Add on nicht löschen lässt, traue ich mittlerweile nicht mehr, irgendwas an meinem PC zu machen, was gar nicht mal so toll ist, da ich ihn für die Uni brauche.

Ich hoffe, ihr könnt mir aus dieser Situation heraushelfen.

Gruß
Bastian

Alt 31.01.2014, 16:09   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Add-on Namens TubEItAdBlloCkAp geht nicht weg - Standard

Add-on Namens TubEItAdBlloCkAp geht nicht weg



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 31.01.2014, 16:44   #3
boust
 
Add-on Namens TubEItAdBlloCkAp geht nicht weg - Standard

Add-on Namens TubEItAdBlloCkAp geht nicht weg



Vielen Dank für die Anweisungen, schrauber.

Hier sind die dateien:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-01-2014 01
Ran by Herr Krauskopf (administrator) on HACKFLEISCH on 31-01-2014 17:38:07
Running from D:\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Google Inc.) C:\Users\Herr Krauskopf\AppData\Local\Google\Update\GoogleUpdate.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Dropbox, Inc.) C:\Users\Herr Krauskopf\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Apple Inc.) E:\Programme\iTunes\iTunesHelper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\UI0Detect.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2726728 2010-03-25] (CANON INC.)
HKLM\...\Run: [Ocs_SM] - C:\Users\Herr Krauskopf\AppData\Roaming\OCS\SM\SearchAnonymizer.exe
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-05-30] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - E:\Programme\iTunes\iTunesHelper.exe [421776 2012-06-07] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CanonSolutionMenuEx] - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1185112 2010-04-02] (CANON INC.)
HKLM-x32\...\Run: [TkBellExe] - C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [296096 2012-09-09] (RealNetworks, Inc.)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [641704 2012-11-16] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AMD AVT] - C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [20992 2012-03-19] ()
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-17] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-04-23] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.)
HKCU\...\Run: [Google Update] - C:\Users\Herr Krauskopf\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-08-13] (Google Inc.)
HKCU\...\Run: [Okqiamdyu] - "C:\Users\Herr Krauskopf\AppData\Roaming\Elhoac\miyg.exe"
HKCU\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe [1561968 2013-04-23] (Samsung)
HKCU\...\Run: [KiesAirMessage] - C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
HKCU\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844168 2013-05-29] (Samsung)
HKCU\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_9_900_170_Plugin.exe -update plugin [839560 2013-12-11] (Adobe Systems Incorporated)
MountPoints2: {358e5c2b-e539-11e1-8a4d-806e6f6e6963} - F:\Autorun.exe
AppInit_DLLs: C:\PROGRA~3\WebPlat\WEBPLA~1.DLL => C:\ProgramData\WebPlat\WebPlat_x64.dll [4242944 2014-01-03] ()
Startup: C:\Users\Herr Krauskopf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Herr Krauskopf\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xD162AA7C4979CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com.anonymize-me.de/?anonymto=687474703A2F2F7777772E62696E672E636F6D2F7365617263683F713D7B7365617263685465726D737D267372633D49452D536561726368426F7826464F524D3D494538535243&st={searchTerms}&clid=e262fad2-e768-4ee1-b806-5ba594755ba0&pid=proxtubede&k=0
SearchScopes: HKCU - {042590A8-7896-4234-8AD2-8DB0071D4FF3} URL = hxxp://www.google.com.anonymize-me.de/?anonymto=687474703A2F2F7777772E676F6F676C652E636F6D2F7365617263683F713D7B7365617263685465726D737D26616D703B736F7572636569643D69653726616D703B726C733D636F6D2E6D6963726F736F66743A7B6C616E67756167657D3A7B72656665727265723A736F757263657D26616D703B69653D7B696E707574456E636F64696E673F7D266F653D7B6F7574707574456E636F64696E673F7D&st={searchTerms}&clid=e262fad2-e768-4ee1-b806-5ba594755ba0&pid=proxtubede&k=0
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com.anonymize-me.de/?anonymto=687474703A2F2F7777772E62696E672E636F6D2F7365617263683F713D7B7365617263685465726D737D267372633D49452D536561726368426F7826464F524D3D494538535243&st={searchTerms}&clid=e262fad2-e768-4ee1-b806-5ba594755ba0&pid=proxtubede&k=0
SearchScopes: HKCU - {44716333-68D4-426A-AC6D-D3DAA56B060E} URL = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=e262fad2-e768-4ee1-b806-5ba594755ba0&pid=proxtubede&mode=bounce&k=0
SearchScopes: HKCU - {57484F9A-4DC1-470F-BCE4-1FE5E63860F1} URL = hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=e262fad2-e768-4ee1-b806-5ba594755ba0&pid=proxtubede&mode=bounce&k=0
SearchScopes: HKCU - {C83A4055-125A-4575-B97A-18CEC1E4483A} URL = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=e262fad2-e768-4ee1-b806-5ba594755ba0&pid=proxtubede&mode=bounce&k=0
SearchScopes: HKCU - {D6806300-CB63-459B-BDD0-8B371DA48160} URL = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=e262fad2-e768-4ee1-b806-5ba594755ba0&pid=proxtubede&mode=bounce&k=0
SearchScopes: HKCU - {F627E9A5-689A-481E-B0E6-E793CF091D57} URL = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=e262fad2-e768-4ee1-b806-5ba594755ba0&pid=proxtubede&mode=bounce&k=0
SearchScopes: HKCU - {F6DACF4C-0E11-4B70-B67E-A7441D4F9B7C} URL = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=e262fad2-e768-4ee1-b806-5ba594755ba0&pid=proxtubede&mode=bounce&k=0
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} -  No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Herr Krauskopf\AppData\Roaming\Mozilla\Firefox\Profiles\slrflptn.default
FF NewTab: user_pref("browser.newtab.url", "");
FF SelectedSearchEngine: Google
FF Homepage: msn.de
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.6.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.6.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.2 - E:\Programme\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - E:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @real.com/nppl3260;version=15.0.6.14 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.6.14 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.6.14 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=15.0.6.14 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @wolfram.com/Mathematica - C:\Program Files (x86)\Common Files\Wolfram Research\Browser\8.0.1.2063897\npmathplugin.dll (Wolfram Research, Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Herr Krauskopf\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Herr Krauskopf\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll (Amazon.com, Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: DownloadHelper - C:\Users\Herr Krauskopf\AppData\Roaming\Mozilla\Firefox\Profiles\slrflptn.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-01-16]
FF Extension: Adblock Plus - C:\Users\Herr Krauskopf\AppData\Roaming\Mozilla\Firefox\Profiles\slrflptn.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-01-04]
FF HKLM-x32\...\Firefox\Extensions: [{0153E448-190B-4987-BDE1-F256CADA672F}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-09-09]
FF HKCU\...\Firefox\Extensions: [extension@preispilot.com] - C:\Users\Herr Krauskopf\AppData\Roaming\Mozilla\Firefox\Profiles\slrflptn.default\extensions\extension@preispilot.com

Chrome: 
=======
CHR Extension: (Google Docs) - C:\Users\Herr Krauskopf\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-31]
CHR Extension: (Google Drive) - C:\Users\Herr Krauskopf\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-31]
CHR Extension: (YouTube) - C:\Users\Herr Krauskopf\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-31]
CHR Extension: (Google-Suche) - C:\Users\Herr Krauskopf\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-31]
CHR Extension: (TubEItAdBlloCkAp) - C:\Users\Herr Krauskopf\AppData\Local\Google\Chrome\User Data\Default\Extensions\ebpfmmfjnoegkpmjakikhaflocoglidg [2014-01-31]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Herr Krauskopf\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2014-01-31]
CHR Extension: (Google Wallet) - C:\Users\Herr Krauskopf\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-31]
CHR Extension: (Google Mail) - C:\Users\Herr Krauskopf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-31]
CHR HKLM-x32\...\Chrome\Extension: [aakchaleigkohafkfjfjbblobjifikek] - C:\Users\Herr Krauskopf\AppData\LocalLow\proxtube\CHROME\proxtube.crx [2012-04-19]
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-09-09]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-17] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-26] (Avira Operations GmbH & Co. KG)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2010-04-05] ()
S2 976137e5; "C:\Windows\system32\rundll32.exe" "c:\progra~3\webplat\WebPlatSvc.dll",service

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-26] (Avira Operations GmbH & Co. KG)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
R3 XENfiltv; C:\Windows\System32\drivers\XENfiltv.sys [25600 2009-07-31] (Creative Technology Ltd.)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-31 17:38 - 2014-01-31 17:38 - 00000000 ____D C:\FRST
2014-01-31 14:49 - 2014-01-31 14:49 - 00002247 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2014-01-31 12:59 - 2014-01-31 12:59 - 00000000 ____D C:\Program Files (x86)\TubEItAdBlloCkAp
2014-01-31 12:40 - 2014-01-31 13:02 - 00000000 ____D C:\ProgramData\TubEItAdBlloCkAp
2014-01-31 12:40 - 2014-01-31 12:40 - 00000306 __RSH C:\ProgramData\ntuser.pol
2014-01-31 12:40 - 2014-01-31 12:40 - 00000000 ____D C:\ProgramData\ebpfmmfjnoegkpmjakikhaflocoglidg
2014-01-30 14:15 - 2014-01-30 14:15 - 00002002 _____ C:\Users\Herr Krauskopf\Desktop\Entfernen des Avira PC Cleaners.lnk
2014-01-30 14:15 - 2014-01-30 14:15 - 00001946 _____ C:\Users\Herr Krauskopf\Desktop\Avira PC Cleaner.lnk
2014-01-30 14:10 - 2014-01-31 16:39 - 00003364 _____ C:\Windows\System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-876820725-1739964210-3379319205-1000
2014-01-27 08:23 - 2014-01-31 16:39 - 00003248 _____ C:\Windows\System32\Tasks\RealUpgradeLogonTaskS-1-5-21-876820725-1739964210-3379319205-1000
2014-01-26 17:17 - 2014-01-26 17:17 - 00094720 _____ C:\Users\Herr Krauskopf\Desktop\Schalke+Loreley.xls
2014-01-21 01:10 - 2014-01-21 01:10 - 00000000 ____D C:\Users\Herr Krauskopf\AppData\Roaming\IDM
2014-01-15 16:22 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 16:22 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 16:22 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 16:22 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 16:22 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 16:22 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 16:22 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 16:22 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 16:22 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-10 15:36 - 2014-01-10 15:36 - 00000000 ____D C:\Windows\ERUNT
2014-01-10 01:29 - 2014-01-10 01:34 - 00000000 ____D C:\AdwCleaner
2014-01-10 01:01 - 2014-01-10 01:01 - 00000741 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-10 01:01 - 2014-01-10 01:01 - 00000000 ____D C:\Users\Herr Krauskopf\AppData\Roaming\Malwarebytes
2014-01-10 01:01 - 2014-01-10 01:01 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-10 01:01 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-10 00:05 - 2014-01-10 00:06 - 00000000 ____D C:\ProgramData\IObit
2014-01-10 00:05 - 2014-01-10 00:05 - 00000000 ____D C:\Users\Herr Krauskopf\AppData\Roaming\IObit
2014-01-10 00:05 - 2014-01-10 00:05 - 00000000 ____D C:\Program Files (x86)\IObit
2014-01-09 22:37 - 2014-01-09 22:37 - 00000000 _____ C:\autoexec.bat
2014-01-09 22:36 - 2014-01-09 22:36 - 00000000 ____D C:\Program Files\Enigma Software Group
2014-01-09 22:35 - 2014-01-10 00:01 - 00000000 ____D C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP
2014-01-07 00:52 - 2014-01-08 16:38 - 00010822 _____ C:\Users\Herr Krauskopf\Desktop\Pokemon - Gelbe Edition (D)1.sgm
2014-01-06 18:33 - 2014-01-11 21:30 - 00032768 _____ C:\Users\Herr Krauskopf\Desktop\Pokemon - Gelbe Edition (D).sav
2014-01-03 15:03 - 2014-01-31 12:59 - 00000000 ____D C:\ProgramData\73b47cdafd0d1853
2014-01-03 15:03 - 2014-01-09 15:10 - 00000000 ____D C:\ProgramData\BestSaVeeFaorYou
2014-01-03 15:03 - 2014-01-03 15:03 - 00000000 ____D C:\Users\Herr Krauskopf\AppData\Local\Packages
2014-01-03 15:03 - 2014-01-03 15:03 - 00000000 ____D C:\ProgramData\ojhhdeaacmkchebncoepnjbilbcodfdd
2014-01-03 14:43 - 2014-01-31 14:38 - 00000000 ____D C:\ProgramData\WebPlat

==================== One Month Modified Files and Folders =======

2014-01-31 17:38 - 2014-01-31 17:38 - 00000000 ____D C:\FRST
2014-01-31 17:18 - 2012-08-13 14:32 - 00001126 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-31 16:57 - 2012-08-21 13:46 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-31 16:46 - 2009-07-14 05:45 - 00021680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-31 16:46 - 2009-07-14 05:45 - 00021680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-31 16:43 - 2012-08-13 12:25 - 01866753 _____ C:\Windows\WindowsUpdate.log
2014-01-31 16:39 - 2014-01-30 14:10 - 00003364 _____ C:\Windows\System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-876820725-1739964210-3379319205-1000
2014-01-31 16:39 - 2014-01-27 08:23 - 00003248 _____ C:\Windows\System32\Tasks\RealUpgradeLogonTaskS-1-5-21-876820725-1739964210-3379319205-1000
2014-01-31 16:39 - 2013-04-27 15:05 - 00000000 ____D C:\Users\Herr Krauskopf\AppData\Roaming\Dropbox
2014-01-31 16:39 - 2012-08-13 12:54 - 00001156 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-876820725-1739964210-3379319205-1000UA.job
2014-01-31 16:38 - 2012-08-13 14:32 - 00001122 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-31 16:38 - 2010-11-21 04:47 - 00161652 _____ C:\Windows\PFRO.log
2014-01-31 16:38 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-31 16:38 - 2009-07-14 05:51 - 00177123 _____ C:\Windows\setupact.log
2014-01-31 14:49 - 2014-01-31 14:49 - 00002247 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2014-01-31 14:49 - 2012-08-13 14:32 - 00000000 ____D C:\Program Files (x86)\Google
2014-01-31 14:49 - 2012-08-13 12:54 - 00000000 ____D C:\Users\Herr Krauskopf\AppData\Local\Google
2014-01-31 14:38 - 2014-01-03 14:43 - 00000000 ____D C:\ProgramData\WebPlat
2014-01-31 13:02 - 2014-01-31 12:40 - 00000000 ____D C:\ProgramData\TubEItAdBlloCkAp
2014-01-31 12:59 - 2014-01-31 12:59 - 00000000 ____D C:\Program Files (x86)\TubEItAdBlloCkAp
2014-01-31 12:59 - 2014-01-03 15:03 - 00000000 ____D C:\ProgramData\73b47cdafd0d1853
2014-01-31 12:55 - 2012-08-13 14:26 - 00000000 ____D C:\Users\Herr Krauskopf\AppData\Roaming\Skype
2014-01-31 12:42 - 2012-08-13 15:54 - 00000000 ____D C:\Users\Herr Krauskopf\AppData\Local\Windows Live
2014-01-31 12:40 - 2014-01-31 12:40 - 00000306 __RSH C:\ProgramData\ntuser.pol
2014-01-31 12:40 - 2014-01-31 12:40 - 00000000 ____D C:\ProgramData\ebpfmmfjnoegkpmjakikhaflocoglidg
2014-01-31 12:40 - 2009-07-14 04:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2014-01-31 12:40 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2014-01-30 15:02 - 2012-08-13 16:07 - 00000000 ____D C:\Users\Herr Krauskopf\AppData\Roaming\vlc
2014-01-30 14:15 - 2014-01-30 14:15 - 00002002 _____ C:\Users\Herr Krauskopf\Desktop\Entfernen des Avira PC Cleaners.lnk
2014-01-30 14:15 - 2014-01-30 14:15 - 00001946 _____ C:\Users\Herr Krauskopf\Desktop\Avira PC Cleaner.lnk
2014-01-29 22:39 - 2012-08-13 12:54 - 00001104 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-876820725-1739964210-3379319205-1000Core.job
2014-01-28 21:48 - 2012-08-19 17:58 - 00000000 ____D C:\Users\Herr Krauskopf\AppData\Roaming\.minecraft
2014-01-26 17:17 - 2014-01-26 17:17 - 00094720 _____ C:\Users\Herr Krauskopf\Desktop\Schalke+Loreley.xls
2014-01-25 18:01 - 2011-04-12 08:43 - 00696620 _____ C:\Windows\system32\perfh007.dat
2014-01-25 18:01 - 2011-04-12 08:43 - 00147916 _____ C:\Windows\system32\perfc007.dat
2014-01-25 18:01 - 2009-07-14 06:13 - 01612484 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-21 01:10 - 2014-01-21 01:10 - 00000000 ____D C:\Users\Herr Krauskopf\AppData\Roaming\IDM
2014-01-16 23:01 - 2012-08-13 12:35 - 00000000 ___RD C:\Users\Herr Krauskopf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-16 23:00 - 2013-04-27 15:11 - 00001006 _____ C:\Users\Herr Krauskopf\Desktop\Dropbox.lnk
2014-01-16 23:00 - 2013-04-27 15:06 - 00000000 ____D C:\Users\Herr Krauskopf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-01-16 22:52 - 2009-07-14 05:45 - 00476224 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-16 17:28 - 2013-08-15 12:30 - 00000000 ____D C:\Windows\system32\MRT
2014-01-16 17:28 - 2012-10-23 14:31 - 00000000 ____D C:\ProgramData\Microsoft Help
2014-01-16 17:24 - 2012-08-13 15:10 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-11 21:30 - 2014-01-06 18:33 - 00032768 _____ C:\Users\Herr Krauskopf\Desktop\Pokemon - Gelbe Edition (D).sav
2014-01-10 15:36 - 2014-01-10 15:36 - 00000000 ____D C:\Windows\ERUNT
2014-01-10 01:34 - 2014-01-10 01:29 - 00000000 ____D C:\AdwCleaner
2014-01-10 01:10 - 2013-06-15 19:16 - 00000000 ____D C:\ProgramData\InstallMate
2014-01-10 01:01 - 2014-01-10 01:01 - 00000741 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-10 01:01 - 2014-01-10 01:01 - 00000000 ____D C:\Users\Herr Krauskopf\AppData\Roaming\Malwarebytes
2014-01-10 01:01 - 2014-01-10 01:01 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-10 00:06 - 2014-01-10 00:05 - 00000000 ____D C:\ProgramData\IObit
2014-01-10 00:05 - 2014-01-10 00:05 - 00000000 ____D C:\Users\Herr Krauskopf\AppData\Roaming\IObit
2014-01-10 00:05 - 2014-01-10 00:05 - 00000000 ____D C:\Program Files (x86)\IObit
2014-01-10 00:01 - 2014-01-09 22:35 - 00000000 ____D C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP
2014-01-09 22:37 - 2014-01-09 22:37 - 00000000 _____ C:\autoexec.bat
2014-01-09 22:36 - 2014-01-09 22:36 - 00000000 ____D C:\Program Files\Enigma Software Group
2014-01-09 16:43 - 2012-09-03 23:07 - 00000000 ____D C:\ProgramData\CanonIJPLM
2014-01-09 15:10 - 2014-01-03 15:03 - 00000000 ____D C:\ProgramData\BestSaVeeFaorYou
2014-01-08 16:38 - 2014-01-07 00:52 - 00010822 _____ C:\Users\Herr Krauskopf\Desktop\Pokemon - Gelbe Edition (D)1.sgm
2014-01-06 18:33 - 2005-03-13 18:17 - 01048576 _____ C:\Users\Herr Krauskopf\Desktop\Pokemon - Gelbe Edition (D).gb
2014-01-06 18:32 - 2004-05-25 19:47 - 01757264 _____ (None) C:\Users\Herr Krauskopf\Desktop\VisualBoyAdvance.exe
2014-01-03 15:03 - 2014-01-03 15:03 - 00000000 ____D C:\Users\Herr Krauskopf\AppData\Local\Packages
2014-01-03 15:03 - 2014-01-03 15:03 - 00000000 ____D C:\ProgramData\ojhhdeaacmkchebncoepnjbilbcodfdd
2014-01-02 17:37 - 2012-08-13 16:12 - 00000000 ____D C:\Users\Herr Krauskopf\Desktop\ebay

Some content of TEMP:
====================
C:\Users\Herr Krauskopf\AppData\Local\Temp\avgnt.exe
C:\Users\Herr Krauskopf\AppData\Local\Temp\i4jdel0.exe
C:\Users\Herr Krauskopf\AppData\Local\Temp\i4jdel1.exe
C:\Users\Herr Krauskopf\AppData\Local\Temp\i4jdel2.exe
C:\Users\Herr Krauskopf\AppData\Local\Temp\i4jdel3.exe
C:\Users\Herr Krauskopf\AppData\Local\Temp\ose00000.exe
C:\Users\Herr Krauskopf\AppData\Local\Temp\Quarantine.exe
C:\Users\Herr Krauskopf\AppData\Local\Temp\SHSetup.exe
C:\Users\Herr Krauskopf\AppData\Local\Temp\Tsu95C4A552.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-29 15:40

==================== End Of Log ============================
         
--- --- ---



Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-01-2014 01
Ran by Herr Krauskopf at 2014-01-31 17:38:58
Running from D:\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

7-Zip 9.20 (x64 edition) (Version: 9.20.00.0 - Igor Pavlov)
ACD/Labs Software in E:\ChemSketch\ACDFREE12\ (x32 Version: v12.00, FREE - ACD/Labs)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Reader X (10.1.8) - Deutsch (x32 Version: 10.1.8 - Adobe Systems Incorporated)
Amazon MP3-Downloader 1.0.15 (x32 Version: 1.0.15 - Amazon Services LLC)
AMD Accelerated Video Transcoding (Version: 12.5.100.21116 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.937.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.71116.1554 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (x32 Version: 2.1.9 - Apple Inc.)
Apple Mobile Device Support (Version: 5.2.0.6 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
Avira Free Antivirus (x32 Version: 14.0.2.286 - Avira)
Bonjour (Version: 3.0.0.10 - Apple Inc.)
Canon Easy-PhotoPrint EX (x32 Version:  - )
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (x32 Version:  - )
Canon MP Navigator EX 4.0 (x32 Version:  - )
Canon MP280 series Benutzerregistrierung (x32 Version:  - )
Canon MP280 series MP Drivers (Version:  - )
Canon My Printer (x32 Version:  - )
Canon Solution Menu EX (x32 Version:  - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (x32 Version: 2012.1116.1515.27190 - Ihr Firmenname) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.1116.1515.27190 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.1116.1515.27190 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.1116.1515.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.1116.1515.27190 - Advanced Micro Devices, Inc.) Hidden
CDBurnerXP (x32 Version: 4.5.2.4214 - CDBurnerXP)
Core Temp 1.0 RC3 (Version: 1.0 - Alcpu)
CPUID CPU-Z 1.61.3 (Version:  - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Die Siedler IV (x32 Version:  - )
Dropbox (HKCU Version: 2.4.11 - Dropbox, Inc.)
Finale NotePad 2008 (x32 Version: 13.0.0.0 - MakeMusic)
Google Chrome (x32 Version: 32.0.1700.76 - Google Inc.)
Google Earth (x32 Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
GPL Ghostscript (Version: 9.06 - Artifex Software Inc.)
Grand Theft Auto: Episodes from Liberty City (x32 Version: 1.0.0003.135 - Rockstar Games Inc.) Hidden
Grand Theft Auto: Episodes From Liberty City (x32 Version: 1.1.0.0 - Rockstar Games)
GSview 5.0 (Version: 5.0 - Ghostgum Software Pty Ltd)
IrfanView (remove only) (x32 Version: 4.35 - Irfan Skiljan)
iTunes (Version: 10.6.3.25 - Apple Inc.)
Java 7 Update 25 (x32 Version: 7.0.250 - Oracle)
Java 7 Update 6 (64-bit) (Version: 7.0.60 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
Mathematica Extras 8.0 (2063897) (Version: 8.0.1 - Wolfram Research, Inc.)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30320 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30320 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30320 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE (x32 Version: 3.1.186.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Office 2000 Premium (x32 Version: 9.00.2816 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (x32 Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
OpenOffice.org 3.4 (x32 Version: 3.4.9590 - OpenOffice.org)
PDFCreator (x32 Version: 1.5.0 - Frank Heindörfer, Philip Chinery)
Preispilot für Firefox (x32 Version: 2.0 - Preispilot)
QuickTime (x32 Version: 7.71.80.42 - Apple Inc.)
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealPlayer (x32 Version: 15.0.6 - RealNetworks)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Samsung Kies (x32 Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.23.0 - SAMSUNG Electronics Co., Ltd.)
Skype™ 6.11 (x32 Version: 6.11.102 - Skype Technologies S.A.)
TL-WN822N/TL-WN821N Driver (x32 Version: 1.0.0 - TP-LINK)
Update for 2007 Microsoft Office System (KB967642) (x32 Version:  - Microsoft)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition (x32 Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (x32 Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (x32 Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (x32 Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (x32 Version:  - Microsoft)
VLC media player 2.0.2 (Version: 2.0.2 - VideoLAN)
WebPlat (x32 Version:  - WorldLoad)
Widevine Media Optimizer Chrome 6.0.0 (HKCU Version: 6.0.0.12442 - Widevine Technologies)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Wolfram Mathematica 8 for Students (M-WIN-G 8.0.1 2063988) (Version: 8.0.1 - Wolfram Research, Inc.)

==================== Restore Points  =========================


==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {25B05D2C-2532-4112-A369-1C5F1F457246} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-876820725-1739964210-3379319205-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-07-27] (RealNetworks, Inc.)
Task: {6DBD2693-2D09-45C1-AEB0-C758D5ACAAC3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11] (Adobe Systems Incorporated)
Task: {8A455094-6568-4220-A4CE-E16AD87140C9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-13] (Google Inc.)
Task: {9C2BB272-C57E-4C4F-87EC-961CEBD32DBA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-13] (Google Inc.)
Task: {AE0C1211-1B7A-4B88-9A15-87B4E8ED8A51} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-876820725-1739964210-3379319205-1000UA => C:\Users\Herr Krauskopf\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-13] (Google Inc.)
Task: {B18C61E8-22FA-4B09-A393-DF974C46C7C8} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-876820725-1739964210-3379319205-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-07-27] (RealNetworks, Inc.)
Task: {DA65884D-ED81-4A7D-9093-1FCB36E769FA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-876820725-1739964210-3379319205-1000Core => C:\Users\Herr Krauskopf\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-13] (Google Inc.)
Task: {F24ECBAC-C3C3-4BE5-804B-1D3CFDBB46CB} - \SpyHunter4Startup No Task File
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-876820725-1739964210-3379319205-1000Core.job => C:\Users\Herr Krauskopf\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-876820725-1739964210-3379319205-1000UA.job => C:\Users\Herr Krauskopf\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-11-16 15:09 - 2012-11-16 15:09 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2013-03-20 11:56 - 2013-03-20 11:52 - 00397704 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2013-10-19 00:55 - 2013-10-19 00:55 - 25100288 _____ () C:\Users\Herr Krauskopf\AppData\Roaming\Dropbox\bin\libcef.dll
2012-05-30 19:06 - 2012-05-30 19:06 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-05-30 19:06 - 2012-05-30 19:06 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-12-20 22:35 - 2013-12-20 22:35 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============

Name: EyeToy USB camera Namtai
Description: EyeToy USB camera Namtai
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/31/2014 04:40:30 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/31/2014 02:40:31 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/31/2014 01:04:50 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/31/2014 00:58:21 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/31/2014 00:34:31 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/30/2014 02:11:56 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/29/2014 01:13:49 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/28/2014 04:19:48 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3478136

Error: (01/28/2014 04:19:48 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3478136

Error: (01/28/2014 04:19:48 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (01/31/2014 04:39:18 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst WebPlat erreicht.

Error: (01/31/2014 02:45:30 PM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (01/31/2014 02:40:18 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst WebPlat erreicht.

Error: (01/31/2014 02:39:44 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.

Error: (01/31/2014 02:39:44 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.

Error: (01/31/2014 02:39:44 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.

Error: (01/31/2014 02:39:44 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.

Error: (01/31/2014 01:01:43 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (01/31/2014 01:00:48 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (01/31/2014 01:00:45 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068


Microsoft Office Sessions:
=========================
Error: (10/23/2012 03:05:07 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 655 seconds with 420 seconds of active time.  This session ended with a crash.


==================== Memory info =========================== 

Percentage of memory in use: 38%
Total physical RAM: 4095.05 MB
Available physical RAM: 2529.93 MB
Total Pagefile: 7293.23 MB
Available Pagefile: 5161.98 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:43.95 GB) (Free:5.2 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Eigene Dateien) (Fixed) (Total:97.65 GB) (Free:38.99 GB) NTFS
Drive e: (Daten) (Fixed) (Total:324.15 GB) (Free:217.91 GB) NTFS
Drive f: (GTA IV Disc 1) (CDROM) (Total:7.03 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: D8D0D8D0)
Partition 1: (Active) - (Size=44 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=422 GB) - (Type=OF Extended)

==================== End Of Log ============================
         
__________________

Alt 01.02.2014, 10:28   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Add-on Namens TubEItAdBlloCkAp geht nicht weg - Standard

Add-on Namens TubEItAdBlloCkAp geht nicht weg



Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!
Downloade dir bitte Combofix vom folgenden Downloadspiegel

Link 1


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 01.02.2014, 11:14   #5
boust
 
Add-on Namens TubEItAdBlloCkAp geht nicht weg - Standard

Add-on Namens TubEItAdBlloCkAp geht nicht weg



Hi,

hier ist die Logfile:

Code:
ATTFilter
ComboFix 14-02-01.01 - Herr Krauskopf 01.02.2014  11:42:12.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.4095.2675 [GMT 1:00]
ausgeführt von:: c:\users\Herr Krauskopf\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Herr Krauskopf\AppData\Roaming\Ewis
c:\users\Herr Krauskopf\AppData\Roaming\Ewis\amta.qao
c:\windows\IsUn0407.exe
c:\windows\security\Database\tmp.edb
E:\install.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-01-01 bis 2014-02-01  ))))))))))))))))))))))))))))))
.
.
2014-02-01 10:52 . 2014-02-01 10:52	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-02-01 10:50 . 2014-02-01 10:50	75888	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{470533A2-EA13-4A4F-BE83-F9AB0E21A873}\offreg.dll
2014-01-31 16:38 . 2014-01-31 16:39	--------	d-----w-	C:\FRST
2014-01-31 11:59 . 2014-01-31 11:59	--------	d-----w-	c:\program files (x86)\TubEItAdBlloCkAp
2014-01-31 11:40 . 2014-01-31 12:02	--------	d-----w-	c:\programdata\TubEItAdBlloCkAp
2014-01-31 11:40 . 2014-01-31 11:40	--------	d-----w-	c:\programdata\ebpfmmfjnoegkpmjakikhaflocoglidg
2014-01-31 11:39 . 2013-12-04 03:28	10315576	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{470533A2-EA13-4A4F-BE83-F9AB0E21A873}\mpengine.dll
2014-01-21 00:10 . 2014-01-21 00:10	--------	d-----w-	c:\users\Herr Krauskopf\AppData\Roaming\IDM
2014-01-15 15:22 . 2013-11-27 01:41	343040	----a-w-	c:\windows\system32\drivers\usbhub.sys
2014-01-15 15:22 . 2013-11-27 01:41	99840	----a-w-	c:\windows\system32\drivers\usbccgp.sys
2014-01-15 15:22 . 2013-11-27 01:41	53248	----a-w-	c:\windows\system32\drivers\usbehci.sys
2014-01-15 15:22 . 2013-11-27 01:41	325120	----a-w-	c:\windows\system32\drivers\usbport.sys
2014-01-15 15:22 . 2013-11-27 01:41	25600	----a-w-	c:\windows\system32\drivers\usbohci.sys
2014-01-15 15:22 . 2013-11-27 01:41	30720	----a-w-	c:\windows\system32\drivers\usbuhci.sys
2014-01-15 15:22 . 2013-11-27 01:41	7808	----a-w-	c:\windows\system32\drivers\usbd.sys
2014-01-15 15:22 . 2013-11-26 11:40	376768	----a-w-	c:\windows\system32\drivers\netio.sys
2014-01-15 15:22 . 2013-11-26 10:32	3156480	----a-w-	c:\windows\system32\win32k.sys
2014-01-10 14:36 . 2014-01-10 14:36	--------	d-----w-	c:\windows\ERUNT
2014-01-10 00:29 . 2014-01-10 00:34	--------	d-----w-	C:\AdwCleaner
2014-01-10 00:01 . 2014-01-10 00:01	--------	d-----w-	c:\users\Herr Krauskopf\AppData\Roaming\Malwarebytes
2014-01-10 00:01 . 2014-01-10 00:01	--------	d-----w-	c:\programdata\Malwarebytes
2014-01-10 00:01 . 2013-04-04 13:50	25928	----a-w-	c:\windows\system32\drivers\mbam.sys
2014-01-09 23:05 . 2014-01-09 23:06	--------	d-----w-	c:\programdata\IObit
2014-01-09 23:05 . 2014-01-09 23:05	--------	d-----w-	c:\users\Herr Krauskopf\AppData\Roaming\IObit
2014-01-09 23:05 . 2014-01-09 23:05	--------	d-----w-	c:\program files (x86)\IObit
2014-01-09 21:36 . 2014-01-09 21:36	--------	d-----w-	c:\program files\Enigma Software Group
2014-01-09 21:35 . 2014-01-09 23:01	--------	d-----w-	c:\windows\72AAF4551E54475BB0AB5413C78D0E63.TMP
2014-01-09 21:35 . 2014-01-09 23:17	--------	d-----w-	c:\program files (x86)\Common Files\Wise Installation Wizard
2014-01-03 14:03 . 2014-01-09 14:10	--------	d-----w-	c:\programdata\BestSaVeeFaorYou
2014-01-03 14:03 . 2014-01-03 14:03	--------	d-----w-	c:\programdata\ojhhdeaacmkchebncoepnjbilbcodfdd
2014-01-03 14:03 . 2014-01-03 14:03	--------	d-----w-	c:\users\Herr Krauskopf\AppData\Local\Packages
2014-01-03 14:03 . 2014-01-31 11:59	--------	d-----w-	c:\programdata\73b47cdafd0d1853
2014-01-03 13:43 . 2014-01-31 13:38	--------	d-----w-	c:\programdata\WebPlat
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   )))))))))))))))))))))))))))))))))))))))))))))))))))))) 
.
2014-01-16 16:24 . 2012-08-13 14:10	86054176	----a-w-	c:\windows\system32\MRT.exe
2013-12-26 12:38 . 2013-12-26 12:38	7123640	----a-w-	C:\fdminst.exe
2013-12-18 05:13 . 2010-11-21 03:27	270496	------w-	c:\windows\system32\MpSigStub.exe
2013-12-17 12:36 . 2013-05-07 08:57	84720	----a-w-	c:\windows\system32\drivers\avnetflt.sys
2013-12-17 12:36 . 2013-03-20 10:56	131576	----a-w-	c:\windows\system32\drivers\avipbb.sys
2013-12-17 12:36 . 2013-03-20 10:56	108440	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2013-12-11 18:57 . 2012-08-13 12:03	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-11 18:57 . 2012-08-13 12:03	692616	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-11-26 13:32 . 2013-03-20 10:56	28600	----a-w-	c:\windows\system32\drivers\avkmgr.sys
2013-11-26 11:54 . 2013-12-12 22:13	23183360	----a-w-	c:\windows\system32\mshtml.dll
2013-11-26 10:19 . 2013-12-12 22:14	2724864	----a-w-	c:\windows\system32\mshtml.tlb
2013-11-26 10:18 . 2013-12-12 22:13	4096	----a-w-	c:\windows\system32\ieetwcollectorres.dll
2013-11-26 09:48 . 2013-12-12 22:13	66048	----a-w-	c:\windows\system32\iesetup.dll
2013-11-26 09:46 . 2013-12-12 22:13	48640	----a-w-	c:\windows\system32\ieetwproxystub.dll
2013-11-26 09:41 . 2013-12-12 22:13	2764288	----a-w-	c:\windows\system32\iertutil.dll
2013-11-26 09:29 . 2013-12-12 22:13	53760	----a-w-	c:\windows\system32\jsproxy.dll
2013-11-26 09:27 . 2013-12-12 22:13	33792	----a-w-	c:\windows\system32\iernonce.dll
2013-11-26 09:23 . 2013-12-12 22:14	2724864	----a-w-	c:\windows\SysWow64\mshtml.tlb
2013-11-26 09:21 . 2013-12-12 22:13	574976	----a-w-	c:\windows\system32\ieui.dll
2013-11-26 09:18 . 2013-12-12 22:13	139264	----a-w-	c:\windows\system32\ieUnatt.exe
2013-11-26 09:18 . 2013-12-12 22:13	111616	----a-w-	c:\windows\system32\ieetwcollector.exe
2013-11-26 09:16 . 2013-12-12 22:13	708608	----a-w-	c:\windows\system32\jscript9diag.dll
2013-11-26 08:57 . 2013-12-12 22:13	218624	----a-w-	c:\windows\system32\ie4uinit.exe
2013-11-26 08:35 . 2013-12-12 22:13	5769216	----a-w-	c:\windows\system32\jscript9.dll
2013-11-26 08:28 . 2013-12-12 22:13	553472	----a-w-	c:\windows\SysWow64\jscript9diag.dll
2013-11-26 08:16 . 2013-12-12 22:13	4243968	----a-w-	c:\windows\SysWow64\jscript9.dll
2013-11-26 08:02 . 2013-12-12 22:13	1995264	----a-w-	c:\windows\system32\inetcpl.cpl
2013-11-26 07:48 . 2013-12-12 22:13	12996608	----a-w-	c:\windows\system32\ieframe.dll
2013-11-26 07:32 . 2013-12-12 22:13	1928192	----a-w-	c:\windows\SysWow64\inetcpl.cpl
2013-11-26 07:07 . 2013-12-12 22:13	2334208	----a-w-	c:\windows\system32\wininet.dll
2013-11-26 06:40 . 2013-12-12 22:13	1395200	----a-w-	c:\windows\system32\urlmon.dll
2013-11-26 06:34 . 2013-12-12 22:13	817664	----a-w-	c:\windows\system32\ieapfltr.dll
2013-11-26 06:33 . 2013-12-12 22:13	1820160	----a-w-	c:\windows\SysWow64\wininet.dll
2013-11-23 18:26 . 2013-12-11 16:03	417792	----a-w-	c:\windows\SysWow64\WMPhoto.dll
2013-11-23 17:47 . 2013-12-11 16:03	465920	----a-w-	c:\windows\system32\WMPhoto.dll
2013-11-20 12:03 . 2013-11-20 12:03	940032	----a-w-	c:\windows\system32\MsSpellCheckingFacility.exe
2013-11-20 12:03 . 2013-11-20 12:03	194048	----a-w-	c:\windows\SysWow64\elshyph.dll
2013-11-20 12:03 . 2013-11-20 12:03	71680	----a-w-	c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-11-20 12:03 . 2013-11-20 12:03	645120	----a-w-	c:\windows\SysWow64\jsIntl.dll
2013-11-20 12:03 . 2013-11-20 12:03	235008	----a-w-	c:\windows\system32\elshyph.dll
2013-11-20 12:03 . 2013-11-20 12:03	182272	----a-w-	c:\windows\SysWow64\msls31.dll
2013-11-20 12:03 . 2013-11-20 12:03	62464	----a-w-	c:\windows\SysWow64\tdc.ocx
2013-11-20 12:03 . 2013-11-20 12:03	61952	----a-w-	c:\windows\SysWow64\iesetup.dll
2013-11-20 12:03 . 2013-11-20 12:03	34816	----a-w-	c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2013-11-20 12:03 . 2013-11-20 12:03	337408	----a-w-	c:\windows\SysWow64\html.iec
2013-11-20 12:03 . 2013-11-20 12:03	24576	----a-w-	c:\windows\SysWow64\licmgr10.dll
2013-11-20 12:03 . 2013-11-20 12:03	942592	----a-w-	c:\windows\system32\jsIntl.dll
2013-11-20 12:03 . 2013-11-20 12:03	86016	----a-w-	c:\windows\SysWow64\iesysprep.dll
2013-11-20 12:03 . 2013-11-20 12:03	86016	----a-w-	c:\windows\system32\RegisterIEPKEYs.exe
2013-11-20 12:03 . 2013-11-20 12:03	74240	----a-w-	c:\windows\SysWow64\SetIEInstalledDate.exe
2013-11-20 12:03 . 2013-11-20 12:03	61952	----a-w-	c:\windows\SysWow64\MshtmlDac.dll
2013-11-20 12:03 . 2013-11-20 12:03	51200	----a-w-	c:\windows\SysWow64\ieetwproxystub.dll
2013-11-20 12:03 . 2013-11-20 12:03	48640	----a-w-	c:\windows\SysWow64\mshtmler.dll
2013-11-20 12:03 . 2013-11-20 12:03	454656	----a-w-	c:\windows\SysWow64\vbscript.dll
2013-11-20 12:03 . 2013-11-20 12:03	36352	----a-w-	c:\windows\SysWow64\imgutil.dll
2013-11-20 12:03 . 2013-11-20 12:03	151552	----a-w-	c:\windows\SysWow64\iexpress.exe
2013-11-20 12:03 . 2013-11-20 12:03	139264	----a-w-	c:\windows\SysWow64\wextract.exe
2013-11-20 12:03 . 2013-11-20 12:03	13312	----a-w-	c:\windows\SysWow64\mshta.exe
2013-11-20 12:03 . 2013-11-20 12:03	112128	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2013-11-20 12:03 . 2013-11-20 12:03	111616	----a-w-	c:\windows\SysWow64\IEAdvpack.dll
2013-11-20 12:03 . 2013-11-20 12:03	1051136	----a-w-	c:\windows\SysWow64\mshtmlmedia.dll
2013-11-20 12:03 . 2013-11-20 12:03	90112	----a-w-	c:\windows\system32\SetIEInstalledDate.exe
2013-11-20 12:03 . 2013-11-20 12:03	81408	----a-w-	c:\windows\system32\icardie.dll
2013-11-20 12:03 . 2013-11-20 12:03	77312	----a-w-	c:\windows\system32\tdc.ocx
2013-11-20 12:03 . 2013-11-20 12:03	616104	----a-w-	c:\windows\system32\ieapfltr.dat
2013-11-20 12:03 . 2013-11-20 12:03	52224	----a-w-	c:\windows\system32\msfeedsbs.dll
2013-11-20 12:03 . 2013-11-20 12:03	48640	----a-w-	c:\windows\system32\mshtmler.dll
2013-11-20 12:03 . 2013-11-20 12:03	453120	----a-w-	c:\windows\system32\dxtmsft.dll
2013-11-20 12:03 . 2013-11-20 12:03	413696	----a-w-	c:\windows\system32\html.iec
2013-11-20 12:03 . 2013-11-20 12:03	40448	----a-w-	c:\windows\system32\JavaScriptCollectionAgent.dll
2013-11-20 12:03 . 2013-11-20 12:03	296960	----a-w-	c:\windows\system32\dxtrans.dll
2013-11-20 12:03 . 2013-11-20 12:03	247808	----a-w-	c:\windows\system32\msls31.dll
2013-11-20 12:03 . 2013-11-20 12:03	195584	----a-w-	c:\windows\system32\msrating.dll
2013-11-20 12:03 . 2013-11-20 12:03	13312	----a-w-	c:\windows\system32\msfeedssync.exe
2013-11-20 12:03 . 2013-11-20 12:03	131072	----a-w-	c:\windows\system32\IEAdvpack.dll
2013-11-20 12:03 . 2013-11-20 12:03	105984	----a-w-	c:\windows\system32\iesysprep.dll
2013-11-20 12:03 . 2013-11-20 12:03	84992	----a-w-	c:\windows\system32\mshtmled.dll
2013-11-20 12:03 . 2013-11-20 12:03	83968	----a-w-	c:\windows\system32\MshtmlDac.dll
2013-11-20 12:03 . 2013-11-20 12:03	774144	----a-w-	c:\windows\system32\jscript.dll
2013-11-20 12:03 . 2013-11-20 12:03	626176	----a-w-	c:\windows\system32\msfeeds.dll
2013-11-20 12:03 . 2013-11-20 12:03	62464	----a-w-	c:\windows\system32\pngfilt.dll
2013-11-20 12:03 . 2013-11-20 12:03	548352	----a-w-	c:\windows\system32\vbscript.dll
2013-11-20 12:03 . 2013-11-20 12:03	48128	----a-w-	c:\windows\system32\imgutil.dll
2013-11-20 12:03 . 2013-11-20 12:03	30208	----a-w-	c:\windows\system32\licmgr10.dll
2013-11-20 12:03 . 2013-11-20 12:03	263376	----a-w-	c:\windows\system32\iedkcs32.dll
2013-11-20 12:03 . 2013-11-20 12:03	243200	----a-w-	c:\windows\system32\webcheck.dll
2013-11-20 12:03 . 2013-11-20 12:03	235520	----a-w-	c:\windows\system32\url.dll
2013-11-20 12:03 . 2013-11-20 12:03	167424	----a-w-	c:\windows\system32\iexpress.exe
2013-11-20 12:03 . 2013-11-20 12:03	147968	----a-w-	c:\windows\system32\occache.dll
2013-11-20 12:03 . 2013-11-20 12:03	143872	----a-w-	c:\windows\system32\wextract.exe
2013-11-20 12:03 . 2013-11-20 12:03	13824	----a-w-	c:\windows\system32\mshta.exe
2013-11-20 12:03 . 2013-11-20 12:03	135680	----a-w-	c:\windows\system32\iepeers.dll
2013-11-20 12:03 . 2013-11-20 12:03	1228800	----a-w-	c:\windows\system32\mshtmlmedia.dll
2013-11-20 12:03 . 2013-11-20 12:03	101376	----a-w-	c:\windows\system32\inseng.dll
2013-11-12 02:23 . 2013-12-11 16:03	2048	----a-w-	c:\windows\system32\tzres.dll
2013-11-12 02:07 . 2013-12-11 16:03	2048	----a-w-	c:\windows\SysWow64\tzres.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	131248	----a-w-	c:\users\Herr Krauskopf\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	131248	----a-w-	c:\users\Herr Krauskopf\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	131248	----a-w-	c:\users\Herr Krauskopf\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"KiesPreload"="c:\program files (x86)\Samsung\Kies\Kies.exe" [2013-04-23 1561968]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 59280]
"iTunesHelper"="e:\programme\iTunes\iTunesHelper.exe" [2012-06-07 421776]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"CanonSolutionMenuEx"="c:\program files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE" [2010-04-02 1185112]
"TkBellExe"="c:\program files (x86)\Real\RealPlayer\Update\realsched.exe" [2012-09-09 296096]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-11-16 641704]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-12-17 684600]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2013-04-23 311152]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
.
c:\users\Herr Krauskopf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Herr Krauskopf\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-1-3 30714328]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Microsoft Office.lnk - c:\program files (x86)\Microsoft Office\Office\OSA9.EXE -b -l [1999-2-17 65588]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 976137e5;WebPlat;c:\windows\system32\rundll32.exe;c:\windows\SYSNATIVE\rundll32.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys;c:\windows\SYSNATIVE\Drivers\ssadadb.sys [x]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 netr7364;RT73 USB-Drahtlos-LAN-Kartentreiber für Vista;c:\windows\system32\DRIVERS\netr7364.sys;c:\windows\SYSNATIVE\DRIVERS\netr7364.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S3 athur;Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athurx.sys;c:\windows\SYSNATIVE\DRIVERS\athurx.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 XENfiltv;XENfiltv;c:\windows\system32\drivers\XENfiltv.sys;c:\windows\SYSNATIVE\drivers\XENfiltv.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-01-31 13:49	1211672	----a-w-	c:\program files (x86)\Google\Chrome\Application\32.0.1700.76\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-02-01 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-13 18:57]
.
2014-02-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-13 13:32]
.
2014-01-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-13 13:32]
.
2014-01-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-876820725-1739964210-3379319205-1000Core.job
- c:\users\Herr Krauskopf\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-13 11:54]
.
2014-02-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-876820725-1739964210-3379319205-1000UA.job
- c:\users\Herr Krauskopf\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-13 11:54]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	164016	----a-w-	c:\users\Herr Krauskopf\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	164016	----a-w-	c:\users\Herr Krauskopf\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	164016	----a-w-	c:\users\Herr Krauskopf\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	164016	----a-w-	c:\users\Herr Krauskopf\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-06-11 12503184]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2010-03-25 2726728]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Herr Krauskopf\AppData\Roaming\Mozilla\Firefox\Profiles\slrflptn.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - msn.de
FF - prefs.js: network.proxy.type - 2
FF - ExtSQL: !HIDDEN! 2013-01-28 18:26; firejump@firejump.net; c:\users\Herr Krauskopf\AppData\Roaming\Mozilla\Firefox\Profiles\slrflptn.default\extensions\firejump@firejump.net
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-Okqiamdyu - c:\users\Herr Krauskopf\AppData\Roaming\Elhoac\miyg.exe
Wow6432Node-HKCU-Run-KiesAirMessage - c:\program files (x86)\Samsung\Kies\KiesAirMessage.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM-Run-Ocs_SM - c:\users\Herr Krauskopf\AppData\Roaming\OCS\SM\SearchAnonymizer.exe
AddRemove-FileKiddo Download Manager_is1 - c:\program files (x86)\FileKiddo Download Manager\uninstall.exe
AddRemove-S4Uninst - c:\windows\IsUn0407.exe
AddRemove-{5F189DF5-2D05-472B-9091-84D9848AE48B}{976137e5} - c:\progra~3\WebPlat\WebPlat.dll
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000\Software\SecuROM\License information*]
"datasecu"=hex:d5,1f,d1,dc,b1,50,d9,6d,80,78,97,1c,06,e5,13,30,96,f4,d1,ca,8e,
   c0,bb,bc,52,b5,8e,f8,62,7d,ab,63,fd,32,e6,73,5a,fb,d7,5f,27,22,ed,de,0d,e1,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}]
@DACL=(02 0000)
@="Java Plug-in 10.6.2"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.0_03"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.0_04"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.0_05"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_01"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_01"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_02"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_02"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_03"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_03"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_04"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_04"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_05"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_05"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_06"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_06"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_07"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_07"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_08"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_08"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_09"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_09"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_10"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_10"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_11"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_11"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_12"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_12"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_13"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_13"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_14"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_14"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_15"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_15"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_16"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_16"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_17"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_17"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_18"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_18"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_19"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_19"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_20"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_20"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_21"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_21"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_01"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_01"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_02"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_02"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_03"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_03"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_04"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_04"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_01"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_01"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_02"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_02"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_03"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_03"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_04"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_04"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_05"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_05"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_06"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_06"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_07"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_07"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_01"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_01"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_02"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_02"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_03"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_03"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_04"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_04"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_05"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_05"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_06"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_06"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_07"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_07"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_08"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_08"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_09"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_09"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_10"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_10"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_11"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_11"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_12"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_12"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_13"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_13"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_14"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_14"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_15"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_15"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_16"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_16"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_17"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_17"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_18"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_18"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_19"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_19"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_20"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_20"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_21"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_21"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_22"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_22"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_23"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_23"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_24"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_24"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_25"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_25"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_26"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_26"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_27"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_27"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_28"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_28"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_29"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_29"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_30"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_30"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_31"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_31"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0032-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_32"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0032-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_32"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0033-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_33"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0033-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_33"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_34"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_34"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0035-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_35"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0035-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_35"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0036-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_36"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0036-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_36"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0037-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_37"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0037-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_37"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0038-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_38"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0038-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_38"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0014-0002-FFFF-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_01"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_01"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_01"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_02"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_02"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_02"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_03"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_03"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_03"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_04"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_04"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_04"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_05"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_05"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_05"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_06"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_06"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_06"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_07"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_07"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_07"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_08"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_08"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_08"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_09"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_09"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_09"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_10"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_10"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_10"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_11"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_11"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_11"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_12"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_12"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_12"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_13"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_13"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_13"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_14"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_14"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_14"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_15"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_15"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_15"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_16"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_16"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_16"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_17"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_17"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_17"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_18"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_18"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_18"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_19"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_19"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_19"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_20"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_20"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_20"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_21"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_21"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_21"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_22"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_22"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_22"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_23"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_23"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_23"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_24"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_24"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_24"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_25"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_25"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_25"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_26"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_26"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_26"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_27"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_27"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_27"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_28"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_28"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_28"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_29"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_29"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_29"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_30"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_30"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_30"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_31"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_31"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_31"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_32"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_32"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_32"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_33"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_33"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_33"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_34"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_34"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_34"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_35"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_35"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_35"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_36"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_36"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_36"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0015-0000-FFFF-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_01"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_01"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_01"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_02"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_02"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_02"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_03"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_03"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_03"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_04"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_04"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_04"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_05"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_05"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_05"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_06"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_06"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_06"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_07"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_07"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_07"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_08"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_08"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_08"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_09"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_09"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_09"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_10"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_10"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_10"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_11"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_11"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_11"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_12"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_12"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_12"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_13"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_13"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_13"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_14"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_14"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_14"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_15"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_15"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_15"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_16"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_16"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_16"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_17"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_17"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_17"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_18"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_18"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_18"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_19"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_19"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_19"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_20"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_20"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_20"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_21"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_21"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_21"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_22"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_22"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_22"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_23"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_23"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_23"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_24"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_24"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_24"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_25"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_25"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_25"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_26"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_26"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_26"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_27"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_27"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_27"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_28"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_28"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_28"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_29"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_29"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_29"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_30"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_30"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_30"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_31"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_31"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_31"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_32"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_32"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_32"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_33"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_33"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_33"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0016-0000-FFFF-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_01"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_01"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_01"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_02"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_02"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_02"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_03"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_03"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_03"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_04"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_04"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_04"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_05"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_05"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_05"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_06"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_06"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_06"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-0017-0000-FFFF-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 10.6.2"
.
[HKEY_USERS\S-1-5-21-876820725-1739964210-3379319205-1000_Classes\CLSID\{E19F9331-3110-11D4-991C-005004D3B3DB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.0_02"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-02-01  12:06:10
ComboFix-quarantined-files.txt  2014-02-01 11:06
.
Vor Suchlauf: 4.718.743.552 Bytes frei
Nach Suchlauf: 6.517.956.608 Bytes frei
.
- - End Of File - - 3B4FD5913CDD20AD9C0FEE316C7B4210
A36C5E4F47E84449FF07ED3517B43A31
         


Alt 02.02.2014, 05:36   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Add-on Namens TubEItAdBlloCkAp geht nicht weg - Standard

Add-on Namens TubEItAdBlloCkAp geht nicht weg



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
--> Add-on Namens TubEItAdBlloCkAp geht nicht weg

Alt 02.02.2014, 12:17   #7
boust
 
Add-on Namens TubEItAdBlloCkAp geht nicht weg - Standard

Add-on Namens TubEItAdBlloCkAp geht nicht weg



Hi,

hier die gewünschten logfiles in der genannten Reihenfolge:
Malwarebytes
Adwcleaner
JRT
FRST

Code:
ATTFilter
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.02.02.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Herr Krauskopf :: HACKFLEISCH [Administrator]

02.02.2014 11:29:30
mbam-log-2014-02-02 (11-29-30).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 476523
Laufzeit: 1 Stunde(n), 6 Minute(n), 25 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
         
Code:
ATTFilter
# AdwCleaner v3.018 - Bericht erstellt am 02/02/2014 um 12:56:21
# Updated 28/01/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Herr Krauskopf - HACKFLEISCH
# Gestartet von : D:\Downloads\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Datei Gelöscht : C:\Users\Herr Krauskopf\AppData\Roaming\Mozilla\Firefox\Profiles\slrflptn.default\foxydeal.sqlite

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v26.0 (de)

[ Datei : C:\Users\Herr Krauskopf\AppData\Roaming\Mozilla\Firefox\Profiles\slrflptn.default\prefs.js ]


-\\ Google Chrome v32.0.1700.76

[ Datei : C:\Users\Herr Krauskopf\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [11958 octets] - [10/01/2014 01:29:46]
AdwCleaner[R1].txt - [1466 octets] - [02/02/2014 12:54:47]
AdwCleaner[S0].txt - [11546 octets] - [10/01/2014 01:34:34]
AdwCleaner[S1].txt - [1383 octets] - [02/02/2014 12:56:21]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1443 octets] ##########
         
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 7 Home Premium x64
Ran by Herr Krauskopf on 02.02.2014 at 12:59:46,76
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\Herr Krauskopf\AppData\Roaming\mozilla\firefox\profiles\slrflptn.default\minidumps [185 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 02.02.2014 at 13:06:10,73
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-02-2014 04
Ran by Herr Krauskopf (administrator) on HACKFLEISCH on 02-02-2014 13:12:27
Running from D:\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Dropbox, Inc.) C:\Users\Herr Krauskopf\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Apple Inc.) E:\Programme\iTunes\iTunesHelper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2726728 2010-03-25] (CANON INC.)
HKLM\...\Run: [Ocs_SM] - C:\Users\Herr Krauskopf\AppData\Roaming\OCS\SM\SearchAnonymizer.exe
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-05-30] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - E:\Programme\iTunes\iTunesHelper.exe [421776 2012-06-07] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CanonSolutionMenuEx] - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1185112 2010-04-02] (CANON INC.)
HKLM-x32\...\Run: [TkBellExe] - C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [296096 2012-09-09] (RealNetworks, Inc.)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [641704 2012-11-16] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AMD AVT] - C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [20992 2012-03-19] ()
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-17] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-04-23] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.)
HKU\S-1-5-21-876820725-1739964210-3379319205-1000\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe [1561968 2013-04-23] (Samsung)
Startup: C:\Users\Herr Krauskopf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Herr Krauskopf\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xD162AA7C4979CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {042590A8-7896-4234-8AD2-8DB0071D4FF3} URL = hxxp://www.google.com.anonymize-me.de/?anonymto=687474703A2F2F7777772E676F6F676C652E636F6D2F7365617263683F713D7B7365617263685465726D737D26616D703B736F7572636569643D69653726616D703B726C733D636F6D2E6D6963726F736F66743A7B6C616E67756167657D3A7B72656665727265723A736F757263657D26616D703B69653D7B696E707574456E636F64696E673F7D266F653D7B6F7574707574456E636F64696E673F7D&st={searchTerms}&clid=e262fad2-e768-4ee1-b806-5ba594755ba0&pid=proxtubede&k=0
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com.anonymize-me.de/?anonymto=687474703A2F2F7777772E62696E672E636F6D2F7365617263683F713D7B7365617263685465726D737D267372633D49452D536561726368426F7826464F524D3D494538535243&st={searchTerms}&clid=e262fad2-e768-4ee1-b806-5ba594755ba0&pid=proxtubede&k=0
SearchScopes: HKCU - {44716333-68D4-426A-AC6D-D3DAA56B060E} URL = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=e262fad2-e768-4ee1-b806-5ba594755ba0&pid=proxtubede&mode=bounce&k=0
SearchScopes: HKCU - {57484F9A-4DC1-470F-BCE4-1FE5E63860F1} URL = hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=e262fad2-e768-4ee1-b806-5ba594755ba0&pid=proxtubede&mode=bounce&k=0
SearchScopes: HKCU - {C83A4055-125A-4575-B97A-18CEC1E4483A} URL = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=e262fad2-e768-4ee1-b806-5ba594755ba0&pid=proxtubede&mode=bounce&k=0
SearchScopes: HKCU - {D6806300-CB63-459B-BDD0-8B371DA48160} URL = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=e262fad2-e768-4ee1-b806-5ba594755ba0&pid=proxtubede&mode=bounce&k=0
SearchScopes: HKCU - {F627E9A5-689A-481E-B0E6-E793CF091D57} URL = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=e262fad2-e768-4ee1-b806-5ba594755ba0&pid=proxtubede&mode=bounce&k=0
SearchScopes: HKCU - {F6DACF4C-0E11-4B70-B67E-A7441D4F9B7C} URL = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=e262fad2-e768-4ee1-b806-5ba594755ba0&pid=proxtubede&mode=bounce&k=0
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} -  No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Herr Krauskopf\AppData\Roaming\Mozilla\Firefox\Profiles\slrflptn.default
FF NewTab: user_pref("browser.newtab.url", "");
FF SelectedSearchEngine: Google
FF Homepage: msn.de
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.6.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.6.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.2 - E:\Programme\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - E:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @real.com/nppl3260;version=15.0.6.14 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.6.14 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.6.14 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=15.0.6.14 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @wolfram.com/Mathematica - C:\Program Files (x86)\Common Files\Wolfram Research\Browser\8.0.1.2063897\npmathplugin.dll (Wolfram Research, Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Herr Krauskopf\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Herr Krauskopf\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll (Amazon.com, Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: DownloadHelper - C:\Users\Herr Krauskopf\AppData\Roaming\Mozilla\Firefox\Profiles\slrflptn.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-01-16]
FF Extension: Adblock Plus - C:\Users\Herr Krauskopf\AppData\Roaming\Mozilla\Firefox\Profiles\slrflptn.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-01-04]
FF HKLM-x32\...\Firefox\Extensions: [{0153E448-190B-4987-BDE1-F256CADA672F}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-09-09]
FF HKCU\...\Firefox\Extensions: [extension@preispilot.com] - C:\Users\Herr Krauskopf\AppData\Roaming\Mozilla\Firefox\Profiles\slrflptn.default\extensions\extension@preispilot.com

Chrome: 
=======
CHR Extension: (Google Docs) - C:\Users\Herr Krauskopf\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-31]
CHR Extension: (Google Drive) - C:\Users\Herr Krauskopf\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-31]
CHR Extension: (YouTube) - C:\Users\Herr Krauskopf\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-31]
CHR Extension: (Google-Suche) - C:\Users\Herr Krauskopf\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-31]
CHR Extension: (AdBlock) - C:\Users\Herr Krauskopf\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-02-01]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Herr Krauskopf\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2014-01-31]
CHR Extension: (Google Wallet) - C:\Users\Herr Krauskopf\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-31]
CHR Extension: (Google Mail) - C:\Users\Herr Krauskopf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-31]
CHR Extension: (BestSaVeeFaorYou) - C:\ProgramData\ojhhdeaacmkchebncoepnjbilbcodfdd [2014-01-03]
CHR HKLM-x32\...\Chrome\Extension: [aakchaleigkohafkfjfjbblobjifikek] - C:\Users\Herr Krauskopf\AppData\LocalLow\proxtube\CHROME\proxtube.crx [2012-04-19]
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-09-09]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-17] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-26] (Avira Operations GmbH & Co. KG)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2010-04-05] ()
S2 976137e5; "C:\Windows\system32\rundll32.exe" "c:\progra~3\webplat\WebPlatSvc.dll",service

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-26] (Avira Operations GmbH & Co. KG)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
R3 XENfiltv; C:\Windows\System32\drivers\XENfiltv.sys [25600 2009-07-31] (Creative Technology Ltd.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-02 13:06 - 2014-02-02 13:06 - 00000776 _____ () C:\Users\Herr Krauskopf\Desktop\JRT.txt
2014-02-02 12:58 - 2014-02-02 12:58 - 00001527 _____ () C:\Users\Herr Krauskopf\Desktop\AdwCleaner[S1].txt
2014-02-01 12:06 - 2014-02-01 12:06 - 00091736 _____ () C:\ComboFix.txt
2014-02-01 11:40 - 2014-02-01 12:06 - 00000000 ____D () C:\Qoobox
2014-02-01 11:40 - 2014-02-01 12:02 - 00000000 ____D () C:\Windows\erdnt
2014-02-01 11:40 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-02-01 11:40 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-02-01 11:40 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-02-01 11:40 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-02-01 11:40 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-02-01 11:40 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-02-01 11:40 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-02-01 11:40 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-02-01 11:39 - 2014-02-01 11:39 - 05179159 ____R (Swearware) C:\Users\Herr Krauskopf\Desktop\ComboFix.exe
2014-02-01 11:25 - 2014-02-02 13:09 - 00003248 _____ () C:\Windows\System32\Tasks\RealUpgradeLogonTaskS-1-5-21-876820725-1739964210-3379319205-1000
2014-01-31 17:38 - 2014-02-02 13:12 - 00000000 ____D () C:\FRST
2014-01-31 14:49 - 2014-01-31 14:49 - 00002247 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-01-31 12:59 - 2014-01-31 12:59 - 00000000 ____D () C:\Program Files (x86)\TubEItAdBlloCkAp
2014-01-31 12:40 - 2014-01-31 13:02 - 00000000 ____D () C:\ProgramData\TubEItAdBlloCkAp
2014-01-31 12:40 - 2014-01-31 12:40 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-01-31 12:40 - 2014-01-31 12:40 - 00000000 ____D () C:\ProgramData\ebpfmmfjnoegkpmjakikhaflocoglidg
2014-01-30 14:15 - 2014-01-30 14:15 - 00002002 _____ () C:\Users\Herr Krauskopf\Desktop\Entfernen des Avira PC Cleaners.lnk
2014-01-30 14:15 - 2014-01-30 14:15 - 00001946 _____ () C:\Users\Herr Krauskopf\Desktop\Avira PC Cleaner.lnk
2014-01-30 14:10 - 2014-02-02 13:09 - 00003364 _____ () C:\Windows\System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-876820725-1739964210-3379319205-1000
2014-01-26 17:17 - 2014-01-26 17:17 - 00094720 _____ () C:\Users\Herr Krauskopf\Desktop\Schalke+Loreley.xls
2014-01-21 01:10 - 2014-01-21 01:10 - 00000000 ____D () C:\Users\Herr Krauskopf\AppData\Roaming\IDM
2014-01-15 16:22 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 16:22 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 16:22 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 16:22 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 16:22 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 16:22 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 16:22 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 16:22 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 16:22 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-10 15:36 - 2014-01-10 15:36 - 00000000 ____D () C:\Windows\ERUNT
2014-01-10 01:29 - 2014-02-02 12:56 - 00000000 ____D () C:\AdwCleaner
2014-01-10 01:01 - 2014-01-10 01:01 - 00000741 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-10 01:01 - 2014-01-10 01:01 - 00000000 ____D () C:\Users\Herr Krauskopf\AppData\Roaming\Malwarebytes
2014-01-10 01:01 - 2014-01-10 01:01 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-01-10 01:01 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-10 00:05 - 2014-01-10 00:06 - 00000000 ____D () C:\ProgramData\IObit
2014-01-10 00:05 - 2014-01-10 00:05 - 00000000 ____D () C:\Users\Herr Krauskopf\AppData\Roaming\IObit
2014-01-10 00:05 - 2014-01-10 00:05 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-01-09 22:37 - 2014-01-09 22:37 - 00000000 _____ () C:\autoexec.bat
2014-01-09 22:36 - 2014-01-09 22:36 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-01-09 22:35 - 2014-01-10 00:01 - 00000000 ____D () C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP
2014-01-07 00:52 - 2014-01-08 16:38 - 00010822 _____ () C:\Users\Herr Krauskopf\Desktop\Pokemon - Gelbe Edition (D)1.sgm
2014-01-06 18:33 - 2014-01-11 21:30 - 00032768 _____ () C:\Users\Herr Krauskopf\Desktop\Pokemon - Gelbe Edition (D).sav
2014-01-03 15:03 - 2014-01-31 12:59 - 00000000 ____D () C:\ProgramData\73b47cdafd0d1853
2014-01-03 15:03 - 2014-01-09 15:10 - 00000000 ____D () C:\ProgramData\BestSaVeeFaorYou
2014-01-03 15:03 - 2014-01-03 15:03 - 00000000 ____D () C:\Users\Herr Krauskopf\AppData\Local\Packages
2014-01-03 15:03 - 2014-01-03 15:03 - 00000000 ____D () C:\ProgramData\ojhhdeaacmkchebncoepnjbilbcodfdd
2014-01-03 14:43 - 2014-01-31 14:38 - 00000000 ____D () C:\ProgramData\WebPlat

==================== One Month Modified Files and Folders =======

2014-02-02 13:12 - 2014-01-31 17:38 - 00000000 ____D () C:\FRST
2014-02-02 13:10 - 2013-04-27 15:05 - 00000000 ____D () C:\Users\Herr Krauskopf\AppData\Roaming\Dropbox
2014-02-02 13:09 - 2014-02-01 11:25 - 00003248 _____ () C:\Windows\System32\Tasks\RealUpgradeLogonTaskS-1-5-21-876820725-1739964210-3379319205-1000
2014-02-02 13:09 - 2014-01-30 14:10 - 00003364 _____ () C:\Windows\System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-876820725-1739964210-3379319205-1000
2014-02-02 13:09 - 2012-08-13 14:32 - 00001122 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-02 13:09 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-02 13:09 - 2009-07-14 05:51 - 00177851 _____ () C:\Windows\setupact.log
2014-02-02 13:08 - 2012-08-13 12:25 - 01939145 _____ () C:\Windows\WindowsUpdate.log
2014-02-02 13:06 - 2014-02-02 13:06 - 00000776 _____ () C:\Users\Herr Krauskopf\Desktop\JRT.txt
2014-02-02 13:05 - 2009-07-14 05:45 - 00021680 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-02 13:05 - 2009-07-14 05:45 - 00021680 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-02 12:58 - 2014-02-02 12:58 - 00001527 _____ () C:\Users\Herr Krauskopf\Desktop\AdwCleaner[S1].txt
2014-02-02 12:57 - 2012-08-21 13:46 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-02 12:56 - 2014-01-10 01:29 - 00000000 ____D () C:\AdwCleaner
2014-02-02 12:39 - 2012-08-13 12:54 - 00001156 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-876820725-1739964210-3379319205-1000UA.job
2014-02-02 12:18 - 2012-08-13 14:32 - 00001126 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-02 11:29 - 2012-08-13 15:54 - 00000000 ____D () C:\Users\Herr Krauskopf\AppData\Local\Windows Live
2014-02-02 11:27 - 2012-08-13 14:26 - 00000000 ____D () C:\Users\Herr Krauskopf\AppData\Roaming\Skype
2014-02-02 00:51 - 2012-08-13 12:54 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-876820725-1739964210-3379319205-1000Core.job
2014-02-01 14:01 - 2012-09-03 23:07 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-02-01 12:16 - 2010-11-21 04:47 - 00162198 _____ () C:\Windows\PFRO.log
2014-02-01 12:06 - 2014-02-01 12:06 - 00091736 _____ () C:\ComboFix.txt
2014-02-01 12:06 - 2014-02-01 11:40 - 00000000 ____D () C:\Qoobox
2014-02-01 12:02 - 2014-02-01 11:40 - 00000000 ____D () C:\Windows\erdnt
2014-02-01 11:54 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-02-01 11:40 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2014-02-01 11:39 - 2014-02-01 11:39 - 05179159 ____R (Swearware) C:\Users\Herr Krauskopf\Desktop\ComboFix.exe
2014-01-31 14:49 - 2014-01-31 14:49 - 00002247 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-01-31 14:49 - 2012-08-13 14:32 - 00000000 ____D () C:\Program Files (x86)\Google
2014-01-31 14:49 - 2012-08-13 12:54 - 00000000 ____D () C:\Users\Herr Krauskopf\AppData\Local\Google
2014-01-31 14:38 - 2014-01-03 14:43 - 00000000 ____D () C:\ProgramData\WebPlat
2014-01-31 13:02 - 2014-01-31 12:40 - 00000000 ____D () C:\ProgramData\TubEItAdBlloCkAp
2014-01-31 12:59 - 2014-01-31 12:59 - 00000000 ____D () C:\Program Files (x86)\TubEItAdBlloCkAp
2014-01-31 12:59 - 2014-01-03 15:03 - 00000000 ____D () C:\ProgramData\73b47cdafd0d1853
2014-01-31 12:40 - 2014-01-31 12:40 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-01-31 12:40 - 2014-01-31 12:40 - 00000000 ____D () C:\ProgramData\ebpfmmfjnoegkpmjakikhaflocoglidg
2014-01-31 12:40 - 2009-07-14 04:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-01-31 12:40 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-01-30 15:02 - 2012-08-13 16:07 - 00000000 ____D () C:\Users\Herr Krauskopf\AppData\Roaming\vlc
2014-01-30 14:15 - 2014-01-30 14:15 - 00002002 _____ () C:\Users\Herr Krauskopf\Desktop\Entfernen des Avira PC Cleaners.lnk
2014-01-30 14:15 - 2014-01-30 14:15 - 00001946 _____ () C:\Users\Herr Krauskopf\Desktop\Avira PC Cleaner.lnk
2014-01-28 21:48 - 2012-08-19 17:58 - 00000000 ____D () C:\Users\Herr Krauskopf\AppData\Roaming\.minecraft
2014-01-26 17:17 - 2014-01-26 17:17 - 00094720 _____ () C:\Users\Herr Krauskopf\Desktop\Schalke+Loreley.xls
2014-01-25 18:01 - 2011-04-12 08:43 - 00696620 _____ () C:\Windows\system32\perfh007.dat
2014-01-25 18:01 - 2011-04-12 08:43 - 00147916 _____ () C:\Windows\system32\perfc007.dat
2014-01-25 18:01 - 2009-07-14 06:13 - 01612484 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-01-21 01:10 - 2014-01-21 01:10 - 00000000 ____D () C:\Users\Herr Krauskopf\AppData\Roaming\IDM
2014-01-16 23:01 - 2012-08-13 12:35 - 00000000 ___RD () C:\Users\Herr Krauskopf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-16 23:00 - 2013-04-27 15:11 - 00001006 _____ () C:\Users\Herr Krauskopf\Desktop\Dropbox.lnk
2014-01-16 23:00 - 2013-04-27 15:06 - 00000000 ____D () C:\Users\Herr Krauskopf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-01-16 22:52 - 2009-07-14 05:45 - 00476224 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-01-16 17:28 - 2013-08-15 12:30 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-16 17:28 - 2012-10-23 14:31 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-01-16 17:24 - 2012-08-13 15:10 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-11 21:30 - 2014-01-06 18:33 - 00032768 _____ () C:\Users\Herr Krauskopf\Desktop\Pokemon - Gelbe Edition (D).sav
2014-01-10 15:36 - 2014-01-10 15:36 - 00000000 ____D () C:\Windows\ERUNT
2014-01-10 01:10 - 2013-06-15 19:16 - 00000000 ____D () C:\ProgramData\InstallMate
2014-01-10 01:01 - 2014-01-10 01:01 - 00000741 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-10 01:01 - 2014-01-10 01:01 - 00000000 ____D () C:\Users\Herr Krauskopf\AppData\Roaming\Malwarebytes
2014-01-10 01:01 - 2014-01-10 01:01 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-01-10 00:06 - 2014-01-10 00:05 - 00000000 ____D () C:\ProgramData\IObit
2014-01-10 00:05 - 2014-01-10 00:05 - 00000000 ____D () C:\Users\Herr Krauskopf\AppData\Roaming\IObit
2014-01-10 00:05 - 2014-01-10 00:05 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-01-10 00:01 - 2014-01-09 22:35 - 00000000 ____D () C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP
2014-01-09 22:37 - 2014-01-09 22:37 - 00000000 _____ () C:\autoexec.bat
2014-01-09 22:36 - 2014-01-09 22:36 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-01-09 15:10 - 2014-01-03 15:03 - 00000000 ____D () C:\ProgramData\BestSaVeeFaorYou
2014-01-08 16:38 - 2014-01-07 00:52 - 00010822 _____ () C:\Users\Herr Krauskopf\Desktop\Pokemon - Gelbe Edition (D)1.sgm
2014-01-06 18:33 - 2005-03-13 18:17 - 01048576 _____ () C:\Users\Herr Krauskopf\Desktop\Pokemon - Gelbe Edition (D).gb
2014-01-06 18:32 - 2004-05-25 19:47 - 01757264 _____ (None) C:\Users\Herr Krauskopf\Desktop\VisualBoyAdvance.exe
2014-01-03 15:03 - 2014-01-03 15:03 - 00000000 ____D () C:\Users\Herr Krauskopf\AppData\Local\Packages
2014-01-03 15:03 - 2014-01-03 15:03 - 00000000 ____D () C:\ProgramData\ojhhdeaacmkchebncoepnjbilbcodfdd

Some content of TEMP:
====================
C:\Users\Herr Krauskopf\AppData\Local\Temp\avgnt.exe
C:\Users\Herr Krauskopf\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-29 15:40

==================== End Of Log ============================
         
--- --- ---


Schönen Sonntag noch!

Alt 03.02.2014, 09:52   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Add-on Namens TubEItAdBlloCkAp geht nicht weg - Standard

Add-on Namens TubEItAdBlloCkAp geht nicht weg




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 03.02.2014, 15:38   #9
boust
 
Add-on Namens TubEItAdBlloCkAp geht nicht weg - Standard

Add-on Namens TubEItAdBlloCkAp geht nicht weg



Hi
schonmal vielen Dank für die Hilfe, hab alle scans durchlaufen lassen, allerdings ist nach wie vor dieses Add-on "TubEItAdBlloCkAp" in meinem Google Chrome Browser drin

hier die Logfiles:
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=5f560aa086350d47adcf892a8d4ec960
# engine=16919
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-02-03 03:25:27
# local_time=2014-02-03 04:25:27 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1799 16775165 100 96 11397 162112432 4170 0
# compatibility_mode=5893 16776573 100 94 97536 143070977 0 0
# scanned=277178
# found=0
# cleaned=0
# scan_time=7131
         
Code:
ATTFilter
 Results of screen317's Security Check version 0.99.79  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Avira Desktop   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Malwarebytes Anti-Malware Version 1.75.0.1300  
 Java 7 Update 25  
 Java version out of Date! 
 Adobe Flash Player 11.9.900.170  
 Adobe Reader 10.1.8 Adobe Reader out of Date!  
 Mozilla Firefox (Firefox.) 
 Google Chrome 32.0.1700.76  
````````Process Check: objlist.exe by Laurent````````  
 Avira Antivir avgnt.exe 
 Avira Antivir avguard.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
         

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-02-2014 04
Ran by Herr Krauskopf (administrator) on HACKFLEISCH on 03-02-2014 16:32:42
Running from D:\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Dropbox, Inc.) C:\Users\Herr Krauskopf\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Apple Inc.) E:\Programme\iTunes\iTunesHelper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\UI0Detect.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2726728 2010-03-25] (CANON INC.)
HKLM\...\Run: [Ocs_SM] - C:\Users\Herr Krauskopf\AppData\Roaming\OCS\SM\SearchAnonymizer.exe
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-05-30] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - E:\Programme\iTunes\iTunesHelper.exe [421776 2012-06-07] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CanonSolutionMenuEx] - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1185112 2010-04-02] (CANON INC.)
HKLM-x32\...\Run: [TkBellExe] - C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [296096 2012-09-09] (RealNetworks, Inc.)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [641704 2012-11-16] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AMD AVT] - C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [20992 2012-03-19] ()
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-17] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-04-23] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.)
HKU\S-1-5-21-876820725-1739964210-3379319205-1000\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe [1561968 2013-04-23] (Samsung)
Startup: C:\Users\Herr Krauskopf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Herr Krauskopf\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xD162AA7C4979CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {042590A8-7896-4234-8AD2-8DB0071D4FF3} URL = hxxp://www.google.com.anonymize-me.de/?anonymto=687474703A2F2F7777772E676F6F676C652E636F6D2F7365617263683F713D7B7365617263685465726D737D26616D703B736F7572636569643D69653726616D703B726C733D636F6D2E6D6963726F736F66743A7B6C616E67756167657D3A7B72656665727265723A736F757263657D26616D703B69653D7B696E707574456E636F64696E673F7D266F653D7B6F7574707574456E636F64696E673F7D&st={searchTerms}&clid=e262fad2-e768-4ee1-b806-5ba594755ba0&pid=proxtubede&k=0
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com.anonymize-me.de/?anonymto=687474703A2F2F7777772E62696E672E636F6D2F7365617263683F713D7B7365617263685465726D737D267372633D49452D536561726368426F7826464F524D3D494538535243&st={searchTerms}&clid=e262fad2-e768-4ee1-b806-5ba594755ba0&pid=proxtubede&k=0
SearchScopes: HKCU - {44716333-68D4-426A-AC6D-D3DAA56B060E} URL = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=e262fad2-e768-4ee1-b806-5ba594755ba0&pid=proxtubede&mode=bounce&k=0
SearchScopes: HKCU - {57484F9A-4DC1-470F-BCE4-1FE5E63860F1} URL = hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=e262fad2-e768-4ee1-b806-5ba594755ba0&pid=proxtubede&mode=bounce&k=0
SearchScopes: HKCU - {C83A4055-125A-4575-B97A-18CEC1E4483A} URL = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=e262fad2-e768-4ee1-b806-5ba594755ba0&pid=proxtubede&mode=bounce&k=0
SearchScopes: HKCU - {D6806300-CB63-459B-BDD0-8B371DA48160} URL = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=e262fad2-e768-4ee1-b806-5ba594755ba0&pid=proxtubede&mode=bounce&k=0
SearchScopes: HKCU - {F627E9A5-689A-481E-B0E6-E793CF091D57} URL = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=e262fad2-e768-4ee1-b806-5ba594755ba0&pid=proxtubede&mode=bounce&k=0
SearchScopes: HKCU - {F6DACF4C-0E11-4B70-B67E-A7441D4F9B7C} URL = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=e262fad2-e768-4ee1-b806-5ba594755ba0&pid=proxtubede&mode=bounce&k=0
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} -  No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Herr Krauskopf\AppData\Roaming\Mozilla\Firefox\Profiles\slrflptn.default
FF NewTab: user_pref("browser.newtab.url", "");
FF SelectedSearchEngine: Google
FF Homepage: msn.de
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.6.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.6.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.2 - E:\Programme\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - E:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @real.com/nppl3260;version=15.0.6.14 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.6.14 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.6.14 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=15.0.6.14 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @wolfram.com/Mathematica - C:\Program Files (x86)\Common Files\Wolfram Research\Browser\8.0.1.2063897\npmathplugin.dll (Wolfram Research, Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Herr Krauskopf\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Herr Krauskopf\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll (Amazon.com, Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: DownloadHelper - C:\Users\Herr Krauskopf\AppData\Roaming\Mozilla\Firefox\Profiles\slrflptn.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-01-16]
FF Extension: Adblock Plus - C:\Users\Herr Krauskopf\AppData\Roaming\Mozilla\Firefox\Profiles\slrflptn.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-01-04]
FF HKLM-x32\...\Firefox\Extensions: [{0153E448-190B-4987-BDE1-F256CADA672F}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-09-09]
FF HKCU\...\Firefox\Extensions: [extension@preispilot.com] - C:\Users\Herr Krauskopf\AppData\Roaming\Mozilla\Firefox\Profiles\slrflptn.default\extensions\extension@preispilot.com

Chrome: 
=======
CHR Extension: (Google Docs) - C:\Users\Herr Krauskopf\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-31]
CHR Extension: (Google Drive) - C:\Users\Herr Krauskopf\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-31]
CHR Extension: (YouTube) - C:\Users\Herr Krauskopf\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-31]
CHR Extension: (Google-Suche) - C:\Users\Herr Krauskopf\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-31]
CHR Extension: (AdBlock) - C:\Users\Herr Krauskopf\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-02-01]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Herr Krauskopf\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2014-01-31]
CHR Extension: (Google Wallet) - C:\Users\Herr Krauskopf\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-31]
CHR Extension: (Google Mail) - C:\Users\Herr Krauskopf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-31]
CHR Extension: (BestSaVeeFaorYou) - C:\ProgramData\ojhhdeaacmkchebncoepnjbilbcodfdd [2014-01-03]
CHR HKLM-x32\...\Chrome\Extension: [aakchaleigkohafkfjfjbblobjifikek] - C:\Users\Herr Krauskopf\AppData\LocalLow\proxtube\CHROME\proxtube.crx [2012-04-19]
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-09-09]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-17] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-26] (Avira Operations GmbH & Co. KG)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2010-04-05] ()
S2 976137e5; "C:\Windows\system32\rundll32.exe" "c:\progra~3\webplat\WebPlatSvc.dll",service

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-26] (Avira Operations GmbH & Co. KG)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
R3 XENfiltv; C:\Windows\System32\drivers\XENfiltv.sys [25600 2009-07-31] (Creative Technology Ltd.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-03 16:32 - 2014-02-03 16:32 - 00000919 _____ () C:\Users\Herr Krauskopf\Desktop\checkup.txt
2014-02-03 16:30 - 2014-02-03 16:30 - 00987425 _____ () C:\Users\Herr Krauskopf\Desktop\SecurityCheck.exe
2014-02-01 12:06 - 2014-02-01 12:06 - 00091736 _____ () C:\ComboFix.txt
2014-02-01 11:40 - 2014-02-01 12:06 - 00000000 ____D () C:\Qoobox
2014-02-01 11:40 - 2014-02-01 12:02 - 00000000 ____D () C:\Windows\erdnt
2014-02-01 11:40 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-02-01 11:40 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-02-01 11:40 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-02-01 11:40 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-02-01 11:40 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-02-01 11:40 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-02-01 11:40 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-02-01 11:40 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-02-01 11:39 - 2014-02-01 11:39 - 05179159 ____R (Swearware) C:\Users\Herr Krauskopf\Desktop\ComboFix.exe
2014-02-01 11:25 - 2014-02-03 14:10 - 00003248 _____ () C:\Windows\System32\Tasks\RealUpgradeLogonTaskS-1-5-21-876820725-1739964210-3379319205-1000
2014-01-31 17:38 - 2014-02-03 16:32 - 00000000 ____D () C:\FRST
2014-01-31 14:49 - 2014-01-31 14:49 - 00002247 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-01-31 12:59 - 2014-01-31 12:59 - 00000000 ____D () C:\Program Files (x86)\TubEItAdBlloCkAp
2014-01-31 12:40 - 2014-01-31 13:02 - 00000000 ____D () C:\ProgramData\TubEItAdBlloCkAp
2014-01-31 12:40 - 2014-01-31 12:40 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-01-31 12:40 - 2014-01-31 12:40 - 00000000 ____D () C:\ProgramData\ebpfmmfjnoegkpmjakikhaflocoglidg
2014-01-30 14:15 - 2014-01-30 14:15 - 00002002 _____ () C:\Users\Herr Krauskopf\Desktop\Entfernen des Avira PC Cleaners.lnk
2014-01-30 14:15 - 2014-01-30 14:15 - 00001946 _____ () C:\Users\Herr Krauskopf\Desktop\Avira PC Cleaner.lnk
2014-01-30 14:10 - 2014-02-03 14:10 - 00003364 _____ () C:\Windows\System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-876820725-1739964210-3379319205-1000
2014-01-26 17:17 - 2014-01-26 17:17 - 00094720 _____ () C:\Users\Herr Krauskopf\Desktop\Schalke+Loreley.xls
2014-01-21 01:10 - 2014-01-21 01:10 - 00000000 ____D () C:\Users\Herr Krauskopf\AppData\Roaming\IDM
2014-01-15 16:22 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 16:22 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 16:22 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 16:22 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 16:22 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 16:22 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 16:22 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 16:22 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 16:22 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-10 15:36 - 2014-01-10 15:36 - 00000000 ____D () C:\Windows\ERUNT
2014-01-10 01:29 - 2014-02-02 12:56 - 00000000 ____D () C:\AdwCleaner
2014-01-10 01:01 - 2014-01-10 01:01 - 00000741 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-10 01:01 - 2014-01-10 01:01 - 00000000 ____D () C:\Users\Herr Krauskopf\AppData\Roaming\Malwarebytes
2014-01-10 01:01 - 2014-01-10 01:01 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-01-10 01:01 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-10 00:05 - 2014-01-10 00:06 - 00000000 ____D () C:\ProgramData\IObit
2014-01-10 00:05 - 2014-01-10 00:05 - 00000000 ____D () C:\Users\Herr Krauskopf\AppData\Roaming\IObit
2014-01-10 00:05 - 2014-01-10 00:05 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-01-09 22:37 - 2014-01-09 22:37 - 00000000 _____ () C:\autoexec.bat
2014-01-09 22:36 - 2014-01-09 22:36 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-01-09 22:35 - 2014-01-10 00:01 - 00000000 ____D () C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP
2014-01-07 00:52 - 2014-01-08 16:38 - 00010822 _____ () C:\Users\Herr Krauskopf\Desktop\Pokemon - Gelbe Edition (D)1.sgm
2014-01-06 18:33 - 2014-01-11 21:30 - 00032768 _____ () C:\Users\Herr Krauskopf\Desktop\Pokemon - Gelbe Edition (D).sav

==================== One Month Modified Files and Folders =======

2014-02-03 16:32 - 2014-02-03 16:32 - 00000919 _____ () C:\Users\Herr Krauskopf\Desktop\checkup.txt
2014-02-03 16:32 - 2014-01-31 17:38 - 00000000 ____D () C:\FRST
2014-02-03 16:30 - 2014-02-03 16:30 - 00987425 _____ () C:\Users\Herr Krauskopf\Desktop\SecurityCheck.exe
2014-02-03 16:18 - 2012-08-13 14:32 - 00001126 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-03 16:11 - 2012-08-13 12:25 - 01974919 _____ () C:\Windows\WindowsUpdate.log
2014-02-03 15:57 - 2012-08-21 13:46 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-03 15:39 - 2012-08-13 12:54 - 00001156 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-876820725-1739964210-3379319205-1000UA.job
2014-02-03 15:24 - 2009-07-14 05:51 - 00178243 _____ () C:\Windows\setupact.log
2014-02-03 14:19 - 2011-04-12 08:43 - 00696620 _____ () C:\Windows\system32\perfh007.dat
2014-02-03 14:19 - 2011-04-12 08:43 - 00147916 _____ () C:\Windows\system32\perfc007.dat
2014-02-03 14:19 - 2009-07-14 06:13 - 01612484 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-03 14:18 - 2009-07-14 05:45 - 00021680 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-03 14:18 - 2009-07-14 05:45 - 00021680 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-03 14:11 - 2013-04-27 15:05 - 00000000 ____D () C:\Users\Herr Krauskopf\AppData\Roaming\Dropbox
2014-02-03 14:10 - 2014-02-01 11:25 - 00003248 _____ () C:\Windows\System32\Tasks\RealUpgradeLogonTaskS-1-5-21-876820725-1739964210-3379319205-1000
2014-02-03 14:10 - 2014-01-30 14:10 - 00003364 _____ () C:\Windows\System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-876820725-1739964210-3379319205-1000
2014-02-03 14:10 - 2012-08-13 14:32 - 00001122 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-03 14:10 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-02 23:57 - 2012-08-13 12:54 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-876820725-1739964210-3379319205-1000Core.job
2014-02-02 23:29 - 2012-08-13 15:54 - 00000000 ____D () C:\Users\Herr Krauskopf\AppData\Local\Windows Live
2014-02-02 23:22 - 2012-08-13 14:26 - 00000000 ____D () C:\Users\Herr Krauskopf\AppData\Roaming\Skype
2014-02-02 12:56 - 2014-01-10 01:29 - 00000000 ____D () C:\AdwCleaner
2014-02-01 14:01 - 2012-09-03 23:07 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-02-01 12:16 - 2010-11-21 04:47 - 00162198 _____ () C:\Windows\PFRO.log
2014-02-01 12:06 - 2014-02-01 12:06 - 00091736 _____ () C:\ComboFix.txt
2014-02-01 12:06 - 2014-02-01 11:40 - 00000000 ____D () C:\Qoobox
2014-02-01 12:02 - 2014-02-01 11:40 - 00000000 ____D () C:\Windows\erdnt
2014-02-01 11:54 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-02-01 11:40 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2014-02-01 11:39 - 2014-02-01 11:39 - 05179159 ____R (Swearware) C:\Users\Herr Krauskopf\Desktop\ComboFix.exe
2014-01-31 14:49 - 2014-01-31 14:49 - 00002247 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-01-31 14:49 - 2012-08-13 14:32 - 00000000 ____D () C:\Program Files (x86)\Google
2014-01-31 14:49 - 2012-08-13 12:54 - 00000000 ____D () C:\Users\Herr Krauskopf\AppData\Local\Google
2014-01-31 14:38 - 2014-01-03 14:43 - 00000000 ____D () C:\ProgramData\WebPlat
2014-01-31 13:02 - 2014-01-31 12:40 - 00000000 ____D () C:\ProgramData\TubEItAdBlloCkAp
2014-01-31 12:59 - 2014-01-31 12:59 - 00000000 ____D () C:\Program Files (x86)\TubEItAdBlloCkAp
2014-01-31 12:59 - 2014-01-03 15:03 - 00000000 ____D () C:\ProgramData\73b47cdafd0d1853
2014-01-31 12:40 - 2014-01-31 12:40 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-01-31 12:40 - 2014-01-31 12:40 - 00000000 ____D () C:\ProgramData\ebpfmmfjnoegkpmjakikhaflocoglidg
2014-01-31 12:40 - 2009-07-14 04:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-01-31 12:40 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-01-30 15:02 - 2012-08-13 16:07 - 00000000 ____D () C:\Users\Herr Krauskopf\AppData\Roaming\vlc
2014-01-30 14:15 - 2014-01-30 14:15 - 00002002 _____ () C:\Users\Herr Krauskopf\Desktop\Entfernen des Avira PC Cleaners.lnk
2014-01-30 14:15 - 2014-01-30 14:15 - 00001946 _____ () C:\Users\Herr Krauskopf\Desktop\Avira PC Cleaner.lnk
2014-01-28 21:48 - 2012-08-19 17:58 - 00000000 ____D () C:\Users\Herr Krauskopf\AppData\Roaming\.minecraft
2014-01-26 17:17 - 2014-01-26 17:17 - 00094720 _____ () C:\Users\Herr Krauskopf\Desktop\Schalke+Loreley.xls
2014-01-21 01:10 - 2014-01-21 01:10 - 00000000 ____D () C:\Users\Herr Krauskopf\AppData\Roaming\IDM
2014-01-16 23:01 - 2012-08-13 12:35 - 00000000 ___RD () C:\Users\Herr Krauskopf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-16 23:00 - 2013-04-27 15:11 - 00001006 _____ () C:\Users\Herr Krauskopf\Desktop\Dropbox.lnk
2014-01-16 23:00 - 2013-04-27 15:06 - 00000000 ____D () C:\Users\Herr Krauskopf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-01-16 22:52 - 2009-07-14 05:45 - 00476224 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-01-16 17:28 - 2013-08-15 12:30 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-16 17:28 - 2012-10-23 14:31 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-01-16 17:24 - 2012-08-13 15:10 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-11 21:30 - 2014-01-06 18:33 - 00032768 _____ () C:\Users\Herr Krauskopf\Desktop\Pokemon - Gelbe Edition (D).sav
2014-01-10 15:36 - 2014-01-10 15:36 - 00000000 ____D () C:\Windows\ERUNT
2014-01-10 01:10 - 2013-06-15 19:16 - 00000000 ____D () C:\ProgramData\InstallMate
2014-01-10 01:01 - 2014-01-10 01:01 - 00000741 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-10 01:01 - 2014-01-10 01:01 - 00000000 ____D () C:\Users\Herr Krauskopf\AppData\Roaming\Malwarebytes
2014-01-10 01:01 - 2014-01-10 01:01 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-01-10 00:06 - 2014-01-10 00:05 - 00000000 ____D () C:\ProgramData\IObit
2014-01-10 00:05 - 2014-01-10 00:05 - 00000000 ____D () C:\Users\Herr Krauskopf\AppData\Roaming\IObit
2014-01-10 00:05 - 2014-01-10 00:05 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-01-10 00:01 - 2014-01-09 22:35 - 00000000 ____D () C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP
2014-01-09 22:37 - 2014-01-09 22:37 - 00000000 _____ () C:\autoexec.bat
2014-01-09 22:36 - 2014-01-09 22:36 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-01-09 15:10 - 2014-01-03 15:03 - 00000000 ____D () C:\ProgramData\BestSaVeeFaorYou
2014-01-08 16:38 - 2014-01-07 00:52 - 00010822 _____ () C:\Users\Herr Krauskopf\Desktop\Pokemon - Gelbe Edition (D)1.sgm
2014-01-06 18:33 - 2005-03-13 18:17 - 01048576 _____ () C:\Users\Herr Krauskopf\Desktop\Pokemon - Gelbe Edition (D).gb
2014-01-06 18:32 - 2004-05-25 19:47 - 01757264 _____ (None) C:\Users\Herr Krauskopf\Desktop\VisualBoyAdvance.exe

Some content of TEMP:
====================
C:\Users\Herr Krauskopf\AppData\Local\Temp\avgnt.exe
C:\Users\Herr Krauskopf\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-29 15:40

==================== End Of Log ============================
         
--- --- ---



Gruß
boust

Alt 04.02.2014, 10:51   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Add-on Namens TubEItAdBlloCkAp geht nicht weg - Standard

Add-on Namens TubEItAdBlloCkAp geht nicht weg



Java udn Adobe updaten.


Revo Uninstaller - Download - Filepony
damit Chrome deinstallieren, keine Daten behalten, Reste entfernen lassen, neu installieren.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 04.02.2014, 13:09   #11
boust
 
Add-on Namens TubEItAdBlloCkAp geht nicht weg - Standard

Add-on Namens TubEItAdBlloCkAp geht nicht weg



Es ist zum Mäuse melken...

Java und Adobe sind up to date; interessanterweise ließ sich Java erst Aktualisieren, nachdem ich Chrome mit dem Programm deinstalliert hatte, vorher kam jedesmal eine Fehlermeldung "Unpacking of downloaded data failed" o.ä..
Chrome ist gelöscht und wieder Installiert und dieses tolle Add-on ist nach wie vor da.

Ich hoffe, dir gehen die Ideen nicht aus =)

Gruß
boust

Alt 05.02.2014, 08:11   #12
schrauber
/// the machine
/// TB-Ausbilder
 

Add-on Namens TubEItAdBlloCkAp geht nicht weg - Standard

Add-on Namens TubEItAdBlloCkAp geht nicht weg



Verbindest Du mit einem Google Konto? Wenn ja synct Google den Käse immer wieder in den frischen Chrome, dann also Konto verbinden, dann alle Einstellungen in Chrome durchsuchen und von Hand löschen, dann ist es auch im Konto gelöscht.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 05.02.2014, 13:27   #13
boust
 
Add-on Namens TubEItAdBlloCkAp geht nicht weg - Standard

Add-on Namens TubEItAdBlloCkAp geht nicht weg



Ich verbinde Chrome nicht mit einem Google-Konto, das Add-on war direkt nach dem ersten Start wieder da.
Ich würde ja auch Chrome aufgeben und zu Firefox o.ä. wechseln, aber ich fürchte, dass dieser kram davon nicht weg ist.

Gruß
boust

Alt 06.02.2014, 09:13   #14
schrauber
/// the machine
/// TB-Ausbilder
 

Add-on Namens TubEItAdBlloCkAp geht nicht weg - Standard

Add-on Namens TubEItAdBlloCkAp geht nicht weg



Wenn Du nicht mit einem Google Konto Snycst mus das alles weg sein wenn Du genau nach Anleitung vorgehst:

Chrome deinstallierne
keine Daten behalten
Mit Revo Reste entfernen lassen
Chrome neu installieren.


Mach das genau so, dann bitte ein frisches FRST log und einen Screenshot von Chrome.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 06.02.2014, 12:44   #15
boust
 
Add-on Namens TubEItAdBlloCkAp geht nicht weg - Standard

Add-on Namens TubEItAdBlloCkAp geht nicht weg



Hi,
also ich hab Chrome jetzt nochmal mit Revo in den Standardeinstellungen (moderat) gelöscht und bei dem Rest alles markiert und gelöscht.
Dann Chrome installiert und beim ersten Öffnen war die Plage wieder da:



Hier ist noch das FRST log:


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-02-2014
Ran by Herr Krauskopf (administrator) on HACKFLEISCH on 06-02-2014 13:35:49
Running from D:\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Dropbox, Inc.) C:\Users\Herr Krauskopf\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Apple Inc.) E:\Programme\iTunes\iTunesHelper.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\UI0Detect.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
(VS Revo Group) E:\Programme\Revo Uninstaller\Revouninstaller.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2726728 2010-03-25] (CANON INC.)
HKLM\...\Run: [Ocs_SM] - C:\Users\Herr Krauskopf\AppData\Roaming\OCS\SM\SearchAnonymizer.exe
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-05-30] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - E:\Programme\iTunes\iTunesHelper.exe [421776 2012-06-07] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CanonSolutionMenuEx] - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1185112 2010-04-02] (CANON INC.)
HKLM-x32\...\Run: [TkBellExe] - C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [296096 2012-09-09] (RealNetworks, Inc.)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [641704 2012-11-16] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AMD AVT] - C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [20992 2012-03-19] ()
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-17] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-04-23] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\S-1-5-21-876820725-1739964210-3379319205-1000\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe [1561968 2013-04-23] (Samsung)
Startup: C:\Users\Herr Krauskopf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Herr Krauskopf\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xD162AA7C4979CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com.anonymize-me.de/?anonymto=687474703A2F2F7777772E62696E672E636F6D2F7365617263683F713D7B7365617263685465726D737D267372633D49452D536561726368426F7826464F524D3D494538535243&st={searchTerms}&clid=e262fad2-e768-4ee1-b806-5ba594755ba0&pid=proxtubede&k=0
SearchScopes: HKCU - {042590A8-7896-4234-8AD2-8DB0071D4FF3} URL = hxxp://www.google.com.anonymize-me.de/?anonymto=687474703A2F2F7777772E676F6F676C652E636F6D2F7365617263683F713D7B7365617263685465726D737D26616D703B736F7572636569643D69653726616D703B726C733D636F6D2E6D6963726F736F66743A7B6C616E67756167657D3A7B72656665727265723A736F757263657D26616D703B69653D7B696E707574456E636F64696E673F7D266F653D7B6F7574707574456E636F64696E673F7D&st={searchTerms}&clid=e262fad2-e768-4ee1-b806-5ba594755ba0&pid=proxtubede&k=0
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com.anonymize-me.de/?anonymto=687474703A2F2F7777772E62696E672E636F6D2F7365617263683F713D7B7365617263685465726D737D267372633D49452D536561726368426F7826464F524D3D494538535243&st={searchTerms}&clid=e262fad2-e768-4ee1-b806-5ba594755ba0&pid=proxtubede&k=0
SearchScopes: HKCU - {44716333-68D4-426A-AC6D-D3DAA56B060E} URL = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=e262fad2-e768-4ee1-b806-5ba594755ba0&pid=proxtubede&mode=bounce&k=0
SearchScopes: HKCU - {57484F9A-4DC1-470F-BCE4-1FE5E63860F1} URL = hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=e262fad2-e768-4ee1-b806-5ba594755ba0&pid=proxtubede&mode=bounce&k=0
SearchScopes: HKCU - {C83A4055-125A-4575-B97A-18CEC1E4483A} URL = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=e262fad2-e768-4ee1-b806-5ba594755ba0&pid=proxtubede&mode=bounce&k=0
SearchScopes: HKCU - {D6806300-CB63-459B-BDD0-8B371DA48160} URL = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=e262fad2-e768-4ee1-b806-5ba594755ba0&pid=proxtubede&mode=bounce&k=0
SearchScopes: HKCU - {F627E9A5-689A-481E-B0E6-E793CF091D57} URL = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=e262fad2-e768-4ee1-b806-5ba594755ba0&pid=proxtubede&mode=bounce&k=0
SearchScopes: HKCU - {F6DACF4C-0E11-4B70-B67E-A7441D4F9B7C} URL = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=e262fad2-e768-4ee1-b806-5ba594755ba0&pid=proxtubede&mode=bounce&k=0
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} -  No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Herr Krauskopf\AppData\Roaming\Mozilla\Firefox\Profiles\slrflptn.default
FF NewTab: user_pref("browser.newtab.url", "");
FF SelectedSearchEngine: Google
FF Homepage: msn.de
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.6.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.6.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.2 - E:\Programme\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - E:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @real.com/nppl3260;version=15.0.6.14 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.6.14 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.6.14 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=15.0.6.14 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @wolfram.com/Mathematica - C:\Program Files (x86)\Common Files\Wolfram Research\Browser\8.0.1.2063897\npmathplugin.dll (Wolfram Research, Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Herr Krauskopf\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Herr Krauskopf\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll (Amazon.com, Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: DownloadHelper - C:\Users\Herr Krauskopf\AppData\Roaming\Mozilla\Firefox\Profiles\slrflptn.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-01-16]
FF Extension: Adblock Plus - C:\Users\Herr Krauskopf\AppData\Roaming\Mozilla\Firefox\Profiles\slrflptn.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-01-04]
FF HKLM-x32\...\Firefox\Extensions: [{0153E448-190B-4987-BDE1-F256CADA672F}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-09-09]
FF HKCU\...\Firefox\Extensions: [extension@preispilot.com] - C:\Users\Herr Krauskopf\AppData\Roaming\Mozilla\Firefox\Profiles\slrflptn.default\extensions\extension@preispilot.com

Chrome: 
=======
CHR Extension: (Google Docs) - C:\Users\Herr Krauskopf\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-06]
CHR Extension: (Google Drive) - C:\Users\Herr Krauskopf\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-06]
CHR Extension: (YouTube) - C:\Users\Herr Krauskopf\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-06]
CHR Extension: (Google-Suche) - C:\Users\Herr Krauskopf\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-06]
CHR Extension: (TubEItAdBlloCkAp) - C:\Users\Herr Krauskopf\AppData\Local\Google\Chrome\User Data\Default\Extensions\ebpfmmfjnoegkpmjakikhaflocoglidg [2014-02-06]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Herr Krauskopf\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2014-02-06]
CHR Extension: (Google Wallet) - C:\Users\Herr Krauskopf\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-06]
CHR Extension: (Google Mail) - C:\Users\Herr Krauskopf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-06]
CHR Extension: (BestSaVeeFaorYou) - C:\ProgramData\ojhhdeaacmkchebncoepnjbilbcodfdd [2014-01-03]
CHR HKLM-x32\...\Chrome\Extension: [aakchaleigkohafkfjfjbblobjifikek] - C:\Users\Herr Krauskopf\AppData\LocalLow\proxtube\CHROME\proxtube.crx [2012-04-19]
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-09-09]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-17] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-26] (Avira Operations GmbH & Co. KG)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2010-04-05] ()
S2 976137e5; "C:\Windows\system32\rundll32.exe" "c:\progra~3\webplat\WebPlatSvc.dll",service

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-26] (Avira Operations GmbH & Co. KG)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
R3 XENfiltv; C:\Windows\System32\drivers\XENfiltv.sys [25600 2009-07-31] (Creative Technology Ltd.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-06 13:33 - 2014-02-06 13:33 - 00002247 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-02-04 14:02 - 2014-02-04 14:02 - 00000000 ____D () C:\ProgramData\Oracle
2014-02-04 14:02 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-02-04 14:02 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-02-04 14:02 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-02-04 14:02 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-02-04 14:01 - 2014-02-04 14:02 - 00005933 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-02-04 13:57 - 2014-02-04 13:57 - 00000728 _____ () C:\Users\Herr Krauskopf\Desktop\Revo Uninstaller.lnk
2014-02-03 16:32 - 2014-02-03 16:32 - 00000919 _____ () C:\Users\Herr Krauskopf\Desktop\checkup.txt
2014-02-03 16:30 - 2014-02-03 16:30 - 00987425 _____ () C:\Users\Herr Krauskopf\Desktop\SecurityCheck.exe
2014-02-01 12:06 - 2014-02-01 12:06 - 00091736 _____ () C:\ComboFix.txt
2014-02-01 11:40 - 2014-02-01 12:06 - 00000000 ____D () C:\Qoobox
2014-02-01 11:40 - 2014-02-01 12:02 - 00000000 ____D () C:\Windows\erdnt
2014-02-01 11:40 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-02-01 11:40 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-02-01 11:40 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-02-01 11:40 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-02-01 11:40 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-02-01 11:40 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-02-01 11:40 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-02-01 11:40 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-02-01 11:39 - 2014-02-01 11:39 - 05179159 ____R (Swearware) C:\Users\Herr Krauskopf\Desktop\ComboFix.exe
2014-02-01 11:25 - 2014-02-06 12:45 - 00003248 _____ () C:\Windows\System32\Tasks\RealUpgradeLogonTaskS-1-5-21-876820725-1739964210-3379319205-1000
2014-01-31 17:38 - 2014-02-06 13:35 - 00000000 ____D () C:\FRST
2014-01-31 12:59 - 2014-01-31 12:59 - 00000000 ____D () C:\Program Files (x86)\TubEItAdBlloCkAp
2014-01-31 12:40 - 2014-01-31 13:02 - 00000000 ____D () C:\ProgramData\TubEItAdBlloCkAp
2014-01-31 12:40 - 2014-01-31 12:40 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-01-31 12:40 - 2014-01-31 12:40 - 00000000 ____D () C:\ProgramData\ebpfmmfjnoegkpmjakikhaflocoglidg
2014-01-30 14:15 - 2014-01-30 14:15 - 00002002 _____ () C:\Users\Herr Krauskopf\Desktop\Entfernen des Avira PC Cleaners.lnk
2014-01-30 14:15 - 2014-01-30 14:15 - 00001946 _____ () C:\Users\Herr Krauskopf\Desktop\Avira PC Cleaner.lnk
2014-01-30 14:10 - 2014-02-06 12:45 - 00003364 _____ () C:\Windows\System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-876820725-1739964210-3379319205-1000
2014-01-26 17:17 - 2014-01-26 17:17 - 00094720 _____ () C:\Users\Herr Krauskopf\Desktop\Schalke+Loreley.xls
2014-01-21 01:10 - 2014-01-21 01:10 - 00000000 ____D () C:\Users\Herr Krauskopf\AppData\Roaming\IDM
2014-01-15 16:22 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 16:22 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 16:22 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 16:22 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 16:22 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 16:22 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 16:22 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 16:22 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 16:22 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-10 15:36 - 2014-01-10 15:36 - 00000000 ____D () C:\Windows\ERUNT
2014-01-10 01:29 - 2014-02-02 12:56 - 00000000 ____D () C:\AdwCleaner
2014-01-10 01:01 - 2014-01-10 01:01 - 00000741 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-10 01:01 - 2014-01-10 01:01 - 00000000 ____D () C:\Users\Herr Krauskopf\AppData\Roaming\Malwarebytes
2014-01-10 01:01 - 2014-01-10 01:01 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-01-10 01:01 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-10 00:05 - 2014-01-10 00:06 - 00000000 ____D () C:\ProgramData\IObit
2014-01-10 00:05 - 2014-01-10 00:05 - 00000000 ____D () C:\Users\Herr Krauskopf\AppData\Roaming\IObit
2014-01-10 00:05 - 2014-01-10 00:05 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-01-09 22:37 - 2014-01-09 22:37 - 00000000 _____ () C:\autoexec.bat
2014-01-09 22:36 - 2014-01-09 22:36 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-01-09 22:35 - 2014-01-10 00:01 - 00000000 ____D () C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP
2014-01-07 00:52 - 2014-01-08 16:38 - 00010822 _____ () C:\Users\Herr Krauskopf\Desktop\Pokemon - Gelbe Edition (D)1.sgm

==================== One Month Modified Files and Folders =======

2014-02-06 13:35 - 2014-01-31 17:38 - 00000000 ____D () C:\FRST
2014-02-06 13:33 - 2014-02-06 13:33 - 00002247 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-02-06 13:33 - 2012-08-13 14:32 - 00000000 ____D () C:\Program Files (x86)\Google
2014-02-06 13:33 - 2012-08-13 12:54 - 00000000 ____D () C:\Users\Herr Krauskopf\AppData\Local\Google
2014-02-06 13:20 - 2012-08-13 14:26 - 00000000 ____D () C:\Users\Herr Krauskopf\AppData\Roaming\Skype
2014-02-06 13:18 - 2012-08-13 14:32 - 00001126 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-06 12:57 - 2012-08-21 13:46 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-06 12:52 - 2009-07-14 05:45 - 00021680 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-06 12:52 - 2009-07-14 05:45 - 00021680 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-06 12:49 - 2012-08-13 12:25 - 02081912 _____ () C:\Windows\WindowsUpdate.log
2014-02-06 12:47 - 2012-08-13 15:54 - 00000000 ____D () C:\Users\Herr Krauskopf\AppData\Local\Windows Live
2014-02-06 12:46 - 2013-04-27 15:05 - 00000000 ____D () C:\Users\Herr Krauskopf\AppData\Roaming\Dropbox
2014-02-06 12:45 - 2014-02-01 11:25 - 00003248 _____ () C:\Windows\System32\Tasks\RealUpgradeLogonTaskS-1-5-21-876820725-1739964210-3379319205-1000
2014-02-06 12:45 - 2014-01-30 14:10 - 00003364 _____ () C:\Windows\System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-876820725-1739964210-3379319205-1000
2014-02-06 12:44 - 2012-08-13 14:32 - 00001122 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-06 12:44 - 2009-07-14 05:51 - 00179139 _____ () C:\Windows\setupact.log
2014-02-06 12:43 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-05 23:55 - 2012-08-13 12:54 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-876820725-1739964210-3379319205-1000Core.job
2014-02-05 23:39 - 2012-08-13 12:54 - 00001156 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-876820725-1739964210-3379319205-1000UA.job
2014-02-05 17:57 - 2012-08-21 13:46 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-05 17:57 - 2012-08-13 13:03 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-05 17:57 - 2012-08-13 13:03 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-05 14:17 - 2010-11-21 04:47 - 00163332 _____ () C:\Windows\PFRO.log
2014-02-04 14:02 - 2014-02-04 14:02 - 00000000 ____D () C:\ProgramData\Oracle
2014-02-04 14:02 - 2014-02-04 14:01 - 00005933 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-02-04 14:02 - 2013-06-23 11:15 - 00000000 ____D () C:\Program Files (x86)\Java
2014-02-04 13:57 - 2014-02-04 13:57 - 00000728 _____ () C:\Users\Herr Krauskopf\Desktop\Revo Uninstaller.lnk
2014-02-03 17:26 - 2012-08-13 16:07 - 00000000 ____D () C:\Users\Herr Krauskopf\AppData\Roaming\vlc
2014-02-03 16:32 - 2014-02-03 16:32 - 00000919 _____ () C:\Users\Herr Krauskopf\Desktop\checkup.txt
2014-02-03 16:30 - 2014-02-03 16:30 - 00987425 _____ () C:\Users\Herr Krauskopf\Desktop\SecurityCheck.exe
2014-02-03 14:19 - 2011-04-12 08:43 - 00696620 _____ () C:\Windows\system32\perfh007.dat
2014-02-03 14:19 - 2011-04-12 08:43 - 00147916 _____ () C:\Windows\system32\perfc007.dat
2014-02-03 14:19 - 2009-07-14 06:13 - 01612484 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-02 12:56 - 2014-01-10 01:29 - 00000000 ____D () C:\AdwCleaner
2014-02-01 14:01 - 2012-09-03 23:07 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-02-01 12:06 - 2014-02-01 12:06 - 00091736 _____ () C:\ComboFix.txt
2014-02-01 12:06 - 2014-02-01 11:40 - 00000000 ____D () C:\Qoobox
2014-02-01 12:02 - 2014-02-01 11:40 - 00000000 ____D () C:\Windows\erdnt
2014-02-01 11:54 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-02-01 11:40 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2014-02-01 11:39 - 2014-02-01 11:39 - 05179159 ____R (Swearware) C:\Users\Herr Krauskopf\Desktop\ComboFix.exe
2014-01-31 14:38 - 2014-01-03 14:43 - 00000000 ____D () C:\ProgramData\WebPlat
2014-01-31 13:02 - 2014-01-31 12:40 - 00000000 ____D () C:\ProgramData\TubEItAdBlloCkAp
2014-01-31 12:59 - 2014-01-31 12:59 - 00000000 ____D () C:\Program Files (x86)\TubEItAdBlloCkAp
2014-01-31 12:59 - 2014-01-03 15:03 - 00000000 ____D () C:\ProgramData\73b47cdafd0d1853
2014-01-31 12:40 - 2014-01-31 12:40 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-01-31 12:40 - 2014-01-31 12:40 - 00000000 ____D () C:\ProgramData\ebpfmmfjnoegkpmjakikhaflocoglidg
2014-01-31 12:40 - 2009-07-14 04:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-01-31 12:40 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-01-30 14:15 - 2014-01-30 14:15 - 00002002 _____ () C:\Users\Herr Krauskopf\Desktop\Entfernen des Avira PC Cleaners.lnk
2014-01-30 14:15 - 2014-01-30 14:15 - 00001946 _____ () C:\Users\Herr Krauskopf\Desktop\Avira PC Cleaner.lnk
2014-01-28 21:48 - 2012-08-19 17:58 - 00000000 ____D () C:\Users\Herr Krauskopf\AppData\Roaming\.minecraft
2014-01-26 17:17 - 2014-01-26 17:17 - 00094720 _____ () C:\Users\Herr Krauskopf\Desktop\Schalke+Loreley.xls
2014-01-21 01:10 - 2014-01-21 01:10 - 00000000 ____D () C:\Users\Herr Krauskopf\AppData\Roaming\IDM
2014-01-16 23:01 - 2012-08-13 12:35 - 00000000 ___RD () C:\Users\Herr Krauskopf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-16 23:00 - 2013-04-27 15:11 - 00001006 _____ () C:\Users\Herr Krauskopf\Desktop\Dropbox.lnk
2014-01-16 23:00 - 2013-04-27 15:06 - 00000000 ____D () C:\Users\Herr Krauskopf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-01-16 22:52 - 2009-07-14 05:45 - 00476224 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-01-16 17:28 - 2013-08-15 12:30 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-16 17:28 - 2012-10-23 14:31 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-01-16 17:24 - 2012-08-13 15:10 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-11 21:30 - 2014-01-06 18:33 - 00032768 _____ () C:\Users\Herr Krauskopf\Desktop\Pokemon - Gelbe Edition (D).sav
2014-01-10 15:36 - 2014-01-10 15:36 - 00000000 ____D () C:\Windows\ERUNT
2014-01-10 01:10 - 2013-06-15 19:16 - 00000000 ____D () C:\ProgramData\InstallMate
2014-01-10 01:01 - 2014-01-10 01:01 - 00000741 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-10 01:01 - 2014-01-10 01:01 - 00000000 ____D () C:\Users\Herr Krauskopf\AppData\Roaming\Malwarebytes
2014-01-10 01:01 - 2014-01-10 01:01 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-01-10 00:06 - 2014-01-10 00:05 - 00000000 ____D () C:\ProgramData\IObit
2014-01-10 00:05 - 2014-01-10 00:05 - 00000000 ____D () C:\Users\Herr Krauskopf\AppData\Roaming\IObit
2014-01-10 00:05 - 2014-01-10 00:05 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-01-10 00:01 - 2014-01-09 22:35 - 00000000 ____D () C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP
2014-01-09 22:37 - 2014-01-09 22:37 - 00000000 _____ () C:\autoexec.bat
2014-01-09 22:36 - 2014-01-09 22:36 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-01-09 15:10 - 2014-01-03 15:03 - 00000000 ____D () C:\ProgramData\BestSaVeeFaorYou
2014-01-08 16:38 - 2014-01-07 00:52 - 00010822 _____ () C:\Users\Herr Krauskopf\Desktop\Pokemon - Gelbe Edition (D)1.sgm

Some content of TEMP:
====================
C:\Users\Herr Krauskopf\AppData\Local\Temp\avgnt.exe
C:\Users\Herr Krauskopf\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Herr Krauskopf\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-29 15:40

==================== End Of Log ============================
         
--- --- ---


Soll ich vielleicht einfach mal alles löschen, wo der Name "TubEItAdBlloCkAp" vorkommt?

Gruß
boust

Antwort

Themen zu Add-on Namens TubEItAdBlloCkAp geht nicht weg
abgesicherten, anti, avira, cleaner, durch unternehmensrichtlinie installiert, einfach, entfernen, geht nicht weg, gelöscht, google, google chrome, löschen, malware, malwarebytes, modus, namen, neues, neustart, nicht löschen, nicht mehr, nichts, plötzlich, popups, programm, programme, safesaver, situation, start, unternehmensrichtlinie, viele popups



Ähnliche Themen: Add-on Namens TubEItAdBlloCkAp geht nicht weg


  1. USB Maus geht nicht mehr - neue Maus geht nach 2 Tagen auch nicht mehr!
    Netzwerk und Hardware - 26.10.2015 (4)
  2. Booten langsam, Drucker geht...geht nicht,Programme öffnen geht...geht nicht
    Plagegeister aller Art und deren Bekämpfung - 25.06.2015 (19)
  3. Auf ein mal mehrere Probleme: Datein nicht zu öffnen, youtube geht nicht, Download geht nicht...
    Plagegeister aller Art und deren Bekämpfung - 28.02.2015 (20)
  4. Add-on Namens AllllTuuBeNoAds geht nicht weg
    Plagegeister aller Art und deren Bekämpfung - 20.03.2014 (9)
  5. Windows 7,Unbekantes Programm namens SavingBull lässt sich nicht Entfernen....
    Plagegeister aller Art und deren Bekämpfung - 02.03.2014 (7)
  6. lollipop geht nicht zu deinstallieren und mein pc geht neuerdings immer aus, der akku ist dann auf 0%
    Plagegeister aller Art und deren Bekämpfung - 24.02.2014 (1)
  7. Antivirenprogramm schlägt Alarm ; Trojaner, namens bitguard. Allerdings ist es nicht möglich ihn zu beseitigen was nun?
    Log-Analyse und Auswertung - 21.11.2013 (21)
  8. Musikfetzen aus neuer Tonspur im Audiomixer namens "Namen nicht verfügbar"
    Log-Analyse und Auswertung - 24.12.2012 (1)
  9. Win7 herunterfahren Button reagiert nicht, strg+alt+entf geht nicht mehr & cmd.exe geht nicht auf
    Plagegeister aller Art und deren Bekämpfung - 15.12.2011 (25)
  10. Problem! Kabel-Internet geht nicht, WLAN geht!
    Plagegeister aller Art und deren Bekämpfung - 16.08.2010 (1)
  11. Firefox, opera, internet explorer geht nicht, aber ICQ geht
    Netzwerk und Hardware - 05.08.2009 (9)
  12. Trojaner namens RECYCLER geht nicht weg
    Plagegeister aller Art und deren Bekämpfung - 03.03.2009 (5)
  13. Firefox geht nicht,ICQ geht??
    Alles rund um Windows - 07.02.2009 (3)
  14. Internet geht auf einem PC nicht mehr, Laptop (am gleichen Router angeschlossen) geht
    Plagegeister aller Art und deren Bekämpfung - 04.12.2007 (0)
  15. Maus geht nicht mehr java geht nicht mehr...
    Log-Analyse und Auswertung - 05.09.2007 (3)
  16. Internet geht mal und mal geht es nicht
    Log-Analyse und Auswertung - 24.08.2007 (3)
  17. Firewall geht nicht und Internet geht nur manchmal
    Log-Analyse und Auswertung - 29.07.2007 (6)

Zum Thema Add-on Namens TubEItAdBlloCkAp geht nicht weg - Hallo, ich habe mich hier angemeldet, weil ich mittlerweile recht verzweifelt bin. Seit ungefähr einem Monat plage ich mich mit lauter Add-on Malware auf meinem PC herum. Ich versuche das - Add-on Namens TubEItAdBlloCkAp geht nicht weg...
Archiv
Du betrachtest: Add-on Namens TubEItAdBlloCkAp geht nicht weg auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.