Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Windows7/64 von div. Schädlingen infiziert

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 16.02.2014, 11:02   #1
uncle_tom
 
Windows7/64 von div. Schädlingen infiziert - Standard

Windows7/64 von div. Schädlingen infiziert



Guten Tag, Trojaner-Team.

Ich bitte um Hilfe bei der Bereinigung meines offenbar verseuchten Rechners.

Am Mittwoch, 12.02.2014, teilte mir Avast free mit, dass mein PC in einem kritischen Zustand sei und Irvanwiew (sowie eine weitere (Windows-relevante Software, an dessen Namen ich mich leider nicht mehr erinnere) zu aktualisieren sei. Ich drückte den Button "aktualisieren" und derDownload startete.

Es dauerte während des surfens mit Firefox nicht lange und es erschienen immer wieder Werbefenster und Seiten, die mich aufforderten, Progressive/Advanced System Protection zu erwerben. Darüberhinaus erschien es, dass Google mich vermutlich auf (wohl verseuchte) Pseudo-Hilfeseiten lenken wollte.

Ich zeigte die (klassische) Reaktion eines Betroffenen: Ansatz von Panik und unkoordiniertes herumdoktern:

Download, Installation und Start div. Schutz- und Malware-Software sowie Bereinigungsversuche der Registry (von der ich quasi nur weis, dass dort sehr viel Unheil angerichtet werden kann, wenn ein Dilettant zu Werke geht.

Die Ergebnisse der Programme ADW-Cleaner,CCCleaner, RKILL, FRST, GMER, Microsoft Security Essentials, Malwarebytes, Sophos und Windowsdefender fanden in der Tat Schädlinge und ich ließ bereinigen.

Der letzte Fehler war, wie ich vorhin las, dass ich die ersten Logfiles (vom "herumdoktern") gelöscht habe und nicht anhängen kann.

Nachdem ich nun drei Tage stümperhaft agiert habe und immer noch Plus-HD-7.7, Hosts, PUPS, PriceGong, Systweak, Crossrider, infizierte Registrierungsschlüssel und Speicherprozesse annehme, würde ich gerne Euch Profis helfend "ranlassen".

Dafür vielen Dank im Voraus.
Angehängte Dateien
Dateityp: log Defrogger.log (240 Bytes, 113x aufgerufen)
Dateityp: log FRST.log (47,3 KB, 125x aufgerufen)
Dateityp: log FRST-Additional.log (27,4 KB, 114x aufgerufen)

Alt 16.02.2014, 16:00   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Windows7/64 von div. Schädlingen infiziert - Standard

Windows7/64 von div. Schädlingen infiziert



Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.


So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 16.02.2014, 16:47   #3
uncle_tom
 
Windows7/64 von div. Schädlingen infiziert - Standard

Windows7/64 von div. Schädlingen infiziert



Hallo Schrauber.

Lieben Dank für den Hinweis (Diesen hatte ich vor ein paar Minuten auch gesehen, wollte aber - weil zuvor "0" - nicht korrigierend auf mich selbst antworten.) Und natürlich dafür, dass Du Dich meines Probs annimmst.

Tom

Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 09:47 on 16/02/2014 (Uncle Tom)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...

-=E.O.F=-
         


Code:
ATTFilter
FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-02-2014 01
Ran by Uncle Tom (administrator) on WIN7 on 16-02-2014 09:53:59
Running from C:\Users\Uncle Tom\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Hauppauge Computer Works) C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe
(TomTom) C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe
(Hauppauge Computer Works, Inc.) C:\Program Files (x86)\WinTV\WinTV7\WinTVTray.exe
() c:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
() C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe
() C:\Program Files (x86)\Hardcopy\hcdll2_ex_x64.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Hauppauge Computer Works) C:\Program Files (x86)\WinTV\TVServer\CaptureGenPCI.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpWareSE4.exe
(Advanced Micro Devices Inc.) c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Nokia) C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Hauppauge Computer Works) C:\Program Files (x86)\WinTV\TVServer\CaptureGenPCI.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11780712 2011-02-24] (Realtek Semiconductor)
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2779024 2011-03-14] (CANON INC.)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-05] (Intel Corporation)
HKLM-x32\...\Run: [JMB36X IDE Setup] - C:\Windows\RaidTool\xInsIDE.exe [43608 2010-09-07] ()
HKLM-x32\...\Run: [RemoteControl9] - c:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2009-07-06] (CyberLink Corp.)
HKLM-x32\...\Run: [StartCCC] - c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-01-26] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [SSBkgdUpdate] - C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [OpwareSE4] - C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpwareSE4.exe [79400 2007-02-04] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [TrayServer] - C:\Program Files (x86)\MAGIX\Video_deluxe_17\Trayserver.exe [90112 2008-08-07] (MAGIX AG)
HKLM-x32\...\Run: [NokiaMServer] - C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CanonSolutionMenuEx] - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1612920 2011-08-04] (CANON INC.)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096 2014-02-03] (AVAST Software)
HKU\S-1-5-21-2141699705-2544702080-716539424-1001\...\Run: [Reminder] - C:\Program Files (x86)\Microsoft Money\System\reminder.exe [37376 1999-03-14] (Microsoft Corporation)
HKU\S-1-5-21-2141699705-2544702080-716539424-1001\...\Run: [TomTomHOME.exe] - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [247728 2011-04-22] (TomTom)
HKU\S-1-5-21-2141699705-2544702080-716539424-1001\...\Run: [NokiaSuite.exe] - C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1083264 2012-02-01] (Nokia)
HKU\S-1-5-21-2141699705-2544702080-716539424-1001\...\Run: [] - [X]
HKU\S-1-5-21-2141699705-2544702080-716539424-1001\...\Run: [MyTomTomSA.exe] - C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe [451656 2013-01-07] (TomTom)
HKU\S-1-5-21-2141699705-2544702080-716539424-1001\...\MountPoints2: {d0cf2e41-a3f0-11e0-9c41-404e57434401} - H:\Launcher.exe
HKU\S-1-5-21-2141699705-2544702080-716539424-1001\...\MountPoints2: {d0cf2e46-a3f0-11e0-9c41-404e57434401} - H:\Launcher.exe
HKU\S-1-5-21-2141699705-2544702080-716539424-1001\...\MountPoints2: {dd5eb955-6da9-11e0-8383-806e6f6e6963} - U:\Setup.exe
Startup: C:\Users\Uncle Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Hardcopy.LNK
ShortcutTarget: Hardcopy.LNK -> C:\Program Files (x86)\Hardcopy\hardcopy.exe (sw4you, Siegfried Weckmann)
Startup: C:\Users\Uncle Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ISDN-Moni.lnk
ShortcutTarget: ISDN-Moni.lnk -> D:\TELEFON.DAT\ISDN-Moni\isdnmo32.exe (Heuer Software)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://nmd.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://nmd.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {A19A00DB-9BC7-4210-95E0-E46E01625249} URL = 
SearchScopes: HKCU - {D3DFE717-08DC-4890-84EB-F6527EFFC96F} URL = hxxp://www.google.de/search?q={searchTerms}
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} -  No File
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\..\Interfaces\{16C2F975-64D5-41C6-B9B8-190FC573F55B}: [NameServer]8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1

FireFox:
========
FF ProfilePath: C:\Users\Uncle Tom\AppData\Roaming\Mozilla\Firefox\Profiles\inaikfzc.default
FF Homepage: https://ixquick.com/deu/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Uncle Tom\AppData\Roaming\Mozilla\Firefox\Profiles\inaikfzc.default\searchplugins\ixquick-https---deutsch.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Click&Clean - C:\Users\Uncle Tom\AppData\Roaming\Mozilla\Firefox\Profiles\inaikfzc.default\Extensions\clickclean@hotcleaner.com [2013-03-29]
FF Extension: Print pages to PDF - C:\Users\Uncle Tom\AppData\Roaming\Mozilla\Firefox\Profiles\inaikfzc.default\Extensions\printPages2Pdf@reinhold.ripper [2013-12-18]
FF Extension: YouTube Unblocker - C:\Users\Uncle Tom\AppData\Roaming\Mozilla\Firefox\Profiles\inaikfzc.default\Extensions\youtubeunblocker@unblocker.yt [2014-01-16]
FF Extension: Textarea Cache - C:\Users\Uncle Tom\AppData\Roaming\Mozilla\Firefox\Profiles\inaikfzc.default\Extensions\{578e7caa-210f-4967-a0d3-88fe5b59a39f} [2013-09-08]
FF Extension: WOT - C:\Users\Uncle Tom\AppData\Roaming\Mozilla\Firefox\Profiles\inaikfzc.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-11-26]
FF Extension: DownloadHelper - C:\Users\Uncle Tom\AppData\Roaming\Mozilla\Firefox\Profiles\inaikfzc.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2013-08-28]
FF Extension: CSHelper - C:\Users\Uncle Tom\AppData\Roaming\Mozilla\Firefox\Profiles\inaikfzc.default\Extensions\{d91a2be6-3b56-4dfb-97f5-5e48fe3ed473} [2013-11-08]
FF Extension: Snip-Me - C:\Users\Uncle Tom\AppData\Roaming\Mozilla\Firefox\Profiles\inaikfzc.default\Extensions\addon@snip-me.de.xpi [2011-08-27]
FF Extension: Advertising Cookie Opt-out - C:\Users\Uncle Tom\AppData\Roaming\Mozilla\Firefox\Profiles\inaikfzc.default\Extensions\optout@google.com.xpi [2011-12-05]
FF Extension: Private Tab - C:\Users\Uncle Tom\AppData\Roaming\Mozilla\Firefox\Profiles\inaikfzc.default\Extensions\privateTab@infocatcher.xpi [2013-04-21]
FF Extension: TinEye Reverse Image Search - C:\Users\Uncle Tom\AppData\Roaming\Mozilla\Firefox\Profiles\inaikfzc.default\Extensions\tineye@ideeinc.com.xpi [2011-09-22]
FF Extension: YouTube to MP3 - C:\Users\Uncle Tom\AppData\Roaming\Mozilla\Firefox\Profiles\inaikfzc.default\Extensions\youtube2mp3@mondayx.de.xpi [2011-08-31]
FF Extension: Video HTML5 Wizard Light - C:\Users\Uncle Tom\AppData\Roaming\Mozilla\Firefox\Profiles\inaikfzc.default\Extensions\{005baaff-6783-4939-84d3-9056ec161612}.xpi [2013-11-05]
FF Extension: {04ad514b-2d83-4786-a1bf-e004c09da910} - C:\Users\Uncle Tom\AppData\Roaming\Mozilla\Firefox\Profiles\inaikfzc.default\Extensions\{04ad514b-2d83-4786-a1bf-e004c09da910}.xpi [2013-10-30]
FF Extension: Session Manager - C:\Users\Uncle Tom\AppData\Roaming\Mozilla\Firefox\Profiles\inaikfzc.default\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2013-12-18]
FF Extension: Text Link - C:\Users\Uncle Tom\AppData\Roaming\Mozilla\Firefox\Profiles\inaikfzc.default\Extensions\{54BB9F3F-07E5-486c-9B39-C7398B99391C}.xpi [2012-04-05]
FF Extension: Google Analytics Opt-out Browser Add-on - C:\Users\Uncle Tom\AppData\Roaming\Mozilla\Firefox\Profiles\inaikfzc.default\Extensions\{6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65}.xpi [2012-12-25]
FF Extension: NoScript - C:\Users\Uncle Tom\AppData\Roaming\Mozilla\Firefox\Profiles\inaikfzc.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-02-15]
FF Extension: Adblock Plus - C:\Users\Uncle Tom\AppData\Roaming\Mozilla\Firefox\Profiles\inaikfzc.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-02-15]
FF Extension: BetterPrivacy - C:\Users\Uncle Tom\AppData\Roaming\Mozilla\Firefox\Profiles\inaikfzc.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2011-11-08]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-02-15]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-02-15]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2014-02-15]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-04-24]
FF HKLM-x32\...\Firefox\Extensions: [gethighlightly@gethighlightly.com] - C:\Program Files (x86)\Mozilla Firefox\extensions\gethighlightly@gethighlightly.com
FF HKLM-x32\...\Thunderbird\Extensions: [te_9.0@nokia.com] - C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_9.0
FF Extension: Thunderbird Address Book Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_9.0 [2012-05-11]

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-02-03] (AVAST Software)
R2 HauppaugeTVServer; C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe [559104 2011-02-08] (Hauppauge Computer Works)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
R2 RichVideo; c:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [271760 2009-04-27] ()

==================== Drivers (Whitelisted) ====================

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-02-03] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-10-22] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-10-22] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1038072 2014-02-03] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [421704 2014-02-03] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [80184 2014-02-03] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2013-12-26] ()
R3 AVMCOWAN; C:\Windows\System32\DRIVERS\AVMCOWAN.sys [79872 2009-06-10] (AVM GmbH)
S3 cmusbser; C:\Windows\System32\DRIVERS\cmusbser.sys [112768 2007-06-08] (C-motech Co.,Ltd)
R3 FPCIBASE; C:\Windows\System32\DRIVERS\fpcibase.sys [899328 2009-06-10] (AVM Berlin)
R3 hcw89; C:\Windows\System32\DRIVERS\hcw89.sys [1634176 2010-06-11] (Hauppauge Computer Works, Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 cpuz135; \??\C:\Users\ADMINI~1\AppData\Local\Temp\cpuz135\cpuz135_x64.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-16 09:47 - 2014-02-16 09:47 - 00000000 _____ () C:\Users\Uncle Tom\defogger_reenable
2014-02-16 09:05 - 2014-02-16 09:05 - 00050477 _____ () C:\Users\Uncle Tom\Desktop\Defogger.exe
2014-02-16 08:46 - 2014-02-16 08:47 - 00000258 _____ () C:\Users\Uncle Tom\Desktop\Search.txt
2014-02-16 07:41 - 2014-02-16 09:53 - 00019602 _____ () C:\Users\Uncle Tom\Desktop\FRST.txt
2014-02-16 07:41 - 2014-02-16 07:42 - 00028123 _____ () C:\Users\Uncle Tom\Desktop\Addition.txt
2014-02-16 07:40 - 2014-02-16 09:53 - 00000000 ____D () C:\FRST
2014-02-15 16:44 - 2014-02-15 16:44 - 00000590 _____ () C:\Windows\PFRO.log
2014-02-15 16:35 - 2014-02-16 07:27 - 00000168 _____ () C:\Windows\setupact.log
2014-02-15 16:35 - 2014-02-15 16:35 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-15 16:11 - 2014-02-15 16:11 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-02-15 16:11 - 2014-02-15 16:11 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-02-15 16:11 - 2014-02-15 16:11 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-02-15 16:11 - 2014-02-15 16:11 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-02-15 16:10 - 2014-02-15 16:10 - 00000000 ____D () C:\Program Files\Java
2014-02-15 15:38 - 2014-02-15 15:38 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-02-15 15:38 - 2014-02-15 15:38 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-15 13:54 - 2014-02-15 13:54 - 00003225 _____ () C:\Users\Uncle Tom\Desktop\Sophos Virus Removal Tool.lnk
2014-02-15 13:54 - 2014-02-15 13:54 - 00000000 ____D () C:\Users\Uncle Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sophos
2014-02-15 13:54 - 2014-02-15 13:54 - 00000000 ____D () C:\ProgramData\Sophos
2014-02-15 13:54 - 2014-02-15 13:54 - 00000000 ____D () C:\Program Files (x86)\Sophos
2014-02-15 12:30 - 2014-02-15 12:49 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-02-15 12:29 - 2014-02-15 12:49 - 00000000 ____D () C:\Users\Uncle Tom\Desktop\mbar
2014-02-15 12:29 - 2014-02-15 12:29 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-02-15 12:28 - 2014-02-15 12:28 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Uncle Tom\Desktop\mbar-1.07.0.1009.exe
2014-02-15 11:38 - 2014-02-15 11:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-15 11:35 - 2014-02-15 11:35 - 00000000 ____D () C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs
2014-02-15 00:42 - 2014-02-15 00:42 - 00000000 ____D () C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
2014-02-15 00:00 - 2014-02-15 00:00 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-02-15 00:00 - 2014-02-15 00:00 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-02-14 22:44 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-14 22:44 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-14 22:44 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-14 22:44 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-14 22:44 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-14 22:44 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-14 22:44 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-14 22:44 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-14 22:44 - 2014-02-06 11:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-14 22:44 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-14 22:44 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-14 22:44 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-14 22:44 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-14 22:44 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-14 22:44 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-14 22:44 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-14 22:44 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-14 22:44 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-14 22:44 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-14 22:44 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-14 22:44 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-14 22:44 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-14 22:44 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-14 22:44 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-14 22:44 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-14 22:44 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-14 22:44 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-14 22:44 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-14 22:44 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-14 22:44 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-14 22:44 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-14 22:44 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-14 22:44 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-14 22:44 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-14 22:44 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-14 22:44 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-14 22:44 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-14 22:44 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-14 22:44 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-14 22:44 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-14 22:44 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-14 22:03 - 2014-02-14 22:03 - 00001109 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-02-14 22:03 - 2014-02-14 22:03 - 00000000 ____D () C:\Users\Uncle Tom\AppData\Roaming\Malwarebytes
2014-02-14 22:03 - 2014-02-14 22:03 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-14 22:03 - 2014-02-14 22:03 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-14 22:03 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-02-14 22:00 - 2014-02-15 00:00 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-02-14 16:41 - 2014-02-15 12:50 - 00004558 _____ () C:\Users\Uncle Tom\Desktop\Rkill.txt
2014-02-14 15:56 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-14 15:56 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-14 15:56 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-14 15:56 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-14 15:56 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-14 15:56 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-14 15:56 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-14 15:56 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-14 15:56 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-14 15:56 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-14 15:56 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-14 15:56 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-14 15:56 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-14 15:56 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-14 15:56 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-14 15:56 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-14 15:56 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-14 15:56 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-14 15:56 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-14 15:56 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-14 15:56 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-14 15:56 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-14 15:56 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-14 15:56 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-14 15:56 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-14 15:56 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-14 15:56 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-14 15:56 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-14 15:44 - 2014-02-14 15:44 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Uncle Tom\Desktop\rkill.com
2014-02-14 15:42 - 2014-02-14 15:42 - 02152960 _____ (Farbar) C:\Users\Uncle Tom\Desktop\FRST64.exe
2014-02-12 21:22 - 2014-02-12 21:22 - 00004546 _____ () C:\Windows\System32\Tasks\Plus-HD-7.7-updater
2014-02-12 21:22 - 2014-02-12 21:22 - 00004502 _____ () C:\Windows\System32\Tasks\Plus-HD-7.7-codedownloader
2014-02-12 21:22 - 2014-02-12 21:22 - 00004400 _____ () C:\Windows\System32\Tasks\Plus-HD-7.7-enabler
2014-02-12 21:22 - 2014-02-12 21:22 - 00003132 _____ () C:\Windows\System32\Tasks\System Speedup
2014-02-12 21:22 - 2014-02-12 21:22 - 00003042 _____ () C:\Windows\System32\Tasks\System Speedup_UPDATES
2014-02-12 21:22 - 2014-02-12 21:22 - 00002886 _____ () C:\Windows\System32\Tasks\System Speedup_DEFAULT
2014-02-12 21:21 - 2014-02-12 21:21 - 00005430 _____ () C:\Windows\System32\Tasks\Plus-HD-7.7-validator
2014-02-12 21:20 - 2014-02-14 23:46 - 00000000 ____D () C:\Program Files\Level Quality Watcher
2014-02-12 21:20 - 2014-02-12 22:17 - 00000000 ____D () C:\Program Files\SavingsbullFilter
2014-02-11 19:27 - 2014-02-12 19:24 - 00009129 _____ () C:\Users\Uncle Tom\AppData\Local\QC_140210.log
2014-02-09 21:56 - 2014-02-15 23:36 - 00000000 ____D () C:\Users\Uncle Tom\AppData\Roaming\RssPopper
2014-02-09 21:56 - 2014-02-09 21:56 - 00000000 ____D () C:\Program Files (x86)\RSS Popper
2014-02-08 13:40 - 2014-02-08 13:40 - 00000000 ____D () C:\Users\Uncle Tom\AppData\Local\Woozle
2014-02-08 13:10 - 2014-02-08 13:10 - 00000958 _____ () C:\Users\Uncle Tom\Desktop\XanaNews.lnk
2014-02-08 13:10 - 2014-02-08 13:10 - 00000000 ____D () C:\Program Files (x86)\XanaNews
2014-01-27 20:33 - 2014-02-07 16:33 - 00024464 _____ () C:\Users\Uncle Tom\AppData\Local\QC_140124.log
2014-01-20 17:05 - 2014-01-20 17:05 - 00005298 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log

==================== One Month Modified Files and Folders =======

2014-02-16 09:54 - 2014-02-16 07:41 - 00019602 _____ () C:\Users\Uncle Tom\Desktop\FRST.txt
2014-02-16 09:53 - 2014-02-16 07:40 - 00000000 ____D () C:\FRST
2014-02-16 09:47 - 2014-02-16 09:47 - 00000000 _____ () C:\Users\Uncle Tom\defogger_reenable
2014-02-16 09:47 - 2011-04-23 13:11 - 00000000 ____D () C:\Users\Uncle Tom
2014-02-16 09:24 - 2012-04-02 15:17 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-16 09:05 - 2014-02-16 09:05 - 00050477 _____ () C:\Users\Uncle Tom\Desktop\Defogger.exe
2014-02-16 08:47 - 2014-02-16 08:46 - 00000258 _____ () C:\Users\Uncle Tom\Desktop\Search.txt
2014-02-16 07:42 - 2014-02-16 07:41 - 00028123 _____ () C:\Users\Uncle Tom\Desktop\Addition.txt
2014-02-16 07:39 - 2011-04-23 14:09 - 01258183 _____ () C:\Windows\WindowsUpdate.log
2014-02-16 07:34 - 2009-07-14 05:45 - 00016768 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-16 07:34 - 2009-07-14 05:45 - 00016768 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-16 07:31 - 2011-02-23 13:59 - 00708640 _____ () C:\Windows\system32\perfh007.dat
2014-02-16 07:31 - 2011-02-23 13:59 - 00157972 _____ () C:\Windows\system32\perfc007.dat
2014-02-16 07:31 - 2009-07-14 06:13 - 01674134 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-16 07:27 - 2014-02-15 16:35 - 00000168 _____ () C:\Windows\setupact.log
2014-02-16 07:27 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-15 23:36 - 2014-02-09 21:56 - 00000000 ____D () C:\Users\Uncle Tom\AppData\Roaming\RssPopper
2014-02-15 17:31 - 2013-10-19 12:16 - 00022374 _____ () C:\Users\Uncle Tom\AppData\Local\Layout.xml
2014-02-15 17:31 - 2013-10-19 12:16 - 00022012 _____ () C:\Users\Uncle Tom\AppData\Local\LayoutPanels.xml
2014-02-15 17:31 - 2013-10-19 12:16 - 00012573 _____ () C:\Users\Uncle Tom\AppData\Local\Layout_Card.xml
2014-02-15 17:31 - 2013-10-19 11:10 - 06291456 _____ () C:\Users\Uncle Tom\AppData\Local\QC.mdf
2014-02-15 17:31 - 2013-10-19 11:10 - 01572864 _____ () C:\Users\Uncle Tom\AppData\Local\QC_log.ldf
2014-02-15 17:31 - 2013-10-19 11:10 - 00004378 _____ () C:\Users\Uncle Tom\AppData\Local\QC.ini
2014-02-15 17:31 - 2013-10-19 11:09 - 00012006 _____ () C:\Users\Uncle Tom\AppData\Local\QC.log
2014-02-15 17:30 - 2013-10-19 11:10 - 00021988 _____ () C:\Users\Uncle Tom\AppData\Local\LayoutPanels_Default.xml
2014-02-15 17:30 - 2013-10-19 11:06 - 00000000 ____D () C:\Users\Uncle Tom\AppData\Local\Deployment
2014-02-15 16:44 - 2014-02-15 16:44 - 00000590 _____ () C:\Windows\PFRO.log
2014-02-15 16:35 - 2014-02-15 16:35 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-15 16:34 - 2009-07-14 06:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-15 16:11 - 2014-02-15 16:11 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-02-15 16:11 - 2014-02-15 16:11 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-02-15 16:11 - 2014-02-15 16:11 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-02-15 16:11 - 2014-02-15 16:11 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-02-15 16:10 - 2014-02-15 16:10 - 00000000 ____D () C:\Program Files\Java
2014-02-15 15:38 - 2014-02-15 15:38 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-02-15 15:38 - 2014-02-15 15:38 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-15 13:54 - 2014-02-15 13:54 - 00003225 _____ () C:\Users\Uncle Tom\Desktop\Sophos Virus Removal Tool.lnk
2014-02-15 13:54 - 2014-02-15 13:54 - 00000000 ____D () C:\Users\Uncle Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sophos
2014-02-15 13:54 - 2014-02-15 13:54 - 00000000 ____D () C:\ProgramData\Sophos
2014-02-15 13:54 - 2014-02-15 13:54 - 00000000 ____D () C:\Program Files (x86)\Sophos
2014-02-15 13:18 - 2012-05-06 14:15 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-15 12:50 - 2014-02-14 16:41 - 00004558 _____ () C:\Users\Uncle Tom\Desktop\Rkill.txt
2014-02-15 12:49 - 2014-02-15 12:30 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-02-15 12:49 - 2014-02-15 12:29 - 00000000 ____D () C:\Users\Uncle Tom\Desktop\mbar
2014-02-15 12:43 - 2011-05-02 16:00 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-02-15 12:43 - 2011-05-02 16:00 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy
2014-02-15 12:29 - 2014-02-15 12:29 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-02-15 12:28 - 2014-02-15 12:28 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Uncle Tom\Desktop\mbar-1.07.0.1009.exe
2014-02-15 11:50 - 2013-12-18 10:59 - 00000000 ____D () C:\AdwCleaner
2014-02-15 11:38 - 2014-02-15 11:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-15 11:35 - 2014-02-15 11:35 - 00000000 ____D () C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs
2014-02-15 08:36 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-02-15 06:57 - 2011-04-24 09:28 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-02-15 06:52 - 2012-07-07 12:34 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-02-15 00:44 - 2009-07-14 03:34 - 00000499 _____ () C:\Windows\win.ini
2014-02-15 00:42 - 2014-02-15 00:42 - 00000000 ____D () C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
2014-02-15 00:00 - 2014-02-15 00:00 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-02-15 00:00 - 2014-02-15 00:00 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-02-15 00:00 - 2014-02-14 22:00 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-02-14 23:46 - 2014-02-12 21:20 - 00000000 ____D () C:\Program Files\Level Quality Watcher
2014-02-14 22:52 - 2013-08-15 16:18 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-14 22:48 - 2011-04-30 15:51 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-14 22:45 - 2011-06-19 07:56 - 01639042 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-14 22:03 - 2014-02-14 22:03 - 00001109 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-02-14 22:03 - 2014-02-14 22:03 - 00000000 ____D () C:\Users\Uncle Tom\AppData\Roaming\Malwarebytes
2014-02-14 22:03 - 2014-02-14 22:03 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-14 22:03 - 2014-02-14 22:03 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-14 15:44 - 2014-02-14 15:44 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Uncle Tom\Desktop\rkill.com
2014-02-14 15:42 - 2014-02-14 15:42 - 02152960 _____ (Farbar) C:\Users\Uncle Tom\Desktop\FRST64.exe
2014-02-13 20:42 - 2011-05-02 13:44 - 00000000 ____D () C:\Users\Uncle Tom\AppData\Roaming\IrfanView
2014-02-12 22:57 - 2011-07-31 10:35 - 00000000 ____D () C:\Users\Uncle Tom\AppData\Roaming\vlc
2014-02-12 22:17 - 2014-02-12 21:20 - 00000000 ____D () C:\Program Files\SavingsbullFilter
2014-02-12 21:22 - 2014-02-12 21:22 - 00004546 _____ () C:\Windows\System32\Tasks\Plus-HD-7.7-updater
2014-02-12 21:22 - 2014-02-12 21:22 - 00004502 _____ () C:\Windows\System32\Tasks\Plus-HD-7.7-codedownloader
2014-02-12 21:22 - 2014-02-12 21:22 - 00004400 _____ () C:\Windows\System32\Tasks\Plus-HD-7.7-enabler
2014-02-12 21:22 - 2014-02-12 21:22 - 00003132 _____ () C:\Windows\System32\Tasks\System Speedup
2014-02-12 21:22 - 2014-02-12 21:22 - 00003042 _____ () C:\Windows\System32\Tasks\System Speedup_UPDATES
2014-02-12 21:22 - 2014-02-12 21:22 - 00002886 _____ () C:\Windows\System32\Tasks\System Speedup_DEFAULT
2014-02-12 21:21 - 2014-02-12 21:21 - 00005430 _____ () C:\Windows\System32\Tasks\Plus-HD-7.7-validator
2014-02-12 19:24 - 2014-02-11 19:27 - 00009129 _____ () C:\Users\Uncle Tom\AppData\Local\QC_140210.log
2014-02-09 21:56 - 2014-02-09 21:56 - 00000000 ____D () C:\Program Files (x86)\RSS Popper
2014-02-08 13:40 - 2014-02-08 13:40 - 00000000 ____D () C:\Users\Uncle Tom\AppData\Local\Woozle
2014-02-08 13:10 - 2014-02-08 13:10 - 00000958 _____ () C:\Users\Uncle Tom\Desktop\XanaNews.lnk
2014-02-08 13:10 - 2014-02-08 13:10 - 00000000 ____D () C:\Program Files (x86)\XanaNews
2014-02-07 17:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Help
2014-02-07 16:33 - 2014-01-27 20:33 - 00024464 _____ () C:\Users\Uncle Tom\AppData\Local\QC_140124.log
2014-02-06 13:16 - 2014-02-14 22:44 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 12:30 - 2014-02-14 22:44 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 12:30 - 2014-02-14 22:44 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 12:12 - 2014-02-14 22:44 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 12:07 - 2014-02-14 22:44 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 12:06 - 2014-02-14 22:44 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 11:57 - 2014-02-14 22:44 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 11:56 - 2014-02-14 22:44 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 11:52 - 2014-02-14 22:44 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 11:49 - 2014-02-14 22:44 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 11:48 - 2014-02-14 22:44 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 11:48 - 2014-02-14 22:44 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 11:38 - 2014-02-14 22:44 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-06 11:32 - 2014-02-14 22:44 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 11:20 - 2014-02-14 22:44 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-06 11:17 - 2014-02-14 22:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 11:11 - 2014-02-14 22:44 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 11:01 - 2014-02-14 22:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-06 11:00 - 2014-02-14 22:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-14 22:44 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-06 10:57 - 2014-02-14 22:44 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 10:52 - 2014-02-14 22:44 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-06 10:52 - 2014-02-14 22:44 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-06 10:50 - 2014-02-14 22:44 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 10:49 - 2014-02-14 22:44 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-06 10:47 - 2014-02-14 22:44 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-06 10:46 - 2014-02-14 22:44 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-06 10:25 - 2014-02-14 22:44 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-06 10:25 - 2014-02-14 22:44 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-06 10:24 - 2014-02-14 22:44 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 10:22 - 2014-02-14 22:44 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 10:13 - 2014-02-14 22:44 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-06 10:09 - 2014-02-14 22:44 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-06 10:03 - 2014-02-14 22:44 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-06 09:55 - 2014-02-14 22:44 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 09:41 - 2014-02-14 22:44 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-06 09:40 - 2014-02-14 22:44 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-06 09:36 - 2014-02-14 22:44 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-06 09:34 - 2014-02-14 22:44 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-05 08:24 - 2012-04-02 15:17 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-05 08:24 - 2012-04-02 15:17 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-05 08:24 - 2011-05-17 16:39 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-03 20:13 - 2013-12-26 17:39 - 00080184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-02-03 20:13 - 2011-04-24 17:50 - 01038072 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-02-03 20:13 - 2011-04-24 17:50 - 00421704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-02-03 20:13 - 2011-04-24 17:50 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-02-03 20:13 - 2011-04-24 17:50 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-02-03 20:13 - 2011-04-24 17:50 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-01-23 20:57 - 2014-01-08 19:23 - 00031779 _____ () C:\Users\Uncle Tom\AppData\Local\QC_140108.log
2014-01-20 19:12 - 2013-09-29 10:36 - 00000000 ____D () C:\ProgramData\Oracle
2014-01-20 17:05 - 2014-01-20 17:05 - 00005298 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-20 17:05 - 2013-10-19 04:05 - 00000000 ____D () C:\Program Files (x86)\Java
2014-01-19 08:33 - 2010-11-21 04:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

Files to move or delete:
====================
C:\Users\Uncle Tom\AppData\Roaming\Camdata.ini
C:\Users\Uncle Tom\AppData\Roaming\CamLayout.ini
C:\Users\Uncle Tom\AppData\Roaming\CamShapes.ini
C:\ProgramData\mbsetup.exe
C:\ProgramData\micromeet.dat


Some content of TEMP:
====================
C:\Users\Uncle Tom\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\Uncle Tom\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-08 03:28

==================== End Of Log ============================
         
--- --- --- --- --- ---
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-02-2014 01
Ran by Uncle Tom at 2014-02-16 07:41:44
Running from C:\Users\Uncle Tom\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

7-Zip 9.20 (x64 edition) (Version: 9.20.00.0 - Igor Pavlov)
AC3Filter 2.6.0b (x32 Version: 2.6.0b - Alexander Vigovsky)
Adobe Flash Player 12 ActiveX (x32 Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) - Deutsch (x32 Version: 10.1.9 - Adobe Systems Incorporated)
AllSync (x32 Version: 3.5.0 - Michael Thummerer Software Design)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - ATI Technologies Inc.) Hidden
ATI Catalyst Install Manager (Version: 3.0.812.0 - ATI Technologies, Inc.)
Auslogics Disk Defrag (x32 Version: version 3.4 - Auslogics Software Pty Ltd)
avast! Free Antivirus (x32 Version: 9.0.2013 - Avast Software)
AVM FRITZ!fax für FRITZ!Box (x32 Version:  - AVM Berlin)
Canon MG5300 series Benutzerregistrierung (x32 Version:  - )
Canon MG5300 series MP Drivers (Version:  - )
Canon MG5300 series On-screen Manual (x32 Version:  - )
Canon MP Navigator EX 5.0 (x32 Version:  - )
Canon My Printer (x32 Version:  - )
Canon Solution Menu EX (x32 Version:  - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2011.0126.1749.31909 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2011.0126.1749.31909 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2011.0126.1749.31909 - ATI) Hidden
CCC Help English (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help French (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help German (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Greek (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Italian (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Polish (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
CCC Help Spanish (x32 Version: 2011.0126.1748.31909 - ATI) Hidden
ccc-core-static (x32 Version: 2011.0126.1749.31909 - Ihr Firmenname) Hidden
ccc-utility64 (Version: 2011.0126.1749.31909 - ATI) Hidden
CCleaner (Version: 4.10 - Piriform)
CompanionLink (x32 Version: 5.00.5050 - Ihr Firmenname)
Component Checker (Version: 2.0.0 - Microsoft)
CyberLink PowerDVD 9 (x32 Version: 9.0.4105.01 - CyberLink Corp.)
CyberLink PowerDVD 9 (x32 Version: 9.0.4105.01 - CyberLink Corp.) Hidden
DDBAC (x32 Version: 5.3.21 - DataDesign)
Defraggler (Version: 2.16 - Piriform)
DVBViewer Pro (x32 Version: 5.2.8 - CM&V)
Firebird SQL Server - MAGIX Edition (x32 Version: 2.1.27.0 - MAGIX AG)
Hardcopy (C:\Program Files (x86)\Hardcopy) (x32 Version: 2011.04.09 - www.hardcopy.de)
Hauppauge WinTV 7 (x32 Version: v7.0.29048 (CD 2.3b) - Hauppauge Computer Works)
HBCI-Modul für Money 99 Version 2000 (x32 Version: 4.1.0.81 - Dr. Ulrich Amann)
Intel(R) Rapid Storage Technology (x32 Version: 10.1.0.1008 - Intel Corporation)
Java 7 Update 51 (64-bit) (Version: 7.0.510 - Oracle)
Java 7 Update 51 (x32 Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JMicron JMB36X Driver (x32 Version: 1.17.62.0 - JMicron Technology Corp.)
Kill-ID 1.2.4.0 für Chrome (x32 Version: 1.2.5.0 - Alexander Miehlke Softwareentwicklung)
LAV Filters 0.55.3 (x32 Version: 0.55.3 - Hendrik Leppkes)
MAGIX Screenshare (x32 Version: 4.3.6.1987 - MAGIX AG)
MAGIX Speed burnR (MSI) (x32 Version: 7.0.2.6 - MAGIX AG)
MAGIX Video deluxe 17 (x32 Version: 10.0.2.8 - MAGIX AG)
MAGIX Video deluxe 17 (x32 Version: 10.0.2.8 - MAGIX AG) Hidden
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
marvell 91xx driver (x32 Version: 1.0.0.1051 - Marvell)
Microsoft .NET Framework 1.1 (x32 Version:  - )
Microsoft .NET Framework 1.1 (x32 Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 1.1 German Language Pack (x32 Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.5 DEU Language Pack (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 DEU Language Pack (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Money 99 (x32 Version:  - )
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (x32 Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Security Client (Version: 4.4.0304.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (Version: 4.4.304.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (Version: 10.0.30319 - Microsoft Corporation)
Microsoft_VC100_CRT_SP1_x64 (Version: 10.0.40219.1 - Nokia) Hidden
Microsoft_VC100_CRT_SP1_x86 (x32 Version: 10.0.40219.1 - Nokia) Hidden
Money-Browser für Money 99 Version 2000 3.0.1.36 (x32 Version: 3.0.1.36 - Dr. Ulrich Amann)
Mozilla Firefox 27.0.1 (x86 de) (x32 Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (x32 Version: 27.0.1 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
MyPhoneExplorer (x32 Version: 1.8.4 - F.J. Wechselberger)
MyTomTom 3.2.0.906 (x32 Version: 3.2.0.906 - TomTom)
No23 Recorder (x32 Version: 2.1.0.3 - No23)
Nokia Connectivity Cable Driver (x32 Version: 7.1.69.0 - Nokia)
Nokia Ovi Player (x32 Version: 2.1.10304 - Nokia Ovi Player)
Nokia PC Suite (x32 Version: 7.1.62.1 - Nokia)
Nokia PC Suite (x32 Version: 7.1.62.1 - Nokia) Hidden
Nokia Suite (x32 Version: 3.3.89.0 - Nokia)
Nokia Suite (x32 Version: 3.3.89.0 - Nokia) Hidden
Nokia_Multimedia_Common_Components_2_5 (x32 Version: 2.6.86 - Nokia)
Omron Health Management Software (x32 Version: 1.60.0004 - Omron Healthcare)
PC Connectivity Solution (x32 Version: 11.5.29.0 - Nokia)
PlayReady PC Runtime amd64 (Version: 1.3.0 - Microsoft Corporation)
QuoteCompiler (HKCU Version: 2.0.0.4 - finanzkasper.de)
Realtek Ethernet Controller Driver For Windows 7 (x32 Version: 7.21.531.2010 - Realtek)
Realtek HDMI Audio Driver for ATI (x32 Version: 6.0.1.6251 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6316 - Realtek Semiconductor Corp.)
Recuva (Version: 1.42 - Piriform)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.26.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.26.0 - Renesas Electronics Corporation) Hidden
RSS Popper (x32 Version:  - )
ScanSoft OmniPage SE 4 (x32 Version: 15.2.0020 - Nuance Communications, Inc.)
Scribble Papers 2.6.1 (x32 Version:  - Jens Hoetger)
Sophos Virus Removal Tool (x32 Version: 2.4 - Sophos Limited)
SpyHunter (Version: 4.16.5.4290 - Enigma Software Group USA, LLC)
The Lord of the Rings FREE Trial  (x32 Version: 1.00.0000 - ATI Technologies Inc.) Hidden
TomTom HOME 2.8.2.2264 (x32 Version: 2.8.2.2264 - TomTom)
TomTom HOME Visual Studio Merge Modules (x32 Version: 1.0.2 - TomTom International B.V.)
Visual Studio C++ 10.0 Runtime (x32 Version: 10.0.0 - TomTom International B.V.)
VLC media player 2.1.3 (Version: 2.1.3 - VideoLAN)
WatchTVPro Ex Version 5.14 (x32 Version: 5.14 - Michael Hepp)
Windows-Treiberpaket - Nokia Modem  (02/25/2011 4.7) (Version: 02/25/2011 4.7 - Nokia)
Windows-Treiberpaket - Nokia Modem  (02/25/2011 7.01.0.9) (Version: 02/25/2011 7.01.0.9 - Nokia)
Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0) (Version: 08/22/2008 7.0.0.0 - Nokia)
XanaNews 1.18.1.6 (x32 Version:  - Colin Wilson)
Yahoo! Detect (x32 Version:  - )
Yahoo! Messenger (x32 Version:  - Yahoo! Inc.)
Yahoo! Software Update (x32 Version:  - )

==================== Restore Points  =========================


==================== Hosts content: ==========================

2009-07-14 03:34 - 2014-02-15 13:04 - 00562281 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 08sr.combineads.info # hosts anti-adware / pups
127.0.0.1 08srvr.combineads.info # hosts anti-adware / pups
127.0.0.1 12srvr.combineads.info # hosts anti-adware / pups
127.0.0.1 2010-fr.com # hosts anti-adware / pups
127.0.0.1 2012-new.biz # hosts anti-adware / pups
127.0.0.1 212link.com # hosts anti-adware / pups
127.0.0.1 2319825.ourtoolbar.com # hosts anti-adware / pups
127.0.0.1 24h00business.com # hosts anti-adware / pups
127.0.0.1 a.adorika.net # hosts anti-adware / pups
127.0.0.1 a.ad-sys.com # hosts anti-adware / pups
127.0.0.1 a.daasafterdusk.com # hosts anti-adware / pups
127.0.0.1 ad.adn360.com # hosts anti-adware / pups
127.0.0.1 adeartss.eu # hosts anti-adware / pups
127.0.0.1 adesoeasy.eu # hosts anti-adware / pups
127.0.0.1 adf.girldatesforfree.net # hosts anti-adware / pups
127.0.0.1 adm.soft365.com # hosts anti-adware / pups
127.0.0.1 adomicileavail.googlepages.com # hosts anti-adware / pups
127.0.0.1 ads7.complexadveising.com # hosts anti-adware / pups
127.0.0.1 ads.adplxmd.com # hosts anti-adware / pups
127.0.0.1 ads.aff.co # hosts anti-adware / pups
127.0.0.1 ads.alpha00001.com # hosts anti-adware / pups
127.0.0.1 ads.cloud4ads.com # hosts anti-adware / pups
127.0.0.1 ads.egdating.net # hosts anti-adware / pups
127.0.0.1 ads.eorezo.com # hosts anti-adware / pups
127.0.0.1 ads.hooqy.com # hosts anti-adware / pups
127.0.0.1 ads.pornerbros.com # hosts anti-adware / pups
127.0.0.1 ads.realken.com # hosts anti-adware / pups
127.0.0.1 ads.regiedepub.com # hosts anti-adware / pups
127.0.0.1 ads.sucomspot.com # hosts anti-adware / pups

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

Task: {26CD2ED1-164B-47E5-B632-DB1B6B18EFBA} - System32\Tasks\Plus-HD-7.7-codedownloader => C:\Program Files (x86)\Plus-HD-7.7\Plus-HD-7.7-codedownloader.exe <==== ATTENTION
Task: {304D8A1F-9AFC-4DA4-84D4-5DABC9D29FA9} - System32\Tasks\hcdll2_ex_x64 => C:\Program Files (x86)\Hardcopy\hcdll2_ex_x64.exe [2011-03-18] ()
Task: {38ECCBDD-832F-4F83-AC34-5C80557E4393} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd)
Task: {43434A71-214D-4B48-8A3E-3FA3BBFDBF90} - System32\Tasks\System Speedup_UPDATES => C:\Program Files (x86)\System Speedup\SystemSpeedup.exe
Task: {4D00F19A-E6B2-41A7-814F-3A75D5DDB0D1} - \EPUpdater No Task File
Task: {7AA7BC15-D770-4EE7-844B-57C2F21127BE} - System32\Tasks\Plus-HD-7.7-updater => C:\Program Files (x86)\Plus-HD-7.7\Plus-HD-7.7-updater.exe <==== ATTENTION
Task: {8ABAD8AA-98A4-4215-8A81-45E577C26D72} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {9D8CF21B-B464-4024-BDE5-2F29A343E58E} - System32\Tasks\hcdll2_ex_Win32 => C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe [2011-03-18] ()
Task: {A9A3E020-9DC4-4DE7-8CAA-529F60179A74} - \Advanced System Protector No Task File
Task: {B25D1BC8-42B9-42A3-9E34-C30816BE9359} - System32\Tasks\Plus-HD-7.7-firefoxinstaller => C:\Program Files (x86)\Plus-HD-7.7\Plus-HD-7.7-firefoxinstaller.exe <==== ATTENTION
Task: {BEAD581B-204F-4B5C-8516-D0DB21AB2ED7} - \Advanced System Protector_startup No Task File
Task: {C1AD07F0-9AD8-4A60-912E-7B5E2F78244F} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-02-03] (AVAST Software)
Task: {D932EF38-AE31-46E2-881C-099679079CE8} - System32\Tasks\System Speedup_DEFAULT => C:\Program Files (x86)\System Speedup\SystemSpeedup.exe
Task: {E916A855-5525-4486-BCC5-A5F000F9C61A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-05] (Adobe Systems Incorporated)
Task: {F76392FA-4968-4E45-86C3-1D803D88CB6E} - System32\Tasks\System Speedup => C:\Program Files (x86)\System Speedup\SystemSpeedup.exe
Task: {FD441430-E701-4AC9-A5AB-44E0CA27B485} - System32\Tasks\Plus-HD-7.7-validator => C:\Program Files (x86)\Plus-HD-7.7\Plus-HD-7.7-validator.exe <==== ATTENTION
Task: {FE372813-5059-45C7-97BF-823C0A7CA5B3} - System32\Tasks\Plus-HD-7.7-enabler => C:\Program Files (x86)\Plus-HD-7.7\Plus-HD-7.7-enabler.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\WatchTVEx Professional - arte, Aufn_Convoy-1978, 17_Oktober_2011_20_09_00.job => C:\Program Files (x86)\WatchTVPro Ex\WatchTVProEx.exe
Task: C:\Windows\Tasks\WatchTVEx Professional - Das Erste, Aufn_Der_Macintosh-Mann-1973, 22_Oktober_2011_01_09_00.job => C:\Program Files (x86)\WatchTVPro Ex\WatchTVProEx.exe
Task: C:\Windows\Tasks\WatchTVEx Professional - neo KiKa, Aufn_Wissen, 17_Oktober_2011_19_19_00.job => C:\Program Files (x86)\WatchTVPro Ex\WatchTVProEx.exe
Task: C:\Windows\Tasks\WatchTVEx Professional - SAT.1, Aufn_Was_guckst_Du-2x, 22_Oktober_2011_02_51_00.job => C:\Program Files (x86)\WatchTVPro Ex\WatchTVProEx.exe
Task: C:\Windows\Tasks\WatchTVEx Professional - TELE 5, Aufn_Chatos_Land-1972, 19_Mai_2013_20_09_00.job => C:\Program Files (x86)\WatchTVPro Ex\WatchTVProEx.exe
Task: C:\Windows\Tasks\WatchTVEx Professional - TELE 5, Aufn_Der_Dialog-1973, 17_Oktober_2011_01_09_00.job => C:\Program Files (x86)\WatchTVPro Ex\WatchTVProEx.exe
Task: C:\Windows\Tasks\WatchTVEx Professional - ZDF, Aufn_Neues_a_d-Anstalt, 18_Oktober_2011_22_09_00.job => C:\Program Files (x86)\WatchTVPro Ex\WatchTVProEx.exe

==================== Loaded Modules (whitelisted) =============

2011-05-02 15:17 - 2011-03-18 08:11 - 00031744 _____ () C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe
2011-05-02 15:17 - 2011-03-18 08:11 - 00039424 _____ () C:\Program Files (x86)\Hardcopy\hcdll2_ex_x64.exe
2011-05-02 15:17 - 2010-04-21 09:59 - 00058880 _____ () C:\Program Files (x86)\Hardcopy\HcDLL2_30_x64.dll
2011-01-26 17:48 - 2011-01-26 17:48 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-02-15 20:47 - 2014-02-15 16:41 - 02180608 _____ () C:\Program Files\AVAST Software\Avast\defs\14021501\algo.dll
2011-04-23 20:18 - 2011-01-17 18:38 - 00019456 _____ () C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServerps.dll
2013-01-07 13:42 - 2013-01-07 13:42 - 00026184 _____ () C:\Program Files (x86)\MyTomTom 3\DeviceDetection.dll
2013-01-07 13:42 - 2013-01-07 13:42 - 00074312 _____ () C:\Program Files (x86)\MyTomTom 3\TomTomSupporterBase.dll
2013-01-07 13:42 - 2013-01-07 13:42 - 00268360 _____ () C:\Program Files (x86)\MyTomTom 3\TomTomSupporterProxy.dll
2011-03-24 07:08 - 2009-04-27 11:22 - 00271760 ____N () c:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2011-05-02 15:17 - 2010-04-21 10:00 - 00058368 _____ () C:\Program Files (x86)\Hardcopy\HcDLL2_30_Win32.dll
2013-10-22 19:26 - 2013-10-22 19:26 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-02-15 00:23 - 2014-02-15 00:23 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\0a0467413a424068d1471448ff6ca6cc\IsdiInterop.ni.dll
2011-03-24 07:04 - 2010-11-05 23:50 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupreg: NokiaMusic FastStart => "C:\Program Files (x86)\Nokia\Ovi Player\NokiaOviPlayer.exe" /command:faststart
MSCONFIG\startupreg: PDFPrint => C:\Program Files (x86)\PDF24\pdf24.exe

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/16/2014 07:28:27 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/16/2014 00:32:54 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (02/16/2014 00:32:11 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (02/15/2014 09:34:47 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (02/15/2014 04:46:24 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/15/2014 04:36:03 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/15/2014 01:20:06 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/15/2014 11:47:08 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/15/2014 08:31:36 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (02/15/2014 08:31:11 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".


System errors:
=============
Error: (02/15/2014 04:36:50 PM) (Source: Service Control Manager) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Telefonie" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056

Error: (02/15/2014 04:36:50 PM) (Source: Service Control Manager) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "DNS-Client" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056

Error: (02/15/2014 04:36:38 PM) (Source: Service Control Manager) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Multimediaklassenplaner" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056

Error: (02/15/2014 04:36:38 PM) (Source: Service Control Manager) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows-Verwaltungsinstrumentation" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056

Error: (02/15/2014 04:36:30 PM) (Source: Service Control Manager) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Netzwerkspeicher-Schnittstellendienst" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056

Error: (02/15/2014 04:36:08 PM) (Source: Service Control Manager) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "DHCP-Client" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056

Error: (02/15/2014 04:35:38 PM) (Source: Service Control Manager) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Server" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056

Error: (02/15/2014 04:35:24 PM) (Source: Service Control Manager) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Heimnetzgruppen-Listener" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056

Error: (02/15/2014 04:35:24 PM) (Source: Service Control Manager) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows-Audio-Endpunkterstellung" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056

Error: (02/15/2014 04:34:50 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Telefonie" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.


Microsoft Office Sessions:
=========================
Error: (02/16/2014 07:28:27 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/16/2014 00:32:54 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files (x86)\Nokia\Nokia PC Suite 7\TIS_Windows7PIM.dll

Error: (02/16/2014 00:32:11 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files (x86)\Nokia\Nokia PC Suite 7\TIS_Windows7PIM.dll

Error: (02/15/2014 09:34:47 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005

Error: (02/15/2014 04:46:24 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/15/2014 04:36:03 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/15/2014 01:20:06 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/15/2014 11:47:08 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/15/2014 08:31:36 AM) (Source: SideBySide)(User: )
Description: assemblyIdentitylanguage*c:\program files (x86)\spybot - search & destroy\DelZip179.dllc:\program files (x86)\spybot - search & destroy\DelZip179.dll8

Error: (02/15/2014 08:31:11 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files (x86)\Nokia\Nokia PC Suite 7\TIS_Windows7PIM.dll


==================== Memory info =========================== 

Percentage of memory in use: 50%
Total physical RAM: 3063.11 MB
Available physical RAM: 1518.91 MB
Total Pagefile: 6124.41 MB
Available Pagefile: 3959.08 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:50.01 GB) (Free:8.16 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Daten) (Fixed) (Total:50 GB) (Free:27.38 GB) NTFS
Drive e: (Pool) (Fixed) (Total:30 GB) (Free:14.31 GB) NTFS
Drive f: (Dickmann) (Fixed) (Total:1400 GB) (Free:1050.68 GB) NTFS
Drive g: (Ghost) (Fixed) (Total:333.01 GB) (Free:67.85 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 7EE79106)
Partition 1: (Active) - (Size=50 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=50 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=30 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=-338220285952) - (Type=05)

==================== End Of Log ============================

Gmer und RKILL folgender Post
         
[QUOTE=schrauber;1253670]

Gmer ist zu groß. als Archiv angehängt hatte ich bei meinem ersten Post (Hilfeersuchen).

RKill:

Code:
ATTFilter
Rkill 2.6.5 by Lawrence Abrams (Grinler)
hxxp://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
 hxxp://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 02/15/2014 12:48:46 PM in x64 mode.
Windows Version: Windows 7 Professional Service Pack 1

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * No issues found.

Checking Windows Service Integrity: 

 * No issues found.

Searching for Missing Digital Signatures: 

 * No issues found.

Checking HOSTS File: 

 * HOSTS file entries found: 

  127.0.0.1 08sr.combineads.info # hosts anti-adware / pups
  127.0.0.1 08srvr.combineads.info # hosts anti-adware / pups
  127.0.0.1 12srvr.combineads.info # hosts anti-adware / pups
  127.0.0.1 2010-fr.com # hosts anti-adware / pups
  127.0.0.1 2012-new.biz # hosts anti-adware / pups
  127.0.0.1 212link.com # hosts anti-adware / pups
  127.0.0.1 2319825.ourtoolbar.com # hosts anti-adware / pups
  127.0.0.1 24h00business.com # hosts anti-adware / pups
  127.0.0.1 a.adorika.net # hosts anti-adware / pups
  127.0.0.1 a.ad-sys.com # hosts anti-adware / pups
  127.0.0.1 a.daasafterdusk.com # hosts anti-adware / pups
  127.0.0.1 ad.adn360.com # hosts anti-adware / pups
  127.0.0.1 adeartss.eu # hosts anti-adware / pups
  127.0.0.1 adesoeasy.eu # hosts anti-adware / pups
  127.0.0.1 adf.girldatesforfree.net # hosts anti-adware / pups
  127.0.0.1 adm.soft365.com # hosts anti-adware / pups
  127.0.0.1 adomicileavail.googlepages.com # hosts anti-adware / pups
  127.0.0.1 ads7.complexadveising.com # hosts anti-adware / pups
  127.0.0.1 ads.adplxmd.com # hosts anti-adware / pups
  127.0.0.1 ads.aff.co # hosts anti-adware / pups

  20 out of 16627 HOSTS entries shown.
  Please review HOSTS file for further entries.

Program finished at: 02/15/2014 12:50:04 PM
Execution time: 0 hours(s), 1 minute(s), and 17 seconds(s)
         
Jetzt *Du* 8-))

Ja. meine Laune steigt merklich....

__________________

Alt 17.02.2014, 12:31   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Windows7/64 von div. Schädlingen infiziert - Standard

Windows7/64 von div. Schädlingen infiziert



Zitat:
Ja. meine Laune steigt merklich....
why?

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 17.02.2014, 15:20   #5
uncle_tom
 
Windows7/64 von div. Schädlingen infiziert - Standard

Windows7/64 von div. Schädlingen infiziert



>>Ja. meine Laune steigt merklich....
>why?

Weil - nach meiner Pfuscherei - Du Dich, ein Kundiger des Trojanerboards, der Problematik angenommen hast.

Gau für mich wäre, den PC mit allem drum und dran neu aufsetzen zu lassen.

Ich komme just aus dem Büro (morgen wird es sicher 18:30) und setze auf der Stelle Deine Vorgaben um.

Frage nebenbei: Warum wird meist explizit darauf hingewiesen, dass die Scanner auf dem Desktop abzulegen sind?

Gruß zurück

Tom


Alt 17.02.2014, 15:55   #6
uncle_tom
 
Windows7/64 von div. Schädlingen infiziert - Standard

Windows7/64 von div. Schädlingen infiziert



Hallo Schrauber,

nachfolgend das gewünschte Combofix-Log.

Neustart des PC "danach" wurde ohne zu maulen durchgeführt.

Es grüßt Dich

Tom


PS:

> "besteht aus 140082 Zeichen und ist damit zu lang"

> "Logs bitte als Archiv an den Beitrag anhängen!"

Alt 17.02.2014, 18:41   #7
uncle_tom
 
Windows7/64 von div. Schädlingen infiziert - Standard

Windows7/64 von div. Schädlingen infiziert



Zitat:
Zitat von schrauber Beitrag anzeigen

>> Logs bitte immer in den Thread posten.

***Zur Not aufteilen und mehrere Posts nutzen.***

>>Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit,

*** es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum.***
Bitte, was gilt, um Dir/Euch Deine/Eure Unterstützung zu erleichtern?

Grundsätzlich in mehrere Posts oder Logs, die > 12.000 Zeichen sind, Zippen?

Auch dafür meinen Dank



Tom

Alt 18.02.2014, 13:38   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Windows7/64 von div. Schädlingen infiziert - Standard

Windows7/64 von div. Schädlingen infiziert



Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.




Desktop deswegen, weil es dann im Benutzerprofil ist, evtl andere Rechte, einfacher zu erreichen. Und am Schluss lassen wir ein Removal Tool laufen, welches alle unsere benutzen Tools entfernt. Wenn die aber nicht auf dem Desktop liegen werden die nicht gefunden


Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 18.02.2014, 19:08   #9
uncle_tom
 
Windows7/64 von div. Schädlingen infiziert - Standard

Windows7/64 von div. Schädlingen infiziert



Guten Abend Schrauber.

Danke für die Aufklärung (...kann keine Anhänge öffnen) und "Desktop"!

Nachfolgend mehrere Posts "Combofix". Im Anschluss arbeite ich Deine neuen Vorgaben ab.

Code:
ATTFilter
ComboFix 14-02-16.01 - Uncle Tom 17/02/2014  16:28:22.1.8 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1252.34.1031.18.3063.1811 [GMT 1:00]
Running from: c:\users\Uncle Tom\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Created a new restore point
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Uncle Tom\AppData\Local\lame_enc.dll
c:\users\Uncle Tom\AppData\Local\no23xwrapper.dll
c:\users\Uncle Tom\AppData\Local\ogg.dll
c:\users\Uncle Tom\AppData\Local\vorbis.dll
c:\users\Uncle Tom\AppData\Local\vorbisenc.dll
c:\users\Uncle Tom\AppData\Local\vorbisfile.dll
c:\windows\IsUn0407.exe
c:\windows\SysWow64\rnaph.dll
c:\windows\wininit.ini
.
.
(((((((((((((((((((((((((   Files Created from 2014-01-17 to 2014-02-17  )))))))))))))))))))))))))))))))
.
.
2014-02-17 15:32 . 2014-02-17 15:32	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-02-17 15:13 . 2013-12-16 00:54	10315576	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{15AFB138-97BE-47D2-A966-CECBA40B7FA7}\mpengine.dll
2014-02-16 09:47 . 2013-12-16 00:54	10315576	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-02-16 06:40 . 2014-02-16 08:54	--------	d-----w-	C:\FRST
2014-02-15 15:11 . 2014-02-15 15:11	312744	----a-w-	c:\windows\system32\javaws.exe
2014-02-15 15:11 . 2014-02-15 15:11	108968	----a-w-	c:\windows\system32\WindowsAccessBridge-64.dll
2014-02-15 15:11 . 2014-02-15 15:11	189352	----a-w-	c:\windows\system32\javaw.exe
2014-02-15 15:11 . 2014-02-15 15:11	189352	----a-w-	c:\windows\system32\java.exe
2014-02-15 15:10 . 2014-02-15 15:10	--------	d-----w-	c:\program files\Java
2014-02-15 14:38 . 2014-02-15 14:38	--------	d-----w-	c:\program files\CCleaner
2014-02-15 12:54 . 2014-02-15 12:54	--------	d-----w-	c:\programdata\Sophos
2014-02-15 12:54 . 2014-02-15 12:54	73728	----a-r-	c:\users\Uncle Tom\AppData\Roaming\Microsoft\Installer\{B829E117-D072-41EA-9606-9826A38D34C1}\SVRTgui.exe1_810EDD9E2F0A4E2BACF86673C38D9F48.exe
2014-02-15 12:54 . 2014-02-15 12:54	73728	----a-r-	c:\users\Uncle Tom\AppData\Roaming\Microsoft\Installer\{B829E117-D072-41EA-9606-9826A38D34C1}\SVRTgui.exe_810EDD9E2F0A4E2BACF86673C38D9F48.exe
2014-02-15 12:54 . 2014-02-15 12:54	73728	----a-r-	c:\users\Uncle Tom\AppData\Roaming\Microsoft\Installer\{B829E117-D072-41EA-9606-9826A38D34C1}\ARPPRODUCTICON.exe
2014-02-15 12:54 . 2014-02-15 12:54	--------	d-----w-	c:\program files (x86)\Sophos
2014-02-15 11:30 . 2014-02-15 11:49	--------	d-----w-	c:\programdata\Malwarebytes' Anti-Malware (portable)
2014-02-15 11:29 . 2014-02-15 11:29	91352	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2014-02-15 10:35 . 2014-02-15 10:35	--------	d-----w-	c:\program files (x86)\Hosts_Anti_Adwares_PUPs
2014-02-15 05:57 . 2014-02-15 05:57	--------	d-----w-	c:\program files (x86)\Microsoft
2014-02-14 23:42 . 2014-02-14 23:42	--------	d-----w-	c:\program files (x86)\Microsoft CAPICOM 2.1.0.2
2014-02-14 23:03 . 2013-10-27 22:41	965000	------w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C671509F-7711-4F2E-B358-7BF6D2E7D9BA}\gapaengine.dll
2014-02-14 23:00 . 2014-02-14 23:00	--------	d-----w-	c:\program files (x86)\Microsoft Security Client
2014-02-14 23:00 . 2014-02-14 23:00	--------	d-----w-	c:\program files\Microsoft Security Client
2014-02-14 21:03 . 2014-02-14 21:03	--------	d-----w-	c:\users\Uncle Tom\AppData\Roaming\Malwarebytes
2014-02-14 21:03 . 2014-02-14 21:03	--------	d-----w-	c:\programdata\Malwarebytes
2014-02-14 21:03 . 2014-02-14 21:03	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2014-02-14 21:03 . 2013-04-04 13:50	25928	----a-w-	c:\windows\system32\drivers\mbam.sys
2014-02-12 20:20 . 2014-02-12 21:17	--------	d-----w-	c:\program files\SavingsbullFilter
2014-02-12 20:20 . 2014-02-12 20:20	--------	d-----w-	C:\temp
2014-02-12 20:20 . 2014-02-14 22:46	--------	d-----w-	c:\program files\Level Quality Watcher
2014-02-09 20:56 . 2014-02-16 11:34	--------	d-----w-	c:\users\Uncle Tom\AppData\Roaming\RssPopper
2014-02-09 20:56 . 2014-02-09 20:56	--------	d-----w-	c:\program files (x86)\RSS Popper
2014-02-09 12:51 . 2014-02-09 12:51	--------	d-----w-	c:\windows\Migration
2014-02-08 12:40 . 2014-02-08 12:40	--------	d-----w-	c:\users\Uncle Tom\AppData\Local\Woozle
2014-02-08 12:10 . 2014-02-08 12:10	--------	d-----w-	c:\program files (x86)\XanaNews
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-02-14 21:48 . 2011-04-30 14:51	88567024	----a-w-	c:\windows\system32\MRT.exe
2014-02-05 07:24 . 2012-04-02 14:17	692616	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-02-05 07:24 . 2011-05-17 15:39	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-02-03 19:13 . 2013-12-26 16:39	80184	----a-w-	c:\windows\system32\drivers\aswstm.sys
2014-02-03 19:13 . 2011-04-24 16:50	421704	----a-w-	c:\windows\system32\drivers\aswsp.sys
2014-02-03 19:13 . 2011-04-24 16:50	1038072	----a-w-	c:\windows\system32\drivers\aswSnx.sys
2014-02-03 19:13 . 2011-04-24 16:50	78648	----a-w-	c:\windows\system32\drivers\aswMonFlt.sys
2014-02-03 19:13 . 2011-04-24 16:50	334136	----a-w-	c:\windows\system32\aswBoot.exe
2014-02-03 19:13 . 2011-04-24 16:50	43152	----a-w-	c:\windows\avastSS.scr
2014-01-19 07:33 . 2010-11-21 03:27	270496	------w-	c:\windows\system32\MpSigStub.exe
2013-12-26 16:39 . 2013-03-13 20:42	207904	----a-w-	c:\windows\system32\drivers\aswVmm.sys
2013-12-18 20:09 . 2013-10-19 03:05	96168	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-12-17 22:52 . 2013-12-17 22:52	110080	----a-r-	c:\users\Uncle Tom\AppData\Roaming\Microsoft\Installer\{72AAF455-1E54-475B-B0AB-5413C78D0E63}\IconF7A21AF7.exe
2013-12-17 22:52 . 2013-12-17 22:52	110080	----a-r-	c:\users\Uncle Tom\AppData\Roaming\Microsoft\Installer\{72AAF455-1E54-475B-B0AB-5413C78D0E63}\IconD7F16134.exe
2013-12-17 22:52 . 2013-12-17 22:52	110080	----a-r-	c:\users\Uncle Tom\AppData\Roaming\Microsoft\Installer\{72AAF455-1E54-475B-B0AB-5413C78D0E63}\Icon1226A4C5.exe
2013-12-17 15:09 . 2013-12-17 15:09	61592	----a-w-	c:\windows\system32\drivers\netfilter64.sys
2013-11-27 10:50 . 2013-11-27 10:50	825696	----a-w-	c:\windows\SysWow64\Ddbaccpl.cpl
2013-11-27 10:50 . 2013-11-27 10:50	227680	----a-w-	c:\windows\SysWow64\ddBACCTM.cpl
2013-11-27 01:41 . 2014-01-15 18:11	343040	----a-w-	c:\windows\system32\drivers\usbhub.sys
2013-11-27 01:41 . 2014-01-15 18:11	99840	----a-w-	c:\windows\system32\drivers\usbccgp.sys
2013-11-27 01:41 . 2014-01-15 18:11	53248	----a-w-	c:\windows\system32\drivers\usbehci.sys
2013-11-27 01:41 . 2014-01-15 18:11	325120	----a-w-	c:\windows\system32\drivers\usbport.sys
2013-11-27 01:41 . 2014-01-15 18:11	25600	----a-w-	c:\windows\system32\drivers\usbohci.sys
2013-11-27 01:41 . 2014-01-15 18:11	30720	----a-w-	c:\windows\system32\drivers\usbuhci.sys
2013-11-27 01:41 . 2014-01-15 18:11	7808	----a-w-	c:\windows\system32\drivers\usbd.sys
2013-11-26 11:40 . 2014-01-15 18:11	376768	----a-w-	c:\windows\system32\drivers\netio.sys
2013-11-26 10:32 . 2014-01-15 18:11	3156480	----a-w-	c:\windows\system32\win32k.sys
2013-11-23 18:26 . 2013-12-11 19:16	417792	----a-w-	c:\windows\SysWow64\WMPhoto.dll
2013-11-23 17:47 . 2013-12-11 19:16	465920	----a-w-	c:\windows\system32\WMPhoto.dll
2013-11-23 11:56 . 2013-11-23 11:56	1770624	----a-w-	C:\dvbviewer.exe
2011-05-16 16:48 . 2011-05-16 16:48	1265000	----atw-	c:\program files (x86)\kc##.exe
2005-08-06 19:18 . 2011-04-23 13:58	1024000	----a-w-	c:\program files (x86)\vncviewer.exe
1997-09-15 06:05 . 1997-09-15 06:05	432640	----a-w-	c:\program files (x86)\DiskData.exe
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Reminder"="c:\program files (x86)\Microsoft Money\System\reminder.exe" [1999-03-14 37376]
"TomTomHOME.exe"="c:\program files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" [2011-04-22 247728]
"NokiaSuite.exe"="c:\program files (x86)\Nokia\Nokia Suite\NokiaSuite.exe" [2012-02-01 1083264]
"MyTomTomSA.exe"="c:\program files (x86)\MyTomTom 3\MyTomTomSA.exe" [2013-01-07 451656]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files (x86)\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-11-05 283160]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2010-09-07 43608]
"RemoteControl9"="c:\program files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe" [2009-07-06 87336]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-01-26 336384]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-04-27 113288]
"SSBkgdUpdate"="c:\program files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
"OpwareSE4"="c:\program files (x86)\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2007-02-04 79400]
"TrayServer"="c:\progra~2\MAGIX\VIDEO_~1\TrayServer.exe" [2008-08-07 90112]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"CanonSolutionMenuEx"="c:\program files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE" [2011-08-04 1612920]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-02-03 3767096]
.
c:\users\Uncle Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Hardcopy.LNK - c:\program files (x86)\Hardcopy\hardcopy.exe [2011-5-2 3520000]
ISDN-Moni.lnk - d:\telefon.dat\ISDN-Moni\isdnmo32.exe [2011-4-24 1165856]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
WinTV Recording Status..lnk - c:\program files (x86)\WinTV\WinTV7\WinTVTray.exe [2011-4-23 82944]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro35]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro35.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R3 cmusbser;%CMUSBSER%;c:\windows\system32\DRIVERS\cmusbser.sys;c:\windows\SYSNATIVE\DRIVERS\cmusbser.sys [x]
R3 cpuz135;cpuz135;c:\users\ADMINI~1\AppData\Local\Temp\cpuz135\cpuz135_x64.sys;c:\users\ADMINI~1\AppData\Local\Temp\cpuz135\cpuz135_x64.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsux64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 mv91cons;Marvell 91xx Config Device Driver;c:\windows\system32\drivers\mv91cons.sys;c:\windows\SYSNATIVE\drivers\mv91cons.sys [x]
S0 mv91xx;mv91xx;c:\windows\system32\drivers\mv91xx.sys;c:\windows\SYSNATIVE\drivers\mv91xx.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [x]
S2 HauppaugeTVServer;HauppaugeTVServer;c:\progra~2\WinTV\TVServer\HAUPPA~1.EXE;c:\progra~2\WinTV\TVServer\HAUPPA~1.EXE [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [x]
S3 AVMCOWAN;AVM ISDN CoNDIS WAN CAPI Driver;c:\windows\system32\DRIVERS\AVMCOWAN.sys;c:\windows\SYSNATIVE\DRIVERS\AVMCOWAN.sys [x]
S3 FPCIBASE;AVM FRITZ!Card PCI;c:\windows\system32\DRIVERS\fpcibase.sys;c:\windows\SYSNATIVE\DRIVERS\fpcibase.sys [x]
S3 hcw89;hcw89 service;c:\windows\system32\DRIVERS\hcw89.sys;c:\windows\SYSNATIVE\DRIVERS\hcw89.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2014-02-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 07:24]
.
2011-10-16 c:\windows\Tasks\WatchTVEx Professional - arte, Aufn_Convoy-1978, 17_Oktober_2011_20_09_00.job
- c:\program files (x86)\WatchTVPro Ex\WatchTVProEx.exe [2011-04-24 10:03]
.
2011-10-16 c:\windows\Tasks\WatchTVEx Professional - Das Erste, Aufn_Der_Macintosh-Mann-1973, 22_Oktober_2011_01_09_00.job
- c:\program files (x86)\WatchTVPro Ex\WatchTVProEx.exe [2011-04-24 10:03]
.
2011-10-16 c:\windows\Tasks\WatchTVEx Professional - neo KiKa, Aufn_Wissen, 17_Oktober_2011_19_19_00.job
- c:\program files (x86)\WatchTVPro Ex\WatchTVProEx.exe [2011-04-24 10:03]
.
2011-10-16 c:\windows\Tasks\WatchTVEx Professional - SAT.1, Aufn_Was_guckst_Du-2x, 22_Oktober_2011_02_51_00.job
- c:\program files (x86)\WatchTVPro Ex\WatchTVProEx.exe [2011-04-24 10:03]
.
2013-05-14 c:\windows\Tasks\WatchTVEx Professional - TELE 5, Aufn_Chatos_Land-1972, 19_Mai_2013_20_09_00.job
- c:\program files (x86)\WatchTVPro Ex\WatchTVProEx.exe [2011-04-24 10:03]
.
2011-10-16 c:\windows\Tasks\WatchTVEx Professional - TELE 5, Aufn_Der_Dialog-1973, 17_Oktober_2011_01_09_00.job
- c:\program files (x86)\WatchTVPro Ex\WatchTVProEx.exe [2011-04-24 10:03]
.
2011-10-16 c:\windows\Tasks\WatchTVEx Professional - ZDF, Aufn_Neues_a_d-Anstalt, 18_Oktober_2011_22_09_00.job
- c:\program files (x86)\WatchTVPro Ex\WatchTVProEx.exe [2011-04-24 10:03]
.
.
         
Code:
ATTFilter
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-02-03 19:13	287280	----a-w-	c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-02-24 11780712]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2011-03-14 2779024]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 1266912]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.bing.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Nach Microsoft &Excel exportieren - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: Subscribe in RSS Popper - c:\program files (x86)\RSS Popper\ie_subscribe.htm
TCP: Interfaces\{16C2F975-64D5-41C6-B9B8-190FC573F55B}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
FF - ProfilePath - c:\users\Uncle Tom\AppData\Roaming\Mozilla\Firefox\Profiles\inaikfzc.default\
FF - prefs.js: browser.startup.homepage - hxxps://ixquick.com/deu/
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
AddRemove-FRITZ! 2.0 - c:\windows\IsUn0407.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID]
@DACL=(02 0000)
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.0_03"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.0_04"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.0_05"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_01"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_01"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_02"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_02"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_03"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_03"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_04"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_04"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_05"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_05"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_06"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_06"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_07"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_07"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_08"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_08"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_09"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_09"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_10"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_10"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_11"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_11"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_12"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_12"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_13"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_13"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_14"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_14"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_15"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_15"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_16"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_16"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_17"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_17"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_18"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_18"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_19"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_19"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_20"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_20"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_21"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_21"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_01"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_01"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_02"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_02"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_03"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_03"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_04"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_04"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_01"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_01"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_02"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_02"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_03"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_03"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_04"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_04"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_05"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_05"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_06"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_06"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_07"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_07"
         
Code:
ATTFilter
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_01"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_01"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_02"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_02"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_03"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_03"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_04"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_04"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_05"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_05"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_06"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_06"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_07"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_07"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_08"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_08"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_09"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_09"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_10"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_10"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_11"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_11"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_12"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_12"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_13"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_13"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_14"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_14"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_15"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_15"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_16"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_16"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_17"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_17"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_18"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_18"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_19"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_19"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_20"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_20"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_21"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_21"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_22"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_22"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_23"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_23"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_24"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_24"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_25"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_25"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_26"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_26"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_27"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_27"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_28"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_28"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_29"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_29"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_30"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_30"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_31"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_31"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0032-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_32"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0032-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_32"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0033-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_33"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0033-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_33"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_34"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_34"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0035-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_35"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0035-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_35"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0036-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_36"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0036-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_36"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0037-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_37"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0037-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_37"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0038-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_38"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0038-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_38"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0039-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_39"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0039-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_39"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0040-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_40"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0040-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_40"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0041-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_41"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0041-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_41"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0042-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_42"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0042-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_42"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0043-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_43"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0043-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_43"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0014-0002-FFFF-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0"
         
Code:
ATTFilter
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_01"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_01"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_01"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_02"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_02"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_02"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_03"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_03"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_03"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_04"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_04"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_04"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_05"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_05"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_05"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_06"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_06"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_06"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_07"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_07"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_07"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_08"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_08"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_08"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_09"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_09"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_09"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_10"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_10"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_10"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_11"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_11"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_11"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_12"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_12"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_12"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_13"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_13"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_13"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_14"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_14"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_14"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_15"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_15"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_15"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_16"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_16"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_16"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_17"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_17"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_17"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_18"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_18"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_18"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_19"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_19"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_19"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_20"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_20"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_20"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_21"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_21"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_21"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_22"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_22"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_22"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_23"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_23"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_23"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_24"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_24"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_24"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_25"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_25"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_25"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_26"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_26"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_26"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_27"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_27"
         
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_27"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_28"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_28"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_28"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_29"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_29"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_29"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_30"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_30"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_30"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_31"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_31"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_31"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_32"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_32"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_32"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_33"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_33"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_33"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_34"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_34"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_34"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_35"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_35"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_35"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_36"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_36"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_36"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_37"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_37"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_37"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_38"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_38"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_38"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_39"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_39"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_39"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_40"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_40"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_40"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_41"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_41"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_41"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0042-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_42"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0042-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_42"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0042-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_42"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0043-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_43"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0043-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_43"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0043-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_43"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0044-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_44"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0044-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_44"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0044-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_44"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0045-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_45"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0045-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_45"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0045-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_45"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0046-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_46"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0046-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_46"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0046-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_46"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0047-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_47"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0047-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_47"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0047-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_47"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0048-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_48"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0048-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_48"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0048-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_48"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0049-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_49"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0049-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_49"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0049-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_49"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0050-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_50"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0050-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_50"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0050-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_50"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0051-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_51"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0051-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_51"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0051-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_51"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0052-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_52"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0052-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_52"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0052-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_52"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0053-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_53"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0053-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_53"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0053-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_53"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0054-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_54"
.

Code:
ATTFilter
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0054-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_54"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0054-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_54"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0055-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_55"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0055-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_55"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0055-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_55"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0056-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_56"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0056-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_56"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0056-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_56"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0057-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_57"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0057-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_57"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0057-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_57"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0058-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_58"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0058-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_58"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0058-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_58"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0059-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_59"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0059-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_59"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0059-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_59"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0060-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_60"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0060-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_60"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0060-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_60"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0061-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_61"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0061-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_61"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0061-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_61"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0015-0000-FFFF-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_01"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_01"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_01"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_02"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_02"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_02"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_03"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_03"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_03"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_04"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_04"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_04"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_05"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_05"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_05"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_06"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_06"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_06"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_07"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_07"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_07"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_08"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_08"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_08"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_09"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_09"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_09"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_10"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_10"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_10"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_11"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_11"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_11"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_12"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_12"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_12"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_13"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_13"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_13"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_14"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_14"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_14"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_15"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_15"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_15"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_16"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_16"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_16"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_17"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_17"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_17"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_18"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_18"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_18"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_19"
.
         
Code:
ATTFilter
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_19"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_19"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_20"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_20"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_20"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_21"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_21"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_21"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_22"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_22"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_22"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_23"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_23"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_23"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_24"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_24"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_24"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_25"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_25"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_25"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_26"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_26"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_26"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_27"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_27"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_27"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_28"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_28"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_28"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_29"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_29"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_29"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_30"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_30"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_30"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_31"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_31"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_31"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_32"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_32"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_32"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_33"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_33"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_33"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_34"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_34"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_34"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_35"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_35"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_35"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_36"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_36"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_36"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_37"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_37"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_37"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_38"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_38"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_38"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_39"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_39"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_39"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_40"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_40"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_40"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_41"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_41"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_41"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_42"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_42"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_42"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_43"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_43"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_43"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0044-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_44"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0044-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_44"
.
         
Code:
ATTFilter
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0044-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_44"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_45"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_45"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_45"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0046-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_46"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0046-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_46"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0046-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_46"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0047-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_47"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0047-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_47"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0047-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_47"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0048-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_48"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0048-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_48"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0048-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_48"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0049-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_49"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0049-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_49"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0049-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_49"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0050-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_50"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0050-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_50"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0050-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_50"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0051-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_51"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0051-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_51"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0051-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_51"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0052-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_52"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0052-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_52"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0052-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_52"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0053-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_53"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0053-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_53"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0053-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_53"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0054-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_54"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0054-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_54"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0054-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_54"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0055-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_55"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0055-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_55"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0055-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_55"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0056-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_56"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0056-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_56"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0056-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_56"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0057-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_57"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0057-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_57"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0057-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_57"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0058-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_58"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0058-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_58"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0058-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_58"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0059-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_59"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0059-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_59"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0059-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_59"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0060-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_60"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0060-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_60"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0060-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_60"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0061-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_61"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0061-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_61"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0061-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_61"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0062-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_62"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0062-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_62"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0062-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_62"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0063-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_63"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0063-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_63"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0063-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_63"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0064-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_64"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0064-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_64"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0064-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_64"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0065-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_65"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0065-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_65"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0065-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_65"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0066-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_66"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0066-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_66"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0066-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_66"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0067-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_67"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0067-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_67"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0067-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_67"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0068-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_68"
.
         
Code:
ATTFilter
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0068-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_68"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0068-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_68"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0069-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_69"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0069-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_69"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0069-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_69"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0070-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_70"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0070-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_70"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0070-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_70"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0071-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_71"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0071-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_71"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0071-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_71"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0016-0000-FFFF-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_01"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_01"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_01"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_02"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_02"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_02"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_03"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_03"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_03"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_04"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_04"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_04"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_05"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_05"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_05"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_06"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_06"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_06"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_07"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_07"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_07"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_08"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_08"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_08"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_09"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_09"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_09"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_10"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_10"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_10"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_11"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_11"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_11"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_12"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_12"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_12"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_13"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_13"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_13"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_14"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_14"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_14"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_15"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_15"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_15"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_16"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_16"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_16"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_17"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_17"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_17"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0018-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_18"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0018-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_18"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0018-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_18"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0019-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_19"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0019-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_19"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0019-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_19"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0020-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_20"
.
         

Alt 18.02.2014, 20:12   #10
uncle_tom
 
Windows7/64 von div. Schädlingen infiziert - Standard

Windows7/64 von div. Schädlingen infiziert



[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0020-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_20"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0020-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_20"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_21"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_21"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_21"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0022-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_22"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0022-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_22"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0022-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_22"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0023-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_23"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0023-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_23"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0023-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_23"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0024-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_24"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0024-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_24"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0024-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_24"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_25"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_25"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_25"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0026-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_26"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0026-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_26"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0026-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_26"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0027-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_27"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0027-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_27"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0027-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_27"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0028-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_28"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0028-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_28"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0028-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_28"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0029-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_29"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0029-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_29"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0029-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_29"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0030-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_30"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0030-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_30"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0030-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_30"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0031-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_31"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0031-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_31"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0031-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_31"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0032-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_32"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0032-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_32"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0032-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_32"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0033-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_33"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0033-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_33"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0033-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_33"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0034-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_34"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0034-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_34"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0034-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_34"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0035-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_35"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0035-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_35"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0035-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_35"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0036-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_36"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0036-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_36"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0036-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_36"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0037-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_37"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0037-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_37"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0037-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_37"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0038-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_38"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0038-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_38"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0038-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_38"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0039-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_39"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0039-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_39"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0039-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_39"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0040-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_40"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0040-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_40"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0040-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_40"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0041-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_41"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0041-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_41"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0041-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_41"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0042-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_42"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0042-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_42"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0042-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_42"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0043-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_43"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0043-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_43"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0043-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_43"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0044-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_44"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0044-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_44"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0044-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_44"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0045-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_45"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0045-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_45"
.

Code:
ATTFilter
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0045-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_45"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0046-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_46"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0046-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_46"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0046-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_46"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0047-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_47"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0047-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_47"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0047-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_47"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0048-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_48"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0048-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_48"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0048-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_48"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0049-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_49"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0049-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_49"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0049-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_49"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0050-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_50"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0050-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_50"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0050-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_50"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0051-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_51"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0051-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_51"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0051-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_51"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{CAFEEFAC-0017-0000-FFFF-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0"
.
[HKEY_USERS\S-1-5-21-2141699705-2544702080-716539424-1001_Classes\CLSID\{E19F9331-3110-11D4-991C-005004D3B3DB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.0_02"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_44_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_44_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_44_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_44_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\À,*]
"7040110900063D11C8EF10054038389C"="C?\\Windows\\SysWOW64\\FM20ENU.DLL"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2014-02-17  16:34:55
ComboFix-quarantined-files.txt  2014-02-17 15:34
.
Pre-Run: 8.138.813.440 Bytes frei
Post-Run: 8.053.501.952 Bytes frei
.
- - End Of File - - FF85504FEB7B7EE9A34B24D488F6DB67
         
Keine Funde Malwarebytes. Es gab nichts zu markieren/entfernen.

Womöglich von Interesse:

Firefox ist Standardbrowser.
IE ist parallel installiert aber extrem selten genutzt (da mit mir Rechten ausgestattet).



Code:
ATTFilter
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.02.18.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16518
Uncle Tom :: WIN7 [Administrator]

18/02/2014 20:31:01
mbam-log-2014-02-18 (20-31-01).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 219610
Laufzeit: 3 Minute(n), 40 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
         
Hatte ADWCleaner während meiner Spontanaktionen auf der C Partition installiert und ein Log vom 15.02.14 gefunden (Quarantine.txt):

Darüberhinaus unter.... Quarantäne...APPDATA ...Locallow...pricegong...data
um 60 Einträge mit der Extension .vir

Weiterhin Opencandy und Systweak und unter windows...System32...Tasks advenced system protection.

Wie erwähnt, alles in Quarantaine.

Nach diesem Post würde ich ADWCleaner con meiner C-Platte deinstallieren und - wie von Dir angefordert - auf dem Desktop installieren.

Ist das OK?

Bis zu Deiner Anweisung unterbreche ich die Fleißaufgaben
-AdwCleaner Installation auf dem Desktop bis posten des Logs
- Junkware Removal auf Desktop bis postenJRT.txt
- frisches FRST



Code:
ATTFilter
C:\Users\Uncle Tom\AppData\Roaming\OpenCandy\8AA81FAA387741DD9516AD0E096B1B42\5472.ico->C:\AdwCleaner\Quarantine\C\Users\Uncle Tom\AppData\Roaming\OpenCandy\8AA81FAA387741DD9516AD0E096B1B42\5472.ico.vir
C:\Users\Uncle Tom\AppData\Roaming\OpenCandy\8AA81FAA387741DD9516AD0E096B1B42\Deltabar_p1v6.exe->C:\AdwCleaner\Quarantine\C\Users\Uncle Tom\AppData\Roaming\OpenCandy\8AA81FAA387741DD9516AD0E096B1B42\Deltabar_p1v6.exe.vir
C:\Users\Uncle Tom\AppData\Roaming\OpenCandy\8AA81FAA387741DD9516AD0E096B1B42\DeltaTB.exe->C:\AdwCleaner\Quarantine\C\Users\Uncle Tom\AppData\Roaming\OpenCandy\8AA81FAA387741DD9516AD0E096B1B42\DeltaTB.exe.vir
C:\Users\Uncle Tom\AppData\Roaming\OpenCandy\8AA81FAA387741DD9516AD0E096B1B42\LatestDLMgr.exe->C:\AdwCleaner\Quarantine\C\Users\Uncle Tom\AppData\Roaming\OpenCandy\8AA81FAA387741DD9516AD0E096B1B42\LatestDLMgr.exe.vir
C:\Users\UNCLET~1\AppData\Local\Temp\Uninstall.exe->C:\AdwCleaner\Quarantine\C\Users\UNCLET~1\AppData\Local\Temp\Uninstall.exe.vir
C:\Users\Uncle Tom\AppData\Roaming\Mozilla\Firefox\Profiles\inaikfzc.default\user.js->C:\AdwCleaner\Quarantine\C\Users\Uncle Tom\AppData\Roaming\Mozilla\Firefox\Profiles\inaikfzc.default\user.js.vir
C:\Windows\System32\Tasks\EPUpdater->C:\AdwCleaner\Quarantine\C\Windows\System32\Tasks\EPUpdater.vir
C:\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\1.txt->C:\AdwCleaner\Quarantine\C\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\1.txt.vir
C:\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\1121.txt->C:\AdwCleaner\Quarantine\C\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\1121.txt.vir
C:\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\11464.txt->C:\AdwCleaner\Quarantine\C\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\11464.txt.vir
C:\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\15286.txt->C:\AdwCleaner\Quarantine\C\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\15286.txt.vir
C:\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\15353.txt->C:\AdwCleaner\Quarantine\C\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\15353.txt.vir
C:\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\15554.txt->C:\AdwCleaner\Quarantine\C\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\15554.txt.vir
C:\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\15588.txt->C:\AdwCleaner\Quarantine\C\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\15588.txt.vir
C:\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\15777.txt->C:\AdwCleaner\Quarantine\C\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\15777.txt.vir
C:\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\15819.txt->C:\AdwCleaner\Quarantine\C\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\15819.txt.vir
C:\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\16008.txt->C:\AdwCleaner\Quarantine\C\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\16008.txt.vir
C:\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\16171.txt->C:\AdwCleaner\Quarantine\C\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\16171.txt.vir
C:\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\16460.txt->C:\AdwCleaner\Quarantine\C\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\16460.txt.vir
C:\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\16525.txt->C:\AdwCleaner\Quarantine\C\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\16525.txt.vir
C:\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\1707.txt->C:\AdwCleaner\Quarantine\C\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\1707.txt.vir
C:\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\1728.txt->C:\AdwCleaner\Quarantine\C\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\1728.txt.vir
C:\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\18542.txt->C:\AdwCleaner\Quarantine\C\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\18542.txt.vir
C:\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\21690.txt->C:\AdwCleaner\Quarantine\C\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\21690.txt.vir
C:\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\21698.txt->C:\AdwCleaner\Quarantine\C\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\21698.txt.vir
C:\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\22035.txt->C:\AdwCleaner\Quarantine\C\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\22035.txt.vir
C:\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\2229.txt->C:\AdwCleaner\Quarantine\C\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\2229.txt.vir
C:\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\2260.txt->C:\AdwCleaner\Quarantine\C\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\2260.txt.vir
C:\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\371.txt->C:\AdwCleaner\Quarantine\C\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\371.txt.vir
C:\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\41.txt->C:\AdwCleaner\Quarantine\C\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\41.txt.vir
C:\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\4703.txt->C:\AdwCleaner\Quarantine\C\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\4703.txt.vir
C:\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\5166.txt->C:\AdwCleaner\Quarantine\C\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\5166.txt.vir
C:\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\5552.txt->C:\AdwCleaner\Quarantine\C\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\5552.txt.vir
C:\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\5952.txt->C:\AdwCleaner\Quarantine\C\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\5952.txt.vir
C:\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\7143.txt->C:\AdwCleaner\Quarantine\C\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\7143.txt.vir
C:\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\8135.txt->C:\AdwCleaner\Quarantine\C\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\8135.txt.vir
C:\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\8312.txt->C:\AdwCleaner\Quarantine\C\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\8312.txt.vir
C:\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\a.txt->C:\AdwCleaner\Quarantine\C\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\a.txt.vir
C:\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\b.txt->C:\AdwCleaner\Quarantine\C\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\b.txt.vir
C:\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\c.txt->C:\AdwCleaner\Quarantine\C\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\c.txt.vir
C:\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\d.txt->C:\AdwCleaner\Quarantine\C\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\d.txt.vir
C:\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\e.txt->C:\AdwCleaner\Quarantine\C\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\e.txt.vir
C:\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\f.txt->C:\AdwCleaner\Quarantine\C\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\f.txt.vir
C:\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\g.txt->C:\AdwCleaner\Quarantine\C\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\g.txt.vir
C:\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\h.txt->C:\AdwCleaner\Quarantine\C\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\h.txt.vir
C:\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\i.txt->C:\AdwCleaner\Quarantine\C\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\i.txt.vir
C:\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\j.txt->C:\AdwCleaner\Quarantine\C\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\j.txt.vir
C:\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\k.txt->C:\AdwCleaner\Quarantine\C\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\k.txt.vir
C:\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\l.txt->C:\AdwCleaner\Quarantine\C\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\l.txt.vir
C:\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\m.txt->C:\AdwCleaner\Quarantine\C\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\m.txt.vir
C:\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\mru.xml->C:\AdwCleaner\Quarantine\C\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\mru.xml.vir
C:\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\n.txt->C:\AdwCleaner\Quarantine\C\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\n.txt.vir
C:\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\o.txt->C:\AdwCleaner\Quarantine\C\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\o.txt.vir
C:\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\p.txt->C:\AdwCleaner\Quarantine\C\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\p.txt.vir
C:\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\q.txt->C:\AdwCleaner\Quarantine\C\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\q.txt.vir
C:\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\r.txt->C:\AdwCleaner\Quarantine\C\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\r.txt.vir
C:\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\s.txt->C:\AdwCleaner\Quarantine\C\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\s.txt.vir
C:\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\t.txt->C:\AdwCleaner\Quarantine\C\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\t.txt.vir
C:\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\u.txt->C:\AdwCleaner\Quarantine\C\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\u.txt.vir
C:\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\v.txt->C:\AdwCleaner\Quarantine\C\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\v.txt.vir
C:\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\w.txt->C:\AdwCleaner\Quarantine\C\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\w.txt.vir
C:\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\wlu.txt->C:\AdwCleaner\Quarantine\C\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\wlu.txt.vir
C:\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\x.txt->C:\AdwCleaner\Quarantine\C\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\x.txt.vir
C:\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\y.txt->C:\AdwCleaner\Quarantine\C\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\y.txt.vir
C:\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\z.txt->C:\AdwCleaner\Quarantine\C\Users\Uncle Tom\AppData\LocalLow\PriceGong\Data\z.txt.vir
C:\Users\Uncle Tom\AppData\Roaming\Systweak\ssd\SSDPTstub.exe->C:\AdwCleaner\Quarantine\C\Users\Uncle Tom\AppData\Roaming\Systweak\ssd\SSDPTstub.exe.vir
C:\Windows\System32\roboot64.exe->C:\AdwCleaner\Quarantine\C\Windows\System32\roboot64.exe.vir
C:\Windows\System32\Tasks\Advanced System Protector->C:\AdwCleaner\Quarantine\C\Windows\System32\Tasks\Advanced System Protector.vir
C:\Windows\System32\Tasks\Advanced System Protector_startup->C:\AdwCleaner\Quarantine\C\Windows\System32\Tasks\Advanced System Protector_startup.vir
         

Alt 19.02.2014, 15:31   #11
schrauber
/// the machine
/// TB-Ausbilder
 

Windows7/64 von div. Schädlingen infiziert - Standard

Windows7/64 von div. Schädlingen infiziert



Schieb die Exe von Adw einfach auf den Desktop, das reicht
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 19.02.2014, 17:34   #12
uncle_tom
 
Windows7/64 von div. Schädlingen infiziert - Standard

Windows7/64 von div. Schädlingen infiziert



AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v3.019 - Bericht erstellt am 19/02/2014 um 17:52:13
# Aktualisiert 17/02/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : Uncle Tom - WIN7
# Gestartet von : C:\Users\Uncle Tom\Desktop\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Program Files\Level Quality Watcher

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [gethighlightly@gethighlightly.com]
Schlüssel Gelöscht : HKCU\Software\caphyon

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16518


-\\ Mozilla Firefox v27.0.1 (de)

[ Datei : C:\Users\Uncle Tom\AppData\Roaming\Mozilla\Firefox\Profiles\inaikfzc.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [8724 octets] - [18/12/2013 10:59:06]
AdwCleaner[R1].txt - [1710 octets] - [15/02/2014 11:39:14]
AdwCleaner[R2].txt - [1299 octets] - [19/02/2014 17:50:35]
AdwCleaner[S0].txt - [8680 octets] - [18/12/2013 11:02:13]
AdwCleaner[S1].txt - [1724 octets] - [15/02/2014 11:44:21]
AdwCleaner[S2].txt - [1172 octets] - [19/02/2014 17:52:13]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1232 octets] ##########
         
--- --- ---


[/CODE]

Der Rest meiner Fleißaufgaben folgt jetzt sukzessive.

Knicks, Kratzfuß

Tom

Edit:

SHIT!

Ich habe verpennt, die Schutzsoftware zu beenden; Konflikte jedoch hat es nicht gegeben.

Vor Start des JunkRemoval Tool vom Desktop nehme ich mir das Beenden der Schutzsoftware aber *fest* vor. *-)

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.1 (02.04.2014:1)
OS: Windows 7 Professional x64
Ran by Uncle Tom on 19/02/2014 at 18:13:37,96
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Successfully deleted the following from C:\Users\Uncle Tom\AppData\Roaming\mozilla\firefox\profiles\inaikfzc.default\prefs.js

user_pref("browser.startup.homepage", "hxxps://ixquick.com/deu/");
Emptied folder: C:\Users\Uncle Tom\AppData\Roaming\mozilla\firefox\profiles\inaikfzc.default\minidumps [40 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 19/02/2014 at 18:18:04,23
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-02-2014
Ran by Uncle Tom (administrator) on WIN7 on 19-02-2014 18:22:02
Running from C:\Users\Uncle Tom\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(TomTom) C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe
(Hauppauge Computer Works, Inc.) C:\Program Files (x86)\WinTV\WinTV7\WinTVTray.exe
(Hauppauge Computer Works) C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
() C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpWareSE4.exe
(Advanced Micro Devices Inc.) c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Program Files (x86)\Hardcopy\hcdll2_ex_x64.exe
() c:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Nokia) C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Hauppauge Computer Works) C:\Program Files (x86)\WinTV\TVServer\CaptureGenPCI.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Hauppauge Computer Works) C:\Program Files (x86)\WinTV\TVServer\CaptureGenPCI.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11780712 2011-02-24] (Realtek Semiconductor)
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2779024 2011-03-14] (CANON INC.)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-05] (Intel Corporation)
HKLM-x32\...\Run: [JMB36X IDE Setup] - C:\Windows\RaidTool\xInsIDE.exe [43608 2010-09-07] ()
HKLM-x32\...\Run: [RemoteControl9] - c:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2009-07-06] (CyberLink Corp.)
HKLM-x32\...\Run: [StartCCC] - c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-01-26] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [SSBkgdUpdate] - C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [OpwareSE4] - C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpwareSE4.exe [79400 2007-02-04] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [TrayServer] - C:\Program Files (x86)\MAGIX\Video_deluxe_17\Trayserver.exe [90112 2008-08-07] (MAGIX AG)
HKLM-x32\...\Run: [NokiaMServer] - C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CanonSolutionMenuEx] - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1612920 2011-08-04] (CANON INC.)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096 2014-02-03] (AVAST Software)
HKU\S-1-5-21-2141699705-2544702080-716539424-1001\...\Run: [Reminder] - C:\Program Files (x86)\Microsoft Money\System\reminder.exe [37376 1999-03-14] (Microsoft Corporation)
HKU\S-1-5-21-2141699705-2544702080-716539424-1001\...\Run: [TomTomHOME.exe] - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [247728 2011-04-22] (TomTom)
HKU\S-1-5-21-2141699705-2544702080-716539424-1001\...\Run: [NokiaSuite.exe] - C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1083264 2012-02-01] (Nokia)
HKU\S-1-5-21-2141699705-2544702080-716539424-1001\...\Run: [MyTomTomSA.exe] - C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe [451656 2013-01-07] (TomTom)
Startup: C:\Users\Uncle Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Hardcopy.LNK
ShortcutTarget: Hardcopy.LNK -> C:\Program Files (x86)\Hardcopy\hardcopy.exe (sw4you, Siegfried Weckmann)
Startup: C:\Users\Uncle Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ISDN-Moni.lnk
ShortcutTarget: ISDN-Moni.lnk -> D:\TELEFON.DAT\ISDN-Moni\isdnmo32.exe (Heuer Software)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://nmd.msn.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {A19A00DB-9BC7-4210-95E0-E46E01625249} URL = 
SearchScopes: HKCU - {D3DFE717-08DC-4890-84EB-F6527EFFC96F} URL = hxxp://www.google.de/search?q={searchTerms}
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} -  No File
Tcpip\..\Interfaces\{16C2F975-64D5-41C6-B9B8-190FC573F55B}: [NameServer]8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1

FireFox:
========
FF ProfilePath: C:\Users\Uncle Tom\AppData\Roaming\Mozilla\Firefox\Profiles\inaikfzc.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Uncle Tom\AppData\Roaming\Mozilla\Firefox\Profiles\inaikfzc.default\searchplugins\ixquick-https---deutsch.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Click&amp;Clean - C:\Users\Uncle Tom\AppData\Roaming\Mozilla\Firefox\Profiles\inaikfzc.default\Extensions\clickclean@hotcleaner.com [2013-03-29]
FF Extension: Print pages to PDF - C:\Users\Uncle Tom\AppData\Roaming\Mozilla\Firefox\Profiles\inaikfzc.default\Extensions\printPages2Pdf@reinhold.ripper [2013-12-18]
FF Extension: YouTube Unblocker - C:\Users\Uncle Tom\AppData\Roaming\Mozilla\Firefox\Profiles\inaikfzc.default\Extensions\youtubeunblocker@unblocker.yt [2014-01-16]
FF Extension: Textarea Cache - C:\Users\Uncle Tom\AppData\Roaming\Mozilla\Firefox\Profiles\inaikfzc.default\Extensions\{578e7caa-210f-4967-a0d3-88fe5b59a39f} [2013-09-08]
FF Extension: WOT - C:\Users\Uncle Tom\AppData\Roaming\Mozilla\Firefox\Profiles\inaikfzc.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-11-26]
FF Extension: DownloadHelper - C:\Users\Uncle Tom\AppData\Roaming\Mozilla\Firefox\Profiles\inaikfzc.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2013-08-28]
FF Extension: CSHelper - C:\Users\Uncle Tom\AppData\Roaming\Mozilla\Firefox\Profiles\inaikfzc.default\Extensions\{d91a2be6-3b56-4dfb-97f5-5e48fe3ed473} [2013-11-08]
FF Extension: Snip-Me - C:\Users\Uncle Tom\AppData\Roaming\Mozilla\Firefox\Profiles\inaikfzc.default\Extensions\addon@snip-me.de.xpi [2011-08-27]
FF Extension: Advertising Cookie Opt-out - C:\Users\Uncle Tom\AppData\Roaming\Mozilla\Firefox\Profiles\inaikfzc.default\Extensions\optout@google.com.xpi [2011-12-05]
FF Extension: Private Tab - C:\Users\Uncle Tom\AppData\Roaming\Mozilla\Firefox\Profiles\inaikfzc.default\Extensions\privateTab@infocatcher.xpi [2013-04-21]
FF Extension: TinEye Reverse Image Search - C:\Users\Uncle Tom\AppData\Roaming\Mozilla\Firefox\Profiles\inaikfzc.default\Extensions\tineye@ideeinc.com.xpi [2011-09-22]
FF Extension: YouTube to MP3 - C:\Users\Uncle Tom\AppData\Roaming\Mozilla\Firefox\Profiles\inaikfzc.default\Extensions\youtube2mp3@mondayx.de.xpi [2011-08-31]
FF Extension: Video HTML5 Wizard Light - C:\Users\Uncle Tom\AppData\Roaming\Mozilla\Firefox\Profiles\inaikfzc.default\Extensions\{005baaff-6783-4939-84d3-9056ec161612}.xpi [2013-11-05]
FF Extension: {04ad514b-2d83-4786-a1bf-e004c09da910} - C:\Users\Uncle Tom\AppData\Roaming\Mozilla\Firefox\Profiles\inaikfzc.default\Extensions\{04ad514b-2d83-4786-a1bf-e004c09da910}.xpi [2013-10-30]
FF Extension: Session Manager - C:\Users\Uncle Tom\AppData\Roaming\Mozilla\Firefox\Profiles\inaikfzc.default\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2013-12-18]
FF Extension: Text Link - C:\Users\Uncle Tom\AppData\Roaming\Mozilla\Firefox\Profiles\inaikfzc.default\Extensions\{54BB9F3F-07E5-486c-9B39-C7398B99391C}.xpi [2012-04-05]
FF Extension: Google Analytics Opt-out Browser Add-on - C:\Users\Uncle Tom\AppData\Roaming\Mozilla\Firefox\Profiles\inaikfzc.default\Extensions\{6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65}.xpi [2012-12-25]
FF Extension: NoScript - C:\Users\Uncle Tom\AppData\Roaming\Mozilla\Firefox\Profiles\inaikfzc.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-02-15]
FF Extension: Adblock Plus - C:\Users\Uncle Tom\AppData\Roaming\Mozilla\Firefox\Profiles\inaikfzc.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-02-15]
FF Extension: BetterPrivacy - C:\Users\Uncle Tom\AppData\Roaming\Mozilla\Firefox\Profiles\inaikfzc.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2011-11-08]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-02-15]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-02-15]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2014-02-15]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-04-24]
FF HKLM-x32\...\Thunderbird\Extensions: [te_9.0@nokia.com] - C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_9.0
FF Extension: Thunderbird Address Book Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_9.0 [2012-05-11]

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-02-03] (AVAST Software)
R2 HauppaugeTVServer; C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe [559104 2011-02-08] (Hauppauge Computer Works)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
R2 RichVideo; c:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [271760 2009-04-27] ()

==================== Drivers (Whitelisted) ====================

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-02-03] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-10-22] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-10-22] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1038072 2014-02-03] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [421704 2014-02-03] (AVAST Software)
S3 aswStm; C:\Windows\system32\drivers\aswStm.sys [80184 2014-02-03] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2013-12-26] ()
R3 AVMCOWAN; C:\Windows\System32\DRIVERS\AVMCOWAN.sys [79872 2009-06-10] (AVM GmbH)
S3 cmusbser; C:\Windows\System32\DRIVERS\cmusbser.sys [112768 2007-06-08] (C-motech Co.,Ltd)
R3 FPCIBASE; C:\Windows\System32\DRIVERS\fpcibase.sys [899328 2009-06-10] (AVM Berlin)
R3 hcw89; C:\Windows\System32\DRIVERS\hcw89.sys [1634176 2010-06-11] (Hauppauge Computer Works, Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz135; \??\C:\Users\ADMINI~1\AppData\Local\Temp\cpuz135\cpuz135_x64.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-19 18:22 - 2014-02-19 18:22 - 00018868 _____ () C:\Users\Uncle Tom\Desktop\FRST.txt
2014-02-19 18:21 - 2014-02-19 18:21 - 00000000 ____D () C:\Users\Uncle Tom\Desktop\FRST-OlderVersion
2014-02-19 18:18 - 2014-02-19 18:18 - 00000962 _____ () C:\Users\Uncle Tom\Desktop\JRT.txt
2014-02-19 18:13 - 2014-02-19 18:13 - 00000000 ____D () C:\Windows\ERUNT
2014-02-19 18:08 - 2014-02-19 18:08 - 01037530 _____ (Thisisu) C:\Users\Uncle Tom\Desktop\JRT.exe
2014-02-19 17:49 - 2014-02-19 17:49 - 01241834 _____ () C:\Users\Uncle Tom\Desktop\adwcleaner.exe
2014-02-17 16:34 - 2014-02-17 16:34 - 00139910 _____ () C:\ComboFix.txt
2014-02-17 16:27 - 2014-02-17 16:34 - 00000000 ____D () C:\Qoobox
2014-02-17 16:27 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-02-17 16:27 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-02-17 16:27 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-02-17 16:27 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-02-17 16:27 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-02-17 16:27 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-02-17 16:27 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-02-17 16:27 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-02-17 16:26 - 2014-02-17 16:33 - 00000000 ____D () C:\Windows\erdnt
2014-02-17 16:09 - 2014-02-17 16:09 - 05183112 ____R (Swearware) C:\Users\Uncle Tom\Desktop\ComboFix.exe
2014-02-16 09:47 - 2014-02-16 09:47 - 00000000 _____ () C:\Users\Uncle Tom\defogger_reenable
2014-02-16 09:05 - 2014-02-16 09:05 - 00050477 _____ () C:\Users\Uncle Tom\Desktop\Defogger.exe
2014-02-16 07:40 - 2014-02-19 18:22 - 00000000 ____D () C:\FRST
2014-02-15 16:44 - 2014-02-17 16:42 - 00001142 _____ () C:\Windows\PFRO.log
2014-02-15 16:35 - 2014-02-19 17:54 - 00000616 _____ () C:\Windows\setupact.log
2014-02-15 16:35 - 2014-02-15 16:35 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-15 16:11 - 2014-02-15 16:11 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-02-15 16:11 - 2014-02-15 16:11 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-02-15 16:11 - 2014-02-15 16:11 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-02-15 16:11 - 2014-02-15 16:11 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-02-15 16:10 - 2014-02-15 16:10 - 00000000 ____D () C:\Program Files\Java
2014-02-15 15:38 - 2014-02-15 15:38 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-02-15 15:38 - 2014-02-15 15:38 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-15 13:54 - 2014-02-15 13:54 - 00003225 _____ () C:\Users\Uncle Tom\Desktop\Sophos Virus Removal Tool.lnk
2014-02-15 13:54 - 2014-02-15 13:54 - 00000000 ____D () C:\Users\Uncle Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sophos
2014-02-15 13:54 - 2014-02-15 13:54 - 00000000 ____D () C:\ProgramData\Sophos
2014-02-15 13:54 - 2014-02-15 13:54 - 00000000 ____D () C:\Program Files (x86)\Sophos
2014-02-15 12:30 - 2014-02-15 12:49 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-02-15 12:29 - 2014-02-15 12:49 - 00000000 ____D () C:\Users\Uncle Tom\Desktop\mbar
2014-02-15 12:29 - 2014-02-15 12:29 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-02-15 12:28 - 2014-02-15 12:28 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Uncle Tom\Desktop\mbar-1.07.0.1009.exe
2014-02-15 11:38 - 2014-02-15 11:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-15 11:35 - 2014-02-15 11:35 - 00000000 ____D () C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs
2014-02-15 00:42 - 2014-02-15 00:42 - 00000000 ____D () C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
2014-02-15 00:00 - 2014-02-15 00:00 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-02-15 00:00 - 2014-02-15 00:00 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-02-14 22:44 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-14 22:44 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-14 22:44 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-14 22:44 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-14 22:44 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-14 22:44 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-14 22:44 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-14 22:44 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-14 22:44 - 2014-02-06 11:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-14 22:44 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-14 22:44 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-14 22:44 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-14 22:44 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-14 22:44 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-14 22:44 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-14 22:44 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-14 22:44 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-14 22:44 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-14 22:44 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-14 22:44 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-14 22:44 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-14 22:44 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-14 22:44 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-14 22:44 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-14 22:44 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-14 22:44 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-14 22:44 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-14 22:44 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-14 22:44 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-14 22:44 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-14 22:44 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-14 22:44 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-14 22:44 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-14 22:44 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-14 22:44 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-14 22:44 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-14 22:44 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-14 22:44 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-14 22:44 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-14 22:44 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-14 22:44 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-14 22:03 - 2014-02-14 22:03 - 00001109 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-02-14 22:03 - 2014-02-14 22:03 - 00000000 ____D () C:\Users\Uncle Tom\AppData\Roaming\Malwarebytes
2014-02-14 22:03 - 2014-02-14 22:03 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-14 22:03 - 2014-02-14 22:03 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-14 22:03 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-02-14 22:00 - 2014-02-15 00:00 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-02-14 15:56 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-14 15:56 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-14 15:56 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-14 15:56 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-14 15:56 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-14 15:56 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-14 15:56 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-14 15:56 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-14 15:56 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-14 15:56 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-14 15:56 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-14 15:56 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-14 15:56 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-14 15:56 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-14 15:56 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-14 15:56 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-14 15:56 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-14 15:56 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-14 15:56 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-14 15:56 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-14 15:56 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-14 15:56 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-14 15:56 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-14 15:56 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-14 15:56 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-14 15:56 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-14 15:56 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-14 15:56 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-14 15:44 - 2014-02-14 15:44 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Uncle Tom\Desktop\rkill.com
2014-02-14 15:42 - 2014-02-19 18:21 - 02153472 _____ (Farbar) C:\Users\Uncle Tom\Desktop\FRST64.exe
2014-02-12 21:22 - 2014-02-12 21:22 - 00004546 _____ () C:\Windows\System32\Tasks\Plus-HD-7.7-updater
2014-02-12 21:22 - 2014-02-12 21:22 - 00004502 _____ () C:\Windows\System32\Tasks\Plus-HD-7.7-codedownloader
2014-02-12 21:22 - 2014-02-12 21:22 - 00004400 _____ () C:\Windows\System32\Tasks\Plus-HD-7.7-enabler
2014-02-12 21:22 - 2014-02-12 21:22 - 00003132 _____ () C:\Windows\System32\Tasks\System Speedup
2014-02-12 21:22 - 2014-02-12 21:22 - 00003042 _____ () C:\Windows\System32\Tasks\System Speedup_UPDATES
2014-02-12 21:22 - 2014-02-12 21:22 - 00002886 _____ () C:\Windows\System32\Tasks\System Speedup_DEFAULT
2014-02-12 21:21 - 2014-02-12 21:21 - 00005430 _____ () C:\Windows\System32\Tasks\Plus-HD-7.7-validator
2014-02-12 21:20 - 2014-02-12 22:17 - 00000000 ____D () C:\Program Files\SavingsbullFilter
2014-02-11 19:27 - 2014-02-12 19:24 - 00009129 _____ () C:\Users\Uncle Tom\AppData\Local\QC_140210.log
2014-02-09 21:56 - 2014-02-19 04:52 - 00000000 ____D () C:\Users\Uncle Tom\AppData\Roaming\RssPopper
2014-02-09 21:56 - 2014-02-09 21:56 - 00000000 ____D () C:\Program Files (x86)\RSS Popper
2014-02-08 13:40 - 2014-02-08 13:40 - 00000000 ____D () C:\Users\Uncle Tom\AppData\Local\Woozle
2014-02-08 13:10 - 2014-02-08 13:10 - 00000958 _____ () C:\Users\Uncle Tom\Desktop\XanaNews.lnk
2014-02-08 13:10 - 2014-02-08 13:10 - 00000000 ____D () C:\Program Files (x86)\XanaNews
2014-01-27 20:33 - 2014-02-07 16:33 - 00024464 _____ () C:\Users\Uncle Tom\AppData\Local\QC_140124.log
2014-01-20 17:05 - 2014-01-20 17:05 - 00005298 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log

==================== One Month Modified Files and Folders =======

2014-02-19 18:22 - 2014-02-19 18:22 - 00018868 _____ () C:\Users\Uncle Tom\Desktop\FRST.txt
2014-02-19 18:22 - 2014-02-16 07:40 - 00000000 ____D () C:\FRST
2014-02-19 18:21 - 2014-02-19 18:21 - 00000000 ____D () C:\Users\Uncle Tom\Desktop\FRST-OlderVersion
2014-02-19 18:21 - 2014-02-14 15:42 - 02153472 _____ (Farbar) C:\Users\Uncle Tom\Desktop\FRST64.exe
2014-02-19 18:18 - 2014-02-19 18:18 - 00000962 _____ () C:\Users\Uncle Tom\Desktop\JRT.txt
2014-02-19 18:13 - 2014-02-19 18:13 - 00000000 ____D () C:\Windows\ERUNT
2014-02-19 18:08 - 2014-02-19 18:08 - 01037530 _____ (Thisisu) C:\Users\Uncle Tom\Desktop\JRT.exe
2014-02-19 18:02 - 2009-07-14 05:45 - 00016768 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-19 18:02 - 2009-07-14 05:45 - 00016768 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-19 18:00 - 2011-02-23 13:59 - 00708640 _____ () C:\Windows\system32\perfh007.dat
2014-02-19 18:00 - 2011-02-23 13:59 - 00157972 _____ () C:\Windows\system32\perfc007.dat
2014-02-19 18:00 - 2009-07-14 06:13 - 01674134 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-19 17:54 - 2014-02-15 16:35 - 00000616 _____ () C:\Windows\setupact.log
2014-02-19 17:54 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-19 17:52 - 2013-12-18 10:59 - 00000000 ____D () C:\AdwCleaner
2014-02-19 17:52 - 2011-04-23 14:09 - 01465304 _____ () C:\Windows\WindowsUpdate.log
2014-02-19 17:49 - 2014-02-19 17:49 - 01241834 _____ () C:\Users\Uncle Tom\Desktop\adwcleaner.exe
2014-02-19 17:24 - 2012-04-02 15:17 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-19 17:16 - 2012-07-07 12:34 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-02-19 04:52 - 2014-02-09 21:56 - 00000000 ____D () C:\Users\Uncle Tom\AppData\Roaming\RssPopper
2014-02-18 22:29 - 2011-07-31 10:35 - 00000000 ____D () C:\Users\Uncle Tom\AppData\Roaming\vlc
2014-02-17 16:42 - 2014-02-15 16:44 - 00001142 _____ () C:\Windows\PFRO.log
2014-02-17 16:35 - 2013-10-19 11:06 - 00000000 ____D () C:\Users\Uncle Tom\AppData\Local\Apps\2.0
2014-02-17 16:34 - 2014-02-17 16:34 - 00139910 _____ () C:\ComboFix.txt
2014-02-17 16:34 - 2014-02-17 16:27 - 00000000 ____D () C:\Qoobox
2014-02-17 16:33 - 2014-02-17 16:26 - 00000000 ____D () C:\Windows\erdnt
2014-02-17 16:33 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-02-17 16:23 - 2013-12-31 11:51 - 00001768 _____ () C:\Users\Uncle Tom\Desktop\Defraggler.lnk
2014-02-17 16:09 - 2014-02-17 16:09 - 05183112 ____R (Swearware) C:\Users\Uncle Tom\Desktop\ComboFix.exe
2014-02-16 09:47 - 2014-02-16 09:47 - 00000000 _____ () C:\Users\Uncle Tom\defogger_reenable
2014-02-16 09:47 - 2011-04-23 13:11 - 00000000 ____D () C:\Users\Uncle Tom
2014-02-16 09:05 - 2014-02-16 09:05 - 00050477 _____ () C:\Users\Uncle Tom\Desktop\Defogger.exe
2014-02-15 17:31 - 2013-10-19 12:16 - 00022374 _____ () C:\Users\Uncle Tom\AppData\Local\Layout.xml
2014-02-15 17:31 - 2013-10-19 12:16 - 00022012 _____ () C:\Users\Uncle Tom\AppData\Local\LayoutPanels.xml
2014-02-15 17:31 - 2013-10-19 12:16 - 00012573 _____ () C:\Users\Uncle Tom\AppData\Local\Layout_Card.xml
2014-02-15 17:31 - 2013-10-19 11:10 - 06291456 _____ () C:\Users\Uncle Tom\AppData\Local\QC.mdf
2014-02-15 17:31 - 2013-10-19 11:10 - 01572864 _____ () C:\Users\Uncle Tom\AppData\Local\QC_log.ldf
2014-02-15 17:31 - 2013-10-19 11:10 - 00004378 _____ () C:\Users\Uncle Tom\AppData\Local\QC.ini
2014-02-15 17:31 - 2013-10-19 11:09 - 00012006 _____ () C:\Users\Uncle Tom\AppData\Local\QC.log
2014-02-15 17:30 - 2013-10-19 11:10 - 00021988 _____ () C:\Users\Uncle Tom\AppData\Local\LayoutPanels_Default.xml
2014-02-15 17:30 - 2013-10-19 11:06 - 00000000 ____D () C:\Users\Uncle Tom\AppData\Local\Deployment
2014-02-15 16:35 - 2014-02-15 16:35 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-15 16:34 - 2009-07-14 06:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-15 16:11 - 2014-02-15 16:11 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-02-15 16:11 - 2014-02-15 16:11 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-02-15 16:11 - 2014-02-15 16:11 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-02-15 16:11 - 2014-02-15 16:11 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-02-15 16:10 - 2014-02-15 16:10 - 00000000 ____D () C:\Program Files\Java
2014-02-15 15:38 - 2014-02-15 15:38 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-02-15 15:38 - 2014-02-15 15:38 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-15 13:54 - 2014-02-15 13:54 - 00003225 _____ () C:\Users\Uncle Tom\Desktop\Sophos Virus Removal Tool.lnk
2014-02-15 13:54 - 2014-02-15 13:54 - 00000000 ____D () C:\Users\Uncle Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sophos
2014-02-15 13:54 - 2014-02-15 13:54 - 00000000 ____D () C:\ProgramData\Sophos
2014-02-15 13:54 - 2014-02-15 13:54 - 00000000 ____D () C:\Program Files (x86)\Sophos
2014-02-15 13:18 - 2012-05-06 14:15 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-15 12:49 - 2014-02-15 12:30 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-02-15 12:49 - 2014-02-15 12:29 - 00000000 ____D () C:\Users\Uncle Tom\Desktop\mbar
2014-02-15 12:43 - 2011-05-02 16:00 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-02-15 12:43 - 2011-05-02 16:00 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy
2014-02-15 12:29 - 2014-02-15 12:29 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-02-15 12:28 - 2014-02-15 12:28 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Uncle Tom\Desktop\mbar-1.07.0.1009.exe
2014-02-15 11:38 - 2014-02-15 11:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-15 11:35 - 2014-02-15 11:35 - 00000000 ____D () C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs
2014-02-15 08:36 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-02-15 06:57 - 2011-04-24 09:28 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-02-15 00:44 - 2009-07-14 03:34 - 00000499 _____ () C:\Windows\win.ini
2014-02-15 00:42 - 2014-02-15 00:42 - 00000000 ____D () C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
2014-02-15 00:00 - 2014-02-15 00:00 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-02-15 00:00 - 2014-02-15 00:00 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-02-15 00:00 - 2014-02-14 22:00 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-02-14 22:52 - 2013-08-15 16:18 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-14 22:48 - 2011-04-30 15:51 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-14 22:45 - 2011-06-19 07:56 - 01639042 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-14 22:03 - 2014-02-14 22:03 - 00001109 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-02-14 22:03 - 2014-02-14 22:03 - 00000000 ____D () C:\Users\Uncle Tom\AppData\Roaming\Malwarebytes
2014-02-14 22:03 - 2014-02-14 22:03 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-14 22:03 - 2014-02-14 22:03 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-14 15:44 - 2014-02-14 15:44 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Uncle Tom\Desktop\rkill.com
2014-02-13 20:42 - 2011-05-02 13:44 - 00000000 ____D () C:\Users\Uncle Tom\AppData\Roaming\IrfanView
2014-02-12 22:17 - 2014-02-12 21:20 - 00000000 ____D () C:\Program Files\SavingsbullFilter
2014-02-12 21:22 - 2014-02-12 21:22 - 00004546 _____ () C:\Windows\System32\Tasks\Plus-HD-7.7-updater
2014-02-12 21:22 - 2014-02-12 21:22 - 00004502 _____ () C:\Windows\System32\Tasks\Plus-HD-7.7-codedownloader
2014-02-12 21:22 - 2014-02-12 21:22 - 00004400 _____ () C:\Windows\System32\Tasks\Plus-HD-7.7-enabler
2014-02-12 21:22 - 2014-02-12 21:22 - 00003132 _____ () C:\Windows\System32\Tasks\System Speedup
2014-02-12 21:22 - 2014-02-12 21:22 - 00003042 _____ () C:\Windows\System32\Tasks\System Speedup_UPDATES
2014-02-12 21:22 - 2014-02-12 21:22 - 00002886 _____ () C:\Windows\System32\Tasks\System Speedup_DEFAULT
2014-02-12 21:21 - 2014-02-12 21:21 - 00005430 _____ () C:\Windows\System32\Tasks\Plus-HD-7.7-validator
2014-02-12 19:24 - 2014-02-11 19:27 - 00009129 _____ () C:\Users\Uncle Tom\AppData\Local\QC_140210.log
2014-02-09 21:56 - 2014-02-09 21:56 - 00000000 ____D () C:\Program Files (x86)\RSS Popper
2014-02-08 13:40 - 2014-02-08 13:40 - 00000000 ____D () C:\Users\Uncle Tom\AppData\Local\Woozle
2014-02-08 13:10 - 2014-02-08 13:10 - 00000958 _____ () C:\Users\Uncle Tom\Desktop\XanaNews.lnk
2014-02-08 13:10 - 2014-02-08 13:10 - 00000000 ____D () C:\Program Files (x86)\XanaNews
2014-02-07 17:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Help
2014-02-07 16:33 - 2014-01-27 20:33 - 00024464 _____ () C:\Users\Uncle Tom\AppData\Local\QC_140124.log
2014-02-06 13:16 - 2014-02-14 22:44 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 12:30 - 2014-02-14 22:44 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 12:30 - 2014-02-14 22:44 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 12:12 - 2014-02-14 22:44 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 12:07 - 2014-02-14 22:44 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 12:06 - 2014-02-14 22:44 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 11:57 - 2014-02-14 22:44 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 11:56 - 2014-02-14 22:44 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 11:52 - 2014-02-14 22:44 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 11:49 - 2014-02-14 22:44 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 11:48 - 2014-02-14 22:44 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 11:48 - 2014-02-14 22:44 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 11:38 - 2014-02-14 22:44 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-06 11:32 - 2014-02-14 22:44 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 11:20 - 2014-02-14 22:44 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-06 11:17 - 2014-02-14 22:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 11:11 - 2014-02-14 22:44 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 11:01 - 2014-02-14 22:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-06 11:00 - 2014-02-14 22:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-14 22:44 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-06 10:57 - 2014-02-14 22:44 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 10:52 - 2014-02-14 22:44 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-06 10:52 - 2014-02-14 22:44 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-06 10:50 - 2014-02-14 22:44 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 10:49 - 2014-02-14 22:44 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-06 10:47 - 2014-02-14 22:44 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-06 10:46 - 2014-02-14 22:44 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-06 10:25 - 2014-02-14 22:44 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-06 10:25 - 2014-02-14 22:44 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-06 10:24 - 2014-02-14 22:44 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 10:22 - 2014-02-14 22:44 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 10:13 - 2014-02-14 22:44 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-06 10:09 - 2014-02-14 22:44 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-06 10:03 - 2014-02-14 22:44 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-06 09:55 - 2014-02-14 22:44 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 09:41 - 2014-02-14 22:44 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-06 09:40 - 2014-02-14 22:44 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-06 09:36 - 2014-02-14 22:44 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-06 09:34 - 2014-02-14 22:44 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-05 08:24 - 2012-04-02 15:17 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-05 08:24 - 2012-04-02 15:17 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-05 08:24 - 2011-05-17 16:39 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-03 20:13 - 2013-12-26 17:39 - 00080184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-02-03 20:13 - 2011-04-24 17:50 - 01038072 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-02-03 20:13 - 2011-04-24 17:50 - 00421704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-02-03 20:13 - 2011-04-24 17:50 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-02-03 20:13 - 2011-04-24 17:50 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-02-03 20:13 - 2011-04-24 17:50 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-01-23 20:57 - 2014-01-08 19:23 - 00031779 _____ () C:\Users\Uncle Tom\AppData\Local\QC_140108.log
2014-01-20 19:12 - 2013-09-29 10:36 - 00000000 ____D () C:\ProgramData\Oracle
2014-01-20 17:05 - 2014-01-20 17:05 - 00005298 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-20 17:05 - 2013-10-19 04:05 - 00000000 ____D () C:\Program Files (x86)\Java

Files to move or delete:
====================
C:\Users\Uncle Tom\AppData\Roaming\Camdata.ini
C:\Users\Uncle Tom\AppData\Roaming\CamLayout.ini
C:\Users\Uncle Tom\AppData\Roaming\CamShapes.ini
C:\ProgramData\mbsetup.exe
C:\ProgramData\micromeet.dat


Some content of TEMP:
====================
C:\Users\Uncle Tom\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\Uncle Tom\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-18 00:21

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---

Fleißaufgaben erledigt.

Danke.

Im Standby



Tom

[/CODE]

Geändert von uncle_tom (19.02.2014 um 17:08 Uhr)

Alt 20.02.2014, 13:20   #13
schrauber
/// the machine
/// TB-Ausbilder
 

Windows7/64 von div. Schädlingen infiziert - Standard

Windows7/64 von div. Schädlingen infiziert




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 20.02.2014, 17:13   #14
uncle_tom
 
Windows7/64 von div. Schädlingen infiziert - Standard

Windows7/64 von div. Schädlingen infiziert



Hallo Schrauber.

Ausnahmsweise vom Büro aus kurz melden...

- wie verfahre ich mit insgesamt 6 USB-Platten? 6 x ESSET laufen lassen? Weil parallel kann ich die nicht betreiben.

Auf 4 (2 + Spiegelungen) von den Platten befinden sich archivierte TV-Aufnahmen, eigene Fotos... zumindest nichts fremdes (von Hause aus).

Auf einer 5. Platte (+ 1x Spiegelung) befinden sich Arconisdateien (Backups) C-Partition, D (Datenlaufwerk), E instalierfähige Software sowie F unsichtete sowie gerenderte TV-Aufnahmen (auch nichts Fremdes)

- Probleme:

Ich hatte (während des Selbstheilungsprozessversuches bis zum Zeitpunkt Deines Eingreifens) in der Registry einen Eintrag "RTL?????" gesehen. Desweiteren fand ich einen Ordner auf D(atenlaufwerk) ebenfalls "RTL...." obwohl ich mit diesem Krawallsender (außerWWM und gelegentlich Spielfilme gucken nichts am Hut habe.

- Ich sah gestern noch (bin leider nicht zu Hause. 8-(((( ) verdächtige Eintragungen 7.7... war jedenfalls in den Logs). Hast *Du* die Dinger auf dem Schirm?

Wie gehabt warte ich Deine Antwort ab. Ich hoffe, dass ich dann zu Hause (16/17 Uhr) loslegen kann.

Bis nachher und Dake vielmals!

Tom

- Probleme:


- Ich sah gestern noch (bin leider nicht zu Hause. 8-(((( ) verdächtige Eintragungen 7.7... war jedenfalls in den Logs). Hast *Du* die Dinger auf dem Schirm?

Bin in meiner Hütte...

...

Plus-HD-7.7 nennt sich das Teil offenbar. Ist, wie Gurgel meinte, auch hier im TB thematisiert worden.:

ADWARE/InstallCore.Gen7 Malware - Seite 2 - Trojaner-Board

www.trojaner-board.de › ... › Plagegeister aller Art und deren Bekämpfung
05.02.2014 - 6 Beiträge - ‎3 Autoren
... Successfully deleted: [File] C:\Windows\Tasks\Plus-HD-7.7-codedownloader.job Successfully deleted: [File] C:\Windows\Tasks\Plus-HD-7.7-firefoxinstaller.job ...

Ansonsten habe ich außer TB und WDR nichts mehr groß aufgerufen. OnlineBanking liegt seit dem Theater ebenfalls brach, was mich nach einer Woche ziemlich belastet. Outlook / Mail habe ich ebenfalls unterlassen. 8-/

Bis hoffentlich nachher denn ich möchte schon Deine Antworten wieder abwarten. *-)

So schwer es auch fällt, da ich mich traue und für das Vorkommnis "blute".

Das Perverse an der ganzen Sache:

Für *genau das* vergangene Wochenende hatte ich Backups geplant. Aber aktiv gewordende Viren, Würmer und was Du sonst noch alles gefunden hast, machten mir einen dicken Strich durch die Planungs"Rechnung".


Alt 21.02.2014, 13:59   #15
schrauber
/// the machine
/// TB-Ausbilder
 

Windows7/64 von div. Schädlingen infiziert - Standard

Windows7/64 von div. Schädlingen infiziert



Hi,

externe Platten kannste auch anschliessend mit deinem AV PRogramm scannen. Und ja, die Reste hab ich auf dem Schirm
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Windows7/64 von div. Schädlingen infiziert
adw-cleaner, avast, fehler, firefox, free, gelöscht, google, hängen, infiziert, infizierte, installation, logfiles, malwarebytes, microsoft, namen, programme, registry, schädlinge, security, seite, seiten, software, sophos, system, werbefenster, windows



Ähnliche Themen: Windows7/64 von div. Schädlingen infiziert


  1. Avira und SuperAntispyware finden Schädlingen
    Log-Analyse und Auswertung - 11.10.2015 (7)
  2. Windows 7: Befall von Schädlingen - Avira entdeckt Trojaner plus Adware
    Plagegeister aller Art und deren Bekämpfung - 26.05.2014 (11)
  3. Windows XP: Befall mit mehreren Schädlingen - Neu aufsetzten oder reparieren?
    Log-Analyse und Auswertung - 19.01.2014 (7)
  4. Laptop W7 voller Schädlingen
    Log-Analyse und Auswertung - 15.01.2014 (16)
  5. Onlinebanking und Prävention vor Schädlingen
    Log-Analyse und Auswertung - 23.11.2013 (3)
  6. eFax Corporate - pdf mit Schädlingen?
    Plagegeister aller Art und deren Bekämpfung - 27.02.2013 (17)
  7. Avira-Quarantäneordner mit 8 Schädlingen -> was ist zu tun?
    Log-Analyse und Auswertung - 27.09.2012 (38)
  8. Suche Leute die an Schädlingen Interesse haben
    Plagegeister aller Art und deren Bekämpfung - 07.06.2012 (2)
  9. Entfernen von PDF Creator Toolbar und vill anderen schädlingen
    Log-Analyse und Auswertung - 15.01.2012 (29)
  10. Nach 'TR/Dropper.Gen' eine Flut an Schädlingen
    Log-Analyse und Auswertung - 25.07.2010 (15)
  11. Vermeidung von Virenbefall und anderen Schädlingen
    Diskussionsforum - 18.01.2010 (17)
  12. Neue Installation von Lidl-Laptop mit Schädlingen
    Log-Analyse und Auswertung - 20.10.2009 (1)
  13. Kaspersky 2010 patzt bei Wildlist-Schädlingen
    Nachrichten - 29.06.2009 (0)
  14. Seltsames Problem mit Schädlingen in C:/windows/temp
    Plagegeister aller Art und deren Bekämpfung - 21.03.2009 (4)
  15. Brauche Hilfe beim entfernen von Schädlingen
    Plagegeister aller Art und deren Bekämpfung - 02.05.2008 (14)
  16. Probleme mit Schädlingen
    Log-Analyse und Auswertung - 28.07.2007 (1)
  17. Hijacker: Schädlingen auf der Spur
    Archiv - 27.07.2005 (8)

Zum Thema Windows7/64 von div. Schädlingen infiziert - Guten Tag, Trojaner-Team. Ich bitte um Hilfe bei der Bereinigung meines offenbar verseuchten Rechners. Am Mittwoch, 12.02.2014, teilte mir Avast free mit, dass mein PC in einem kritischen Zustand sei - Windows7/64 von div. Schädlingen infiziert...
Archiv
Du betrachtest: Windows7/64 von div. Schädlingen infiziert auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.