Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Windows 7 - Malware gefunden - regsrv32 - Fehlermeldung bei Systemboot

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Alt 26.07.2014, 18:55   #1
Trigant
 
Windows 7 - Malware gefunden - regsrv32 - Fehlermeldung bei Systemboot - Standard

Windows 7 - Malware gefunden - regsrv32 - Fehlermeldung bei Systemboot



Hallo mir wurde hier: http://www.trojaner-board.de/156890-...32-fehler.html geraten, mich besser in diesem Bereich des Forums zu melden, da scheinbar auf meinem Rechner Malware läuft!
Ich bitte also offiziell dringend um Hilfe!

Wie im Titel: Systemstart bringt Fehlermeldung wie hier. Zuletzt Opfer durch wohl intern umgeleitete Homebanking Seite geworden (Ich war leider nicht zugegen)! Homebanking bereits gesperrt!

Die Logs sind als Dateianhang untergebracht, da die maximale Zeichenlänge überschritten wurde!

Ich hoffe, man kann mir helfen

Alt 26.07.2014, 20:17   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 7 - Malware gefunden - regsrv32 - Fehlermeldung bei Systemboot - Standard

Windows 7 - Malware gefunden - regsrv32 - Fehlermeldung bei Systemboot



Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 26.07.2014, 20:35   #3
Trigant
 
Windows 7 - Malware gefunden - regsrv32 - Fehlermeldung bei Systemboot - Standard

Windows 7 - Malware gefunden - regsrv32 - Fehlermeldung bei Systemboot



gmer.txt
Code:
ATTFilter
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-07-26 19:33:29
Windows 6.1.7600  \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP2T0L0-2 Hitachi_HDP725050GLA360 rev.GM4OA5CA 465,76GB
Running: ckmygz4f.exe; Driver: C:\Users\FINANZ~1\AppData\Local\Temp\axldqpoc.sys


---- System - GMER 2.1 ----

SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                            ZwAddBootEntry [0xC6C21BA6]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                            ZwAssignProcessToJobObject [0xC6C22684]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                            ZwCreateEvent [0xC6C2E6F8]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                            ZwCreateEventPair [0xC6C2E744]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                            ZwCreateIoCompletion [0xC6C2E8DE]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                            ZwCreateMutant [0xC6C2E666]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                            ZwCreateSection [0xC6C2E788]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                            ZwCreateSemaphore [0xC6C2E6AE]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                            ZwCreateThread [0xC6C22BBA]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                            ZwCreateThreadEx [0xC6C22DD6]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                            ZwCreateTimer [0xC6C2E898]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                            ZwDebugActiveProcess [0xC6C23472]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                            ZwDeleteBootEntry [0xC6C21C0C]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                            ZwDuplicateObject [0xC6C26C68]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                            ZwLoadDriver [0xC6C217F8]
SSDT            \SystemRoot\System32\Drivers\nelzzmgc.SYS                                                          ZwMapViewOfSection [0x9861AE28]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                            ZwModifyBootEntry [0xC6C21C72]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                            ZwNotifyChangeKey [0xC6C2705E]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                            ZwNotifyChangeMultipleKeys [0xC6C23F5A]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                            ZwOpenEvent [0xC6C2E722]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                            ZwOpenEventPair [0xC6C2E766]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                            ZwOpenIoCompletion [0xC6C2E902]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                            ZwOpenMutant [0xC6C2E68C]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                            ZwOpenProcess [0xC6C26560]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                            ZwOpenSection [0xC6C2E816]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                            ZwOpenSemaphore [0xC6C2E6D6]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                            ZwOpenThread [0xC6C2694C]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                            ZwOpenTimer [0xC6C2E8BC]
SSDT            \SystemRoot\System32\Drivers\nelzzmgc.SYS                                                          ZwProtectVirtualMemory [0x9861ABCC]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                            ZwQueryObject [0xC6C23DCE]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                            ZwQueueApcThreadEx [0xC6C23ADC]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                            ZwSetBootEntryOrder [0xC6C21CD8]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                            ZwSetBootOptions [0xC6C21D3E]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                            ZwSetContextThread [0xC6C232EC]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                            ZwSetSystemInformation [0xC6C21892]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                            ZwSetSystemPowerState [0xC6C21A64]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                            ZwShutdownSystem [0xC6C219F2]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                            ZwSuspendProcess [0xC6C2363C]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                            ZwSuspendThread [0xC6C2379E]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                            ZwSystemDebugControl [0xC6C21AEC]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                            ZwTerminateProcess [0xC6C2312A]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                            ZwTerminateThread [0xC6C232CC]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                            ZwVdmControl [0xC6C21DA4]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                            ZwWriteVirtualMemory [0xC6C226E0]

---- Kernel code sections - GMER 2.1 ----

.text           ntoskrnl.exe!ZwRollbackTransaction + 13F5                                                          83C538A9 1 Byte  [06]
.text           ntoskrnl.exe!KiDispatchInterrupt + 5A2                                                             83C73302 19 Bytes  [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text           ntoskrnl.exe!KeRemoveQueueEx + 138B                                                                83C7A558 4 Bytes  [A6, 1B, C2, C6]
.text           ntoskrnl.exe!KeRemoveQueueEx + 1413                                                                83C7A5E0 4 Bytes  [84, 26, C2, C6]
.text           ntoskrnl.exe!KeRemoveQueueEx + 1467                                                                83C7A634 8 Bytes  [F8, E6, C2, C6, 44, E7, C2, ...] {CLC ; OUT 0xc2, AL; MOV BYTE [EDI-0x3e], 0xc6}
.text           ntoskrnl.exe!KeRemoveQueueEx + 1473                                                                83C7A640 4 Bytes  [DE, E8, C2, C6]
.text           ntoskrnl.exe!KeRemoveQueueEx + 148F                                                                83C7A65C 4 Bytes  [66, E6, C2, C6]
.text           ...                                                                                                
?               \Device\Harddisk1\Partition1\Windows\system32\drivers\PctWfpFilter.sys                             Das System kann den angegebenen Pfad nicht finden. !
?               C:\Users\FINANZ~1\AppData\Local\Temp\cpuz132\cpuz132_x32.sys                                       Das System kann den angegebenen Pfad nicht finden. !
?               C:\Users\FINANZ~1\AppData\Local\Temp\mbr.sys                                                       Das System kann den angegebenen Pfad nicht finden. !
?               System32\Drivers\nelzzmgc.SYS                                                                      Das System kann den angegebenen Pfad nicht finden. !

---- User code sections - GMER 2.1 ----

.text           c:\program files\windows defender\MpCmdRun.exe[232] kernel32.dll!GetBinaryTypeW + 70               76E77934 1 Byte  [62]
.text           C:\Windows\system32\AUDIODG.EXE[1080] kernel32.dll!GetBinaryTypeW + 70                             76E77934 1 Byte  [62]
.text           C:\Windows\system32\wbem\unsecapp.exe[3096] kernel32.dll!GetBinaryTypeW + 70                       76E77934 1 Byte  [62]
.text           C:\Program Files\AVAST Software\Avast\avastUi.exe[4052] kernel32.dll!SetUnhandledExceptionFilter   76E63122 8 Bytes  [31, C0, C2, 04, 00, 90, 90, ...] {XOR EAX, EAX; RET 0x4; NOP ; NOP ; NOP }
.text           C:\Program Files\AVAST Software\Avast\avastUi.exe[4052] kernel32.dll!GetBinaryTypeW + 70           76E77934 1 Byte  [62]
.text           C:\Users\Finanzdienstleistung\Downloads\ckmygz4f.exe[5284] kernel32.dll!GetBinaryTypeW + 70        76E77934 1 Byte  [62]
.text           C:\Windows\System32\WUDFHost.exe[5316] kernel32.dll!GetBinaryTypeW + 70                            76E77934 1 Byte  [62]
.text           C:\Program Files\AVAST Software\Avast\AvastSvc.exe[5536] kernel32.dll!SetUnhandledExceptionFilter  76E63122 8 Bytes  [31, C0, C2, 04, 00, 90, 90, ...] {XOR EAX, EAX; RET 0x4; NOP ; NOP ; NOP }
.text           C:\Program Files\AVAST Software\Avast\AvastSvc.exe[5536] kernel32.dll!GetBinaryTypeW + 70          76E77934 1 Byte  [62]

---- Devices - GMER 2.1 ----

AttachedDevice  \Driver\tdx \Device\Tcp                                                                            pctgntdi.sys
AttachedDevice  \Driver\tdx \Device\Udp                                                                            pctgntdi.sys
AttachedDevice  \Driver\tdx \Device\RawIp                                                                          pctgntdi.sys

---- EOF - GMER 2.1 ----
         

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:25-07-2014
Ran by Finanzdienstleistung (administrator) on KLAMM on 26-07-2014 19:08:57
Running from C:\Users\Finanzdienstleistung\Downloads
Platform: Microsoft Windows 7 Ultimate  (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Beratungstechnologie) I:\BTnet_0214\AVB_Steuerung\BTAVB_KomDienst.exe
(NÜRNBERGER Versicherungsgruppe) C:\Program Files\NÜRNBERGER AutoUpdater\BT.Setup.InstallationsDienst.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
(BISS GmbH) C:\Program Files\InterRisk\WinRiskXA\smart\client\bin\BWUpdater.exe
(Sun Microsystems, Inc.) I:\BTnet_0214\Dope\Dope-Mobile\utils\java_jdk_windows-x86-32\bin\javaw.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
(NUERNBERGER Versicherungsgruppe) C:\Program Files\NuernbergerBT\BT.Net_Listener.exe
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
(NÜRNBERGER Versicherungsgruppe) C:\Program Files\NÜRNBERGER AutoUpdater\BT.Setup.Updater.TrayApp.exe
(Dropbox, Inc.) C:\Users\Finanzdienstleistung\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\Brmfcmon\BrMfcMon.exe
(NUERNBERGER Versicherungsgruppe) C:\Program Files\NuernbergerBT\BT.Net_Listener.exe
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [93696 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [93696 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-621612078-4285812529-1901443770-1000\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [22414424 2014-04-03] (Google)
HKU\S-1-5-21-621612078-4285812529-1901443770-1000\...\Run: [IvqeKjaqu] => regsvr32.exe " 
HKU\S-1-5-21-621612078-4285812529-1901443770-1000\...\Run: [OyhiRalow] => regsvr32.exe " 
HKU\S-1-5-21-621612078-4285812529-1901443770-1000\...\Run: [OvmaTmed] => regsvr32.exe " 
HKU\S-1-5-21-621612078-4285812529-1901443770-1000\...\Run: [ItogiVhovu] => regsvr32.exe " 
HKU\S-1-5-21-621612078-4285812529-1901443770-1000\...\Policies\Explorer: [NoWelcomeScreen] 1
HKU\S-1-5-21-621612078-4285812529-1901443770-1000\...\MountPoints2: {df619162-ca5a-11e1-8fdb-404e57434401} - K:\LaunchU3.exe -a
HKU\S-1-5-21-621612078-4285812529-1901443770-1000\...\MountPoints2: {f1bc21e5-f93b-11de-b49c-806e6f6e6963} - E:\CDStart.exe
IFEO\browsemngr.exe: [Debugger] tasklist.exe
IFEO\browsermngr.exe: [Debugger] tasklist.exe
IFEO\bundlesweetimsetup.exe: [Debugger] tasklist.exe
IFEO\cltmngsvc.exe: [Debugger] tasklist.exe
IFEO\delta babylon.exe: [Debugger] tasklist.exe
IFEO\delta tb.exe: [Debugger] tasklist.exe
IFEO\delta2.exe: [Debugger] tasklist.exe
IFEO\deltainstaller.exe: [Debugger] tasklist.exe
IFEO\deltasetup.exe: [Debugger] tasklist.exe
IFEO\deltatb.exe: [Debugger] tasklist.exe
IFEO\deltatb_2501-c733154b.exe: [Debugger] tasklist.exe
IFEO\iminentsetup.exe: [Debugger] tasklist.exe
IFEO\rjatydimofu.exe: [Debugger] tasklist.exe
IFEO\sweetimsetup.exe: [Debugger] tasklist.exe
IFEO\tbdelta.exetoolbar783881609.exe: [Debugger] tasklist.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NÜRNBERGER AutoUpdater.lnk
ShortcutTarget: NÜRNBERGER AutoUpdater.lnk -> C:\Windows\Installer\{366D38BF-E12D-48FB-9F01-EEF3E7DCADEF}\BT.Setup.Updater.T_CD8CBA3468C240F981B372C3EA3FF361.exe (Acresso Software Inc.)
Startup: C:\Users\Finanzdienstleistung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\auto.bat ()
Startup: C:\Users\Finanzdienstleistung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Finanzdienstleistung\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Finanzdienstleistung\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Finanzdienstleistung\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Finanzdienstleistung\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: GDriveBlacklistedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedEditOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedViewOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncingOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.search.ask.com/?o=APN10645A&gct=hp&d=406-0&v=n11099-240&t=4
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.web.de/br/ie9_startpage
HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://toolbar.inbox.com/search/ie.aspx?tbid=80772&lng=de
HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = hxxp://toolbar.inbox.com/help/sa_customize.aspx?tbid=80772
URLSearchHook: HKLM - WiseConvert 2.2 Toolbar - {b81767e1-672d-4da1-b5cc-d277185815a6} - C:\Program Files\WiseConvert_2.2\prxtbWis0.dll (Conduit Ltd.)
SearchScopes: HKLM - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = 
SearchScopes: HKLM - _tmp URL = 
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=0&systemid=406&v=n11099-240&apn_uid=0663415917174031&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.sweetim.com/search.asp?src=6&crg=3.1010006&st=10&q={searchTerms}
SearchScopes: HKCU - _tmp URL = 
SearchScopes: HKCU - {09038620-190C-402B-A92F-18864E6AB22F} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKCU - {0E627687-3EBF-4D52-A048-1A6BDC182395} URL = hxxp://go.web.de/suchbox/smartshopping/?searchText={searchTerms}&mc=searchplugin@suche@msie.suche@preisvergleich
SearchScopes: HKCU - {222B5EA2-7E05-4C0D-8A56-E8E68392FA65} URL = hxxp://search.avg.com/route/?d=$instd$&v=$ver$&i=$dchid$&tp=chrome&q={searchTerms}&lng={moz:locale}&iy=&ychte=de
SearchScopes: HKCU - {3AB67233-D4D5-47F1-95F9-00C0D89D908D} URL = hxxp://go.web.de/suchbox/amazon/?keywords={searchTerms}
SearchScopes: HKCU - {417FF3BC-0405-476F-8364-02E002CEBF69} URL = hxxp://search.gmx.com/web?q={searchTerms}&origin=tb_splugin_ie
SearchScopes: HKCU - {594A203C-46AE-48E0-B7DB-E588A7912B8E} URL = hxxp://search.1und1.de/search/web/?su={searchTerms}&mc=searchplugin@suche@msie.suche@web&origin=searchplugin
SearchScopes: HKCU - {5A817CF6-92D5-4DE5-AC38-82DF8A73EF28} URL = hxxp://go.gmx.net/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKCU - {697B2969-6FC0-4CBC-9FB9-EBA7FEB50EC2} URL = hxxp://go.web.de/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKCU - {6B1D1FB7-7233-4F7C-802C-21A1DDB12754} URL = hxxp://go.web.de/br/ie9_search_web/?su={searchTerms}
SearchScopes: HKCU - {764EC6F5-012F-4DD1-A141-1BBB8B1311E1} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=302398&p={searchTerms}
SearchScopes: HKCU - {98A6AA5C-C81F-464D-8189-888B7F4C3BF6} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=U3&apn_dtid=OSJ000YYDE&apn_uid=6F7ECD21-D3B8-47C5-9A13-B2895120AFD0&apn_sauid=0989F9C0-EA3D-4014-9F6D-18D2C2C1F9F9&
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=0&systemid=406&v=n11099-240&apn_uid=0663415917174031&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.babylon.com/?q={searchTerms}&affID=110824&tt=4312_4&babsrc=SP_ss&mntrId=1063ab6a00000000000000196640d147
SearchScopes: HKCU - {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL = hxxp://toolbar.inbox.com/search/dispatcher.aspx?tp=bs&qkw={searchTerms}&tbid=80772&lng=de
SearchScopes: HKCU - {DC3A72F4-442E-4C80-BB61-F86A38632867} URL = hxxp://suche.gmx.net/search/web/?su={searchTerms}&mc=searchplugin@suche@msie.suche@web&origin=searchplugin
BHO: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: WiseConvert 2.2 Toolbar -> {b81767e1-672d-4da1-b5cc-d277185815a6} -> C:\Program Files\WiseConvert_2.2\prxtbWis0.dll (Conduit Ltd.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} -  No File
Toolbar: HKLM - WiseConvert 2.2 Toolbar - {b81767e1-672d-4da1-b5cc-d277185815a6} - C:\Program Files\WiseConvert_2.2\prxtbWis0.dll (Conduit Ltd.)
Toolbar: HKLM - No Name - {98889811-442D-49dd-99D7-DC866BE87DBC} -  No File
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKCU - No Name - {472734EA-242A-422B-ADF8-83D1E48CC825} -  No File
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Toolbar: HKCU - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} -  No File
Toolbar: HKCU - No Name - {C424171E-592A-415A-9EB1-DFD6D95D3530} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKCU - WiseConvert 2.2 Toolbar - {B81767E1-672D-4DA1-B5CC-D277185815A6} - C:\Program Files\WiseConvert_2.2\prxtbWis0.dll (Conduit Ltd.)
Toolbar: HKCU - No Name - {64EAD72B-FFD4-4E01-AA3A-4C71665D73E4} -  No File
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} -  No File
Winsock: Catalog9 01 C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll [329656] (PC Tools Research Pty Ltd.)
Winsock: Catalog9 02 C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll [329656] (PC Tools Research Pty Ltd.)
Winsock: Catalog9 03 C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll [329656] (PC Tools Research Pty Ltd.)
Winsock: Catalog9 04 C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll [329656] (PC Tools Research Pty Ltd.)
Winsock: Catalog9 05 C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll [329656] (PC Tools Research Pty Ltd.)
Winsock: Catalog9 06 C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll [329656] (PC Tools Research Pty Ltd.)
Winsock: Catalog9 17 C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll [329656] (PC Tools Research Pty Ltd.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Finanzdienstleistung\AppData\Roaming\Mozilla\Firefox\Profiles\fd4ejuoy.default
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @real.com/nppl3260;version=15.0.3.37 - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=15.0.3.37 - C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.3.37 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=15.0.3.37 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=15.0.3.37 - C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=1.1.11 - C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @citrixonline.com/appdetectorplugin - C:\Users\Finanzdienstleistung\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF user.js: detected! => C:\Users\Finanzdienstleistung\AppData\Roaming\Mozilla\Firefox\Profiles\fd4ejuoy.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\MyCamera.dll (CANON INC.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPCIG.dll (CANON INC.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF SearchPlugin: C:\Users\Finanzdienstleistung\AppData\Roaming\Mozilla\Firefox\Profiles\fd4ejuoy.default\searchplugins\11-suche.xml
FF SearchPlugin: C:\Users\Finanzdienstleistung\AppData\Roaming\Mozilla\Firefox\Profiles\fd4ejuoy.default\searchplugins\ecosia.xml
FF SearchPlugin: C:\Users\Finanzdienstleistung\AppData\Roaming\Mozilla\Firefox\Profiles\fd4ejuoy.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Finanzdienstleistung\AppData\Roaming\Mozilla\Firefox\Profiles\fd4ejuoy.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Finanzdienstleistung\AppData\Roaming\Mozilla\Firefox\Profiles\fd4ejuoy.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Finanzdienstleistung\AppData\Roaming\Mozilla\Firefox\Profiles\fd4ejuoy.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Avira Browser Safety - C:\Users\Finanzdienstleistung\AppData\Roaming\Mozilla\Firefox\Profiles\fd4ejuoy.default\Extensions\abs@avira.com [2014-07-23]
FF Extension: WEB.DE MailCheck - C:\Users\Finanzdienstleistung\AppData\Roaming\Mozilla\Firefox\Profiles\fd4ejuoy.default\Extensions\toolbar@web.de [2014-07-22]
FF Extension: Ecosia - The search engine that plants trees - C:\Users\Finanzdienstleistung\AppData\Roaming\Mozilla\Firefox\Profiles\fd4ejuoy.default\Extensions\{d04b0b40-3dab-4f0b-97a6-04ec3eddbfb0}.xpi [2011-07-10]
FF Extension: Adblock Plus - C:\Users\Finanzdienstleistung\AppData\Roaming\Mozilla\Firefox\Profiles\fd4ejuoy.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-07-10]
FF Extension: BonanzaDeals - C:\Users\Finanzdienstleistung\AppData\Roaming\Mozilla\Firefox\Profiles\fd4ejuoy.default\Extensions\{f9d03c26-0575-497e-821d-f7956d23e0ca}.xpi [2013-12-18]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\ffxtlbr@babylon.com [2014-02-17]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-05-03]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-07-26]

Chrome: 
=======
CHR HomePage: 
CHR RestoreOnStartup: "https://www.google.de/", "hxxp://www.search.ask.com/?o=APN10645A&gct=hp&d=406-0&v=n11099-240&t=4"
CHR Extension: (Google Drive) - C:\Users\Finanzdienstleistung\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-26]
CHR Extension: (YouTube) - C:\Users\Finanzdienstleistung\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-26]
CHR Extension: (Adblock Plus) - C:\Users\Finanzdienstleistung\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-12-28]
CHR Extension: (Google-Suche) - C:\Users\Finanzdienstleistung\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-26]
CHR Extension: (Google Wallet) - C:\Users\Finanzdienstleistung\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-26]
CHR Extension: (Google Mail) - C:\Users\Finanzdienstleistung\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-10-26]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-26]
CHR HKLM\...\Chrome\Extension: [hempmfkijmahkaddljkmchcmjbojoedl] - C:\Users\Finanzdienstleistung\AppData\Local\CRE\hempmfkijmahkaddljkmchcmjbojoedl.crx [2012-05-31]
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-05-03]
CHR HKCU\...\Chrome\Extension: [hempmfkijmahkaddljkmchcmjbojoedl] - C:\Users\Finanzdienstleistung\AppData\Local\CRE\hempmfkijmahkaddljkmchcmjbojoedl.crx [2012-05-31]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-26] (AVAST Software)
R2 BTAVB_KomDienst_Vers_Btnet_1402; I:\BTnet_0214\AVB_Steuerung\BTAVB_KomDienst.exe [17920 2013-04-03] (Beratungstechnologie) [File not signed]
R2 NbgAutoUpdater; C:\Program Files\NÜRNBERGER AutoUpdater\BT.Setup.InstallationsDienst.exe [23120 2013-12-05] (NÜRNBERGER Versicherungsgruppe)
S4 WinRiskXASmClServiceHandler; C:\Program Files\InterRisk\WinRiskXA\smart\client\bin\BWServiceHandler.exe [90112 2009-12-10] () [File not signed]
R2 WinRiskXASmClSoftwareUpdate; C:\Program Files\InterRisk\WinRiskXA\smart\client\bin\BWUpdater.exe [24576 2012-04-18] (BISS GmbH) [File not signed]
S2 sdAuxService; No ImagePath
S2 sdCoreService; No ImagePath

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AF15BDA; C:\Windows\System32\DRIVERS\AF15BDA.sys [483200 2010-01-06] (ITETech                  )
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-07-26] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-07-26] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-07-26] (AVAST Software)
S0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-07-26] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [779536 2014-07-26] (AVAST Software)
S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [414520 2014-07-26] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [71944 2014-07-26] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [192352 2014-07-26] ()
R3 AVMCOWAN; C:\Windows\System32\DRIVERS\AVMCOWAN.sys [64000 2009-07-14] (AVM GmbH)
R3 cmpci; C:\Windows\System32\drivers\cmaudio.sys [379726 2002-07-16] (C-Media Inc)
R3 FPCIBASE; C:\Windows\System32\DRIVERS\fpcibase.sys [559104 2009-07-14] (AVM Berlin)
R0 PCTCore; C:\Windows\System32\drivers\PCTCore.sys [331880 2011-11-14] (PC Tools)
R0 pctDS; C:\Windows\System32\drivers\pctDS.sys [342168 2011-12-01] (PC Tools)
R1 pctgntdi; C:\Windows\System32\drivers\pctgntdi.sys [253352 2012-01-11] (PC Tools)
S3 pctplsg; C:\Windows\System32\drivers\pctplsg.sys [70536 2012-01-11] (PC Tools)
R1 PCTSD; C:\Windows\System32\Drivers\PCTSD.sys [185560 2012-01-11] (PC Tools)
S2 ASPI32; No ImagePath
S3 cmuda3; system32\drivers\cmudax3.sys [X]
R3 cpuz132; \??\C:\Users\FINANZ~1\AppData\Local\Temp\cpuz132\cpuz132_x32.sys [X]
S0 TfFsMon; system32\drivers\TfFsMon.sys [X]
S3 TfNetMon; \??\C:\Windows\system32\drivers\TfNetMon.sys [X]
S0 TFSysMon; system32\drivers\TfSysMon.sys [X]
S1 [verify-U]_System; system32\drivers\[verify-U]-driver.sys [X]
U3 mbr; \??\C:\Users\FINANZ~1\AppData\Local\Temp\mbr.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-26 19:08 - 2014-07-26 19:09 - 00025588 _____ () C:\Users\Finanzdienstleistung\Downloads\FRST.txt
2014-07-26 19:08 - 2014-07-26 19:09 - 00000000 ___DC () C:\FRST
2014-07-26 19:07 - 2014-07-26 19:07 - 01084416 _____ (Farbar) C:\Users\Finanzdienstleistung\Downloads\FRST.exe
2014-07-26 19:06 - 2014-07-26 19:06 - 00000502 _____ () C:\Users\Finanzdienstleistung\Downloads\defogger_disable.log
2014-07-26 19:06 - 2014-07-26 19:06 - 00000000 _____ () C:\Users\Finanzdienstleistung\defogger_reenable
2014-07-26 19:05 - 2014-07-26 19:05 - 00050477 _____ () C:\Users\Finanzdienstleistung\Downloads\Defogger.exe
2014-07-26 18:31 - 2014-07-26 18:31 - 00000000 ____D () C:\ProgramData\MAGIX
2014-07-26 18:25 - 2014-07-26 18:25 - 00002079 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-07-26 18:25 - 2014-07-26 18:25 - 00000000 ____D () C:\Users\Finanzdienstleistung\AppData\Roaming\AVAST Software
2014-07-26 18:25 - 2014-07-26 18:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-07-26 18:24 - 2014-07-26 18:25 - 00414520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-07-26 18:24 - 2014-07-26 18:24 - 00779536 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-07-26 18:24 - 2014-07-26 18:24 - 00414392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1406391900125
2014-07-26 18:24 - 2014-07-26 18:24 - 00276432 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-07-26 18:24 - 2014-07-26 18:24 - 00192352 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-07-26 18:24 - 2014-07-26 18:24 - 00081768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-07-26 18:24 - 2014-07-26 18:24 - 00071944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-07-26 18:24 - 2014-07-26 18:24 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-07-26 18:24 - 2014-07-26 18:24 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-07-26 18:24 - 2014-07-26 18:24 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-07-26 18:24 - 2014-07-26 18:24 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-07-26 18:24 - 2014-07-26 18:24 - 00000000 ___DC () C:\Program Files\AVAST Software
2014-07-26 18:22 - 2014-07-26 18:24 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-07-26 18:21 - 2014-07-26 18:22 - 91906368 _____ (AVAST Software) C:\Users\Finanzdienstleistung\Downloads\avast_free_antivirus_setup_9_0_2021 (1).exe
2014-07-26 18:03 - 2014-07-26 18:03 - 00015859 _____ () C:\Users\Finanzdienstleistung\Desktop\dds.txt
2014-07-26 18:03 - 2014-07-26 18:03 - 00010942 _____ () C:\Users\Finanzdienstleistung\Desktop\attach.txt
2014-07-26 17:59 - 2014-07-26 18:00 - 00700783 ____R (Swearware) C:\Users\Finanzdienstleistung\Downloads\dds+.exe
2014-07-26 17:47 - 2014-07-26 17:47 - 04845176 _____ (AVAST Software) C:\Users\Finanzdienstleistung\Downloads\avast_clear.exe
2014-07-24 17:13 - 2014-07-24 17:15 - 143880056 _____ () C:\Users\Gast\Downloads\avira_free_antivirus_de_464.exe
2014-07-24 02:11 - 2014-07-24 18:44 - 00000000 ____D () C:\ProgramData\ItogiVhovu
2014-07-24 02:10 - 2014-07-24 23:18 - 00000000 ____D () C:\ProgramData\OvmaTmed
2014-07-24 00:37 - 2014-07-24 00:38 - 91906368 _____ (AVAST Software) C:\Users\Finanzdienstleistung\Downloads\avast_free_antivirus_setup_9_0_2021.exe
2014-07-23 12:40 - 2014-07-23 12:40 - 00000000 ____D () C:\Users\Finanzdienstleistung\AppData\Roaming\DesktopIconGoodgame
2014-07-22 15:18 - 2014-07-23 11:41 - 00000000 ____D () C:\Users\Finanzdienstleistung\Desktop\Schad
2014-07-21 17:07 - 2014-07-21 17:07 - 00000000 ____D () C:\ProgramData\firebird
2014-07-21 17:06 - 2014-07-21 17:06 - 00000000 ____D () C:\Users\Finanzdienstleistung\AppData\Roaming\NUERNBERGER
2014-07-21 17:05 - 2014-07-21 17:05 - 00000000 ____D () C:\Users\Finanzdienstleistung\Documents\NuernbergerBT
2014-07-21 17:05 - 2014-07-21 17:05 - 00000000 ____D () C:\Users\Finanzdienstleistung\AppData\Local\Nuernberger_Versicherungs
2014-07-21 15:28 - 2014-07-24 16:12 - 00000000 ___DC () C:\Program Files\NÜRNBERGER AutoUpdater
2014-07-21 15:28 - 2014-07-24 16:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NÜRNBERGER AutoUpdater
2014-07-21 15:25 - 2014-07-21 15:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NÜRNBERGER BTnet 02.2014
2014-07-21 15:16 - 2014-07-21 15:16 - 00000000 ____D () C:\Users\Finanzdienstleistung\AppData\Roaming\Keseling
2014-07-21 11:42 - 2014-07-21 11:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alte Leipziger Verbund
2014-07-21 11:27 - 2014-07-21 11:30 - 00000000 ____D () C:\Windows\Downloaded Installations
2014-07-21 02:22 - 2014-07-23 21:33 - 00000000 ____D () C:\ProgramData\OkhoHamu
2014-07-19 23:00 - 2014-07-21 10:27 - 00000000 ____D () C:\ProgramData\IvqeKjaqu
2014-07-19 16:23 - 2014-07-19 16:23 - 00012313 _____ () C:\Users\Finanzdienstleistung\Downloads\Abrechnung Garbpflege 2014.xlsx
2014-07-19 16:23 - 2014-07-19 16:23 - 00012313 _____ () C:\Users\Finanzdienstleistung\Downloads\Abrechnung Garbpflege 2014 (1).xlsx
2014-07-11 03:06 - 2014-07-11 03:06 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-10 22:19 - 2014-07-14 06:11 - 00000000 ____D () C:\Users\Finanzdienstleistung\Desktop\Neuer Ordner (4)
2014-07-10 15:40 - 2014-07-10 15:40 - 00000000 ____D () C:\Users\Finanzdienstleistung\Desktop\Lisa ****
2014-07-10 09:40 - 2014-07-01 03:38 - 00402944 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-10 09:40 - 2014-07-01 03:35 - 00303104 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-09 12:21 - 2014-07-10 22:57 - 00000000 ____D () C:\Users\Finanzdienstleistung\Desktop\Neuer Ordner (3)
2014-06-28 22:24 - 2014-06-29 19:40 - 00000000 ____D () C:\ProgramData\AyruHcalz
2014-06-26 14:46 - 2014-07-08 15:22 - 00000000 ____D () C:\Users\Finanzdienstleistung\Desktop\Neuer Ordner (2)

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-26 19:09 - 2014-07-26 19:08 - 00025588 _____ () C:\Users\Finanzdienstleistung\Downloads\FRST.txt
2014-07-26 19:09 - 2014-07-26 19:08 - 00000000 ___DC () C:\FRST
2014-07-26 19:07 - 2014-07-26 19:07 - 01084416 _____ (Farbar) C:\Users\Finanzdienstleistung\Downloads\FRST.exe
2014-07-26 19:06 - 2014-07-26 19:06 - 00000502 _____ () C:\Users\Finanzdienstleistung\Downloads\defogger_disable.log
2014-07-26 19:06 - 2014-07-26 19:06 - 00000000 _____ () C:\Users\Finanzdienstleistung\defogger_reenable
2014-07-26 19:06 - 2010-01-04 16:28 - 00000000 ____D () C:\Users\Finanzdienstleistung
2014-07-26 19:05 - 2014-07-26 19:05 - 00050477 _____ () C:\Users\Finanzdienstleistung\Downloads\Defogger.exe
2014-07-26 18:56 - 2013-11-12 12:56 - 00000328 _____ () C:\Windows\Tasks\MetaCrawler.job
2014-07-26 18:55 - 2013-11-12 12:56 - 00000328 _____ () C:\Windows\Tasks\DigitalSite.job
2014-07-26 18:36 - 2012-04-12 23:28 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-26 18:31 - 2014-07-26 18:31 - 00000000 ____D () C:\ProgramData\MAGIX
2014-07-26 18:31 - 2010-12-20 19:04 - 00000000 ____D () C:\Users\Finanzdienstleistung\Documents\MAGIX_MxTray
2014-07-26 18:25 - 2014-07-26 18:25 - 00002079 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-07-26 18:25 - 2014-07-26 18:25 - 00000000 ____D () C:\Users\Finanzdienstleistung\AppData\Roaming\AVAST Software
2014-07-26 18:25 - 2014-07-26 18:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-07-26 18:25 - 2014-07-26 18:24 - 00414520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-07-26 18:24 - 2014-07-26 18:24 - 00779536 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-07-26 18:24 - 2014-07-26 18:24 - 00414392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1406391900125
2014-07-26 18:24 - 2014-07-26 18:24 - 00276432 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-07-26 18:24 - 2014-07-26 18:24 - 00192352 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-07-26 18:24 - 2014-07-26 18:24 - 00081768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-07-26 18:24 - 2014-07-26 18:24 - 00071944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-07-26 18:24 - 2014-07-26 18:24 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-07-26 18:24 - 2014-07-26 18:24 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-07-26 18:24 - 2014-07-26 18:24 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-07-26 18:24 - 2014-07-26 18:24 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-07-26 18:24 - 2014-07-26 18:24 - 00000000 ___DC () C:\Program Files\AVAST Software
2014-07-26 18:24 - 2014-07-26 18:22 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-07-26 18:22 - 2014-07-26 18:21 - 91906368 _____ (AVAST Software) C:\Users\Finanzdienstleistung\Downloads\avast_free_antivirus_setup_9_0_2021 (1).exe
2014-07-26 18:13 - 2013-10-23 18:31 - 00000324 _____ () C:\Windows\Tasks\FoxTab.job
2014-07-26 18:03 - 2014-07-26 18:03 - 00015859 _____ () C:\Users\Finanzdienstleistung\Desktop\dds.txt
2014-07-26 18:03 - 2014-07-26 18:03 - 00010942 _____ () C:\Users\Finanzdienstleistung\Desktop\attach.txt
2014-07-26 18:01 - 2011-07-21 11:08 - 14015488 ___SH () C:\Users\Finanzdienstleistung\Downloads\Thumbs.db
2014-07-26 18:01 - 2009-07-14 06:34 - 00019568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-26 18:01 - 2009-07-14 06:34 - 00019568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-26 18:00 - 2014-07-26 17:59 - 00700783 ____R (Swearware) C:\Users\Finanzdienstleistung\Downloads\dds+.exe
2014-07-26 18:00 - 2010-01-04 16:26 - 01635182 _____ () C:\Windows\WindowsUpdate.log
2014-07-26 17:57 - 2012-02-05 15:05 - 00000000 ____D () C:\Users\Finanzdienstleistung\AppData\Roaming\Dropbox
2014-07-26 17:56 - 2014-02-15 10:11 - 00333034 _____ () C:\Windows\PFRO.log
2014-07-26 17:56 - 2014-02-15 10:11 - 00007840 _____ () C:\Windows\setupact.log
2014-07-26 17:56 - 2013-06-03 01:58 - 00000350 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2014-07-26 17:56 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-26 17:47 - 2014-07-26 17:47 - 04845176 _____ (AVAST Software) C:\Users\Finanzdienstleistung\Downloads\avast_clear.exe
2014-07-26 17:33 - 2012-03-09 12:29 - 00000000 ____D () C:\ProgramData\Avira
2014-07-25 11:11 - 2014-02-14 21:43 - 00001059 _____ () C:\Users\Finanzdienstleistung\Desktop\Dropbox.lnk
2014-07-25 11:11 - 2012-02-05 15:06 - 00000000 ____D () C:\Users\Finanzdienstleistung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-07-24 23:18 - 2014-07-24 02:10 - 00000000 ____D () C:\ProgramData\OvmaTmed
2014-07-24 22:50 - 2014-02-20 19:33 - 00000000 ___DC () C:\Program Files\Microsoft Silverlight
2014-07-24 22:50 - 2012-05-09 09:25 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-07-24 22:15 - 2012-03-14 23:17 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-07-24 18:44 - 2014-07-24 02:11 - 00000000 ____D () C:\ProgramData\ItogiVhovu
2014-07-24 17:15 - 2014-07-24 17:13 - 143880056 _____ () C:\Users\Gast\Downloads\avira_free_antivirus_de_464.exe
2014-07-24 16:12 - 2014-07-21 15:28 - 00000000 ___DC () C:\Program Files\NÜRNBERGER AutoUpdater
2014-07-24 16:12 - 2014-07-21 15:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NÜRNBERGER AutoUpdater
2014-07-24 14:19 - 2011-05-23 10:14 - 13268992 ___SH () C:\Users\Finanzdienstleistung\Desktop\Thumbs.db
2014-07-24 03:01 - 2014-02-20 19:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-24 01:18 - 2014-02-17 18:21 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-07-24 00:38 - 2014-07-24 00:37 - 91906368 _____ (AVAST Software) C:\Users\Finanzdienstleistung\Downloads\avast_free_antivirus_setup_9_0_2021.exe
2014-07-23 22:55 - 2011-08-07 11:12 - 00000046 _____ () C:\Windows\PCCT.INI
2014-07-23 22:08 - 2013-08-16 03:02 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-23 21:33 - 2014-07-21 02:22 - 00000000 ____D () C:\ProgramData\OkhoHamu
2014-07-23 21:33 - 2009-10-14 05:07 - 00000000 ____D () C:\Windows\Panther
2014-07-23 12:40 - 2014-07-23 12:40 - 00000000 ____D () C:\Users\Finanzdienstleistung\AppData\Roaming\DesktopIconGoodgame
2014-07-23 12:33 - 2013-08-09 12:13 - 00000000 ____D () C:\ProgramData\Package Cache
2014-07-23 11:41 - 2014-07-22 15:18 - 00000000 ____D () C:\Users\Finanzdienstleistung\Desktop\Schad
2014-07-23 11:21 - 2013-10-27 12:54 - 00111984 _____ () C:\Users\Finanzdienstleistung\AppData\Local\GDIPFONTCACHEV1.DAT
2014-07-23 01:32 - 2009-11-10 20:44 - 01653464 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-22 15:22 - 2014-06-24 15:37 - 00000000 ____D () C:\Users\Finanzdienstleistung\Desktop\Lämmle
2014-07-21 17:07 - 2014-07-21 17:07 - 00000000 ____D () C:\ProgramData\firebird
2014-07-21 17:06 - 2014-07-21 17:06 - 00000000 ____D () C:\Users\Finanzdienstleistung\AppData\Roaming\NUERNBERGER
2014-07-21 17:06 - 2010-01-06 13:28 - 00000000 ____D () C:\Users\Finanzdienstleistung\Desktop\KV
2014-07-21 17:05 - 2014-07-21 17:05 - 00000000 ____D () C:\Users\Finanzdienstleistung\Documents\NuernbergerBT
2014-07-21 17:05 - 2014-07-21 17:05 - 00000000 ____D () C:\Users\Finanzdienstleistung\AppData\Local\Nuernberger_Versicherungs
2014-07-21 15:51 - 2013-10-27 11:20 - 00423168 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-21 15:29 - 2010-01-06 13:35 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-07-21 15:28 - 2011-02-13 15:04 - 00000000 ____D () C:\Program Files\NuernbergerBT
2014-07-21 15:28 - 2010-12-09 12:39 - 00000000 ____D () C:\Users\Finanzdienstleistung\AppData\Local\Downloaded Installations
2014-07-21 15:28 - 2010-04-16 22:02 - 00000000 ____D () C:\ProgramData\Nuernberger
2014-07-21 15:27 - 2010-01-19 16:55 - 00000000 ____D () C:\temp
2014-07-21 15:25 - 2014-07-21 15:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NÜRNBERGER BTnet 02.2014
2014-07-21 15:16 - 2014-07-21 15:16 - 00000000 ____D () C:\Users\Finanzdienstleistung\AppData\Roaming\Keseling
2014-07-21 14:38 - 2011-07-05 16:36 - 00000000 ____D () C:\Users\Finanzdienstleistung\Desktop\Kundenangebote
2014-07-21 11:42 - 2014-07-21 11:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alte Leipziger Verbund
2014-07-21 11:42 - 2011-03-06 16:22 - 00000000 ____D () C:\Program Files\Common Files\AlteLeipziger
2014-07-21 11:30 - 2014-07-21 11:27 - 00000000 ____D () C:\Windows\Downloaded Installations
2014-07-21 10:27 - 2014-07-19 23:00 - 00000000 ____D () C:\ProgramData\IvqeKjaqu
2014-07-20 15:49 - 2013-08-31 22:28 - 00000000 ____D () C:\Users\Finanzdienstleistung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppsHat
2014-07-19 16:23 - 2014-07-19 16:23 - 00012313 _____ () C:\Users\Finanzdienstleistung\Downloads\Abrechnung Garbpflege 2014.xlsx
2014-07-19 16:23 - 2014-07-19 16:23 - 00012313 _____ () C:\Users\Finanzdienstleistung\Downloads\Abrechnung Garbpflege 2014 (1).xlsx
2014-07-14 06:11 - 2014-07-10 22:19 - 00000000 ____D () C:\Users\Finanzdienstleistung\Desktop\Neuer Ordner (4)
2014-07-14 06:08 - 2009-07-14 06:52 - 00000000 ____D () C:\Windows\twain_32
2014-07-12 19:44 - 2011-05-12 21:16 - 00013824 _____ () C:\Users\Finanzdienstleistung\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-07-12 10:55 - 2010-04-29 21:30 - 00000000 ____D () C:\Users\Finanzdienstleistung\AppData\Roaming\CameraWindowDC
2014-07-12 10:55 - 2010-04-29 21:25 - 00000000 ____D () C:\Users\Finanzdienstleistung\AppData\Roaming\ZoomBrowser EX
2014-07-11 15:28 - 2013-01-30 23:51 - 00000000 ____D () C:\Users\Finanzdienstleistung\Desktop\Selbstdarstellung
2014-07-11 03:06 - 2014-07-11 03:06 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-11 03:05 - 2010-01-04 16:43 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-10 22:57 - 2014-07-09 12:21 - 00000000 ____D () C:\Users\Finanzdienstleistung\Desktop\Neuer Ordner (3)
2014-07-10 15:40 - 2014-07-10 15:40 - 00000000 ____D () C:\Users\Finanzdienstleistung\Desktop\Lisa ****
2014-07-09 12:36 - 2012-04-12 23:28 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-07-09 12:36 - 2011-09-24 22:43 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-07-08 17:52 - 2014-04-27 14:10 - 00000000 ____D () C:\Users\Finanzdienstleistung\Desktop\Neuer Ordner
2014-07-08 15:22 - 2014-06-26 14:46 - 00000000 ____D () C:\Users\Finanzdienstleistung\Desktop\Neuer Ordner (2)
2014-07-08 12:01 - 2014-06-02 12:46 - 00000000 ____D () C:\Users\Finanzdienstleistung\Desktop\Neubewerbg. Komp
2014-07-01 03:38 - 2014-07-10 09:40 - 00402944 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-01 03:35 - 2014-07-10 09:40 - 00303104 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-29 19:40 - 2014-06-28 22:24 - 00000000 ____D () C:\ProgramData\AyruHcalz
2014-06-29 19:40 - 2009-07-14 04:37 - 00000000 __RSD () C:\Windows\Media
2014-06-29 17:53 - 2012-03-09 12:09 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-29 17:41 - 2012-03-09 12:09 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-06-29 17:38 - 2013-12-13 01:44 - 00000000 ___DC () C:\Program Files\Mobogenie
2014-06-29 14:04 - 2013-11-26 17:32 - 00000000 ____D () C:\Users\Finanzdienstleistung\Desktop\Freedom
2014-06-29 14:04 - 2013-11-22 11:28 - 00000000 ____D () C:\Users\Finanzdienstleistung\Desktop\Verschiedenes
2014-06-26 17:38 - 2009-10-14 04:21 - 93585272 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

Files to move or delete:
====================
C:\Users\Finanzdienstleistung\dxdllreg.exe
C:\Users\Finanzdienstleistung\infinst.exe
C:\Users\Public\AlexaNSISPlugin.4228.dll


Some content of TEMP:
====================
C:\Users\Finanzdienstleistung\AppData\Local\Temp\avgnt.exe
C:\Users\Finanzdienstleistung\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmplstbis.dll
C:\Users\Finanzdienstleistung\AppData\Local\Temp\GLB1A2B.EXE
C:\Users\Finanzdienstleistung\AppData\Local\Temp\unwise.exe
C:\Users\Gast\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-18 00:25

==================== End Of Log ============================
         
--- --- ---
__________________

Alt 26.07.2014, 20:41   #4
Trigant
 
Windows 7 - Malware gefunden - regsrv32 - Fehlermeldung bei Systemboot - Standard

Windows 7 - Malware gefunden - regsrv32 - Fehlermeldung bei Systemboot



addition.txt
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version:25-07-2014
Ran by Finanzdienstleistung at 2014-07-26 19:10:47
Running from C:\Users\Finanzdienstleistung\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 Update for Microsoft Office 2007 (KB2508958) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )
Adobe Flash Player 14 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Advertising Center (Version: 0.0.0.2 - Nero AG) Hidden
ALTE LEIPZIGER Beratungssoftware 06.2014 Standard (HKLM\...\{50E417E9-EEAE-4F9E-A8D3-4776A41BCA9D}) (Version: 44.00.0000 - ALTE LEIPZIGER Lebensversicherung a.G.)
ALTE LEIPZIGER Taa 8.16 (HKLM\...\{94DD2B71-D143-4221-AC56-3BE562FFC35D}) (Version: 2.16.0000 - ALTE LEIPZIGER Lebensversicherung a.G.)
Audacity 1.2.6 (HKLM\...\Audacity_is1) (Version:  - )
Audio Converter Packages (HKCU\...\Audio Converter Packages) (Version:  - ) <==== ATTENTION
Audiograbber 1.83 SE  (HKLM\...\Audiograbber) (Version: 1.83 SE  - Audiograbber)
Audiograbber MP3-Plugin (HKLM\...\Audiograbber-Lame) (Version: 1.0 - AG)
Aureon 5.1 Fun ControlPanel (HKLM\...\{17A87ED9-129A-4516-A3BF-5E513D23C3BB}) (Version:  - )
avast! Free Antivirus (HKLM\...\Avast) (Version: 9.0.2021 - AVAST Software)
Brother MFL-Pro Suite MFC-5490CN (HKLM\...\{48D082B9-18F6-4426-AFAC-8B6A3E7021B1}) (Version: 1.0.1.0 - Brother Industries, Ltd.)
Brother MFL-Pro Suite MFC-5890CN (HKLM\...\{20E970DF-A7B2-4345-9DEB-72213A29645E}) (Version: 1.0.1.0 - Brother Industries, Ltd.)
BTnet (Version: 14.02.1 - NÜRNBERGER Beratungstechnologie) Hidden
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM\...\CANON iMAGE GATEWAY Task) (Version: 1.6.0.12 - Canon Inc.)
Canon Internet Library for ZoomBrowser EX (HKLM\...\Canon Internet Library for ZoomBrowser EX) (Version: 1.6.2.7 - Canon Inc.)
Canon MOV Decoder (HKLM\...\Canon MOV Decoder) (Version: 1.0.0.65 - Canon Inc.)
Canon Utilities CameraWindow (HKLM\...\CameraWindowLauncher) (Version: 7.1.0.2 - Canon Inc.)
Canon Utilities CameraWindow DC (HKLM\...\CameraWindowDC) (Version: 7.2.0.10 - Canon Inc.)
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX (HKLM\...\CameraWindowDVC6) (Version: 6.4.2.16 - Canon Inc.)
Canon Utilities MyCamera (HKLM\...\MyCamera) (Version: 7.0.0.3 - Canon Inc.)
Canon Utilities MyCamera DC (HKLM\...\MyCameraDC) (Version: 7.1.0.4 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM\...\PhotoStitch) (Version: 3.1.22.46 - Canon Inc.)
Canon Utilities RemoteCapture Task for ZoomBrowser EX (HKLM\...\RemoteCaptureTask) (Version: 1.7.1.9 - Canon Inc.)
Canon Utilities ZoomBrowser EX (HKLM\...\ZoomBrowser EX) (Version: 6.2.0.29 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (HKLM\...\ZoomBrowser EX Memory Card Utility) (Version: 1.2.0.9 - Canon Inc.)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.3 - Dropbox, Inc.)
DS-Serienbrief 1.0 (HKLM\...\DS-Serienbrief 1.0) (Version:  - )
EPSON Attach To Email (Version: 1.01.0000 - SEIKO EPSON) Hidden
Euro Canada Life Quotation System (Version: 11.0 - Canada Life Assurance (Irl) Ltd) Hidden
Free PDF to Word Doc Converter v1.1 (HKLM\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
Google Chrome (HKLM\...\Google Chrome) (Version: 30.0.1599.101 - Google Inc.)
Google Drive (HKLM\...\{A8CFAE35-66DD-4B4B-A4B9-279D52BD8F86}) (Version: 1.15.6430.6825 - Google, Inc.)
Google Earth (HKLM\...\{28E82311-8616-11E1-BEB0-B8AC6F97B88E}) (Version: 6.2.2.6613 - Google)
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
HanseMerkur-Tarife (HKLM\...\HanseMerkur-Tarife) (Version:  - )
i.S^2 Runtime 1.5.0_16 (Version: 1.50.0016 - Intelligent Solution Services AG) Hidden
InterRisk WinRisk Smart-Client 5.0.0 (HKLM\...\{1555B355-8B08-41F9-88FD-5C028A012E6E}) (Version: 5.0.125.0 - InterRisk Versicherungs-AG Vienna Insurance Group, InterRisk Lebensversicherungs-AG Vienna Insurance Group)
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
Java Auto Updater (Version: 2.0.6.1 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 30 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216020FF}) (Version: 6.0.300 - Sun Microsystems, Inc.)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30320 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30320 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM\...\{307a22b8-8353-4c5e-b67b-2404c5734558}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 30.0 (x86 de) (HKLM\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NAVIGON Fresh 3.3.2 (HKLM\...\NAVIGON Fresh) (Version: 3.3.2 - NAVIGON)
Nero 9 Lite (HKLM\...\{95cc3ace-a6fb-4b1b-a23f-e13c129e6f76}) (Version:  - Nero AG)
Nero ControlCenter (Version: 9.0.0.1 - Nero AG) Hidden
Nero Installer (Version: 4.4.9.0 - Nero AG) Hidden
Nero Online Upgrade (Version: 1.3.0.0 - Nero AG) Hidden
Nero StartSmart (Version: 9.4.31.100 - Nero AG) Hidden
neroxml (Version: 1.0.0 - Nero AG) Hidden
NÜRNBERGER AutoUpdater (HKLM\...\{366D38BF-E12D-48FB-9F01-EEF3E7DCADEF}) (Version: 1.4 - NÜRNBERGER Versicherungsgruppe)
NÜRNBERGER AVB_Steuerung_Dope (Version: 14.02.1 - NÜRNBERGER Versicherungsgruppe) Hidden
NÜRNBERGER Beratungstechnologie BTplus 01/2011 (HKLM\...\{6E176203-DE71-454F-A735-73DE95853CEE}) (Version: 1.00.0000 - NÜRNBERGER Versicherungsgruppe)
NÜRNBERGER Beratungstechnologie Version 03.2010 Einzelplatz (HKLM\...\{AA259E30-3918-4AE2-A969-3D155A5112A8}) (Version: BT-Version 03.2010 - Nuernberger)
NÜRNBERGER BTnet 02.2014 (HKLM\...\{38D5E4F6-057B-4EEC-9856-8717C93BCDCF}) (Version: 14.02.1 - NÜRNBERGER Beratungstechnologie)
NÜRNBERGER DOKnet (HKLM\...\{6588F598-F01F-4DF9-BE89-DAEA037BE4DD}) (Version: 14.02.1 - NÜRNBERGER Beratungstechnologie)
NÜRNBERGER PortCommunication BtNet (HKLM\...\{76778E24-C677-4A7C-8602-89E0C3AD349E}) (Version: 14.02.1 - NÜRNBERGER Beratungstechnologie)
NÜRNBERGER StepOver eSignatureOffice45 (HKLM\...\{330AEB9B-5B34-4B84-B7E8-92D3FE1CF1E2}) (Version: 1.02.0003 - NÜRNBERGER Beratungstechnologie on behalf of StepOver GmbH)
PaperPort Image Printer (HKLM\...\{2BC2781A-F7F6-452E-95EB-018A522F1B2C}) (Version: 1.00.0000 - Nuance Communications, Inc.)
PC Tools Spyware Doctor with AntiVirus 9.0 (HKLM\...\Spyware Doctor) (Version: 9.0 - PC Tools)
PDF Experte 9 (HKLM\...\{1B9D9CB3-A817-4f3e-B018-5C0967D5B424}) (Version: 9.00 - Avanquest)
QuickTime (HKLM\...\{0E64B098-8018-4256-BA23-C316A43AD9B0}) (Version: 7.72.80.56 - Apple Inc.)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM\...\RealPlayer 15.0) (Version:  - RealNetworks)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
ScanSoft PaperPort 11 (HKLM\...\{02570AE0-BEE0-4A6C-BE3F-D806E9F2EA17}) (Version: 11.2.0000 - Nuance Communications, Inc.)
Softfair Lotse (HKLM\...\{621B15AE-81B6-4CEE-81AC-1A3E10E4AD51}) (Version: 11.242 - Softfair GmbH)
TeamViewer 9 (HKLM\...\TeamViewer 9) (Version: 9.0.28223 - TeamViewer)
ThomasLloyd Angebotsrechner (HKLM\...\{862BD6A8-0749-4A99-9D59-52788987527D}) (Version: 1.1.1.0 - testroom.de)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2473228) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (HKLM\...\{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (HKLM\...\{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (HKLM\...\{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2883030) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{F5DCAB53-C2FD-4E5A-8C83-0F37485E5E89}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VLC media player 1.1.11 (HKLM\...\VLC media player) (Version: 1.1.11 - VideoLAN)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Finanzdienstleistung\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-FFFF-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-FFFF-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-FFFF-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{E19F9331-3110-11D4-991C-005004D3B3DB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Finanzdienstleistung\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Finanzdienstleistung\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Finanzdienstleistung\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Finanzdienstleistung\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Finanzdienstleistung\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Finanzdienstleistung\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Finanzdienstleistung\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Finanzdienstleistung\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

26-07-2014 16:23:54 avast! antivirus system restore point

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2010-06-27 12:57 - 00001304 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 activate.***.com
127.0.0.1 practivate.***.com
127.0.0.1 ereg.***.com
127.0.0.1 activate.wip3.***.com
127.0.0.1 wip3.***.com
127.0.0.1 3dns-3.***.com
127.0.0.1 3dns-2.***.com
127.0.0.1 adobe-dns.***.com
127.0.0.1 adobe-dns-2.***.com
127.0.0.1 adobe-dns-3.***.com
127.0.0.1 ereg.wip3.***.com
127.0.0.1 activate-sea.***.com
127.0.0.1 wwis-dubc1-vip60.***.com
127.0.0.1 activate-sjc0.***.com
127.0.0.1 wwis-dubc1-vip60.***.com


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0800BDCE-97C9-4CEE-9B00-4A9A2C96755B} - System32\Tasks\{8D4BEB78-319E-45AE-AC6E-8F2D55078189} => C:\Program Files\DSSerie\dsserie.exe [1997-03-25] ()
Task: {09F87CB1-D57D-4DE6-B572-0A796A78711D} - System32\Tasks\{0A31AA6C-E1F0-440B-814C-ADCAB81F7C4B} => C:\Program Files\DSSerie\dsserie.exe [1997-03-25] ()
Task: {0B3C22FA-37D8-4F3C-A1AD-7659CE6071AE} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-26] (AVAST Software)
Task: {156E8133-9221-4D0A-AEF2-6A682B6BCD9E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-04-22] (Google Inc.)
Task: {1F856117-6EC8-48A4-B6D1-73958FF25C93} - System32\Tasks\{50AE56F6-9976-45B4-8C04-3DCF1368D7B8} => I:\DSSerie\dsserie.exe
Task: {201B6540-4AE9-4D6B-97EC-6E34267A5F77} - System32\Tasks\{A96EB9CB-4B3A-4689-99AC-C2ECB0DAAED5} => I:\Spyware Doctor\pctsGui.exe
Task: {27AEAA9C-9936-4526-8756-F8C2C7153544} - System32\Tasks\4810 => Wscript.exe C:\Users\FINANZ~1\AppData\Local\Temp\launchie.vbs //B
Task: {373EFCDC-C011-4F29-950C-C0E094B48E26} - System32\Tasks\{CBA23E9D-3CE2-4AB0-A346-8B91E28BC271} => D:\DSSerie\dsserie.exe [1997-03-25] ()
Task: {39686FD2-32AB-4060-9C22-2D0A54338230} - System32\Tasks\{3FFE83E5-4276-40DB-AE4A-BB4532FFA7B5} => C:\Program Files\DSSerie\dsserie.exe [1997-03-25] ()
Task: {3AF0507A-13FA-45BE-99DC-70C2C382F653} - System32\Tasks\Omiga Plus RunAsStdUser => C:\Program Files\Omiga Plus\omigaplus.exe
Task: {4E0AAF3C-9684-4556-B0DA-196B205D7B29} - System32\Tasks\{46304983-0955-46F2-BDC8-58B5CBC8BF8A} => C:\Program Files\DSSerie\dsserie.exe [1997-03-25] ()
Task: {547756E4-47BC-4B01-8B82-9699E67080ED} - System32\Tasks\{7CD32BE2-DD26-473F-B3F0-216CCA25B310} => D:\DSSerie\dsserie.exe [1997-03-25] ()
Task: {561068DF-8F90-48DC-9CFD-3DC9275FAAFB} - System32\Tasks\{D7AE284B-C1C2-4F70-9BBC-D744BBDEA753} => C:\Program Files\DSSerie\dsserie.exe [1997-03-25] ()
Task: {57E47742-0739-4EAE-8370-777DB8A64D2F} - System32\Tasks\Desk 365 RunAsStdUser => C:\Program Files\Desk 365\desk365.exe <==== ATTENTION
Task: {588E8D26-5D60-4415-952B-41C638678A14} - System32\Tasks\{B45B9362-6B51-438B-B239-682E2CF5B96F} => D:\DSSerie\dsserie.exe [1997-03-25] ()
Task: {5BE9F9F5-7417-460E-85F6-DEC8EAE92A0D} - System32\Tasks\{C2910B02-F2A5-414D-A3A4-2111A6F08EE6} => Firefox.exe 
Task: {6625770B-4656-49E9-A425-72C0A17F4659} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv => C:\Windows\TEMP\{63440F8E-C870-463A-A1DF-676EF5002FFB}.exe
Task: {6C73B7F0-8187-422E-8255-9736C5A668A2} - System32\Tasks\{99541A62-DA7A-44A9-B386-00FE02AE3E55} => I:\Spyware Doctor\pctsGui.exe
Task: {6CF15620-80A6-4F55-A524-690F166E8A71} - \DealPly No Task File <==== ATTENTION
Task: {6ECD09E0-C659-4A0B-9327-D21FBCEECEEE} - System32\Tasks\{9CDD439D-342A-44A1-AB0D-CC9324D11B99} => I:\DSSerie\dsserie.exe
Task: {72312C09-E22E-4A85-BB14-980D51C62B67} - System32\Tasks\{3588CF46-859C-48D4-8088-08A2B091019F} => C:\Program Files\InterRisk\WinRiskXA\smart\client\bin\BWCLRHost.exe [2012-04-18] ()
Task: {7266EA21-7AFE-4A8B-8104-68B84AEEACFE} - System32\Tasks\{197B1E0C-695F-4703-B97D-DA41536C115F} => C:\Program Files\InterRisk\WinRiskXA\smart\client\bin\BWCLRHost.exe [2012-04-18] ()
Task: {730EA101-9892-4183-A928-C0E15DEDEFB6} - System32\Tasks\{9B9465C7-A869-411C-AFCF-B99246E6FF69} => C:\Program Files\DSSerie\dsserie.exe [1997-03-25] ()
Task: {735864F7-13E7-4877-8034-7C2386940BA6} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-06-09] (Sun Microsystems, Inc.)
Task: {74576F9F-B2EE-4CA9-BB48-DB7B7DCF3486} - \BonanzaDealsUpdate No Task File <==== ATTENTION
Task: {7B67C700-2E5A-4DB9-9C5E-DE374A1890EE} - System32\Tasks\RegClean Pro => C:\Program Files\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: {7D16DB16-3B77-4178-912A-C1A892D87D71} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-621612078-4285812529-1901443770-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2012-03-30] (RealNetworks, Inc.)
Task: {7F3EC170-A101-49EF-8AA0-C847CBB8DB23} - System32\Tasks\{BAF9F733-2580-4E30-B41A-340029DC64F9} => I:\Spyware Doctor\pctsGui.exe
Task: {8B08311F-DF34-49F2-86F4-797A31A6D6EA} - System32\Tasks\{2F754E03-990D-4018-B099-5217F8C71379} => C:\Program Files\DSSerie\dsserie.exe [1997-03-25] ()
Task: {8C6546B7-0529-4300-A91B-1B8D60F34ECF} - System32\Tasks\{36B38E53-875A-4808-9B2E-712FB0796629} => I:\Spyware Doctor\pctsGui.exe
Task: {9810DC5A-F99A-4DBE-85FC-1D01873BA76B} - System32\Tasks\PC Rambazamba => C:\Program Files\Langmeier Software\PC Rambazamba\pcrambazamba.exe
Task: {9F3F9974-E84B-42C4-9422-90F0E6B5830F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-04-22] (Google Inc.)
Task: {A43AACA6-58BB-42F0-8DBC-7AEC876AFB5A} - System32\Tasks\{4C6C508D-B120-4FB3-B651-182D1D535E9A} => I:\DSSerie\dsserie.exe
Task: {A58394ED-8F35-448C-BDC2-5B6DB2B8527A} - System32\Tasks\DigitalSite => C:\Users\FINANZ~1\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {A8D9BB84-1BEF-47BB-BC27-D25171B17918} - System32\Tasks\ScanSoft Background Update => C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25] (Nuance Communications, Inc.)
Task: {AF9F2BA8-2326-4848-B49B-DC93993C915D} - System32\Tasks\{3980DFED-3A7E-4149-B775-03540974752F} => E:\SETUP.EXE
Task: {B2D2035F-59B8-4E7E-A9DD-012C180DF30E} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-621612078-4285812529-1901443770-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2012-03-30] (RealNetworks, Inc.)
Task: {B3D0AADD-5400-49CD-96A0-FB8B4DF90600} - System32\Tasks\{6BDC786D-1991-4FE9-808C-780E4099BABF} => I:\Spyware Doctor\pctsGui.exe
Task: {BEA136EB-6487-443F-A9A9-56AE9E224BB5} - System32\Tasks\{76421555-1C91-4D67-86BC-4F6BDDB168FD} => I:\Spyware Doctor\pctsGui.exe
Task: {C0E466E1-D2C5-4A04-8308-E934D81313E3} - System32\Tasks\{ED8F9645-048D-4C99-885B-794912BD16EF} => C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
Task: {CD3DC63A-D68D-43DE-9A78-B7F1EA8AFC43} - System32\Tasks\{450197FF-AB1B-4D6E-83E8-83CD212CC348} => C:\Program Files\DSSerie\dsserie.exe [1997-03-25] ()
Task: {D1D34904-C141-4D10-98C6-97D5E3031B99} - System32\Tasks\{B01B5A3A-089D-4CB2-81F1-2240D8578885} => D:\DSSerie\dsserie.exe [1997-03-25] ()
Task: {DA766055-4431-4AAA-939C-F573082C4055} - System32\Tasks\{A67DB163-030A-4622-A776-914B79FA449B} => Firefox.exe 
Task: {DA862898-F9D7-4B03-82A2-0F791177853E} - System32\Tasks\{B2AF73F5-4F9D-4775-9886-9CBD816C900C} => I:\DSSerie\dsserie.exe
Task: {DB8D2DB8-1BE5-4FE3-898F-D4C1EE6943C8} - System32\Tasks\{7065390D-E143-4436-906B-19AE6C35ED8B} => Firefox.exe 
Task: {DCEE809D-222D-41EA-8332-DA4CEB6D4272} - System32\Tasks\{31D8469A-9E24-4AC4-AF98-0545F39326B8} => D:\DSSerie\dsserie.exe [1997-03-25] ()
Task: {DD85EBC3-36A5-43BB-AEEF-EFC645F9AF0F} - System32\Tasks\{9837FEA4-6D37-4B27-99FC-3F53C5453241} => C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
Task: {E12C3928-B99C-4578-831B-74DCF0BE5AB5} - System32\Tasks\{B540221E-306B-476F-A1A7-A068CF1BDC0B} => C:\Program Files\DSSerie\dsserie.exe [1997-03-25] ()
Task: {E25B105E-D764-4901-9FF5-5905A4296080} - System32\Tasks\{DDBC9066-C82C-4C51-A6C5-FCB56B49A44B} => C:\Program Files\DSSerie\dsserie.exe [1997-03-25] ()
Task: {E2C41716-D59B-4A4D-9D92-E521E5D5D1A1} - System32\Tasks\FoxTab => C:\Users\FINANZ~1\AppData\Roaming\FoxTab\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {E4B39D63-8A78-47F4-AFE2-2BA22417B981} - System32\Tasks\{5E7ECBC0-60CC-408D-B69A-F89E981F8F64} => C:\Program Files\DSSerie\dsserie.exe [1997-03-25] ()
Task: {E55ECDCF-292E-44B2-8BC8-B6A67B718E2F} - System32\Tasks\MetaCrawler => C:\Users\FINANZ~1\AppData\Roaming\METACR~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {E875D61F-9C25-411D-AE85-32C785D929B4} - System32\Tasks\{AF35A6D5-0114-4101-96AC-964570DC74FA} => I:\DSSerie\dsserie.exe
Task: {ED11792D-C540-4A05-91B9-3911C2E653C3} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {F2419A4A-5DFF-4B2F-ABBC-D8A650BBA983} - System32\Tasks\{C9E4188B-4BB9-438F-8889-52E5AC91256D} => C:\Program Files\DSSerie\dsserie.exe [1997-03-25] ()
Task: {F44AB8E9-1062-4989-BE99-B6FB48595D92} - System32\Tasks\{7EB6637D-0D11-4525-A75A-4FE7C2A4CEAC} => C:\Program Files\DSSerie\dsserie.exe [1997-03-25] ()
Task: {F50286C8-ACF1-410D-A1C1-EF2E93CB0D74} - System32\Tasks\{A49472EE-CC08-4303-B54A-F62188F94035} => E:\SETUP.EXE
Task: {FB1D98B5-39CD-49F2-B3B9-0BF07116247D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: {FDB43303-9256-4792-A291-AD2461FA3BE6} - System32\Tasks\{1E36460E-3A82-4F40-B526-88640947F902} => D:\DSSerie\dsserie.exe [1997-03-25] ()
Task: {FE97F45C-5C44-498D-9A79-597303A2907B} - System32\Tasks\{3C76FFC4-5CB0-445B-B169-4DD8FA23E725} => E:\SETUP.EXE
Task: {FEE34C63-CFC5-4FBF-AA88-5DBE0F5D6CB3} - System32\Tasks\0 => Iexplore.exe 

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{63440F8E-C870-463A-A1DF-676EF5002FFB}.exe
Task: C:\Windows\Tasks\DigitalSite.job => C:\Users\FINANZ~1\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE
Task: C:\Windows\Tasks\FoxTab.job => C:\Users\FINANZ~1\AppData\Roaming\FoxTab\UPDATE~1\UPDATE~1.EXE
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\MetaCrawler.job => C:\Users\FINANZ~1\AppData\Roaming\METACR~1\UPDATE~1\UPDATE~1.EXE

==================== Loaded Modules (whitelisted) =============

2010-01-18 12:31 - 2001-10-28 17:42 - 00116224 _____ () C:\Windows\System32\pdfcmnnt.dll
2010-01-06 13:35 - 2009-02-27 17:38 - 00139264 ____R () C:\Program Files\Brother\BrUtilities\BrLogAPI.dll
2014-07-26 17:57 - 2014-07-26 17:57 - 00043008 _____ () c:\Users\Finanzdienstleistung\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmplstbis.dll
2013-10-19 01:55 - 2013-10-19 01:55 - 25100288 _____ () C:\Users\Finanzdienstleistung\AppData\Roaming\Dropbox\bin\libcef.dll
2014-07-26 17:57 - 2014-07-26 17:57 - 00098816 _____ () C:\Users\Finanzdienstleistung\AppData\Local\Temp\_MEI29962\win32api.pyd
2014-07-26 17:57 - 2014-07-26 17:57 - 00110080 _____ () C:\Users\Finanzdienstleistung\AppData\Local\Temp\_MEI29962\pywintypes27.dll
2014-07-26 17:57 - 2014-07-26 17:57 - 00364544 _____ () C:\Users\Finanzdienstleistung\AppData\Local\Temp\_MEI29962\pythoncom27.dll
2014-07-26 17:57 - 2014-07-26 17:57 - 00045568 _____ () C:\Users\Finanzdienstleistung\AppData\Local\Temp\_MEI29962\_socket.pyd
2014-07-26 17:57 - 2014-07-26 17:57 - 01159168 _____ () C:\Users\Finanzdienstleistung\AppData\Local\Temp\_MEI29962\_ssl.pyd
2014-07-26 17:57 - 2014-07-26 17:57 - 00320512 _____ () C:\Users\Finanzdienstleistung\AppData\Local\Temp\_MEI29962\win32com.shell.shell.pyd
2014-07-26 17:57 - 2014-07-26 17:57 - 00712704 _____ () C:\Users\Finanzdienstleistung\AppData\Local\Temp\_MEI29962\_hashlib.pyd
2014-07-26 17:57 - 2014-07-26 17:57 - 01175040 _____ () C:\Users\Finanzdienstleistung\AppData\Local\Temp\_MEI29962\wx._core_.pyd
2014-07-26 17:57 - 2014-07-26 17:57 - 00805888 _____ () C:\Users\Finanzdienstleistung\AppData\Local\Temp\_MEI29962\wx._gdi_.pyd
2014-07-26 17:57 - 2014-07-26 17:57 - 00811008 _____ () C:\Users\Finanzdienstleistung\AppData\Local\Temp\_MEI29962\wx._windows_.pyd
2014-07-26 17:57 - 2014-07-26 17:57 - 01062400 _____ () C:\Users\Finanzdienstleistung\AppData\Local\Temp\_MEI29962\wx._controls_.pyd
2014-07-26 17:57 - 2014-07-26 17:57 - 00735232 _____ () C:\Users\Finanzdienstleistung\AppData\Local\Temp\_MEI29962\wx._misc_.pyd
2014-07-26 17:57 - 2014-07-26 17:57 - 00128512 _____ () C:\Users\Finanzdienstleistung\AppData\Local\Temp\_MEI29962\_elementtree.pyd
2014-07-26 17:57 - 2014-07-26 17:57 - 00127488 _____ () C:\Users\Finanzdienstleistung\AppData\Local\Temp\_MEI29962\pyexpat.pyd
2014-07-26 17:57 - 2014-07-26 17:57 - 00557056 _____ () C:\Users\Finanzdienstleistung\AppData\Local\Temp\_MEI29962\pysqlite2._sqlite.pyd
2014-07-26 17:57 - 2014-07-26 17:57 - 00087552 _____ () C:\Users\Finanzdienstleistung\AppData\Local\Temp\_MEI29962\_ctypes.pyd
2014-07-26 17:57 - 2014-07-26 17:57 - 00119808 _____ () C:\Users\Finanzdienstleistung\AppData\Local\Temp\_MEI29962\win32file.pyd
2014-07-26 17:57 - 2014-07-26 17:57 - 00108544 _____ () C:\Users\Finanzdienstleistung\AppData\Local\Temp\_MEI29962\win32security.pyd
2014-07-26 17:57 - 2014-07-26 17:57 - 00018432 _____ () C:\Users\Finanzdienstleistung\AppData\Local\Temp\_MEI29962\win32event.pyd
2014-07-26 17:57 - 2014-07-26 17:57 - 00038912 _____ () C:\Users\Finanzdienstleistung\AppData\Local\Temp\_MEI29962\win32inet.pyd
2014-07-26 17:57 - 2014-07-26 17:57 - 00070656 _____ () C:\Users\Finanzdienstleistung\AppData\Local\Temp\_MEI29962\wx._html2.pyd
2014-07-26 17:57 - 2014-07-26 17:57 - 00167936 _____ () C:\Users\Finanzdienstleistung\AppData\Local\Temp\_MEI29962\win32gui.pyd
2014-07-26 17:57 - 2014-07-26 17:57 - 00011264 _____ () C:\Users\Finanzdienstleistung\AppData\Local\Temp\_MEI29962\win32crypt.pyd
2014-07-26 17:57 - 2014-07-26 17:57 - 00027136 _____ () C:\Users\Finanzdienstleistung\AppData\Local\Temp\_MEI29962\_multiprocessing.pyd
2014-07-26 17:57 - 2014-07-26 17:57 - 00122368 _____ () C:\Users\Finanzdienstleistung\AppData\Local\Temp\_MEI29962\wx._wizard.pyd
2014-07-26 17:57 - 2014-07-26 17:57 - 00010240 _____ () C:\Users\Finanzdienstleistung\AppData\Local\Temp\_MEI29962\select.pyd
2014-07-26 17:57 - 2014-07-26 17:57 - 00024064 _____ () C:\Users\Finanzdienstleistung\AppData\Local\Temp\_MEI29962\win32pipe.pyd
2014-07-26 17:57 - 2014-07-26 17:57 - 00686080 _____ () C:\Users\Finanzdienstleistung\AppData\Local\Temp\_MEI29962\unicodedata.pyd
2014-07-26 17:57 - 2014-07-26 17:57 - 00025600 _____ () C:\Users\Finanzdienstleistung\AppData\Local\Temp\_MEI29962\win32pdh.pyd
2014-07-26 17:57 - 2014-07-26 17:57 - 00525640 _____ () C:\Users\Finanzdienstleistung\AppData\Local\Temp\_MEI29962\windows._lib_cacheinvalidation.pyd
2014-07-26 17:57 - 2014-07-26 17:57 - 00035840 _____ () C:\Users\Finanzdienstleistung\AppData\Local\Temp\_MEI29962\win32process.pyd
2014-07-26 17:57 - 2014-07-26 17:57 - 00017408 _____ () C:\Users\Finanzdienstleistung\AppData\Local\Temp\_MEI29962\win32profile.pyd
2014-07-26 17:57 - 2014-07-26 17:57 - 00022528 _____ () C:\Users\Finanzdienstleistung\AppData\Local\Temp\_MEI29962\win32ts.pyd
2014-07-26 17:57 - 2014-07-26 17:57 - 00078336 _____ () C:\Users\Finanzdienstleistung\AppData\Local\Temp\_MEI29962\wx._animate.pyd
2013-10-26 15:33 - 2013-10-09 02:01 - 00698832 _____ () C:\Program Files\Google\Chrome\Application\30.0.1599.101\libglesv2.dll
2013-10-26 15:33 - 2013-10-09 02:01 - 00099792 _____ () C:\Program Files\Google\Chrome\Application\30.0.1599.101\libegl.dll
2013-10-26 15:33 - 2013-10-09 02:02 - 04055504 _____ () C:\Program Files\Google\Chrome\Application\30.0.1599.101\pdf.dll
2013-10-26 15:33 - 2013-10-09 02:02 - 00415184 _____ () C:\Program Files\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll
2013-10-26 15:33 - 2013-10-09 02:01 - 01604560 _____ () C:\Program Files\Google\Chrome\Application\30.0.1599.101\ffmpegsumo.dll
2014-07-26 18:24 - 2014-07-26 18:24 - 00301152 ____C () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-07-26 18:24 - 2014-07-26 18:24 - 02787840 ____C () C:\Program Files\AVAST Software\Avast\defs\14062601\algo.dll
2014-07-26 18:27 - 2014-07-26 18:27 - 02795008 ____C () C:\Program Files\AVAST Software\Avast\defs\14072600\algo.dll
2014-07-26 18:24 - 2014-07-26 18:24 - 19329904 ____C () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\ProgramData\TEMP:430C6D84
AlternateDataStreams: C:\ProgramData\TEMP:A8ADE5D8
AlternateDataStreams: C:\ProgramData\TEMP:AD022376
AlternateDataStreams: C:\ProgramData\TEMP:DFC5A2B2

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\46574612.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdAuxService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\46574612.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sdAuxService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sdCoreService => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)



HKU\S-1-5-21-621612078-4285812529-1901443770-1000\Software\Classes\.exe:  =>  <===== ATTENTION!

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Synchronizer => "C:\Program Files\Adobe\Reader 11.0\Reader\AdobeCollabSync.exe"
MSCONFIG\startupreg: AvastUI.exe => "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
MSCONFIG\startupreg: MobileDocuments => C:\Program Files\Common Files\Apple\Internet Services\ubd.exe

==================== Faulty Device Manager Devices =============

Name: ASPI32
Description: ASPI32
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: ASPI32
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/26/2014 06:24:00 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddLegacyDriverFiles: Unable to back up image of binary nelzzmgc.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (07/26/2014 06:23:54 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {73bd9f5b-f010-4909-a8bf-f7df24758f98}

Error: (07/25/2014 02:53:59 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2014/07/25 14:53:59.932]: [00000760]: Initialize TwdsMain Class failed!

Error: (07/25/2014 02:53:59 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2014/07/25 14:53:59.932]: [00000760]: ##### Fatal ERROR!! Create STI-device failed! #####

Error: (07/24/2014 10:37:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: googledrivesync.exe, Version: 1.15.6430.6825, Zeitstempel: 0x509418e4
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16915, Zeitstempel: 0x4ec49caf
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00051e86
ID des fehlerhaften Prozesses: 0xd90
Startzeit der fehlerhaften Anwendung: 0xgoogledrivesync.exe0
Pfad der fehlerhaften Anwendung: googledrivesync.exe1
Pfad des fehlerhaften Moduls: googledrivesync.exe2
Berichtskennung: googledrivesync.exe3

Error: (07/24/2014 02:22:43 PM) (Source: Chrome) (EventID: 1) (User: NT-AUTORITÄT)
Description: Chrome has encountered a fatal error.
ver=30.0.1599.101;lang=;guid=18D9BC66466A4F1FB9CB5F0727A6217D;is_machine=1;oop=1;upload=1;minidump=C:\Program Files\Google\CrashReports\14390b36-ef16-4e2c-bbd9-7e4023c39620.dmp

Error: (07/24/2014 00:38:46 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {71080f15-994e-4919-8414-c2184ff4f265}

Error: (07/23/2014 11:23:56 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\msiexec.exe /V; Beschreibung = Removed Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053; Fehler = 0x8004231f).

Error: (07/23/2014 11:20:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: _isDEBB.exe, Version: 12.0.0.49974, Zeitstempel: 0x4474907b
Name des fehlerhaften Moduls: _isDEBB.exe, Version: 12.0.0.49974, Zeitstempel: 0x4474907b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001e48b
ID des fehlerhaften Prozesses: 0xd30
Startzeit der fehlerhaften Anwendung: 0x_isDEBB.exe0
Pfad der fehlerhaften Anwendung: _isDEBB.exe1
Pfad des fehlerhaften Moduls: _isDEBB.exe2
Berichtskennung: _isDEBB.exe3

Error: (07/23/2014 11:19:18 AM) (Source: MsiInstaller) (EventID: 1013) (User: Klamm)
Description: Produkt: ALTE LEIPZIGER Taa 8.16 -- Es ist noch eine Anwendung installiert, die dieses Software-Modul benötigt. Die Deinstallation wird daher abgebrochen.


System errors:
=============
Error: (07/26/2014 06:58:59 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "\Device\HarddiskVolumeShadowCopy242" den Befehl "chkdsk" aus.

Error: (07/26/2014 06:03:18 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "\Device\HarddiskVolumeShadowCopy242" den Befehl "chkdsk" aus.

Error: (07/26/2014 05:57:51 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (07/26/2014 05:57:51 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (07/26/2014 05:57:51 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (07/26/2014 05:57:40 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (07/26/2014 05:56:42 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
TfFsMon
TFSysMon
[verify-U]_System

Error: (07/26/2014 05:56:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "PC Tools Security Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%3

Error: (07/26/2014 05:56:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "PC Tools Auxiliary Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%3

Error: (07/26/2014 05:56:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ASPI32" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2


Microsoft Office Sessions:
=========================
Error: (02/18/2014 07:25:47 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6690.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 7 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (11/21/2013 04:59:36 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 17 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (06/10/2013 08:26:39 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 23965 seconds with 60 seconds of active time.  This session ended with a crash.

Error: (05/17/2013 02:26:25 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 18 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (05/15/2013 09:59:40 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 6 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (03/21/2013 03:02:44 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 6 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (02/15/2013 00:02:20 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 7 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (10/30/2012 01:48:01 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6662.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 6 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (09/01/2010 05:48:52 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 58 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (01/06/2010 01:42:44 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 2436 seconds with 1440 seconds of active time.  This session ended with a crash.


==================== Memory info =========================== 

Percentage of memory in use: 60%
Total physical RAM: 2039.3 MB
Available physical RAM: 804.07 MB
Total Pagefile: 8239.3 MB
Available Pagefile: 6129.29 MB
Total Virtual: 2047.88 MB
Available Virtual: 1864.98 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:50 GB) (Free:2.14 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:415.75 GB) (Free:15.91 GB) NTFS
Drive f: () (Fixed) (Total:20 GB) (Free:11.69 GB) NTFS
Drive g: () (Fixed) (Total:50 GB) (Free:5.97 GB) NTFS
Drive h: () (Fixed) (Total:50 GB) (Free:35.63 GB) NTFS
Drive i: () (Fixed) (Total:112.88 GB) (Free:86.98 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 233 GB) (Disk ID: A647F507)
Partition 1: (Active) - (Size=20 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=213 GB) - (Type=OF Extended)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 1BF11BF1)
Partition 1: (Active) - (Size=50 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=416 GB) - (Type=OF Extended)

==================== End Of Log ============================
         

Alt 27.07.2014, 10:18   #5
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 7 - Malware gefunden - regsrv32 - Fehlermeldung bei Systemboot - Standard

Windows 7 - Malware gefunden - regsrv32 - Fehlermeldung bei Systemboot



Zitat:
127.0.0.1 activate.***.com
127.0.0.1 practivate.***.com
127.0.0.1 ereg.***.com
127.0.0.1 activate.wip3.***.com
127.0.0.1 wip3.***.com
127.0.0.1 3dns-3.***.com
127.0.0.1 3dns-2.***.com
127.0.0.1 adobe-dns.***.com
127.0.0.1 adobe-dns-2.***.com
127.0.0.1 adobe-dns-3.***.com
127.0.0.1 ereg.wip3.***.com
127.0.0.1 activate-sea.***.com
127.0.0.1 wwis-dubc1-vip60.***.com
127.0.0.1 activate-sjc0.***.com
127.0.0.1 wwis-dubc1-vip60.***.com
das hier bringt dich gar nit weit. Nicht nur geklaute Software benutzen, auch noch mit vorsatz die Anzeichen dazu im LOg editieren.......

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 27.07.2014, 10:45   #6
Trigant
 
Windows 7 - Malware gefunden - regsrv32 - Fehlermeldung bei Systemboot - Standard

Windows 7 - Malware gefunden - regsrv32 - Fehlermeldung bei Systemboot



Ich hätte nicht gedacht dass mir deswegen nicht geholfen werden kann. Oder irre ich mich da

Alt 27.07.2014, 14:01   #7
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 7 - Malware gefunden - regsrv32 - Fehlermeldung bei Systemboot - Standard

Windows 7 - Malware gefunden - regsrv32 - Fehlermeldung bei Systemboot



dir kann geholfen werden, sobald du alles gecrackte vom rechner entfernst. und wenn später doch noch was gefunden wird ist direkt schluss mit support.

Man solte die Forenregeln lesen die man bestätigt, und ich mach mich nicht mit strafbar.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 28.07.2014, 16:17   #8
Trigant
 
Windows 7 - Malware gefunden - regsrv32 - Fehlermeldung bei Systemboot - Standard

Windows 7 - Malware gefunden - regsrv32 - Fehlermeldung bei Systemboot



Hab gerade nachgeschaut: So wie es aussieht, war tatsächlich mal was gecracktes drauf, aber das wurde vor langer zeit gelöscht. ich habe die hosts datei bereinigt

Alt 29.07.2014, 07:33   #9
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 7 - Malware gefunden - regsrv32 - Fehlermeldung bei Systemboot - Standard

Windows 7 - Malware gefunden - regsrv32 - Fehlermeldung bei Systemboot



FRST öffnen, Haken setzen bei Addition und scannen, poste bitte beide Logfiles.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 29.07.2014, 16:25   #10
Trigant
 
Windows 7 - Malware gefunden - regsrv32 - Fehlermeldung bei Systemboot - Standard

Windows 7 - Malware gefunden - regsrv32 - Fehlermeldung bei Systemboot



FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:25-07-2014
Ran by Finanzdienstleistung (administrator) on KLAMM on 29-07-2014 17:09:04
Running from C:\Users\Finanzdienstleistung\Downloads
Platform: Microsoft Windows 7 Ultimate  (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
(NUERNBERGER Versicherungsgruppe) C:\Program Files\NuernbergerBT\BT.Net_Listener.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\Brmfcmon\BrMfcMon.exe
(NÜRNBERGER Versicherungsgruppe) C:\Program Files\NÜRNBERGER AutoUpdater\BT.Setup.Updater.TrayApp.exe
(Dropbox, Inc.) C:\Users\Finanzdienstleistung\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
(NUERNBERGER Versicherungsgruppe) C:\Program Files\NuernbergerBT\BT.Net_Listener.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
(BISS GmbH) C:\Program Files\InterRisk\WinRiskXA\smart\client\bin\BWUpdater.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(DT Soft Ltd) C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Desktop.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [93696 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [93696 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-621612078-4285812529-1901443770-1000\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [22414424 2014-04-03] (Google)
HKU\S-1-5-21-621612078-4285812529-1901443770-1000\...\Run: [IvqeKjaqu] => regsvr32.exe " 
HKU\S-1-5-21-621612078-4285812529-1901443770-1000\...\Run: [OyhiRalow] => regsvr32.exe " 
HKU\S-1-5-21-621612078-4285812529-1901443770-1000\...\Run: [OvmaTmed] => regsvr32.exe " 
HKU\S-1-5-21-621612078-4285812529-1901443770-1000\...\Run: [ItogiVhovu] => regsvr32.exe " 
HKU\S-1-5-21-621612078-4285812529-1901443770-1000\...\Policies\Explorer: [NoWelcomeScreen] 1
HKU\S-1-5-21-621612078-4285812529-1901443770-1000\...\MountPoints2: {df619162-ca5a-11e1-8fdb-404e57434401} - K:\LaunchU3.exe -a
HKU\S-1-5-21-621612078-4285812529-1901443770-1000\...\MountPoints2: {f1bc21e5-f93b-11de-b49c-806e6f6e6963} - E:\CDStart.exe
IFEO\browsemngr.exe: [Debugger] tasklist.exe
IFEO\browsermngr.exe: [Debugger] tasklist.exe
IFEO\bundlesweetimsetup.exe: [Debugger] tasklist.exe
IFEO\cltmngsvc.exe: [Debugger] tasklist.exe
IFEO\delta babylon.exe: [Debugger] tasklist.exe
IFEO\delta tb.exe: [Debugger] tasklist.exe
IFEO\delta2.exe: [Debugger] tasklist.exe
IFEO\deltainstaller.exe: [Debugger] tasklist.exe
IFEO\deltasetup.exe: [Debugger] tasklist.exe
IFEO\deltatb.exe: [Debugger] tasklist.exe
IFEO\deltatb_2501-c733154b.exe: [Debugger] tasklist.exe
IFEO\iminentsetup.exe: [Debugger] tasklist.exe
IFEO\rjatydimofu.exe: [Debugger] tasklist.exe
IFEO\sweetimsetup.exe: [Debugger] tasklist.exe
IFEO\tbdelta.exetoolbar783881609.exe: [Debugger] tasklist.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NÜRNBERGER AutoUpdater.lnk
ShortcutTarget: NÜRNBERGER AutoUpdater.lnk -> C:\Windows\Installer\{366D38BF-E12D-48FB-9F01-EEF3E7DCADEF}\BT.Setup.Updater.T_CD8CBA3468C240F981B372C3EA3FF361.exe (Acresso Software Inc.)
Startup: C:\Users\Finanzdienstleistung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\auto.bat ()
Startup: C:\Users\Finanzdienstleistung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Finanzdienstleistung\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Finanzdienstleistung\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Finanzdienstleistung\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Finanzdienstleistung\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: GDriveBlacklistedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedEditOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedViewOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncingOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.search.ask.com/?o=APN10645A&gct=hp&d=406-0&v=n11099-240&t=4
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.web.de/br/ie9_startpage
HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://toolbar.inbox.com/search/ie.aspx?tbid=80772&lng=de
HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = hxxp://toolbar.inbox.com/help/sa_customize.aspx?tbid=80772
URLSearchHook: HKLM - (No Name) - {b81767e1-672d-4da1-b5cc-d277185815a6} -  No File
SearchScopes: HKLM - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = 
SearchScopes: HKLM - _tmp URL = 
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=0&systemid=406&v=n11099-240&apn_uid=0663415917174031&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.sweetim.com/search.asp?src=6&crg=3.1010006&st=10&q={searchTerms}
SearchScopes: HKCU - _tmp URL = 
SearchScopes: HKCU - {09038620-190C-402B-A92F-18864E6AB22F} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKCU - {0E627687-3EBF-4D52-A048-1A6BDC182395} URL = hxxp://go.web.de/suchbox/smartshopping/?searchText={searchTerms}&mc=searchplugin@suche@msie.suche@preisvergleich
SearchScopes: HKCU - {222B5EA2-7E05-4C0D-8A56-E8E68392FA65} URL = hxxp://search.avg.com/route/?d=$instd$&v=$ver$&i=$dchid$&tp=chrome&q={searchTerms}&lng={moz:locale}&iy=&ychte=de
SearchScopes: HKCU - {3AB67233-D4D5-47F1-95F9-00C0D89D908D} URL = hxxp://go.web.de/suchbox/amazon/?keywords={searchTerms}
SearchScopes: HKCU - {417FF3BC-0405-476F-8364-02E002CEBF69} URL = hxxp://search.gmx.com/web?q={searchTerms}&origin=tb_splugin_ie
SearchScopes: HKCU - {594A203C-46AE-48E0-B7DB-E588A7912B8E} URL = hxxp://search.1und1.de/search/web/?su={searchTerms}&mc=searchplugin@suche@msie.suche@web&origin=searchplugin
SearchScopes: HKCU - {5A817CF6-92D5-4DE5-AC38-82DF8A73EF28} URL = hxxp://go.gmx.net/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKCU - {697B2969-6FC0-4CBC-9FB9-EBA7FEB50EC2} URL = hxxp://go.web.de/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKCU - {6B1D1FB7-7233-4F7C-802C-21A1DDB12754} URL = hxxp://go.web.de/br/ie9_search_web/?su={searchTerms}
SearchScopes: HKCU - {764EC6F5-012F-4DD1-A141-1BBB8B1311E1} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=302398&p={searchTerms}
SearchScopes: HKCU - {98A6AA5C-C81F-464D-8189-888B7F4C3BF6} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=U3&apn_dtid=OSJ000YYDE&apn_uid=6F7ECD21-D3B8-47C5-9A13-B2895120AFD0&apn_sauid=0989F9C0-EA3D-4014-9F6D-18D2C2C1F9F9&
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=0&systemid=406&v=n11099-240&apn_uid=0663415917174031&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.babylon.com/?q={searchTerms}&affID=110824&tt=4312_4&babsrc=SP_ss&mntrId=1063ab6a00000000000000196640d147
SearchScopes: HKCU - {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL = hxxp://toolbar.inbox.com/search/dispatcher.aspx?tp=bs&qkw={searchTerms}&tbid=80772&lng=de
SearchScopes: HKCU - {DC3A72F4-442E-4C80-BB61-F86A38632867} URL = hxxp://suche.gmx.net/search/web/?su={searchTerms}&mc=searchplugin@suche@msie.suche@web&origin=searchplugin
BHO: No Name -> {3049C3E9-B461-4BC5-8870-4C09146192CA} ->  No File
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: No Name -> {b81767e1-672d-4da1-b5cc-d277185815a6} ->  No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} -  No File
Toolbar: HKLM - No Name - {b81767e1-672d-4da1-b5cc-d277185815a6} -  No File
Toolbar: HKLM - No Name - {98889811-442D-49dd-99D7-DC866BE87DBC} -  No File
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKCU - No Name - {472734EA-242A-422B-ADF8-83D1E48CC825} -  No File
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Toolbar: HKCU - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} -  No File
Toolbar: HKCU - No Name - {C424171E-592A-415A-9EB1-DFD6D95D3530} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKCU - No Name - {B81767E1-672D-4DA1-B5CC-D277185815A6} -  No File
Toolbar: HKCU - No Name - {64EAD72B-FFD4-4E01-AA3A-4C71665D73E4} -  No File
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} -  No File
Winsock: Catalog9 01 C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll [329656] (PC Tools Research Pty Ltd.)
Winsock: Catalog9 02 C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll [329656] (PC Tools Research Pty Ltd.)
Winsock: Catalog9 03 C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll [329656] (PC Tools Research Pty Ltd.)
Winsock: Catalog9 04 C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll [329656] (PC Tools Research Pty Ltd.)
Winsock: Catalog9 05 C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll [329656] (PC Tools Research Pty Ltd.)
Winsock: Catalog9 06 C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll [329656] (PC Tools Research Pty Ltd.)
Winsock: Catalog9 17 C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll [329656] (PC Tools Research Pty Ltd.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Finanzdienstleistung\AppData\Roaming\Mozilla\Firefox\Profiles\fd4ejuoy.default
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @real.com/nppl3260;version=15.0.3.37 - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=15.0.3.37 - C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.3.37 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=15.0.3.37 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=15.0.3.37 - C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @citrixonline.com/appdetectorplugin - C:\Users\Finanzdienstleistung\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF user.js: detected! => C:\Users\Finanzdienstleistung\AppData\Roaming\Mozilla\Firefox\Profiles\fd4ejuoy.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\MyCamera.dll (CANON INC.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPCIG.dll (CANON INC.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF SearchPlugin: C:\Users\Finanzdienstleistung\AppData\Roaming\Mozilla\Firefox\Profiles\fd4ejuoy.default\searchplugins\11-suche.xml
FF SearchPlugin: C:\Users\Finanzdienstleistung\AppData\Roaming\Mozilla\Firefox\Profiles\fd4ejuoy.default\searchplugins\ecosia.xml
FF SearchPlugin: C:\Users\Finanzdienstleistung\AppData\Roaming\Mozilla\Firefox\Profiles\fd4ejuoy.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Finanzdienstleistung\AppData\Roaming\Mozilla\Firefox\Profiles\fd4ejuoy.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Finanzdienstleistung\AppData\Roaming\Mozilla\Firefox\Profiles\fd4ejuoy.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Finanzdienstleistung\AppData\Roaming\Mozilla\Firefox\Profiles\fd4ejuoy.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: WEB.DE MailCheck - C:\Users\Finanzdienstleistung\AppData\Roaming\Mozilla\Firefox\Profiles\fd4ejuoy.default\Extensions\toolbar@web.de [2014-07-22]
FF Extension: Ecosia - The search engine that plants trees - C:\Users\Finanzdienstleistung\AppData\Roaming\Mozilla\Firefox\Profiles\fd4ejuoy.default\Extensions\{d04b0b40-3dab-4f0b-97a6-04ec3eddbfb0}.xpi [2011-07-10]
FF Extension: Adblock Plus - C:\Users\Finanzdienstleistung\AppData\Roaming\Mozilla\Firefox\Profiles\fd4ejuoy.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-07-10]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\ffxtlbr@babylon.com [2014-02-17]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-05-03]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-07-26]

Chrome: 
=======
CHR HomePage: 
CHR RestoreOnStartup: "https://www.google.de/", "hxxp://www.search.ask.com/?o=APN10645A&gct=hp&d=406-0&v=n11099-240&t=4"
CHR Extension: (Google Drive) - C:\Users\Finanzdienstleistung\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-26]
CHR Extension: (YouTube) - C:\Users\Finanzdienstleistung\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-26]
CHR Extension: (Adblock Plus) - C:\Users\Finanzdienstleistung\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-12-28]
CHR Extension: (Google-Suche) - C:\Users\Finanzdienstleistung\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-26]
CHR Extension: (Google Wallet) - C:\Users\Finanzdienstleistung\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-26]
CHR Extension: (Google Mail) - C:\Users\Finanzdienstleistung\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-10-26]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-26]
CHR HKLM\...\Chrome\Extension: [hempmfkijmahkaddljkmchcmjbojoedl] - C:\Users\Finanzdienstleistung\AppData\Local\CRE\hempmfkijmahkaddljkmchcmjbojoedl.crx [2012-05-31]
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-05-03]
CHR HKCU\...\Chrome\Extension: [hempmfkijmahkaddljkmchcmjbojoedl] - C:\Users\Finanzdienstleistung\AppData\Local\CRE\hempmfkijmahkaddljkmchcmjbojoedl.crx [2012-05-31]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-26] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [106488 2014-07-28] (AVAST Software)
S2 BTAVB_KomDienst_Vers_Btnet_1402; I:\BTnet_0214\AVB_Steuerung\BTAVB_KomDienst.exe [17920 2013-04-03] (Beratungstechnologie) [File not signed]
S2 NbgAutoUpdater; C:\Program Files\NÜRNBERGER AutoUpdater\BT.Setup.InstallationsDienst.exe [23120 2013-12-05] (NÜRNBERGER Versicherungsgruppe)
S4 WinRiskXASmClServiceHandler; C:\Program Files\InterRisk\WinRiskXA\smart\client\bin\BWServiceHandler.exe [90112 2009-12-10] () [File not signed]
R2 WinRiskXASmClSoftwareUpdate; C:\Program Files\InterRisk\WinRiskXA\smart\client\bin\BWUpdater.exe [24576 2012-04-18] (BISS GmbH) [File not signed]
S2 sdAuxService; No ImagePath
S2 sdCoreService; No ImagePath

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AF15BDA; C:\Windows\System32\DRIVERS\AF15BDA.sys [483200 2010-01-06] (ITETech                  )
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-07-26] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [26136 2014-07-28] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-07-26] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [270752 2014-07-28] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-07-26] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-07-26] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [779536 2014-07-26] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [414520 2014-07-26] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [71944 2014-07-26] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [192352 2014-07-26] ()
R3 AVMCOWAN; C:\Windows\System32\DRIVERS\AVMCOWAN.sys [64000 2009-07-14] (AVM GmbH)
R3 cmpci; C:\Windows\System32\drivers\cmaudio.sys [379726 2002-07-16] (C-Media Inc)
R3 FPCIBASE; C:\Windows\System32\DRIVERS\fpcibase.sys [559104 2009-07-14] (AVM Berlin)
R0 PCTCore; C:\Windows\System32\drivers\PCTCore.sys [331880 2011-11-14] (PC Tools)
R0 pctDS; C:\Windows\System32\drivers\pctDS.sys [342168 2011-12-01] (PC Tools)
R1 pctgntdi; C:\Windows\System32\drivers\pctgntdi.sys [253352 2012-01-11] (PC Tools)
S3 pctplsg; C:\Windows\System32\drivers\pctplsg.sys [70536 2012-01-11] (PC Tools)
R1 PCTSD; C:\Windows\System32\Drivers\PCTSD.sys [185560 2012-01-11] (PC Tools)
S2 ASPI32; No ImagePath
S3 cmuda3; system32\drivers\cmudax3.sys [X]
S3 cpuz132; \??\C:\Users\FINANZ~1\AppData\Local\Temp\cpuz132\cpuz132_x32.sys [X]
S0 TfFsMon; system32\drivers\TfFsMon.sys [X]
S3 TfNetMon; \??\C:\Windows\system32\drivers\TfNetMon.sys [X]
S0 TFSysMon; system32\drivers\TfSysMon.sys [X]
S1 [verify-U]_System; system32\drivers\[verify-U]-driver.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-29 17:09 - 2014-07-29 17:11 - 00024591 _____ () C:\Users\Finanzdienstleistung\Downloads\FRST.txt
2014-07-28 17:05 - 2014-07-28 17:05 - 00000000 ____D () C:\Users\Finanzdienstleistung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-07-28 17:03 - 2014-07-28 17:04 - 07920175 _____ () C:\Users\Finanzdienstleistung\Downloads\npp.6.6.8.Installer.exe
2014-07-28 01:20 - 2014-07-28 01:20 - 00002013 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-07-28 01:20 - 2014-07-28 01:19 - 00026136 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-07-28 01:19 - 2014-07-28 01:19 - 00270752 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-07-27 08:18 - 2014-07-27 08:18 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\AVAST Software
2014-07-26 19:45 - 2014-07-26 19:45 - 00027304 _____ () C:\Users\Finanzdienstleistung\Desktop\logs.zip
2014-07-26 19:12 - 2014-07-26 19:12 - 00380416 _____ () C:\Users\Finanzdienstleistung\Downloads\ckmygz4f.exe
2014-07-26 19:08 - 2014-07-29 17:09 - 00000000 ___DC () C:\FRST
2014-07-26 19:07 - 2014-07-26 19:07 - 01084416 _____ (Farbar) C:\Users\Finanzdienstleistung\Downloads\FRST.exe
2014-07-26 19:06 - 2014-07-26 19:06 - 00000502 _____ () C:\Users\Finanzdienstleistung\Downloads\defogger_disable.log
2014-07-26 19:06 - 2014-07-26 19:06 - 00000000 _____ () C:\Users\Finanzdienstleistung\defogger_reenable
2014-07-26 19:05 - 2014-07-26 19:05 - 00050477 _____ () C:\Users\Finanzdienstleistung\Downloads\Defogger.exe
2014-07-26 18:31 - 2014-07-26 18:31 - 00000000 ____D () C:\ProgramData\MAGIX
2014-07-26 18:25 - 2014-07-28 01:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-07-26 18:25 - 2014-07-26 18:25 - 00000000 ____D () C:\Users\Finanzdienstleistung\AppData\Roaming\AVAST Software
2014-07-26 18:24 - 2014-07-26 18:25 - 00414520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-07-26 18:24 - 2014-07-26 18:24 - 00779536 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-07-26 18:24 - 2014-07-26 18:24 - 00276432 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-07-26 18:24 - 2014-07-26 18:24 - 00192352 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-07-26 18:24 - 2014-07-26 18:24 - 00081768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-07-26 18:24 - 2014-07-26 18:24 - 00071944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-07-26 18:24 - 2014-07-26 18:24 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-07-26 18:24 - 2014-07-26 18:24 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-07-26 18:24 - 2014-07-26 18:24 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-07-26 18:24 - 2014-07-26 18:24 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-07-26 18:24 - 2014-07-26 18:24 - 00000000 ___DC () C:\Program Files\AVAST Software
2014-07-26 18:22 - 2014-07-26 18:24 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-07-26 18:21 - 2014-07-26 18:22 - 91906368 _____ (AVAST Software) C:\Users\Finanzdienstleistung\Downloads\avast_free_antivirus_setup_9_0_2021 (1).exe
2014-07-26 17:59 - 2014-07-26 18:00 - 00700783 ____R (Swearware) C:\Users\Finanzdienstleistung\Downloads\dds+.exe
2014-07-26 17:47 - 2014-07-26 17:47 - 04845176 _____ (AVAST Software) C:\Users\Finanzdienstleistung\Downloads\avast_clear.exe
2014-07-24 17:13 - 2014-07-24 17:15 - 143880056 _____ () C:\Users\Gast\Downloads\avira_free_antivirus_de_464.exe
2014-07-24 02:11 - 2014-07-24 18:44 - 00000000 ____D () C:\ProgramData\ItogiVhovu
2014-07-24 02:10 - 2014-07-24 23:18 - 00000000 ____D () C:\ProgramData\OvmaTmed
2014-07-24 00:37 - 2014-07-24 00:38 - 91906368 _____ (AVAST Software) C:\Users\Finanzdienstleistung\Downloads\avast_free_antivirus_setup_9_0_2021.exe
2014-07-23 12:40 - 2014-07-23 12:40 - 00000000 ____D () C:\Users\Finanzdienstleistung\AppData\Roaming\DesktopIconGoodgame
2014-07-22 15:18 - 2014-07-23 11:41 - 00000000 ____D () C:\Users\Finanzdienstleistung\Desktop\Schad
2014-07-21 17:07 - 2014-07-21 17:07 - 00000000 ____D () C:\ProgramData\firebird
2014-07-21 17:06 - 2014-07-21 17:06 - 00000000 ____D () C:\Users\Finanzdienstleistung\AppData\Roaming\NUERNBERGER
2014-07-21 17:05 - 2014-07-21 17:05 - 00000000 ____D () C:\Users\Finanzdienstleistung\Documents\NuernbergerBT
2014-07-21 17:05 - 2014-07-21 17:05 - 00000000 ____D () C:\Users\Finanzdienstleistung\AppData\Local\Nuernberger_Versicherungs
2014-07-21 15:28 - 2014-07-24 16:12 - 00000000 ___DC () C:\Program Files\NÜRNBERGER AutoUpdater
2014-07-21 15:28 - 2014-07-24 16:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NÜRNBERGER AutoUpdater
2014-07-21 15:25 - 2014-07-21 15:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NÜRNBERGER BTnet 02.2014
2014-07-21 15:16 - 2014-07-21 15:16 - 00000000 ____D () C:\Users\Finanzdienstleistung\AppData\Roaming\Keseling
2014-07-21 11:42 - 2014-07-21 11:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alte Leipziger Verbund
2014-07-21 11:27 - 2014-07-21 11:30 - 00000000 ____D () C:\Windows\Downloaded Installations
2014-07-21 02:22 - 2014-07-23 21:33 - 00000000 ____D () C:\ProgramData\OkhoHamu
2014-07-19 23:00 - 2014-07-21 10:27 - 00000000 ____D () C:\ProgramData\IvqeKjaqu
2014-07-19 16:23 - 2014-07-19 16:23 - 00012313 _____ () C:\Users\Finanzdienstleistung\Downloads\Abrechnung Garbpflege 2014.xlsx
2014-07-19 16:23 - 2014-07-19 16:23 - 00012313 _____ () C:\Users\Finanzdienstleistung\Downloads\Abrechnung Garbpflege 2014 (1).xlsx
2014-07-11 03:06 - 2014-07-11 03:06 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-10 22:19 - 2014-07-14 06:11 - 00000000 ____D () C:\Users\Finanzdienstleistung\Desktop\Neuer Ordner (4)
2014-07-10 15:40 - 2014-07-10 15:40 - 00000000 ____D () C:\Users\Finanzdienstleistung\Desktop\Lisa ****
2014-07-10 09:40 - 2014-07-01 03:38 - 00402944 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-10 09:40 - 2014-07-01 03:35 - 00303104 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-09 12:21 - 2014-07-10 22:57 - 00000000 ____D () C:\Users\Finanzdienstleistung\Desktop\Neuer Ordner (3)

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-29 17:11 - 2014-07-29 17:09 - 00024591 _____ () C:\Users\Finanzdienstleistung\Downloads\FRST.txt
2014-07-29 17:09 - 2014-07-26 19:08 - 00000000 ___DC () C:\FRST
2014-07-29 16:56 - 2013-11-12 12:56 - 00000328 _____ () C:\Windows\Tasks\MetaCrawler.job
2014-07-29 16:55 - 2013-11-12 12:56 - 00000328 _____ () C:\Windows\Tasks\DigitalSite.job
2014-07-29 16:36 - 2012-04-12 23:28 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-29 16:13 - 2013-10-23 18:31 - 00000324 _____ () C:\Windows\Tasks\FoxTab.job
2014-07-29 08:34 - 2009-07-14 06:34 - 00019568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-29 08:34 - 2009-07-14 06:34 - 00019568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-29 08:33 - 2010-01-04 16:26 - 01753943 _____ () C:\Windows\WindowsUpdate.log
2014-07-29 08:30 - 2012-02-05 15:05 - 00000000 ____D () C:\Users\Finanzdienstleistung\AppData\Roaming\Dropbox
2014-07-29 08:29 - 2011-05-23 10:14 - 13341184 ___SH () C:\Users\Finanzdienstleistung\Desktop\Thumbs.db
2014-07-29 08:28 - 2014-02-15 10:11 - 00008008 _____ () C:\Windows\setupact.log
2014-07-29 08:28 - 2013-06-03 01:58 - 00000350 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2014-07-29 08:28 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-28 17:06 - 2010-06-27 12:53 - 00000000 ____D () C:\Users\Finanzdienstleistung\AppData\Roaming\Notepad++
2014-07-28 17:05 - 2014-07-28 17:05 - 00000000 ____D () C:\Users\Finanzdienstleistung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-07-28 17:05 - 2010-06-27 12:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-07-28 17:05 - 2010-06-27 12:53 - 00000000 ____D () C:\Program Files\Notepad++
2014-07-28 17:04 - 2014-07-28 17:03 - 07920175 _____ () C:\Users\Finanzdienstleistung\Downloads\npp.6.6.8.Installer.exe
2014-07-28 01:23 - 2014-02-15 10:11 - 00337444 _____ () C:\Windows\PFRO.log
2014-07-28 01:23 - 2011-08-07 15:46 - 00000000 ____D () C:\Program Files\VideoLAN
2014-07-28 01:20 - 2014-07-28 01:20 - 00002013 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-07-28 01:20 - 2014-07-26 18:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-07-28 01:19 - 2014-07-28 01:20 - 00026136 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-07-28 01:19 - 2014-07-28 01:19 - 00270752 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-07-27 08:18 - 2014-07-27 08:18 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\AVAST Software
2014-07-26 19:45 - 2014-07-26 19:45 - 00027304 _____ () C:\Users\Finanzdienstleistung\Desktop\logs.zip
2014-07-26 19:13 - 2011-07-21 11:08 - 14026240 ___SH () C:\Users\Finanzdienstleistung\Downloads\Thumbs.db
2014-07-26 19:12 - 2014-07-26 19:12 - 00380416 _____ () C:\Users\Finanzdienstleistung\Downloads\ckmygz4f.exe
2014-07-26 19:07 - 2014-07-26 19:07 - 01084416 _____ (Farbar) C:\Users\Finanzdienstleistung\Downloads\FRST.exe
2014-07-26 19:06 - 2014-07-26 19:06 - 00000502 _____ () C:\Users\Finanzdienstleistung\Downloads\defogger_disable.log
2014-07-26 19:06 - 2014-07-26 19:06 - 00000000 _____ () C:\Users\Finanzdienstleistung\defogger_reenable
2014-07-26 19:06 - 2010-01-04 16:28 - 00000000 ____D () C:\Users\Finanzdienstleistung
2014-07-26 19:05 - 2014-07-26 19:05 - 00050477 _____ () C:\Users\Finanzdienstleistung\Downloads\Defogger.exe
2014-07-26 18:31 - 2014-07-26 18:31 - 00000000 ____D () C:\ProgramData\MAGIX
2014-07-26 18:31 - 2010-12-20 19:04 - 00000000 ____D () C:\Users\Finanzdienstleistung\Documents\MAGIX_MxTray
2014-07-26 18:25 - 2014-07-26 18:25 - 00000000 ____D () C:\Users\Finanzdienstleistung\AppData\Roaming\AVAST Software
2014-07-26 18:25 - 2014-07-26 18:24 - 00414520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-07-26 18:24 - 2014-07-26 18:24 - 00779536 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-07-26 18:24 - 2014-07-26 18:24 - 00276432 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-07-26 18:24 - 2014-07-26 18:24 - 00192352 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-07-26 18:24 - 2014-07-26 18:24 - 00081768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-07-26 18:24 - 2014-07-26 18:24 - 00071944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-07-26 18:24 - 2014-07-26 18:24 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-07-26 18:24 - 2014-07-26 18:24 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-07-26 18:24 - 2014-07-26 18:24 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-07-26 18:24 - 2014-07-26 18:24 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-07-26 18:24 - 2014-07-26 18:24 - 00000000 ___DC () C:\Program Files\AVAST Software
2014-07-26 18:24 - 2014-07-26 18:22 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-07-26 18:22 - 2014-07-26 18:21 - 91906368 _____ (AVAST Software) C:\Users\Finanzdienstleistung\Downloads\avast_free_antivirus_setup_9_0_2021 (1).exe
2014-07-26 18:00 - 2014-07-26 17:59 - 00700783 ____R (Swearware) C:\Users\Finanzdienstleistung\Downloads\dds+.exe
2014-07-26 17:47 - 2014-07-26 17:47 - 04845176 _____ (AVAST Software) C:\Users\Finanzdienstleistung\Downloads\avast_clear.exe
2014-07-26 17:33 - 2012-03-09 12:29 - 00000000 ____D () C:\ProgramData\Avira
2014-07-25 11:11 - 2014-02-14 21:43 - 00001059 _____ () C:\Users\Finanzdienstleistung\Desktop\Dropbox.lnk
2014-07-25 11:11 - 2012-02-05 15:06 - 00000000 ____D () C:\Users\Finanzdienstleistung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-07-24 23:18 - 2014-07-24 02:10 - 00000000 ____D () C:\ProgramData\OvmaTmed
2014-07-24 22:50 - 2014-02-20 19:33 - 00000000 ___DC () C:\Program Files\Microsoft Silverlight
2014-07-24 22:50 - 2012-05-09 09:25 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-07-24 22:15 - 2012-03-14 23:17 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-07-24 18:44 - 2014-07-24 02:11 - 00000000 ____D () C:\ProgramData\ItogiVhovu
2014-07-24 17:15 - 2014-07-24 17:13 - 143880056 _____ () C:\Users\Gast\Downloads\avira_free_antivirus_de_464.exe
2014-07-24 16:12 - 2014-07-21 15:28 - 00000000 ___DC () C:\Program Files\NÜRNBERGER AutoUpdater
2014-07-24 16:12 - 2014-07-21 15:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NÜRNBERGER AutoUpdater
2014-07-24 03:01 - 2014-02-20 19:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-24 01:18 - 2014-02-17 18:21 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-07-24 00:38 - 2014-07-24 00:37 - 91906368 _____ (AVAST Software) C:\Users\Finanzdienstleistung\Downloads\avast_free_antivirus_setup_9_0_2021.exe
2014-07-23 22:55 - 2011-08-07 11:12 - 00000046 _____ () C:\Windows\PCCT.INI
2014-07-23 22:08 - 2013-08-16 03:02 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-23 21:33 - 2014-07-21 02:22 - 00000000 ____D () C:\ProgramData\OkhoHamu
2014-07-23 21:33 - 2009-10-14 05:07 - 00000000 ____D () C:\Windows\Panther
2014-07-23 12:40 - 2014-07-23 12:40 - 00000000 ____D () C:\Users\Finanzdienstleistung\AppData\Roaming\DesktopIconGoodgame
2014-07-23 12:33 - 2013-08-09 12:13 - 00000000 ____D () C:\ProgramData\Package Cache
2014-07-23 11:41 - 2014-07-22 15:18 - 00000000 ____D () C:\Users\Finanzdienstleistung\Desktop\Schad
2014-07-23 11:21 - 2013-10-27 12:54 - 00111984 _____ () C:\Users\Finanzdienstleistung\AppData\Local\GDIPFONTCACHEV1.DAT
2014-07-23 01:32 - 2009-11-10 20:44 - 01653464 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-22 15:22 - 2014-06-24 15:37 - 00000000 ____D () C:\Users\Finanzdienstleistung\Desktop\Lämmle
2014-07-21 17:07 - 2014-07-21 17:07 - 00000000 ____D () C:\ProgramData\firebird
2014-07-21 17:06 - 2014-07-21 17:06 - 00000000 ____D () C:\Users\Finanzdienstleistung\AppData\Roaming\NUERNBERGER
2014-07-21 17:06 - 2010-01-06 13:28 - 00000000 ____D () C:\Users\Finanzdienstleistung\Desktop\KV
2014-07-21 17:05 - 2014-07-21 17:05 - 00000000 ____D () C:\Users\Finanzdienstleistung\Documents\NuernbergerBT
2014-07-21 17:05 - 2014-07-21 17:05 - 00000000 ____D () C:\Users\Finanzdienstleistung\AppData\Local\Nuernberger_Versicherungs
2014-07-21 15:51 - 2013-10-27 11:20 - 00423168 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-21 15:29 - 2010-01-06 13:35 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-07-21 15:28 - 2011-02-13 15:04 - 00000000 ____D () C:\Program Files\NuernbergerBT
2014-07-21 15:28 - 2010-12-09 12:39 - 00000000 ____D () C:\Users\Finanzdienstleistung\AppData\Local\Downloaded Installations
2014-07-21 15:28 - 2010-04-16 22:02 - 00000000 ____D () C:\ProgramData\Nuernberger
2014-07-21 15:27 - 2010-01-19 16:55 - 00000000 ____D () C:\temp
2014-07-21 15:25 - 2014-07-21 15:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NÜRNBERGER BTnet 02.2014
2014-07-21 15:16 - 2014-07-21 15:16 - 00000000 ____D () C:\Users\Finanzdienstleistung\AppData\Roaming\Keseling
2014-07-21 14:38 - 2011-07-05 16:36 - 00000000 ____D () C:\Users\Finanzdienstleistung\Desktop\Kundenangebote
2014-07-21 11:42 - 2014-07-21 11:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alte Leipziger Verbund
2014-07-21 11:42 - 2011-03-06 16:22 - 00000000 ____D () C:\Program Files\Common Files\AlteLeipziger
2014-07-21 11:30 - 2014-07-21 11:27 - 00000000 ____D () C:\Windows\Downloaded Installations
2014-07-21 10:27 - 2014-07-19 23:00 - 00000000 ____D () C:\ProgramData\IvqeKjaqu
2014-07-20 15:49 - 2013-08-31 22:28 - 00000000 ____D () C:\Users\Finanzdienstleistung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppsHat
2014-07-19 16:23 - 2014-07-19 16:23 - 00012313 _____ () C:\Users\Finanzdienstleistung\Downloads\Abrechnung Garbpflege 2014.xlsx
2014-07-19 16:23 - 2014-07-19 16:23 - 00012313 _____ () C:\Users\Finanzdienstleistung\Downloads\Abrechnung Garbpflege 2014 (1).xlsx
2014-07-14 06:11 - 2014-07-10 22:19 - 00000000 ____D () C:\Users\Finanzdienstleistung\Desktop\Neuer Ordner (4)
2014-07-14 06:08 - 2009-07-14 06:52 - 00000000 ____D () C:\Windows\twain_32
2014-07-12 19:44 - 2011-05-12 21:16 - 00013824 _____ () C:\Users\Finanzdienstleistung\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-07-12 10:55 - 2010-04-29 21:30 - 00000000 ____D () C:\Users\Finanzdienstleistung\AppData\Roaming\CameraWindowDC
2014-07-12 10:55 - 2010-04-29 21:25 - 00000000 ____D () C:\Users\Finanzdienstleistung\AppData\Roaming\ZoomBrowser EX
2014-07-11 15:28 - 2013-01-30 23:51 - 00000000 ____D () C:\Users\Finanzdienstleistung\Desktop\Selbstdarstellung
2014-07-11 03:06 - 2014-07-11 03:06 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-11 03:05 - 2010-01-04 16:43 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-10 22:57 - 2014-07-09 12:21 - 00000000 ____D () C:\Users\Finanzdienstleistung\Desktop\Neuer Ordner (3)
2014-07-10 15:40 - 2014-07-10 15:40 - 00000000 ____D () C:\Users\Finanzdienstleistung\Desktop\Lisa ****
2014-07-09 12:36 - 2012-04-12 23:28 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-07-09 12:36 - 2011-09-24 22:43 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-07-08 17:52 - 2014-04-27 14:10 - 00000000 ____D () C:\Users\Finanzdienstleistung\Desktop\Neuer Ordner
2014-07-08 15:22 - 2014-06-26 14:46 - 00000000 ____D () C:\Users\Finanzdienstleistung\Desktop\Neuer Ordner (2)
2014-07-08 12:01 - 2014-06-02 12:46 - 00000000 ____D () C:\Users\Finanzdienstleistung\Desktop\Neubewerbg. Komp
2014-07-01 03:38 - 2014-07-10 09:40 - 00402944 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-01 03:35 - 2014-07-10 09:40 - 00303104 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-29 19:40 - 2014-06-28 22:24 - 00000000 ____D () C:\ProgramData\AyruHcalz
2014-06-29 19:40 - 2009-07-14 04:37 - 00000000 __RSD () C:\Windows\Media
2014-06-29 17:53 - 2012-03-09 12:09 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-29 17:41 - 2012-03-09 12:09 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-06-29 17:38 - 2013-12-13 01:44 - 00000000 ___DC () C:\Program Files\Mobogenie
2014-06-29 14:04 - 2013-11-26 17:32 - 00000000 ____D () C:\Users\Finanzdienstleistung\Desktop\Freedom
2014-06-29 14:04 - 2013-11-22 11:28 - 00000000 ____D () C:\Users\Finanzdienstleistung\Desktop\Verschiedenes

Files to move or delete:
====================
C:\Users\Finanzdienstleistung\dxdllreg.exe
C:\Users\Finanzdienstleistung\infinst.exe
C:\Users\Public\AlexaNSISPlugin.4228.dll


Some content of TEMP:
====================
C:\Users\Finanzdienstleistung\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp5bepvz.dll
C:\Users\Finanzdienstleistung\AppData\Local\Temp\unwise.exe
C:\Users\Finanzdienstleistung\AppData\Local\Temp\xmlUpdater.exe
C:\Users\Gast\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-28 02:33

==================== End Of Log ============================
         
--- --- ---

--- --- ---

Alt 29.07.2014, 16:28   #11
Trigant
 
Windows 7 - Malware gefunden - regsrv32 - Fehlermeldung bei Systemboot - Standard

Windows 7 - Malware gefunden - regsrv32 - Fehlermeldung bei Systemboot



additions.txt

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version:25-07-2014
Ran by Finanzdienstleistung at 2014-07-29 17:12:05
Running from C:\Users\Finanzdienstleistung\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 Update for Microsoft Office 2007 (KB2508958) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )
Adobe Flash Player 14 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Advertising Center (Version: 0.0.0.2 - Nero AG) Hidden
ALTE LEIPZIGER Beratungssoftware 06.2014 Standard (HKLM\...\{50E417E9-EEAE-4F9E-A8D3-4776A41BCA9D}) (Version: 44.00.0000 - ALTE LEIPZIGER Lebensversicherung a.G.)
ALTE LEIPZIGER Taa 8.16 (HKLM\...\{94DD2B71-D143-4221-AC56-3BE562FFC35D}) (Version: 2.16.0000 - ALTE LEIPZIGER Lebensversicherung a.G.)
Audacity 1.2.6 (HKLM\...\Audacity_is1) (Version:  - )
Audio Converter Packages (HKCU\...\Audio Converter Packages) (Version:  - ) <==== ATTENTION
Audiograbber 1.83 SE  (HKLM\...\Audiograbber) (Version: 1.83 SE  - Audiograbber)
Audiograbber MP3-Plugin (HKLM\...\Audiograbber-Lame) (Version: 1.0 - AG)
Aureon 5.1 Fun ControlPanel (HKLM\...\{17A87ED9-129A-4516-A3BF-5E513D23C3BB}) (Version:  - )
avast! Internet Security (HKLM\...\Avast) (Version: 9.0.2021 - AVAST Software)
Brother MFL-Pro Suite MFC-5490CN (HKLM\...\{48D082B9-18F6-4426-AFAC-8B6A3E7021B1}) (Version: 1.0.1.0 - Brother Industries, Ltd.)
Brother MFL-Pro Suite MFC-5890CN (HKLM\...\{20E970DF-A7B2-4345-9DEB-72213A29645E}) (Version: 1.0.1.0 - Brother Industries, Ltd.)
BTnet (Version: 14.02.1 - NÜRNBERGER Beratungstechnologie) Hidden
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM\...\CANON iMAGE GATEWAY Task) (Version: 1.6.0.12 - Canon Inc.)
Canon Internet Library for ZoomBrowser EX (HKLM\...\Canon Internet Library for ZoomBrowser EX) (Version: 1.6.2.7 - Canon Inc.)
Canon MOV Decoder (HKLM\...\Canon MOV Decoder) (Version: 1.0.0.65 - Canon Inc.)
Canon Utilities CameraWindow (HKLM\...\CameraWindowLauncher) (Version: 7.1.0.2 - Canon Inc.)
Canon Utilities CameraWindow DC (HKLM\...\CameraWindowDC) (Version: 7.2.0.10 - Canon Inc.)
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX (HKLM\...\CameraWindowDVC6) (Version: 6.4.2.16 - Canon Inc.)
Canon Utilities MyCamera (HKLM\...\MyCamera) (Version: 7.0.0.3 - Canon Inc.)
Canon Utilities MyCamera DC (HKLM\...\MyCameraDC) (Version: 7.1.0.4 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM\...\PhotoStitch) (Version: 3.1.22.46 - Canon Inc.)
Canon Utilities RemoteCapture Task for ZoomBrowser EX (HKLM\...\RemoteCaptureTask) (Version: 1.7.1.9 - Canon Inc.)
Canon Utilities ZoomBrowser EX (HKLM\...\ZoomBrowser EX) (Version: 6.2.0.29 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (HKLM\...\ZoomBrowser EX Memory Card Utility) (Version: 1.2.0.9 - Canon Inc.)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.3 - Dropbox, Inc.)
DS-Serienbrief 1.0 (HKLM\...\DS-Serienbrief 1.0) (Version:  - )
EPSON Attach To Email (Version: 1.01.0000 - SEIKO EPSON) Hidden
Euro Canada Life Quotation System (Version: 11.0 - Canada Life Assurance (Irl) Ltd) Hidden
Free PDF to Word Doc Converter v1.1 (HKLM\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
Google Chrome (HKLM\...\Google Chrome) (Version: 30.0.1599.101 - Google Inc.)
Google Drive (HKLM\...\{A8CFAE35-66DD-4B4B-A4B9-279D52BD8F86}) (Version: 1.15.6430.6825 - Google, Inc.)
Google Earth (HKLM\...\{28E82311-8616-11E1-BEB0-B8AC6F97B88E}) (Version: 6.2.2.6613 - Google)
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
HanseMerkur-Tarife (HKLM\...\HanseMerkur-Tarife) (Version:  - )
i.S^2 Runtime 1.5.0_16 (Version: 1.50.0016 - Intelligent Solution Services AG) Hidden
InterRisk WinRisk Smart-Client 5.0.0 (HKLM\...\{1555B355-8B08-41F9-88FD-5C028A012E6E}) (Version: 5.0.125.0 - InterRisk Versicherungs-AG Vienna Insurance Group, InterRisk Lebensversicherungs-AG Vienna Insurance Group)
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
Java Auto Updater (Version: 2.0.6.1 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 30 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216020FF}) (Version: 6.0.300 - Sun Microsystems, Inc.)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30320 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30320 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM\...\{307a22b8-8353-4c5e-b67b-2404c5734558}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 30.0 (x86 de) (HKLM\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NAVIGON Fresh 3.3.2 (HKLM\...\NAVIGON Fresh) (Version: 3.3.2 - NAVIGON)
Nero 9 Lite (HKLM\...\{95cc3ace-a6fb-4b1b-a23f-e13c129e6f76}) (Version:  - Nero AG)
Nero ControlCenter (Version: 9.0.0.1 - Nero AG) Hidden
Nero Installer (Version: 4.4.9.0 - Nero AG) Hidden
Nero Online Upgrade (Version: 1.3.0.0 - Nero AG) Hidden
Nero StartSmart (Version: 9.4.31.100 - Nero AG) Hidden
neroxml (Version: 1.0.0 - Nero AG) Hidden
Notepad++ (HKLM\...\Notepad++) (Version: 6.6.8 - Notepad++ Team)
NÜRNBERGER AutoUpdater (HKLM\...\{366D38BF-E12D-48FB-9F01-EEF3E7DCADEF}) (Version: 1.4 - NÜRNBERGER Versicherungsgruppe)
NÜRNBERGER AVB_Steuerung_Dope (Version: 14.02.1 - NÜRNBERGER Versicherungsgruppe) Hidden
NÜRNBERGER Beratungstechnologie BTplus 01/2011 (HKLM\...\{6E176203-DE71-454F-A735-73DE95853CEE}) (Version: 1.00.0000 - NÜRNBERGER Versicherungsgruppe)
NÜRNBERGER Beratungstechnologie Version 03.2010 Einzelplatz (HKLM\...\{AA259E30-3918-4AE2-A969-3D155A5112A8}) (Version: BT-Version 03.2010 - Nuernberger)
NÜRNBERGER BTnet 02.2014 (HKLM\...\{38D5E4F6-057B-4EEC-9856-8717C93BCDCF}) (Version: 14.02.1 - NÜRNBERGER Beratungstechnologie)
NÜRNBERGER DOKnet (HKLM\...\{6588F598-F01F-4DF9-BE89-DAEA037BE4DD}) (Version: 14.02.1 - NÜRNBERGER Beratungstechnologie)
NÜRNBERGER PortCommunication BtNet (HKLM\...\{76778E24-C677-4A7C-8602-89E0C3AD349E}) (Version: 14.02.1 - NÜRNBERGER Beratungstechnologie)
NÜRNBERGER StepOver eSignatureOffice45 (HKLM\...\{330AEB9B-5B34-4B84-B7E8-92D3FE1CF1E2}) (Version: 1.02.0003 - NÜRNBERGER Beratungstechnologie on behalf of StepOver GmbH)
PaperPort Image Printer (HKLM\...\{2BC2781A-F7F6-452E-95EB-018A522F1B2C}) (Version: 1.00.0000 - Nuance Communications, Inc.)
PC Tools Spyware Doctor with AntiVirus 9.0 (HKLM\...\Spyware Doctor) (Version: 9.0 - PC Tools)
PDF Experte 9 (HKLM\...\{1B9D9CB3-A817-4f3e-B018-5C0967D5B424}) (Version: 9.00 - Avanquest)
QuickTime (HKLM\...\{0E64B098-8018-4256-BA23-C316A43AD9B0}) (Version: 7.72.80.56 - Apple Inc.)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM\...\RealPlayer 15.0) (Version:  - RealNetworks)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
ScanSoft PaperPort 11 (HKLM\...\{02570AE0-BEE0-4A6C-BE3F-D806E9F2EA17}) (Version: 11.2.0000 - Nuance Communications, Inc.)
Softfair Lotse (HKLM\...\{621B15AE-81B6-4CEE-81AC-1A3E10E4AD51}) (Version: 11.242 - Softfair GmbH)
TeamViewer 9 (HKLM\...\TeamViewer 9) (Version: 9.0.28223 - TeamViewer)
ThomasLloyd Angebotsrechner (HKLM\...\{862BD6A8-0749-4A99-9D59-52788987527D}) (Version: 1.1.1.0 - testroom.de)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2473228) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (HKLM\...\{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (HKLM\...\{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (HKLM\...\{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2883030) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{F5DCAB53-C2FD-4E5A-8C83-0F37485E5E89}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Finanzdienstleistung\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0014-0002-FFFF-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0015-0000-FFFF-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{CAFEEFAC-0016-0000-FFFF-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{E19F9331-3110-11D4-991C-005004D3B3DB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Finanzdienstleistung\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Finanzdienstleistung\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Finanzdienstleistung\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Finanzdienstleistung\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Finanzdienstleistung\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Finanzdienstleistung\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Finanzdienstleistung\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-621612078-4285812529-1901443770-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Finanzdienstleistung\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2014-07-28 17:07 - 2014-07-28 17:07 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0800BDCE-97C9-4CEE-9B00-4A9A2C96755B} - System32\Tasks\{8D4BEB78-319E-45AE-AC6E-8F2D55078189} => C:\Program Files\DSSerie\dsserie.exe [1997-03-25] ()
Task: {09F87CB1-D57D-4DE6-B572-0A796A78711D} - System32\Tasks\{0A31AA6C-E1F0-440B-814C-ADCAB81F7C4B} => C:\Program Files\DSSerie\dsserie.exe [1997-03-25] ()
Task: {156E8133-9221-4D0A-AEF2-6A682B6BCD9E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-04-22] (Google Inc.)
Task: {1F856117-6EC8-48A4-B6D1-73958FF25C93} - System32\Tasks\{50AE56F6-9976-45B4-8C04-3DCF1368D7B8} => I:\DSSerie\dsserie.exe
Task: {201B6540-4AE9-4D6B-97EC-6E34267A5F77} - System32\Tasks\{A96EB9CB-4B3A-4689-99AC-C2ECB0DAAED5} => I:\Spyware Doctor\pctsGui.exe
Task: {27AEAA9C-9936-4526-8756-F8C2C7153544} - System32\Tasks\4810 => Wscript.exe C:\Users\FINANZ~1\AppData\Local\Temp\launchie.vbs //B
Task: {373EFCDC-C011-4F29-950C-C0E094B48E26} - System32\Tasks\{CBA23E9D-3CE2-4AB0-A346-8B91E28BC271} => D:\DSSerie\dsserie.exe [1997-03-25] ()
Task: {39686FD2-32AB-4060-9C22-2D0A54338230} - System32\Tasks\{3FFE83E5-4276-40DB-AE4A-BB4532FFA7B5} => C:\Program Files\DSSerie\dsserie.exe [1997-03-25] ()
Task: {3AF0507A-13FA-45BE-99DC-70C2C382F653} - System32\Tasks\Omiga Plus RunAsStdUser => C:\Program Files\Omiga Plus\omigaplus.exe
Task: {4E0AAF3C-9684-4556-B0DA-196B205D7B29} - System32\Tasks\{46304983-0955-46F2-BDC8-58B5CBC8BF8A} => C:\Program Files\DSSerie\dsserie.exe [1997-03-25] ()
Task: {547756E4-47BC-4B01-8B82-9699E67080ED} - System32\Tasks\{7CD32BE2-DD26-473F-B3F0-216CCA25B310} => D:\DSSerie\dsserie.exe [1997-03-25] ()
Task: {561068DF-8F90-48DC-9CFD-3DC9275FAAFB} - System32\Tasks\{D7AE284B-C1C2-4F70-9BBC-D744BBDEA753} => C:\Program Files\DSSerie\dsserie.exe [1997-03-25] ()
Task: {57E47742-0739-4EAE-8370-777DB8A64D2F} - System32\Tasks\Desk 365 RunAsStdUser => C:\Program Files\Desk 365\desk365.exe <==== ATTENTION
Task: {588E8D26-5D60-4415-952B-41C638678A14} - System32\Tasks\{B45B9362-6B51-438B-B239-682E2CF5B96F} => D:\DSSerie\dsserie.exe [1997-03-25] ()
Task: {5BE9F9F5-7417-460E-85F6-DEC8EAE92A0D} - System32\Tasks\{C2910B02-F2A5-414D-A3A4-2111A6F08EE6} => Firefox.exe 
Task: {6625770B-4656-49E9-A425-72C0A17F4659} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv => C:\Windows\TEMP\{63440F8E-C870-463A-A1DF-676EF5002FFB}.exe
Task: {6C73B7F0-8187-422E-8255-9736C5A668A2} - System32\Tasks\{99541A62-DA7A-44A9-B386-00FE02AE3E55} => I:\Spyware Doctor\pctsGui.exe
Task: {6CF15620-80A6-4F55-A524-690F166E8A71} - \DealPly No Task File <==== ATTENTION
Task: {6ECD09E0-C659-4A0B-9327-D21FBCEECEEE} - System32\Tasks\{9CDD439D-342A-44A1-AB0D-CC9324D11B99} => I:\DSSerie\dsserie.exe
Task: {72312C09-E22E-4A85-BB14-980D51C62B67} - System32\Tasks\{3588CF46-859C-48D4-8088-08A2B091019F} => C:\Program Files\InterRisk\WinRiskXA\smart\client\bin\BWCLRHost.exe [2012-04-18] ()
Task: {7266EA21-7AFE-4A8B-8104-68B84AEEACFE} - System32\Tasks\{197B1E0C-695F-4703-B97D-DA41536C115F} => C:\Program Files\InterRisk\WinRiskXA\smart\client\bin\BWCLRHost.exe [2012-04-18] ()
Task: {730EA101-9892-4183-A928-C0E15DEDEFB6} - System32\Tasks\{9B9465C7-A869-411C-AFCF-B99246E6FF69} => C:\Program Files\DSSerie\dsserie.exe [1997-03-25] ()
Task: {735864F7-13E7-4877-8034-7C2386940BA6} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-06-09] (Sun Microsystems, Inc.)
Task: {74576F9F-B2EE-4CA9-BB48-DB7B7DCF3486} - \BonanzaDealsUpdate No Task File <==== ATTENTION
Task: {7B67C700-2E5A-4DB9-9C5E-DE374A1890EE} - System32\Tasks\RegClean Pro => C:\Program Files\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: {7D16DB16-3B77-4178-912A-C1A892D87D71} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-621612078-4285812529-1901443770-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2012-03-30] (RealNetworks, Inc.)
Task: {7F3EC170-A101-49EF-8AA0-C847CBB8DB23} - System32\Tasks\{BAF9F733-2580-4E30-B41A-340029DC64F9} => I:\Spyware Doctor\pctsGui.exe
Task: {8B08311F-DF34-49F2-86F4-797A31A6D6EA} - System32\Tasks\{2F754E03-990D-4018-B099-5217F8C71379} => C:\Program Files\DSSerie\dsserie.exe [1997-03-25] ()
Task: {8C6546B7-0529-4300-A91B-1B8D60F34ECF} - System32\Tasks\{36B38E53-875A-4808-9B2E-712FB0796629} => I:\Spyware Doctor\pctsGui.exe
Task: {9810DC5A-F99A-4DBE-85FC-1D01873BA76B} - System32\Tasks\PC Rambazamba => C:\Program Files\Langmeier Software\PC Rambazamba\pcrambazamba.exe
Task: {9F3F9974-E84B-42C4-9422-90F0E6B5830F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-04-22] (Google Inc.)
Task: {A43AACA6-58BB-42F0-8DBC-7AEC876AFB5A} - System32\Tasks\{4C6C508D-B120-4FB3-B651-182D1D535E9A} => I:\DSSerie\dsserie.exe
Task: {A58394ED-8F35-448C-BDC2-5B6DB2B8527A} - System32\Tasks\DigitalSite => C:\Users\FINANZ~1\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {A5BE4CAB-9872-4A2E-9EB9-84E1D42FB3E6} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-26] (AVAST Software)
Task: {A8D9BB84-1BEF-47BB-BC27-D25171B17918} - System32\Tasks\ScanSoft Background Update => C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25] (Nuance Communications, Inc.)
Task: {AF9F2BA8-2326-4848-B49B-DC93993C915D} - System32\Tasks\{3980DFED-3A7E-4149-B775-03540974752F} => E:\SETUP.EXE
Task: {B2D2035F-59B8-4E7E-A9DD-012C180DF30E} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-621612078-4285812529-1901443770-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2012-03-30] (RealNetworks, Inc.)
Task: {B3D0AADD-5400-49CD-96A0-FB8B4DF90600} - System32\Tasks\{6BDC786D-1991-4FE9-808C-780E4099BABF} => I:\Spyware Doctor\pctsGui.exe
Task: {BEA136EB-6487-443F-A9A9-56AE9E224BB5} - System32\Tasks\{76421555-1C91-4D67-86BC-4F6BDDB168FD} => I:\Spyware Doctor\pctsGui.exe
Task: {C0E466E1-D2C5-4A04-8308-E934D81313E3} - System32\Tasks\{ED8F9645-048D-4C99-885B-794912BD16EF} => C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
Task: {CD3DC63A-D68D-43DE-9A78-B7F1EA8AFC43} - System32\Tasks\{450197FF-AB1B-4D6E-83E8-83CD212CC348} => C:\Program Files\DSSerie\dsserie.exe [1997-03-25] ()
Task: {D1D34904-C141-4D10-98C6-97D5E3031B99} - System32\Tasks\{B01B5A3A-089D-4CB2-81F1-2240D8578885} => D:\DSSerie\dsserie.exe [1997-03-25] ()
Task: {DA766055-4431-4AAA-939C-F573082C4055} - System32\Tasks\{A67DB163-030A-4622-A776-914B79FA449B} => Firefox.exe 
Task: {DA862898-F9D7-4B03-82A2-0F791177853E} - System32\Tasks\{B2AF73F5-4F9D-4775-9886-9CBD816C900C} => I:\DSSerie\dsserie.exe
Task: {DB8D2DB8-1BE5-4FE3-898F-D4C1EE6943C8} - System32\Tasks\{7065390D-E143-4436-906B-19AE6C35ED8B} => Firefox.exe 
Task: {DCEE809D-222D-41EA-8332-DA4CEB6D4272} - System32\Tasks\{31D8469A-9E24-4AC4-AF98-0545F39326B8} => D:\DSSerie\dsserie.exe [1997-03-25] ()
Task: {DD85EBC3-36A5-43BB-AEEF-EFC645F9AF0F} - System32\Tasks\{9837FEA4-6D37-4B27-99FC-3F53C5453241} => C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
Task: {E12C3928-B99C-4578-831B-74DCF0BE5AB5} - System32\Tasks\{B540221E-306B-476F-A1A7-A068CF1BDC0B} => C:\Program Files\DSSerie\dsserie.exe [1997-03-25] ()
Task: {E25B105E-D764-4901-9FF5-5905A4296080} - System32\Tasks\{DDBC9066-C82C-4C51-A6C5-FCB56B49A44B} => C:\Program Files\DSSerie\dsserie.exe [1997-03-25] ()
Task: {E2C41716-D59B-4A4D-9D92-E521E5D5D1A1} - System32\Tasks\FoxTab => C:\Users\FINANZ~1\AppData\Roaming\FoxTab\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {E4B39D63-8A78-47F4-AFE2-2BA22417B981} - System32\Tasks\{5E7ECBC0-60CC-408D-B69A-F89E981F8F64} => C:\Program Files\DSSerie\dsserie.exe [1997-03-25] ()
Task: {E55ECDCF-292E-44B2-8BC8-B6A67B718E2F} - System32\Tasks\MetaCrawler => C:\Users\FINANZ~1\AppData\Roaming\METACR~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {E875D61F-9C25-411D-AE85-32C785D929B4} - System32\Tasks\{AF35A6D5-0114-4101-96AC-964570DC74FA} => I:\DSSerie\dsserie.exe
Task: {ED11792D-C540-4A05-91B9-3911C2E653C3} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {F2419A4A-5DFF-4B2F-ABBC-D8A650BBA983} - System32\Tasks\{C9E4188B-4BB9-438F-8889-52E5AC91256D} => C:\Program Files\DSSerie\dsserie.exe [1997-03-25] ()
Task: {F44AB8E9-1062-4989-BE99-B6FB48595D92} - System32\Tasks\{7EB6637D-0D11-4525-A75A-4FE7C2A4CEAC} => C:\Program Files\DSSerie\dsserie.exe [1997-03-25] ()
Task: {F50286C8-ACF1-410D-A1C1-EF2E93CB0D74} - System32\Tasks\{A49472EE-CC08-4303-B54A-F62188F94035} => E:\SETUP.EXE
Task: {FB1D98B5-39CD-49F2-B3B9-0BF07116247D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: {FDB43303-9256-4792-A291-AD2461FA3BE6} - System32\Tasks\{1E36460E-3A82-4F40-B526-88640947F902} => D:\DSSerie\dsserie.exe [1997-03-25] ()
Task: {FE97F45C-5C44-498D-9A79-597303A2907B} - System32\Tasks\{3C76FFC4-5CB0-445B-B169-4DD8FA23E725} => E:\SETUP.EXE
Task: {FEE34C63-CFC5-4FBF-AA88-5DBE0F5D6CB3} - System32\Tasks\0 => Iexplore.exe 

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{63440F8E-C870-463A-A1DF-676EF5002FFB}.exe
Task: C:\Windows\Tasks\DigitalSite.job => C:\Users\FINANZ~1\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE
Task: C:\Windows\Tasks\FoxTab.job => C:\Users\FINANZ~1\AppData\Roaming\FoxTab\UPDATE~1\UPDATE~1.EXE
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\MetaCrawler.job => C:\Users\FINANZ~1\AppData\Roaming\METACR~1\UPDATE~1\UPDATE~1.EXE

==================== Loaded Modules (whitelisted) =============

2014-07-26 18:24 - 2014-07-26 18:24 - 00301152 ____C () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-07-28 19:15 - 2014-07-28 19:15 - 02795008 ____C () C:\Program Files\AVAST Software\Avast\defs\14072802\algo.dll
2014-07-29 11:29 - 2014-07-29 11:29 - 02795008 ____C () C:\Program Files\AVAST Software\Avast\defs\14072900\algo.dll
2010-01-18 12:31 - 2001-10-28 17:42 - 00116224 _____ () C:\Windows\System32\pdfcmnnt.dll
2014-05-12 11:49 - 2014-05-12 11:49 - 00260608 _____ () C:\Program Files\Notepad++\NppShell_06.dll
2010-01-06 13:35 - 2009-02-27 17:38 - 00139264 ____R () C:\Program Files\Brother\BrUtilities\BrLogAPI.dll
2014-07-26 18:24 - 2014-07-26 18:24 - 19329904 ____C () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-07-29 08:29 - 2014-07-29 08:29 - 00043008 _____ () c:\Users\Finanzdienstleistung\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp5bepvz.dll
2013-10-19 01:55 - 2013-10-19 01:55 - 25100288 _____ () C:\Users\Finanzdienstleistung\AppData\Roaming\Dropbox\bin\libcef.dll
2014-07-29 08:28 - 2014-07-29 08:28 - 00098816 _____ () C:\Users\Finanzdienstleistung\AppData\Local\Temp\_MEI25242\win32api.pyd
2014-07-29 08:28 - 2014-07-29 08:28 - 00110080 _____ () C:\Users\Finanzdienstleistung\AppData\Local\Temp\_MEI25242\pywintypes27.dll
2014-07-29 08:28 - 2014-07-29 08:28 - 00364544 _____ () C:\Users\Finanzdienstleistung\AppData\Local\Temp\_MEI25242\pythoncom27.dll
2014-07-29 08:28 - 2014-07-29 08:28 - 00045568 _____ () C:\Users\Finanzdienstleistung\AppData\Local\Temp\_MEI25242\_socket.pyd
2014-07-29 08:28 - 2014-07-29 08:28 - 01159168 _____ () C:\Users\Finanzdienstleistung\AppData\Local\Temp\_MEI25242\_ssl.pyd
2014-07-29 08:28 - 2014-07-29 08:28 - 00320512 _____ () C:\Users\Finanzdienstleistung\AppData\Local\Temp\_MEI25242\win32com.shell.shell.pyd
2014-07-29 08:28 - 2014-07-29 08:28 - 00712704 _____ () C:\Users\Finanzdienstleistung\AppData\Local\Temp\_MEI25242\_hashlib.pyd
2014-07-29 08:28 - 2014-07-29 08:28 - 01175040 _____ () C:\Users\Finanzdienstleistung\AppData\Local\Temp\_MEI25242\wx._core_.pyd
2014-07-29 08:28 - 2014-07-29 08:28 - 00805888 _____ () C:\Users\Finanzdienstleistung\AppData\Local\Temp\_MEI25242\wx._gdi_.pyd
2014-07-29 08:28 - 2014-07-29 08:28 - 00811008 _____ () C:\Users\Finanzdienstleistung\AppData\Local\Temp\_MEI25242\wx._windows_.pyd
2014-07-29 08:28 - 2014-07-29 08:28 - 01062400 _____ () C:\Users\Finanzdienstleistung\AppData\Local\Temp\_MEI25242\wx._controls_.pyd
2014-07-29 08:28 - 2014-07-29 08:28 - 00735232 _____ () C:\Users\Finanzdienstleistung\AppData\Local\Temp\_MEI25242\wx._misc_.pyd
2014-07-29 08:28 - 2014-07-29 08:28 - 00128512 _____ () C:\Users\Finanzdienstleistung\AppData\Local\Temp\_MEI25242\_elementtree.pyd
2014-07-29 08:28 - 2014-07-29 08:28 - 00127488 _____ () C:\Users\Finanzdienstleistung\AppData\Local\Temp\_MEI25242\pyexpat.pyd
2014-07-29 08:28 - 2014-07-29 08:28 - 00557056 _____ () C:\Users\Finanzdienstleistung\AppData\Local\Temp\_MEI25242\pysqlite2._sqlite.pyd
2014-07-29 08:28 - 2014-07-29 08:28 - 00087552 _____ () C:\Users\Finanzdienstleistung\AppData\Local\Temp\_MEI25242\_ctypes.pyd
2014-07-29 08:28 - 2014-07-29 08:28 - 00119808 _____ () C:\Users\Finanzdienstleistung\AppData\Local\Temp\_MEI25242\win32file.pyd
2014-07-29 08:28 - 2014-07-29 08:28 - 00108544 _____ () C:\Users\Finanzdienstleistung\AppData\Local\Temp\_MEI25242\win32security.pyd
2014-07-29 08:28 - 2014-07-29 08:28 - 00018432 _____ () C:\Users\Finanzdienstleistung\AppData\Local\Temp\_MEI25242\win32event.pyd
2014-07-29 08:28 - 2014-07-29 08:28 - 00038912 _____ () C:\Users\Finanzdienstleistung\AppData\Local\Temp\_MEI25242\win32inet.pyd
2014-07-29 08:28 - 2014-07-29 08:28 - 00070656 _____ () C:\Users\Finanzdienstleistung\AppData\Local\Temp\_MEI25242\wx._html2.pyd
2014-07-29 08:28 - 2014-07-29 08:28 - 00167936 _____ () C:\Users\Finanzdienstleistung\AppData\Local\Temp\_MEI25242\win32gui.pyd
2014-07-29 08:28 - 2014-07-29 08:28 - 00011264 _____ () C:\Users\Finanzdienstleistung\AppData\Local\Temp\_MEI25242\win32crypt.pyd
2014-07-29 08:28 - 2014-07-29 08:28 - 00027136 _____ () C:\Users\Finanzdienstleistung\AppData\Local\Temp\_MEI25242\_multiprocessing.pyd
2014-07-29 08:28 - 2014-07-29 08:28 - 00122368 _____ () C:\Users\Finanzdienstleistung\AppData\Local\Temp\_MEI25242\wx._wizard.pyd
2014-07-29 08:28 - 2014-07-29 08:28 - 00010240 _____ () C:\Users\Finanzdienstleistung\AppData\Local\Temp\_MEI25242\select.pyd
2014-07-29 08:28 - 2014-07-29 08:28 - 00024064 _____ () C:\Users\Finanzdienstleistung\AppData\Local\Temp\_MEI25242\win32pipe.pyd
2014-07-29 08:28 - 2014-07-29 08:28 - 00686080 _____ () C:\Users\Finanzdienstleistung\AppData\Local\Temp\_MEI25242\unicodedata.pyd
2014-07-29 08:28 - 2014-07-29 08:28 - 00025600 _____ () C:\Users\Finanzdienstleistung\AppData\Local\Temp\_MEI25242\win32pdh.pyd
2014-07-29 08:28 - 2014-07-29 08:28 - 00525640 _____ () C:\Users\Finanzdienstleistung\AppData\Local\Temp\_MEI25242\windows._lib_cacheinvalidation.pyd
2014-07-29 08:28 - 2014-07-29 08:28 - 00035840 _____ () C:\Users\Finanzdienstleistung\AppData\Local\Temp\_MEI25242\win32process.pyd
2014-07-29 08:28 - 2014-07-29 08:28 - 00017408 _____ () C:\Users\Finanzdienstleistung\AppData\Local\Temp\_MEI25242\win32profile.pyd
2014-07-29 08:28 - 2014-07-29 08:28 - 00022528 _____ () C:\Users\Finanzdienstleistung\AppData\Local\Temp\_MEI25242\win32ts.pyd
2014-07-29 08:28 - 2014-07-29 08:28 - 00078336 _____ () C:\Users\Finanzdienstleistung\AppData\Local\Temp\_MEI25242\wx._animate.pyd

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\ProgramData\TEMP:430C6D84
AlternateDataStreams: C:\ProgramData\TEMP:A8ADE5D8
AlternateDataStreams: C:\ProgramData\TEMP:AD022376
AlternateDataStreams: C:\ProgramData\TEMP:DFC5A2B2

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\46574612.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdAuxService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\46574612.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sdAuxService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sdCoreService => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)



HKU\S-1-5-21-621612078-4285812529-1901443770-1000\Software\Classes\.exe:  =>  <===== ATTENTION!

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Synchronizer => "C:\Program Files\Adobe\Reader 11.0\Reader\AdobeCollabSync.exe"
MSCONFIG\startupreg: AvastUI.exe => "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
MSCONFIG\startupreg: MobileDocuments => C:\Program Files\Common Files\Apple\Internet Services\ubd.exe

==================== Faulty Device Manager Devices =============

Name: ASPI32
Description: ASPI32
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: ASPI32
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/28/2014 01:20:14 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddLegacyDriverFiles: Unable to back up image of binary nelzzmgc.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (07/28/2014 01:18:39 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddLegacyDriverFiles: Unable to back up image of binary nelzzmgc.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (07/28/2014 01:18:30 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {73bd9f5b-f010-4909-a8bf-f7df24758f98}

Error: (07/27/2014 07:33:33 PM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: Die Sicherung war nicht erfolgreich. Fehler: "Am Sicherungsspeicherort ist nicht genügend freier Speicherplatz verfügbar, um die Daten zu sichern. (0x80780048)"

Error: (07/27/2014 07:33:31 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddLegacyDriverFiles: Unable to back up image of binary nelzzmgc.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (07/27/2014 07:33:18 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddLegacyDriverFiles: Unable to back up image of binary nelzzmgc.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (07/27/2014 07:33:03 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddLegacyDriverFiles: Unable to back up image of binary nelzzmgc.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (07/27/2014 07:00:36 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddLegacyDriverFiles: Unable to back up image of binary nelzzmgc.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (07/27/2014 07:00:24 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddLegacyDriverFiles: Unable to back up image of binary nelzzmgc.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (07/26/2014 06:24:00 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddLegacyDriverFiles: Unable to back up image of binary nelzzmgc.

System Error:
Das System kann die angegebene Datei nicht finden.
.


System errors:
=============
Error: (07/29/2014 09:07:08 AM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "\Device\HarddiskVolumeShadowCopy241" den Befehl "chkdsk" aus.

Error: (07/29/2014 08:30:14 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (07/29/2014 08:30:14 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (07/29/2014 08:30:03 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (07/29/2014 08:29:45 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
TfFsMon
TFSysMon
[verify-U]_System

Error: (07/29/2014 08:29:36 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "PC Tools Security Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%3

Error: (07/29/2014 08:29:36 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "PC Tools Auxiliary Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%3

Error: (07/29/2014 08:29:25 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NÜRNBERGER AutoUpdater" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (07/29/2014 08:29:25 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst NÜRNBERGER AutoUpdater erreicht.

Error: (07/29/2014 08:28:53 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "BTAVB_KomDienst_Vers_Btnet_1402" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053


Microsoft Office Sessions:
=========================
Error: (02/18/2014 07:25:47 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6690.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 7 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (11/21/2013 04:59:36 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 17 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (06/10/2013 08:26:39 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 23965 seconds with 60 seconds of active time.  This session ended with a crash.

Error: (05/17/2013 02:26:25 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 18 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (05/15/2013 09:59:40 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 6 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (03/21/2013 03:02:44 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 6 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (02/15/2013 00:02:20 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 7 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (10/30/2012 01:48:01 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6662.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 6 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (09/01/2010 05:48:52 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 58 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (01/06/2010 01:42:44 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 2436 seconds with 1440 seconds of active time.  This session ended with a crash.


==================== Memory info =========================== 

Percentage of memory in use: 51%
Total physical RAM: 2039.3 MB
Available physical RAM: 995.47 MB
Total Pagefile: 4078.61 MB
Available Pagefile: 2385.52 MB
Total Virtual: 2047.88 MB
Available Virtual: 1884.27 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:50 GB) (Free:2.3 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:415.75 GB) (Free:9.01 GB) NTFS
Drive f: () (Fixed) (Total:20 GB) (Free:13.16 GB) NTFS
Drive g: () (Fixed) (Total:50 GB) (Free:7.44 GB) NTFS
Drive h: () (Fixed) (Total:50 GB) (Free:37.09 GB) NTFS
Drive i: () (Fixed) (Total:112.88 GB) (Free:86.98 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 233 GB) (Disk ID: A647F507)
Partition 1: (Active) - (Size=20 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=213 GB) - (Type=OF Extended)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 1BF11BF1)
Partition 1: (Active) - (Size=50 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=416 GB) - (Type=OF Extended)

==================== End Of Log ============================
         

Alt 30.07.2014, 11:50   #12
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 7 - Malware gefunden - regsrv32 - Fehlermeldung bei Systemboot - Standard

Windows 7 - Malware gefunden - regsrv32 - Fehlermeldung bei Systemboot



hi,

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 01.08.2014, 17:46   #13
Trigant
 
Windows 7 - Malware gefunden - regsrv32 - Fehlermeldung bei Systemboot - Standard

Windows 7 - Malware gefunden - regsrv32 - Fehlermeldung bei Systemboot



combofix.txt
Code:
ATTFilter
ComboFix 14-07-31.02 - Finanzdienstleistung 01.08.2014  18:09:52.1.2 - x86
Microsoft Windows 7 Ultimate   6.1.7600.0.1252.49.1031.18.2039.865 [GMT 2:00]
ausgeführt von:: c:\users\Finanzdienstleistung\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
FW: avast! Antivirus *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Finanzdienstleistung\4.0
c:\users\Finanzdienstleistung\AppData\Local\assembly\tmp
c:\users\Finanzdienstleistung\AppData\Roaming\.#
c:\users\Finanzdienstleistung\AppData\Roaming\337
c:\users\Finanzdienstleistung\AppData\Roaming\337\337 Wallpaper\ebase.dll
c:\users\Finanzdienstleistung\AppData\Roaming\337\337 Wallpaper\image\default\app_close.png
c:\users\Finanzdienstleistung\AppData\Roaming\337\337 Wallpaper\image\default\app_max.png
c:\users\Finanzdienstleistung\AppData\Roaming\337\337 Wallpaper\image\default\app_min.png
c:\users\Finanzdienstleistung\AppData\Roaming\337\337 Wallpaper\image\default\app_restore.png
c:\users\Finanzdienstleistung\AppData\Roaming\337\337 Wallpaper\image\default\wallpaper_resource.xml
c:\users\Finanzdienstleistung\AppData\Roaming\337\337 Wallpaper\image\default\window.png
c:\users\Finanzdienstleistung\AppData\Roaming\337\337 Wallpaper\language\en_us\wallpaper_lang.ini
c:\users\Finanzdienstleistung\AppData\Roaming\337\337 Wallpaper\language\es_es\wallpaper_lang.ini
c:\users\Finanzdienstleistung\AppData\Roaming\337\337 Wallpaper\language\pt_br\wallpaper_lang.ini
c:\users\Finanzdienstleistung\AppData\Roaming\337\337 Wallpaper\language\tr_tr\wallpaper_lang.ini
c:\users\Finanzdienstleistung\AppData\Roaming\337\337 Wallpaper\language\zh_tw\wallpaper_lang.ini
c:\users\Finanzdienstleistung\AppData\Roaming\337\337 Wallpaper\layout\default\dp_appwnd.xml
c:\users\Finanzdienstleistung\AppData\Roaming\337\337 Wallpaper\layout\default\msgbox.xml
c:\users\Finanzdienstleistung\AppData\Roaming\337\337 Wallpaper\libpng.dll
c:\users\Finanzdienstleistung\AppData\Roaming\337\337 Wallpaper\main
c:\users\Finanzdienstleistung\AppData\Roaming\337\337 Wallpaper\msvcp100.dll
c:\users\Finanzdienstleistung\AppData\Roaming\337\337 Wallpaper\msvcr100.dll
c:\users\Finanzdienstleistung\AppData\Roaming\337\337 Wallpaper\ouilibnl.dll
c:\users\Finanzdienstleistung\AppData\Roaming\337\337 Wallpaper\plusapp.exe
c:\users\Finanzdienstleistung\AppData\Roaming\337\337 Wallpaper\style\wallpaper_style.xml
c:\users\Finanzdienstleistung\AppData\Roaming\337\337 Wallpaper\TrayDownloader.exe
c:\users\Finanzdienstleistung\AppData\Roaming\Adobe\plugs
c:\users\Finanzdienstleistung\AppData\Roaming\Adobe\shed
c:\users\Finanzdienstleistung\AppData\Roaming\Microsoft\Windows\Recent\AXA, EL-Bonus.pdf.url
c:\users\Finanzdienstleistung\AppData\Roaming\Microsoft\Windows\Recent\Gute Gruende uns zu waehlen.pdf.url
c:\users\Finanzdienstleistung\AppData\Roaming\Regres
c:\users\Finanzdienstleistung\AppData\Roaming\Regres\wintab.exe
c:\users\Finanzdienstleistung\Documents\~WRL0003.tmp
c:\users\Finanzdienstleistung\infinst.exe
c:\users\Public\AlexaNSISPlugin.4228.dll
c:\windows\Installer\{366D38BF-E12D-48FB-9F01-EEF3E7DCADEF}\BT.Setup.Updater.T_CD8CBA3468C240F981B372C3EA3FF361.exe
c:\windows\IsUn0407.exe
c:\windows\system32\AF15BDAEX.dll
c:\windows\TEMP\jna5677241050741795506.dll
c:\windows\XSxS
D:\install.exe
H:\resycled
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-07-01 bis 2014-08-01  ))))))))))))))))))))))))))))))
.
.
2014-08-01 10:53 . 2014-08-01 10:53	62576	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{29706143-15B6-4DF7-9027-E6D7E536849B}\offreg.dll
2014-08-01 10:14 . 2014-07-02 03:11	8217224	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{29706143-15B6-4DF7-9027-E6D7E536849B}\mpengine.dll
2014-07-27 23:20 . 2014-07-27 23:19	26136	----a-w-	c:\windows\system32\drivers\aswKbd.sys
2014-07-27 23:19 . 2014-07-27 23:19	270752	----a-w-	c:\windows\system32\drivers\aswNdisFlt.sys
2014-07-27 06:18 . 2014-07-27 06:18	--------	d-----w-	c:\users\Gast\AppData\Roaming\AVAST Software
2014-07-26 17:08 . 2014-07-29 15:13	--------	dc----w-	C:\FRST
2014-07-26 16:31 . 2014-07-26 16:31	--------	d-----w-	c:\programdata\MAGIX
2014-07-26 16:25 . 2014-07-26 16:25	--------	d-----w-	c:\users\Finanzdienstleistung\AppData\Roaming\AVAST Software
2014-07-26 16:24 . 2014-07-26 16:24	71944	----a-w-	c:\windows\system32\drivers\aswStm.sys
2014-07-26 16:24 . 2014-07-26 16:24	192352	----a-w-	c:\windows\system32\drivers\aswVmm.sys
2014-07-26 16:24 . 2014-07-26 16:25	414520	----a-w-	c:\windows\system32\drivers\aswsp.sys
2014-07-26 16:24 . 2014-07-26 16:24	779536	----a-w-	c:\windows\system32\drivers\aswSnx.sys
2014-07-26 16:24 . 2014-07-26 16:24	67824	----a-w-	c:\windows\system32\drivers\aswMonFlt.sys
2014-07-26 16:24 . 2014-07-26 16:24	49944	----a-w-	c:\windows\system32\drivers\aswRvrt.sys
2014-07-26 16:24 . 2014-07-26 16:24	81768	----a-w-	c:\windows\system32\drivers\aswRdr2.sys
2014-07-26 16:24 . 2014-07-26 16:24	24184	----a-w-	c:\windows\system32\drivers\aswHwid.sys
2014-07-26 16:24 . 2014-07-26 16:24	276432	----a-w-	c:\windows\system32\aswBoot.exe
2014-07-26 16:24 . 2014-07-26 16:24	43152	----a-w-	c:\windows\avastSS.scr
2014-07-26 16:24 . 2014-07-26 16:24	--------	dc----w-	c:\program files\AVAST Software
2014-07-26 16:22 . 2014-07-26 16:24	--------	d-----w-	c:\programdata\AVAST Software
2014-07-24 00:11 . 2014-07-24 16:44	--------	d-----w-	c:\programdata\ItogiVhovu
2014-07-24 00:10 . 2014-07-24 21:18	--------	d-----w-	c:\programdata\OvmaTmed
2014-07-23 23:18 . 2014-07-30 20:03	822384	----a-w-	c:\program files\Mozilla Firefox\icuuc52.dll
2014-07-23 23:18 . 2014-07-30 20:03	10594416	----a-w-	c:\program files\Mozilla Firefox\icudt52.dll
2014-07-23 23:18 . 2014-07-30 20:03	1022576	----a-w-	c:\program files\Mozilla Firefox\icuin52.dll
2014-07-23 10:40 . 2014-07-23 10:40	--------	d-----w-	c:\users\Finanzdienstleistung\AppData\Roaming\DesktopIconGoodgame
2014-07-21 15:07 . 2014-07-21 15:07	--------	d-----w-	c:\programdata\firebird
2014-07-21 15:06 . 2014-07-21 15:06	--------	d-----w-	c:\users\Finanzdienstleistung\AppData\Roaming\NUERNBERGER
2014-07-21 15:05 . 2014-07-21 15:05	--------	d-----w-	c:\users\Finanzdienstleistung\AppData\Local\Nuernberger_Versicherungs
2014-07-21 13:28 . 2014-07-24 14:12	--------	dc----w-	c:\program files\NÜRNBERGER AutoUpdater
2014-07-21 13:16 . 2014-07-21 13:16	--------	d-----w-	c:\users\Finanzdienstleistung\AppData\Roaming\Keseling
2014-07-21 09:27 . 2014-07-21 09:30	--------	d-----w-	c:\windows\Downloaded Installations
2014-07-21 00:22 . 2014-07-23 19:33	--------	d-----w-	c:\programdata\OkhoHamu
2014-07-19 21:00 . 2014-07-21 07:39	--------	d-----w-	c:\programdata\OyhiRalow
2014-07-19 21:00 . 2014-07-21 08:27	--------	d-----w-	c:\programdata\IvqeKjaqu
2014-07-11 01:06 . 2014-07-11 01:06	--------	d-s---w-	c:\windows\system32\CompatTel
2014-07-10 07:40 . 2014-07-01 01:38	402944	----a-w-	c:\windows\system32\aepdu.dll
2014-07-10 07:40 . 2014-07-01 01:35	303104	----a-w-	c:\windows\system32\aeinv.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-07-09 10:36 . 2012-04-12 21:28	699056	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2014-07-09 10:36 . 2011-09-24 20:43	71344	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2008-06-19 09:16 . 2014-02-17 16:21	118784	----a-w-	c:\program files\mozilla firefox\plugins\MyCamera.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-07-26 16:24	578240	-c--a-w-	c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04	131480	----a-w-	c:\users\Finanzdienstleistung\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04	131480	----a-w-	c:\users\Finanzdienstleistung\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04	131480	----a-w-	c:\users\Finanzdienstleistung\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2014-04-03 19:32	579400	----a-w-	c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2014-04-03 19:32	579400	----a-w-	c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2014-04-03 19:32	579400	----a-w-	c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2014-04-03 19:32	579400	----a-w-	c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2014-04-03 19:32	579400	----a-w-	c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GoogleDriveSync"="c:\program files\Google\Drive\googledrivesync.exe" [2014-04-03 22414424]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ControlCenter3"="c:\program files\Brother\ControlCenter3\brctrcen.exe" [2008-12-24 114688]
"BrMfcWnd"="c:\program files\Brother\Brmfcmon\BrMfcWnd.exe" [2009-05-26 1159168]
"BTnetPortComm"="c:\program files\NuernbergerBT\BT.Net_Listener.exe" [2014-03-24 977536]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-07-31 4085896]
.
c:\users\Finanzdienstleistung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
auto.bat [2014-4-13 23]
Dropbox.lnk - c:\users\Finanzdienstleistung\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-7-21 35464216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoWelcomeScreen"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdAuxService]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdCoreService]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
backupExtension=.CommonStartup
backup=c:\windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2013-11-21 16:57	959904	----a-w-	c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Synchronizer]
2014-05-08 13:48	746376	-c--a-w-	c:\program files\Adobe\Reader 11.0\Reader\AdobeCollabSync.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AvastUI.exe]
2014-07-31 11:20	4085896	-c--a-w-	c:\program files\AVAST Software\Avast\avastui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MobileDocuments]
2012-02-23 10:30	59240	----a-w-	c:\program files\Common Files\Apple\Internet Services\ubd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
"PPort11reminder"="c:\program files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "c:\programdata\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini"
"ISA Service Extensions"="javaw" -Xmx30m -jar "c:\program files\HanseMerkur\ServiceExtensions\ServiceExtensions.jar"
"IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe"
"PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe"
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe"
.
R0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys [x]
R0 TFSysMon;TFSysMon;c:\windows\system32\drivers\TfSysMon.sys [x]
R2 sdAuxService;PC Tools Auxiliary Service; [x]
R3 pctplsg;pctplsg;c:\windows\System32\drivers\pctplsg.sys [2012-01-11 70536]
R3 TfNetMon;TfNetMon;c:\windows\system32\drivers\TfNetMon.sys [x]
R4 WinRiskXASmClServiceHandler;InterRisk WinRisk Smart-Client Dienststeuerung;c:\program files\InterRisk\WinRiskXA\smart\client\bin\BWServiceHandler.exe [2009-12-10 90112]
S0 aswNdisFlt;Avast! Firewall Driver;c:\windows\system32\DRIVERS\aswNdisFlt.sys [2014-07-27 270752]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2011-11-14 331880]
S0 pctDS;PC Tools Data Store;c:\windows\system32\drivers\pctDS.sys [2011-12-01 342168]
S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [2014-07-27 26136]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2014-07-26 779536]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2014-07-26 414520]
S1 pctgntdi;pctgntdi;c:\windows\System32\drivers\pctgntdi.sys [2012-01-11 253352]
S1 PCTSD;PC Tools Spyware Doctor Driver;c:\windows\system32\Drivers\PCTSD.sys [2012-01-11 185560]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2014-07-26 24184]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2014-07-26 67824]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys [2014-07-26 71944]
S2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe [2014-07-27 106488]
S2 BTAVB_KomDienst_Vers_Btnet_1402;BTAVB_KomDienst_Vers_Btnet_1402;i:\btnet_0214\AVB_Steuerung\BTAVB_KomDienst.exe [2013-04-03 17920]
S2 NbgAutoUpdater;NÜRNBERGER AutoUpdater;c:\program files\NÜRNBERGER AutoUpdater\BT.Setup.InstallationsDienst.exe [2013-12-05 23120]
S2 TeamViewer9;TeamViewer 9;c:\program files\TeamViewer\Version9\TeamViewer_Service.exe [2014-04-25 5024576]
S2 WinRiskXASmClSoftwareUpdate;InterRisk WinRisk Smart-Client Softwareaktualisierung;c:\program files\InterRisk\WinRiskXA\smart\client\bin\BWUpdater.exe [2012-04-18 24576]
S3 AVMCOWAN;AVM ISDN CoNDIS WAN CAPI Driver;c:\windows\system32\DRIVERS\AVMCOWAN.sys [2009-07-13 64000]
S3 BrSerIb;Brother Serial Interface Driver(WDM);c:\windows\system32\DRIVERS\BrSerIb.sys [2012-12-04 78960]
S3 BrUsbSIb;Brother Serial USB Driver(WDM);c:\windows\system32\DRIVERS\BrUsbSIb.sys [2012-12-04 18800]
S3 FPCIBASE;AVM FRITZ!Card PCI;c:\windows\system32\DRIVERS\fpcibase.sys [2009-07-13 559104]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2010-03-22 278560]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-10-26 13:33	1185744	----a-w-	c:\program files\Google\Chrome\Application\30.0.1599.101\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-08-01 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-12 10:36]
.
2014-06-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-22 21:12]
.
2014-06-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-22 21:12]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.search.ask.com/?o=APN10645A&gct=hp&d=406-0&v=n11099-240&t=4
uDefault_Search_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mSearch Bar = hxxp://www.google.com
uInternet Settings,ProxyOverride = <local>
uSearchAssistant = hxxp://www.google.com
uSearchURL,(Default) = hxxp://go.web.de/suchbox/webdesuche?su=%s
LSP: c:\program files\Common Files\PC Tools\Lsp\PCTLsp.dll
Trusted Zone: web.de
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Finanzdienstleistung\AppData\Roaming\Mozilla\Firefox\Profiles\fd4ejuoy.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - user.js: security.csp.enable - false
FF - user.js: extensions.delta.tlbrSrchUrl - 
FF - user.js: extensions.delta.id - 1063ab6a00000000000000196640d147
FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
FF - user.js: extensions.delta.instlDay - 15948
FF - user.js: extensions.delta.vrsn - 1.8.24.6
FF - user.js: extensions.delta.vrsni - 1.8.24.6
FF - user.js: extensions.delta.vrsnTs - 1.8.24.622:28
FF - user.js: extensions.delta.prtnrId - delta
FF - user.js: extensions.delta.prdct - delta
FF - user.js: extensions.delta.aflt - babsst
FF - user.js: extensions.delta.smplGrp - none
FF - user.js: extensions.delta.tlbrId - base
FF - user.js: extensions.delta.instlRef - sst
FF - user.js: extensions.delta.dfltLng - de
FF - user.js: extensions.delta.excTlbr - false
FF - user.js: extensions.delta.ffxUnstlRst - true
FF - user.js: extensions.delta.admin - false
FF - user.js: extensions.delta_i.babTrack - affID=123884&tt=280813_ctrl2&tsp=4991
FF - user.js: extensions.delta_i.babExt - 
FF - user.js: extensions.delta_i.srcExt - ss
FF - user.js: extensions.delta.autoRvrt - false
FF - user.js: extensions.delta.rvrt - false
FF - user.js: extensions.delta.newTab - false
FF - user.js: extentions.webcake.installId - 69b03aca-20c0-40ca-a44b-814fc830bd7d
FF - user.js: extentions.webcake.defaultEnableAppsList - layers/inline,layers/shopping,layers/banner,layers/search,newOffers/wc
FF - user.js: extensions.iminent.id - 1063ab6a00000000000000196640d147
FF - user.js: extensions.iminent.appId - {0E4B2CAB-B859-4C57-B96E-63DDEC692BC4}
FF - user.js: extensions.iminent.instlDay - 16051
FF - user.js: extensions.iminent.vrsn - 1.8.28.3
FF - user.js: extensions.iminent.vrsni - 1.8.28.3
FF - user.js: extensions.iminent.vrsnTs - 1.8.28.30:43
FF - user.js: extensions.iminent.prtnrId - iminent
FF - user.js: extensions.iminent.prdct - iminent
FF - user.js: extensions.iminent.aflt - orgnl
FF - user.js: extensions.iminent.smplGrp - none
FF - user.js: extensions.iminent.tlbrId - YBCPCSTIPO
FF - user.js: extensions.iminent.instlRef - 
FF - user.js: extensions.iminent.dfltLng - 
FF - user.js: extensions.iminent.excTlbr - false
FF - user.js: extensions.iminent.ffxUnstlRst - false
FF - user.js: extensions.iminent.admin - false
FF - user.js: extensions.iminent.autoRvrt - false
FF - user.js: extensions.iminent.rvrt - false
FF - user.js: extensions.iminent.newTab - false
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{b81767e1-672d-4da1-b5cc-d277185815a6} - (no file)
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
Toolbar-{b81767e1-672d-4da1-b5cc-d277185815a6} - (no file)
Toolbar-10 - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{B81767E1-672D-4DA1-B5CC-D277185815A6} - (no file)
WebBrowser-{64EAD72B-FFD4-4E01-AA3A-4C71665D73E4} - (no file)
HKCU-Run-IvqeKjaqu - (no file)
HKCU-Run-OyhiRalow - (no file)
HKCU-Run-OvmaTmed - (no file)
HKCU-Run-ItogiVhovu - (no file)
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\NÜRNBERGER AutoUpdater.lnk - c:\windows\Installer\{366D38BF-E12D-48FB-9F01-EEF3E7DCADEF}\BT.Setup.Updater.T_CD8CBA3468C240F981B372C3EA3FF361.exe
SafeBoot-46574612.sys
.
.
"ImagePath"="system32\drivers\
[verify-U]-driver.sys"
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\services\[verify-U]_System]
"ImagePath"="system32\drivers\
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{47833539-D0C5-4125-9FA8-0819E2EAAC93}"=hex:51,66,7a,6c,4c,1d,38,12,57,36,90,
   43,f7,9e,4b,04,e0,be,4b,59,e7,b4,e8,87
"{8E5E2654-AD2D-48BF-AC2D-D17F00898D06}"=hex:51,66,7a,6c,4c,1d,38,12,3a,25,4d,
   8a,1f,e3,d1,0d,d3,3b,92,3f,05,d7,c9,12
"{472734EA-242A-422B-ADF8-83D1E48CC825}"=hex:51,66,7a,6c,4c,1d,38,12,84,37,34,
   43,18,6a,45,07,d2,ee,c0,91,e1,d2,8c,31
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=hex:51,66,7a,6c,4c,1d,38,12,11,7f,11,
   d0,78,5b,08,05,de,bb,01,03,dd,4c,30,54
"{95B7759C-8C7F-4BF1-B163-73684A933233}"=hex:51,66,7a,6c,4c,1d,38,12,f2,76,a4,
   91,4d,c2,9f,0e,ce,75,30,28,4f,cd,76,27
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}"=hex:51,66,7a,6c,4c,1d,38,12,df,c1,0b,
   27,57,07,ba,54,e4,0e,43,d0,22,fb,89,5b
"{D7E97865-918F-41E4-9CD0-25AB1C574CE8}"=hex:51,66,7a,6c,4c,1d,38,12,0b,7b,fa,
   d3,bd,df,8a,04,e3,c6,66,eb,19,09,08,fc
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
   1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}"=hex:51,66,7a,6c,4c,1d,38,12,75,3e,1c,
   2e,3b,47,9a,0a,cd,64,23,dc,cb,3e,10,f3
"{72853161-30C5-4D22-B7F9-0BBC1D38A37E}"=hex:51,66,7a,6c,4c,1d,38,12,0f,32,96,
   76,f7,7e,4c,08,c8,ef,48,fc,18,66,e7,6a
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,
   72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57
"{AA58ED58-01DD-4D91-8333-CF10577473F7}"=hex:51,66,7a,6c,4c,1d,38,12,36,ee,4b,
   ae,ef,4f,ff,08,fc,25,8c,50,52,2a,37,e3
"{AE7CD045-E861-484F-8273-0445EE161910}"=hex:51,66,7a,6c,4c,1d,38,12,2b,d3,6f,
   aa,53,a6,21,0d,fd,65,47,05,eb,48,5d,04
"{CCB69577-088B-4004-9ED8-FF5BCC83A039}"=hex:51,66,7a,6c,4c,1d,38,12,19,96,a5,
   c8,b9,46,6a,05,e1,ce,bc,1b,c9,dd,e4,2d
"{D3D233D5-9F6D-436C-B6C7-E63F77503B30}"=hex:51,66,7a,6c,4c,1d,38,12,bb,30,c1,
   d7,5f,d1,02,06,c9,d1,a5,7f,72,0e,7f,24
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
   df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{F4971EE7-DAA0-4053-9964-665D8EE6A077}"=hex:51,66,7a,6c,4c,1d,38,12,89,1d,84,
   f0,92,94,3d,05,e6,72,25,1d,8b,b8,e4,63
"{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}"=hex:51,66,7a,6c,4c,1d,38,12,70,05,61,
   f9,ec,d1,23,0d,da,9c,48,eb,44,0f,8e,cc
"{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}"=hex:51,66,7a,6c,4c,1d,38,12,8f,19,47,
   2e,c4,15,0b,03,d7,b5,8c,e9,62,70,06,85
"{FF059E31-CC5A-4E2E-BF3B-96E929D65503}"=hex:51,66,7a,6c,4c,1d,38,12,5f,9d,16,
   fb,68,82,40,0b,c0,2d,d5,a9,2c,88,11,17
"{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,38,12,11,dd,f9,
   b9,57,8c,be,54,c3,fb,43,e0,cc,54,f1,1b
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:1e,6c,1c,53,5d,26,cd,01
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Micro Focus]
@Denied: (C D) (Everyone)
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\system32\msiexec.exe
i:\btnet_0214\Dope\Dope-Mobile\utils\java_jdk_windows-x86-32\bin\javaw.exe
c:\windows\System32\WUDFHost.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\program files\Google\Update\1.3.24.15\GoogleCrashHandler.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-08-01  18:30:04 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2014-08-01 16:30
.
Vor Suchlauf: 2.625.179.648 Bytes frei
Nach Suchlauf: 3.122.507.776 Bytes frei
.
- - End Of File - - B5B1432E90C95854944B0803F0D04D05
A36C5E4F47E84449FF07ED3517B43A31
         

Alt 02.08.2014, 20:09   #14
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 7 - Malware gefunden - regsrv32 - Fehlermeldung bei Systemboot - Standard

Windows 7 - Malware gefunden - regsrv32 - Fehlermeldung bei Systemboot



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 03.08.2014, 18:41   #15
Trigant
 
Windows 7 - Malware gefunden - regsrv32 - Fehlermeldung bei Systemboot - Standard

Windows 7 - Malware gefunden - regsrv32 - Fehlermeldung bei Systemboot



mbam.txt
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 03.08.2014
Suchlauf-Zeit: 17:05:55
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.08.03.05
Rootkit Datenbank: v2014.08.01.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 7
CPU: x86
Dateisystem: NTFS
Benutzer: Finanzdienstleistung

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 336833
Verstrichene Zeit: 12 Min, 40 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 1
PUP.Optional.WeDownLoadManager.A, HKU\S-1-5-21-621612078-4285812529-1901443770-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WeDlMngr, In Quarantäne, [013012b05c1fd165257bb21e8d75cf31], 

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 24
PUP.Optional.Delta.A, C:\Users\Finanzdienstleistung\AppData\Roaming\Mozilla\Firefox\Profiles\fd4ejuoy.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.admin", false);), Ersetzt,[56db5a68a3d8181e814a46a853b1867a]
PUP.Optional.Delta.A, C:\Users\Finanzdienstleistung\AppData\Roaming\Mozilla\Firefox\Profiles\fd4ejuoy.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.aflt", "babsst");), Ersetzt,[ae83f2d07605eb4b23a843abbf4531cf]
PUP.Optional.Delta.A, C:\Users\Finanzdienstleistung\AppData\Roaming\Mozilla\Firefox\Profiles\fd4ejuoy.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");), Ersetzt,[6bc69d2543388da9438885698b79ee12]
PUP.Optional.Delta.A, C:\Users\Finanzdienstleistung\AppData\Roaming\Mozilla\Firefox\Profiles\fd4ejuoy.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.autoRvrt", "false");), Ersetzt,[e34e4a78710a68ceb01b2cc251b37b85]
PUP.Optional.Delta.A, C:\Users\Finanzdienstleistung\AppData\Roaming\Mozilla\Firefox\Profiles\fd4ejuoy.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.dfltLng", "de");), Ersetzt,[af82388a403bbb7bccff4ca2947007f9]
PUP.Optional.Delta.A, C:\Users\Finanzdienstleistung\AppData\Roaming\Mozilla\Firefox\Profiles\fd4ejuoy.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.excTlbr", false);), Ersetzt,[e948ac1606753df92ba09f4fe4203dc3]
PUP.Optional.Delta.A, C:\Users\Finanzdienstleistung\AppData\Roaming\Mozilla\Firefox\Profiles\fd4ejuoy.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.ffxUnstlRst", true);), Ersetzt,[66cbd3ef7506290d8e3d02ecb3512cd4]
PUP.Optional.Delta.A, C:\Users\Finanzdienstleistung\AppData\Roaming\Mozilla\Firefox\Profiles\fd4ejuoy.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.id", "1063ab6a00000000000000196640d147");), Ersetzt,[9c95388ae09bf541f9d2d717e4209967]
PUP.Optional.Delta.A, C:\Users\Finanzdienstleistung\AppData\Roaming\Mozilla\Firefox\Profiles\fd4ejuoy.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.instlDay", "15948");), Ersetzt,[84adcef41e5dad899f2c5d9102021ee2]
PUP.Optional.Delta.A, C:\Users\Finanzdienstleistung\AppData\Roaming\Mozilla\Firefox\Profiles\fd4ejuoy.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.instlRef", "sst");), Ersetzt,[ca67e3df98e380b688438d61788c27d9]
PUP.Optional.Delta.A, C:\Users\Finanzdienstleistung\AppData\Roaming\Mozilla\Firefox\Profiles\fd4ejuoy.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.newTab", false);), Ersetzt,[36fba121d9a2be781ead6985719332ce]
PUP.Optional.Delta.A, C:\Users\Finanzdienstleistung\AppData\Roaming\Mozilla\Firefox\Profiles\fd4ejuoy.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.prdct", "delta");), Ersetzt,[ed44774bbac11026dfec5995f90b37c9]
PUP.Optional.Delta.A, C:\Users\Finanzdienstleistung\AppData\Roaming\Mozilla\Firefox\Profiles\fd4ejuoy.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.prtnrId", "delta");), Ersetzt,[c17059694b30280e19b22dc1fa0abe42]
PUP.Optional.Delta.A, C:\Users\Finanzdienstleistung\AppData\Roaming\Mozilla\Firefox\Profiles\fd4ejuoy.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.rvrt", "false");), Ersetzt,[6ec39b27a6d5cf6720ab16d8ad57b947]
PUP.Optional.Delta.A, C:\Users\Finanzdienstleistung\AppData\Roaming\Mozilla\Firefox\Profiles\fd4ejuoy.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.smplGrp", "none");), Ersetzt,[41f0c8fafe7d0432993219d5778dd828]
PUP.Optional.Delta.A, C:\Users\Finanzdienstleistung\AppData\Roaming\Mozilla\Firefox\Profiles\fd4ejuoy.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.tlbrId", "base");), Ersetzt,[6ac7e4defc7f67cfeeddaf3f7e8637c9]
PUP.Optional.Delta.A, C:\Users\Finanzdienstleistung\AppData\Roaming\Mozilla\Firefox\Profiles\fd4ejuoy.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.tlbrSrchUrl", "");), Ersetzt,[240d52705e1de650eedd8a64659f629e]
PUP.Optional.Delta.A, C:\Users\Finanzdienstleistung\AppData\Roaming\Mozilla\Firefox\Profiles\fd4ejuoy.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.vrsn", "1.8.24.6");), Ersetzt,[de536f53d9a29b9b58738f5fe91b6c94]
PUP.Optional.Delta.A, C:\Users\Finanzdienstleistung\AppData\Roaming\Mozilla\Firefox\Profiles\fd4ejuoy.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.vrsnTs", "1.8.24.622:28:59");), Ersetzt,[230ec3fff18a5bdb34978c62f50f60a0]
PUP.Optional.Delta.A, C:\Users\Finanzdienstleistung\AppData\Roaming\Mozilla\Firefox\Profiles\fd4ejuoy.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.vrsni", "1.8.24.6");), Ersetzt,[80b119a9097283b3fecdfbf3887c4bb5]
PUP.Optional.Delta.A, C:\Users\Finanzdienstleistung\AppData\Roaming\Mozilla\Firefox\Profiles\fd4ejuoy.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta_i.babExt", "");), Ersetzt,[b879a220a5d6c571fccfb03ed430cd33]
PUP.Optional.Delta.A, C:\Users\Finanzdienstleistung\AppData\Roaming\Mozilla\Firefox\Profiles\fd4ejuoy.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta_i.babTrack", "affID=123884&tt=280813_ctrl2&tsp=4991");), Ersetzt,[09287f4392e9cf67e2e937b7778d827e]
PUP.Optional.Delta.A, C:\Users\Finanzdienstleistung\AppData\Roaming\Mozilla\Firefox\Profiles\fd4ejuoy.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta_i.srcExt", "ss");), Ersetzt,[1c157d45b2c92d09ba1126c824e06e92]
PUP.Optional.MySearchDial, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Preferences, Gut: (), Schlecht: (      "search_url": "hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dnldstr1202&cd=2XzuyEtN2Y1L1QzutDtDtCzyyCyCyEtD0DtCyEyB0A0ByC0AtN0D0Tzu0CyBtBtAtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=1420020550&ir=",), Ersetzt,[141dcff3e4973cfa9e10c02df01435cb]

Physische Sektoren: 0
(No malicious items detected)


(end)
         
adwcleaner[S0].txt
Code:
ATTFilter
# AdwCleaner v3.302 - Bericht erstellt am 03/08/2014 um 17:51:38
# Aktualisiert 30/07/2014 von Xplode
# Betriebssystem : Windows 7 Ultimate  (32 bits)
# Benutzername : Finanzdienstleistung - KLAMM
# Gestartet von : C:\Users\Finanzdienstleistung\Desktop\adwcleaner_3.302.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Ask
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\BitGuard
Ordner Gelöscht : C:\ProgramData\Browser Manager
Ordner Gelöscht : C:\ProgramData\BrowserProtect
Ordner Gelöscht : C:\ProgramData\Systweak
Ordner Gelöscht : C:\ProgramData\Websteroids
Ordner Gelöscht : C:\ProgramData\wincert
Ordner Gelöscht : C:\ProgramData\WinMaximizer
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector
Ordner Gelöscht : C:\Program Files\Application Updater
Ordner Gelöscht : C:\Program Files\Babylon
Ordner Gelöscht : C:\Program Files\Delta
Ordner Gelöscht : C:\Program Files\Mobogenie
Ordner Gelöscht : C:\Program Files\Movies Toolbar
Ordner Gelöscht : C:\Program Files\PC Speed Maximizer
Ordner Gelöscht : C:\Program Files\Red Sky
Ordner Gelöscht : C:\Program Files\WiseConvert_2.2
Ordner Gelöscht : C:\Program Files\Common Files\337
Ordner Gelöscht : C:\Users\Finanzdienstleistung\AppData\Local\BeamriseUninstall
Ordner Gelöscht : C:\Users\Finanzdienstleistung\AppData\Local\DownTango
Ordner Gelöscht : C:\Users\Finanzdienstleistung\AppData\Local\genienext
Ordner Gelöscht : C:\Users\Finanzdienstleistung\AppData\Local\Mobogenie
Ordner Gelöscht : C:\Users\Finanzdienstleistung\AppData\Local\PackageAware
Ordner Gelöscht : C:\Users\Finanzdienstleistung\AppData\Local\torch
Ordner Gelöscht : C:\Users\Finanzdienstleistung\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\Finanzdienstleistung\AppData\LocalLow\IminentToolbar
Ordner Gelöscht : C:\Users\Finanzdienstleistung\AppData\LocalLow\Minibar
Ordner Gelöscht : C:\Users\Finanzdienstleistung\AppData\LocalLow\searchresultstb
Ordner Gelöscht : C:\Users\Finanzdienstleistung\AppData\LocalLow\SimplyTech
Ordner Gelöscht : C:\Users\Finanzdienstleistung\AppData\LocalLow\WiseConvert_2.2
Ordner Gelöscht : C:\Users\Finanzdienstleistung\AppData\Roaming\337 Wallpaper
Ordner Gelöscht : C:\Users\Finanzdienstleistung\AppData\Roaming\DesktopIconForAmazon
Ordner Gelöscht : C:\Users\Finanzdienstleistung\AppData\Roaming\digitalsite
Ordner Gelöscht : C:\Users\Finanzdienstleistung\AppData\Roaming\MetaCrawler
Ordner Gelöscht : C:\Users\Finanzdienstleistung\AppData\Roaming\OCS
Ordner Gelöscht : C:\Users\Finanzdienstleistung\AppData\Roaming\PerformerSoft
Ordner Gelöscht : C:\Users\Finanzdienstleistung\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\Finanzdienstleistung\AppData\Roaming\ValueApps
Ordner Gelöscht : C:\Users\Finanzdienstleistung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com
Ordner Gelöscht : C:\Users\Finanzdienstleistung\Documents\Mobogenie
Ordner Gelöscht : C:\Users\Finanzdienstleistung\Documents\Optimizer Pro
Ordner Gelöscht : C:\Users\Finanzdienstleistung\Documents\PC Speed Maximizer
Ordner Gelöscht : C:\Users\Gast\AppData\LocalLow\AVG Secure Search
Ordner Gelöscht : C:\Users\Gast\AppData\LocalLow\SimplyTech
Ordner Gelöscht : C:\Users\Gast\AppData\LocalLow\WiseConvert_2.2
Ordner Gelöscht : C:\Users\Gast\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\Finanzdienstleistung\AppData\Roaming\Mozilla\Firefox\Profiles\fd4ejuoy.default\Inbox Toolbar
Ordner Gelöscht : C:\Users\Finanzdienstleistung\AppData\Roaming\Mozilla\Firefox\Profiles\fd4ejuoy.default\Smartbar
Ordner Gelöscht : C:\Users\Finanzdienstleistung\AppData\Roaming\Mozilla\Firefox\Profiles\my97j314.default\Extensions\staged\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}
Ordner Gelöscht : C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\2ukqlzsq.default\Extensions\staged\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}
Ordner Gelöscht : C:\Program Files\Mozilla Firefox\Extensions\ffxtlbr@babylon.com
Ordner Gelöscht : C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\2ukqlzsq.default\Extensions\staged\ffxtlbr@mysearchdial.com
Datei Gelöscht : C:\END
Datei Gelöscht : C:\Users\Finanzdienstleistung\daemonprocess.txt
Datei Gelöscht : C:\Users\Finanzdienstleistung\Desktop\Speed Test.lnk
Datei Gelöscht : C:\Users\Gast\daemonprocess.txt
Datei Gelöscht : C:\Users\Finanzdienstleistung\AppData\Roaming\Mozilla\Firefox\Profiles\fd4ejuoy.default\invalidprefs.js
Datei Gelöscht : C:\Users\Finanzdienstleistung\AppData\Roaming\Mozilla\Firefox\Profiles\fd4ejuoy.default\searchplugins\11-suche.xml
Datei Gelöscht : C:\Users\Finanzdienstleistung\AppData\Roaming\Mozilla\Firefox\Profiles\fd4ejuoy.default\user.js
Datei Gelöscht : C:\Users\Finanzdienstleistung\AppData\Roaming\Mozilla\Firefox\Profiles\my97j314.default\user.js
Datei Gelöscht : C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\2ukqlzsq.default\user.js

***** [ Tasks ] *****

Task Gelöscht : BonanzaDealsUpdate
Task Gelöscht : Dealply
Task Gelöscht : Desk 365 RunAsStdUser
Task Gelöscht : Omiga Plus RunAsStdUser
Task Gelöscht : RegClean Pro

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\gjajpkikblccgefaibcafkfbanllpefi
Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\hempmfkijmahkaddljkmchcmjbojoedl
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\hempmfkijmahkaddljkmchcmjbojoedl
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\ieadcoanfjloocmfafkebdnfefmohngj
Schlüssel Gelöscht : HKCU\Software\Classes\Applications\lollipop.exe
Schlüssel Gelöscht : HKCU\Software\Classes\iLivid.torrent
Schlüssel Gelöscht : HKCU\Software\SIEN SA
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\*\shell\filescout
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iLivid.torrent
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protocols\handler\inbox
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\speedupmypc
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\App24x7Help_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\App24x7Help_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\appshat-distribution_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\appshat-distribution_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BabMaint_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BabMaint_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BatBrowse_Setup_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BatBrowse_Setup_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BatBrowseSetup_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BatBrowseSetup_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\biclient_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\biclient_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConfigTask_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConfigTask_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\DEALPL~1_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\DEALPL~1_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\desk365_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\desk365_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\facemoodssrv_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\facemoodssrv_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Giant Savings_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Giant Savings_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iLividMediaBar_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iLividMediaBar_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IMinentToolbar_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IMinentToolbar_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Lollipop_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Lollipop_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Mobogenie_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Mobogenie_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyDeltaTB_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyDeltaTB_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MYSEAR~1_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MYSEAR~1_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MySearchDial_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MySearchDial_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\optprostart_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\optprostart_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\pdfforgeToolbar-stub-1_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\pdfforgeToolbar-stub-1_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\plus-hd-2_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\plus-hd-2_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SearchSettings_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SearchSettings_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\speedupmypc_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\speedupmypc_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetimsetup_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetimsetup_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\systweakasp_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\systweakasp_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\updateBatBrowse_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\updateBatBrowse_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\updateBrowseSmart_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\updateBrowseSmart_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\updatewhilokii_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\updatewhilokii_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\VideoPerformerSetup_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\VideoPerformerSetup_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Vid-Saver_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Vid-Saver_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wajam_download_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wajam_download_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\omigaplussvc
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\webcakeupdater
Schlüssel Gelöscht : HKCU\Software\5a6d8dae56eea10
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_free-window-registry-repair_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_free-window-registry-repair_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_google-chrome(2)_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_google-chrome(2)_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_irfanview_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_irfanview_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_kaspersky-tdsskiller_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_kaspersky-tdsskiller_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{37540F19-DD4C-478B-B2DF-C19281BCAF27}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{75CC1BBE-D96F-45DF-A622-D60BFA8AF49E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A0B10EBE-4E51-4CAE-949B-E6B9E7D68CEA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DDE2C74F-58CC-4D71-8CE1-09DEBB8CFB78}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F511AFDB-726E-4458-90E7-1ECB97406544}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{8D7A62C8-B906-4EF2-9F6F-0AB972CB4BB7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220022442279}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{B69509B5-4A90-4433-A2DE-BE439F6581F2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{FD58258C-84A6-4DEF-9793-019BE7F491A7}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00000000-6E41-4FD3-8538-502F5495E5FC}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{929801A8-4AEF-4D12-BE31-D85BF666452B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8D7A62C8-B906-4EF2-9F6F-0AB972CB4BB7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1932C9A0-4603-4F1D-B163-EC7E14ED311C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EAFE5690-2790-4A90-8AD0-8E875B9AA195}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{C424171E-592A-415A-9EB1-DFD6D95D3530}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{B81767E1-672D-4DA1-B5CC-D277185815A6}]
Wert Gelöscht : HKLM\SOFTWARE\Policies\Google\Chrome\ExtensionInstallForcelist [1]
Schlüssel Gelöscht : HKCU\Software\APNDTX
Schlüssel Gelöscht : HKCU\Software\BI
Schlüssel Gelöscht : HKCU\Software\ClickConnect
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\distromatic
Schlüssel Gelöscht : HKCU\Software\dsiteproducts
Schlüssel Gelöscht : HKCU\Software\ilivid
Schlüssel Gelöscht : HKCU\Software\ImInstaller
Schlüssel Gelöscht : HKCU\Software\lollipop
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\pc speed maximizer
Schlüssel Gelöscht : HKCU\Software\ProtectedSearch
Schlüssel Gelöscht : HKCU\Software\SweetIM
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKCU\Software\torch
Schlüssel Gelöscht : HKCU\Software\WinMaximizer
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Toolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\AVG Security Toolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\simplytech
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\WiseConvert_2.2
Schlüssel Gelöscht : HKLM\Software\APN
Schlüssel Gelöscht : HKLM\Software\AskToolbar
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\Software\Desksvc
Schlüssel Gelöscht : HKLM\Software\hdcode
Schlüssel Gelöscht : HKLM\Software\omigaplusSvc
Schlüssel Gelöscht : HKLM\Software\SafetyNut
Schlüssel Gelöscht : HKLM\Software\SearchProtect
Schlüssel Gelöscht : HKLM\Software\systweak
Schlüssel Gelöscht : HKLM\Software\torch
Schlüssel Gelöscht : HKLM\Software\Uniblue
Schlüssel Gelöscht : HKLM\Software\WinMaximizer
Schlüssel Gelöscht : HKLM\Software\WiseConvert_2.2
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00E944CB89111313EAF35A0553F547F9
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43C098337DB065A49B665D4EA7F16D1C
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53F55AF3F4049ED3FA6EA6F88E414E24
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E4BF4B11615E03C97732FD581AB607
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75FF6D97AF9FC004A9521D4B83FA6321
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CE3DDAB2D152683FBCEB4866BCD2B0F
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A71991503412AEB42838B02C5ED9F9CD
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF6CE16AFEA5C9A39B766468A8B35C21
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CB13D869D7D092348847B7481BB59E27
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F2E0D3DD9E5E4B74CA43BCE77815E287
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7652513C62FF63448CFF05163719DB7
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF

***** [ Browser ] *****

-\\ Internet Explorer v9.0.8112.16476

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [SearchAssistant]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [CustomizeSearch]

-\\ Mozilla Firefox v31.0 (x86 de)

[ Datei : C:\Users\Finanzdienstleistung\AppData\Roaming\Mozilla\Firefox\Profiles\fd4ejuoy.default\prefs.js ]

Zeile gelöscht : user_pref("CT2849855.searchProtector.notifyChanges", "{\"dataType\":\"string\",\"data\":\"false\"}");
Zeile gelöscht : user_pref("CT3241949.searchProtector.notifyChanges", "{\"dataType\":\"string\",\"data\":\"false\"}");
Zeile gelöscht : user_pref("browser.uiCustomization.state", "{\"placements\":{\"PanelUI-contents\":[\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"privatebrowsing-button\",\"save-page-button\",\"print-but[...]
Zeile gelöscht : user_pref("extensions.iminent.admin", false);
Zeile gelöscht : user_pref("extensions.iminent.aflt", "orgnl");
Zeile gelöscht : user_pref("extensions.iminent.appId", "{0E4B2CAB-B859-4C57-B96E-63DDEC692BC4}");
Zeile gelöscht : user_pref("extensions.iminent.autoRvrt", "false");
Zeile gelöscht : user_pref("extensions.iminent.dfltLng", "");
Zeile gelöscht : user_pref("extensions.iminent.excTlbr", false);
Zeile gelöscht : user_pref("extensions.iminent.ffxUnstlRst", false);
Zeile gelöscht : user_pref("extensions.iminent.id", "1063ab6a00000000000000196640d147");
Zeile gelöscht : user_pref("extensions.iminent.instlDay", "16051");
Zeile gelöscht : user_pref("extensions.iminent.instlRef", "");
Zeile gelöscht : user_pref("extensions.iminent.newTab", false);
Zeile gelöscht : user_pref("extensions.iminent.prdct", "iminent");
Zeile gelöscht : user_pref("extensions.iminent.prtnrId", "iminent");
Zeile gelöscht : user_pref("extensions.iminent.rvrt", "false");
Zeile gelöscht : user_pref("extensions.iminent.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.iminent.tlbrId", "YBCPCSTIPO");
Zeile gelöscht : user_pref("extensions.iminent.tlbrSrchUrl", "hxxp://start.iminent.com/?ref=toolbarm#q=");
Zeile gelöscht : user_pref("extensions.iminent.vrsn", "1.8.28.3");
Zeile gelöscht : user_pref("extensions.iminent.vrsnTs", "1.8.28.30:43:41");
Zeile gelöscht : user_pref("extensions.iminent.vrsni", "1.8.28.3");
Zeile gelöscht : user_pref("extensions.irmysearch.aflt", "dnldstr1202");
Zeile gelöscht : user_pref("extensions.irmysearch.cd", "2XzuyEtN2Y1L1QzutDtDtCzyyCyCyEtD0DtCyEyB0A0ByC0AtN0D0Tzu0CyBtBtAtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R");
Zeile gelöscht : user_pref("extensions.irmysearch.cr", "1420020550");
Zeile gelöscht : user_pref("extensions.irmysearch.instlRef", "");
Zeile gelöscht : user_pref("extentions.webcake.defaultEnableAppsList", "layers/inline,layers/shopping,layers/banner,layers/search,newOffers/wc");
Zeile gelöscht : user_pref("extentions.webcake.installId", "69b03aca-20c0-40ca-a44b-814fc830bd7d");
Zeile gelöscht : user_pref("iminent.enabledAds", "false");
Zeile gelöscht : user_pref("valueApps.CT0000000.SF_JUST_INSTALLED", "46414C5345");
Zeile gelöscht : user_pref("valueApps.CT0000000.SF_JUST_INSTALLED.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT0000000.SF_STATUS", "454E41424C4544");
Zeile gelöscht : user_pref("valueApps.CT0000000.SF_STATUS.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT0000000.SF_USER_ID", "6369645F39323230313431383334313836323637393930");
Zeile gelöscht : user_pref("valueApps.CT0000000.SF_USER_ID.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT0000000.cbfirsttime", "53756E2046656220303920323031342031383A33343A313820474D542B30313030");
Zeile gelöscht : user_pref("valueApps.CT0000000.cbfirsttime.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT0000000.mam_gk_appStateReportTime", "31343032313734353138383731");
Zeile gelöscht : user_pref("valueApps.CT0000000.mam_gk_appStateReportTime.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT0000000.mam_gk_appsConfig.storedInFile", true);
Zeile gelöscht : user_pref("valueApps.CT0000000.mam_gk_appsDefaultEnabled", "6E756C6C");
Zeile gelöscht : user_pref("valueApps.CT0000000.mam_gk_appsDefaultEnabled.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT0000000.mam_gk_calledSetupService", "31");
Zeile gelöscht : user_pref("valueApps.CT0000000.mam_gk_calledSetupService.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT0000000.mam_gk_currentVersion", "312E31332E302E3137");
Zeile gelöscht : user_pref("valueApps.CT0000000.mam_gk_currentVersion.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT0000000.mam_gk_first_time", "31");
Zeile gelöscht : user_pref("valueApps.CT0000000.mam_gk_first_time.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT0000000.mam_gk_lastLoginTime", "31343032313734353139383838");
Zeile gelöscht : user_pref("valueApps.CT0000000.mam_gk_lastLoginTime.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT0000000.mam_gk_localization.storedInFile", true);
Zeile gelöscht : user_pref("valueApps.CT0000000.mam_gk_settings1.13.0.17.storedInFile", true);
Zeile gelöscht : user_pref("valueApps.CT0000000.mam_gk_showWelcomeGadget", "66616C7365");
Zeile gelöscht : user_pref("valueApps.CT0000000.mam_gk_showWelcomeGadget.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT0000000.mam_gk_stamp", "313130325F31");
Zeile gelöscht : user_pref("valueApps.CT0000000.mam_gk_stamp.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT0000000.mam_gk_userBornDate", "3230313430323039");
Zeile gelöscht : user_pref("valueApps.CT0000000.mam_gk_userBornDate.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT0000000.mam_gk_userId", "31363937373932352D326533652D343130322D613136382D376365643061663562353263");
Zeile gelöscht : user_pref("valueApps.CT0000000.mam_gk_userId.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT0000000.mam_gk_user_approval_interacted", "");
Zeile gelöscht : user_pref("valueApps.CT0000000.mam_gk_user_approval_interacted.storedInFile", false);
Zeile gelöscht : user_pref("valueApps.CT0000000.url_history0001.storedInFile", true);

[ Datei : C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\2ukqlzsq.default\prefs.js ]

Zeile gelöscht : user_pref("browser.search.selectedEngine", "Mysearchdial");
Zeile gelöscht : user_pref("browser.search.defaultenginename", "Mysearchdial");

-\\ Google Chrome v30.0.1599.101

[ Datei : C:\Users\Finanzdienstleistung\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht [Search Provider] : hxxp://search.certified-toolbar.com?si=41460&bs=true&tid=3253&q={searchTerms}
Gelöscht [Search Provider] : hxxp://isearch.avg.com/search?cid={4A01ED3F-3784-4E75-AA74-BBAB4DFB330E}&mid=0e3b9de53f3747d6a9af910711a7adf2-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=de&ds=tt014&pr=sa&d=2012-04-07 01:40:00&v=14.2.0.1&pid=avg&sg=&sap=dsp&q={searchTerms}
Gelöscht [Search Provider] : hxxp://i.search.metacrawler.com/results.php?f=4&q={searchTerms}&a=ironmc2&cd=2XzuyEtN2Y1L1QzutDtDtCzyyCyCyEtD0DtCyEyB0A0ByC0AtN0D0Tzu0CyCyCyCtN1L2XzutBtFtBtFzztFtCtByEyBtN1L1Czu&cr=13348047&ir=
Gelöscht [Search Provider] : hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=U3&apn_dtid=OSJ000YYDE&apn_uid=6F7ECD21-D3B8-47C5-9A13-B2895120AFD0&apn_sauid=0989F9C0-EA3D-4014-9F6D-18D2C2C1F9F9&
Gelöscht [Search Provider] : hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&ctid=CT2849855
Gelöscht [Search Provider] : hxxp://search.babylon.com/?q={searchTerms}&affID=110824&tt=4312_4&babsrc=SP_ss&mntrId=1063ab6a00000000000000196640d147
Gelöscht [Search Provider] : hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=66ab9d39-3704-31eb-392e-0c3090f7618b&searchtype=ds&q={searchTerms}&installDate=20/10/2013
Gelöscht [Search Provider] : hxxp://de.ask.com/web?q={searchTerms}
Gelöscht [Search Provider] : hxxp://isearch.avg.com/search?cid={4A01ED3F-3784-4E75-AA74-BBAB4DFB330E}&mid=0e3b9de53f3747d6a9af910711a7adf2-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=de&ds=tt014&pr=sa&d=2012-04-07 01:40:00&v=14.2.0.1&pid=avg&sg=&sap=dsp&q={searchTerms}
Gelöscht [Search Provider] : hxxp://www.doko-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=106300196640D147&affID=125836&tsp=5036
Gelöscht [Search Provider] : hxxp://start.facemoods.com/?a=drive&s={searchTerms}&f=4
Gelöscht [Search Provider] : hxxp://toolbar.inbox.com/search/dispatcher.aspx?tp=bs&qkw={searchTerms}&tbid=80772&lng=de
Gelöscht [Search Provider] : hxxp://search.conduit.com/Results.aspx?ctid=CT3318857&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP06430D5A-25BB-4D1F-801B-76E482EDA88D&q={searchTerms}&SSPV=
Gelöscht [Search Provider] : hxxp://search.sweetim.com/search.asp?src=6&crg=3.1010006&st=10&q={searchTerms}
Gelöscht [Search Provider] : hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dnldstr1202&cd=2XzuyEtN2Y1L1QzutDtDtCzyyCyCyEtD0DtCyEyB0A0ByC0AtN0D0Tzu0CyBtBtAtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=1420020550&ir=
Gelöscht [Search Provider] : hxxp://dts.search.ask.com/sr?src=crb&gct=ds&appid=0&systemid=406&v=n11099-240&apn_uid=0663415917174031&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
Gelöscht [Search Provider] : hxxp://www.softonic.de/s/{searchTerms}
Gelöscht [Extension] : aaaaabcbmongicmdegkmmfgdickgnnob
Gelöscht [Extension] : dchmpbaclbiioedakpcldenooikekokm
Gelöscht [Extension] : dhdepfaagokllfmhfbcfmocaeigmoebo
Gelöscht [Extension] : fbmimoidopbghbcmdmpkjaffffmcbmbg
Gelöscht [Extension] : flpcjncodpafbgdpnkljologafpionhb
Gelöscht [Extension] : hempmfkijmahkaddljkmchcmjbojoedl
Gelöscht [Extension] : hphibigbodkkohoglgfkddblldpfohjl
Gelöscht [Extension] : jpmbfleldcgkldadpdinhjjopdfpjfjp
Gelöscht [Extension] : kdcnnmifdmlmjffdgeieikcokcogpbej
Gelöscht [Extension] : kincjchfokkeneeofpeefomkikfkiedl
Gelöscht [Extension] : kkkeikdkpjenmoiicggnnodbkebafgpc
Gelöscht [Extension] : lcnnhcneegeeojhgpfijnlnocjdmlaon
Gelöscht [Extension] : pflphaooapbgpeakohlggbpidpppgdff
Gelöscht [Extension] : pgmfkblbflahhponhjmkcnpjinenhlnc

[ Datei : C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht [Search Provider] : hxxp://search.certified-toolbar.com?si=41460&bs=true&tid=3253&q={searchTerms}
Gelöscht [Search Provider] : hxxp://isearch.avg.com/search?cid={4A01ED3F-3784-4E75-AA74-BBAB4DFB330E}&mid=0e3b9de53f3747d6a9af910711a7adf2-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=de&ds=tt014&pr=sa&d=2012-04-07 01:40:00&v=14.2.0.1&pid=avg&sg=&sap=dsp&q={searchTerms}
Gelöscht [Search Provider] : hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=66ab9d39-3704-31eb-392e-0c3090f7618b&searchtype=ds&q={searchTerms}&installDate=20/10/2013
Gelöscht [Search Provider] : hxxp://i.search.metacrawler.com/results.php?f=4&q={searchTerms}&a=ironmc2&cd=2XzuyEtN2Y1L1QzutDtDtCzyyCyCyEtD0DtCyEyB0A0ByC0AtN0D0Tzu0CyCzztCtN1L2XzutBtFtBtFzztFtCtByEyBtN1L1Czu&cr=1393388771&ir=
Gelöscht [Search Provider] : hxxp://search.snapdo.com/?q={searchTerms}&category=Web&publisher=tuguu&country=us&feedid=infospace&st=hp&dpid=us&lan=de&start=1
Gelöscht [Search Provider] : hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dnldstr1202&cd=2XzuyEtN2Y1L1QzutDtDtCzyyCyCyEtD0DtCyEyB0A0ByC0AtN0D0Tzu0CyBtBtAtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=1420020550&ir=
Gelöscht [Extension] : dchmpbaclbiioedakpcldenooikekokm
Gelöscht [Extension] : dhdepfaagokllfmhfbcfmocaeigmoebo
Gelöscht [Extension] : fbmimoidopbghbcmdmpkjaffffmcbmbg
Gelöscht [Extension] : flpcjncodpafbgdpnkljologafpionhb
Gelöscht [Extension] : hphibigbodkkohoglgfkddblldpfohjl
Gelöscht [Extension] : igjjkeeamkpihpncmmbgdkhdnjpcfmfb
Gelöscht [Extension] : kdcnnmifdmlmjffdgeieikcokcogpbej
Gelöscht [Extension] : kincjchfokkeneeofpeefomkikfkiedl
Gelöscht [Extension] : kkkeikdkpjenmoiicggnnodbkebafgpc
Gelöscht [Extension] : pflphaooapbgpeakohlggbpidpppgdff
Gelöscht [Extension] : pgmfkblbflahhponhjmkcnpjinenhlnc

*************************

AdwCleaner[R0].txt - [42788 octets] - [03/08/2014 17:39:46]
AdwCleaner[R1].txt - [42849 octets] - [03/08/2014 17:48:17]
AdwCleaner[S0].txt - [42544 octets] - [03/08/2014 17:51:38]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [42605 octets] ##########
         
JRT.txt
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Ultimate x86
Ran by Finanzdienstleistung on 03.08.2014 at 18:20:15,90
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-621612078-4285812529-1901443770-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\torchsetupfull_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\torchsetupfull_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\askHomePage_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\askHomePage_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iLividSetup-r0-n-bc_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iLividSetup-r0-n-bc_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iLividSetup-r362-n-bc (1)_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iLividSetup-r362-n-bc (1)_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iLividSetup-r362-n-bc (2)_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iLividSetup-r362-n-bc (2)_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iLividSetup-r362-n-bc_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iLividSetup-r362-n-bc_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iLividSetup-r887-n-bc_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iLividSetup-r887-n-bc_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SetupDataMngr_iLivid_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SetupDataMngr_iLivid_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{222B5EA2-7E05-4C0D-8A56-E8E68392FA65}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{98A6AA5C-C81F-464D-8189-888B7F4C3BF6}
Successfully deleted: [Registry Key] "hkey_current_user\software\microsoft\internet explorer\low rights\elevationpolicy\{a5aa24ea-11b8-4113-95ae-9ed71deaf12a}"



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\ProgramData\drivergenius"
Successfully deleted: [Folder] "C:\Program Files\eusing free registry cleaner"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\free registry cleaner"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\free window registry repair"



~~~ FireFox

Successfully deleted: [Folder] C:\Users\Finanzdienstleistung\AppData\Roaming\mozilla\firefox\profiles\fd4ejuoy.default\extensions\toolbar@web.de
Emptied folder: C:\Users\Finanzdienstleistung\AppData\Roaming\mozilla\firefox\profiles\fd4ejuoy.default\minidumps [279 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 03.08.2014 at 18:25:31,33
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:2-08-2014
Ran by Finanzdienstleistung (administrator) on KLAMM on 03-08-2014 18:32:48
Running from C:\Users\Finanzdienstleistung\Downloads
Platform: Microsoft Windows 7 Ultimate  (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Beratungstechnologie) I:\BTnet_0214\AVB_Steuerung\BTAVB_KomDienst.exe
(NÜRNBERGER Versicherungsgruppe) C:\Program Files\NÜRNBERGER AutoUpdater\BT.Setup.InstallationsDienst.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
(BISS GmbH) C:\Program Files\InterRisk\WinRiskXA\smart\client\bin\BWUpdater.exe
(Sun Microsystems, Inc.) I:\BTnet_0214\Dope\Dope-Mobile\utils\java_jdk_windows-x86-32\bin\javaw.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
(NUERNBERGER Versicherungsgruppe) C:\Program Files\NuernbergerBT\BT.Net_Listener.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\Brmfcmon\BrMfcMon.exe
(Dropbox, Inc.) C:\Users\Finanzdienstleistung\AppData\Roaming\Dropbox\bin\Dropbox.exe
(NUERNBERGER Versicherungsgruppe) C:\Program Files\NuernbergerBT\BT.Net_Listener.exe
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Desktop.exe
(DT Soft Ltd) C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKU\S-1-5-21-621612078-4285812529-1901443770-1000\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [22414424 2014-04-03] (Google)
HKU\S-1-5-21-621612078-4285812529-1901443770-1000\...\Policies\Explorer: [NoWelcomeScreen] 1
Startup: C:\Users\Finanzdienstleistung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\auto.bat ()
Startup: C:\Users\Finanzdienstleistung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Finanzdienstleistung\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Finanzdienstleistung\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Finanzdienstleistung\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Finanzdienstleistung\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: GDriveBlacklistedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedEditOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedViewOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncingOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
SearchScopes: HKLM - _tmp URL = 
SearchScopes: HKCU - _tmp URL = 
SearchScopes: HKCU - {09038620-190C-402B-A92F-18864E6AB22F} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKCU - {0E627687-3EBF-4D52-A048-1A6BDC182395} URL = hxxp://go.web.de/suchbox/smartshopping/?searchText={searchTerms}&mc=searchplugin@suche@msie.suche@preisvergleich
SearchScopes: HKCU - {3AB67233-D4D5-47F1-95F9-00C0D89D908D} URL = hxxp://go.web.de/suchbox/amazon/?keywords={searchTerms}
SearchScopes: HKCU - {417FF3BC-0405-476F-8364-02E002CEBF69} URL = hxxp://search.gmx.com/web?q={searchTerms}&origin=tb_splugin_ie
SearchScopes: HKCU - {594A203C-46AE-48E0-B7DB-E588A7912B8E} URL = hxxp://search.1und1.de/search/web/?su={searchTerms}&mc=searchplugin@suche@msie.suche@web&origin=searchplugin
SearchScopes: HKCU - {5A817CF6-92D5-4DE5-AC38-82DF8A73EF28} URL = hxxp://go.gmx.net/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKCU - {697B2969-6FC0-4CBC-9FB9-EBA7FEB50EC2} URL = hxxp://go.web.de/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKCU - {6B1D1FB7-7233-4F7C-802C-21A1DDB12754} URL = hxxp://go.web.de/br/ie9_search_web/?su={searchTerms}
SearchScopes: HKCU - {764EC6F5-012F-4DD1-A141-1BBB8B1311E1} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=302398&p={searchTerms}
SearchScopes: HKCU - {DC3A72F4-442E-4C80-BB61-F86A38632867} URL = hxxp://suche.gmx.net/search/web/?su={searchTerms}&mc=searchplugin@suche@msie.suche@web&origin=searchplugin
BHO: No Name -> {3049C3E9-B461-4BC5-8870-4C09146192CA} ->  No File
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKCU - No Name - {472734EA-242A-422B-ADF8-83D1E48CC825} -  No File
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Finanzdienstleistung\AppData\Roaming\Mozilla\Firefox\Profiles\fd4ejuoy.default
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @real.com/nppl3260;version=15.0.3.37 -> C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=15.0.3.37 -> C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.3.37 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=15.0.3.37 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=15.0.3.37 -> C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @citrixonline.com/appdetectorplugin - C:\Users\Finanzdienstleistung\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\MyCamera.dll (CANON INC.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPCIG.dll (CANON INC.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF SearchPlugin: C:\Users\Finanzdienstleistung\AppData\Roaming\Mozilla\Firefox\Profiles\fd4ejuoy.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Finanzdienstleistung\AppData\Roaming\Mozilla\Firefox\Profiles\fd4ejuoy.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Finanzdienstleistung\AppData\Roaming\Mozilla\Firefox\Profiles\fd4ejuoy.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Finanzdienstleistung\AppData\Roaming\Mozilla\Firefox\Profiles\fd4ejuoy.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Ecosia - The search engine that plants trees - C:\Users\Finanzdienstleistung\AppData\Roaming\Mozilla\Firefox\Profiles\fd4ejuoy.default\Extensions\{d04b0b40-3dab-4f0b-97a6-04ec3eddbfb0}.xpi [2011-07-10]
FF Extension: Adblock Plus - C:\Users\Finanzdienstleistung\AppData\Roaming\Mozilla\Firefox\Profiles\fd4ejuoy.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-07-10]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-05-03]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-07-26]

Chrome: 
=======
CHR HomePage: 
CHR RestoreOnStartup: "https://www.google.de/",
			"hxxp://www.search.ask.com/?o=APN10645A&gct=hp&d=406-0&v=n11099-240&t=4"
CHR Extension: (Google Drive) - C:\Users\Finanzdienstleistung\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-26]
CHR Extension: (YouTube) - C:\Users\Finanzdienstleistung\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-26]
CHR Extension: (Adblock Plus) - C:\Users\Finanzdienstleistung\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-12-28]
CHR Extension: (Google-Suche) - C:\Users\Finanzdienstleistung\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-26]
CHR Extension: (Google Wallet) - C:\Users\Finanzdienstleistung\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-26]
CHR Extension: (Google Mail) - C:\Users\Finanzdienstleistung\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-10-26]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-26]
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-05-03]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-26] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [106488 2014-07-28] (AVAST Software)
R2 BTAVB_KomDienst_Vers_Btnet_1402; I:\BTnet_0214\AVB_Steuerung\BTAVB_KomDienst.exe [17920 2013-04-03] (Beratungstechnologie) [File not signed]
R2 NbgAutoUpdater; C:\Program Files\NÜRNBERGER AutoUpdater\BT.Setup.InstallationsDienst.exe [23120 2013-12-05] (NÜRNBERGER Versicherungsgruppe)
S4 WinRiskXASmClServiceHandler; C:\Program Files\InterRisk\WinRiskXA\smart\client\bin\BWServiceHandler.exe [90112 2009-12-10] () [File not signed]
R2 WinRiskXASmClSoftwareUpdate; C:\Program Files\InterRisk\WinRiskXA\smart\client\bin\BWUpdater.exe [24576 2012-04-18] (BISS GmbH) [File not signed]
S2 sdAuxService; No ImagePath
S2 sdCoreService; No ImagePath

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AF15BDA; C:\Windows\System32\DRIVERS\AF15BDA.sys [483200 2010-01-06] (ITETech                  )
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-07-26] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [26136 2014-07-28] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-07-26] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [270752 2014-07-28] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-07-26] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-07-26] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [779536 2014-07-26] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [414520 2014-07-26] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [71944 2014-07-26] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [192352 2014-07-26] ()
R3 AVMCOWAN; C:\Windows\System32\DRIVERS\AVMCOWAN.sys [64000 2009-07-14] (AVM GmbH)
R3 cmpci; C:\Windows\System32\drivers\cmaudio.sys [379726 2002-07-16] (C-Media Inc)
R3 FPCIBASE; C:\Windows\System32\DRIVERS\fpcibase.sys [559104 2009-07-14] (AVM Berlin)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [110296 2014-08-03] (Malwarebytes Corporation)
R0 PCTCore; C:\Windows\System32\drivers\PCTCore.sys [331880 2011-11-14] (PC Tools)
R0 pctDS; C:\Windows\System32\drivers\pctDS.sys [342168 2011-12-01] (PC Tools)
R1 pctgntdi; C:\Windows\System32\drivers\pctgntdi.sys [253352 2012-01-11] (PC Tools)
S3 pctplsg; C:\Windows\System32\drivers\pctplsg.sys [70536 2012-01-11] (PC Tools)
R1 PCTSD; C:\Windows\System32\Drivers\PCTSD.sys [185560 2012-01-11] (PC Tools)
S2 ASPI32; No ImagePath
S3 catchme; \??\C:\Users\FINANZ~1\AppData\Local\Temp\catchme.sys [X]
S3 cmuda3; system32\drivers\cmudax3.sys [X]
S3 cpuz132; \??\C:\Users\FINANZ~1\AppData\Local\Temp\cpuz132\cpuz132_x32.sys [X]
S0 TfFsMon; system32\drivers\TfFsMon.sys [X]
S3 TfNetMon; \??\C:\Windows\system32\drivers\TfNetMon.sys [X]
S0 TFSysMon; system32\drivers\TfSysMon.sys [X]
S1 [verify-U]_System; system32\drivers\[verify-U]-driver.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-03 18:32 - 2014-08-03 18:32 - 00000000 ____D () C:\Users\Finanzdienstleistung\Downloads\FRST-OlderVersion
2014-08-03 18:25 - 2014-08-03 18:25 - 00003923 _____ () C:\Users\Finanzdienstleistung\Desktop\JRT.txt
2014-08-03 18:20 - 2014-08-03 18:20 - 00000000 ____D () C:\Windows\ERUNT
2014-08-03 18:19 - 2014-08-03 18:19 - 00042686 _____ () C:\Users\Finanzdienstleistung\Desktop\AdwCleaner[S0].txt
2014-08-03 17:40 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
2014-08-03 17:39 - 2014-08-03 17:53 - 00000000 ___DC () C:\AdwCleaner
2014-08-03 17:38 - 2014-08-03 17:38 - 00007148 _____ () C:\Users\Finanzdienstleistung\Desktop\mbam.txt
2014-08-03 17:05 - 2014-08-03 17:05 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-03 17:04 - 2014-08-03 17:04 - 00001020 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-08-03 17:04 - 2014-08-03 17:04 - 00000000 ___DC () C:\Program Files\ Malwarebytes Anti-Malware 
2014-08-03 17:04 - 2014-08-03 17:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-08-03 17:04 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-03 17:04 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-03 17:04 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-08-03 16:58 - 2014-08-03 16:58 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Finanzdienstleistung\Desktop\mbam-setup-2.0.2.1012.exe
2014-08-03 16:58 - 2014-08-03 16:58 - 01361309 _____ () C:\Users\Finanzdienstleistung\Desktop\adwcleaner_3.302.exe
2014-08-03 16:58 - 2014-08-03 16:58 - 01016261 _____ (Thisisu) C:\Users\Finanzdienstleistung\Desktop\JRT.exe
2014-08-01 18:30 - 2014-08-01 18:30 - 00026652 ____C () C:\ComboFix.txt
2014-08-01 18:06 - 2014-08-01 18:30 - 00000000 ___DC () C:\Qoobox
2014-08-01 18:06 - 2014-08-01 18:30 - 00000000 ___DC () C:\ComboFix
2014-08-01 18:06 - 2014-08-01 18:27 - 00000000 ____D () C:\Windows\erdnt
2014-08-01 18:06 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-08-01 18:06 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-08-01 18:06 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-08-01 18:06 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-08-01 18:06 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-08-01 18:06 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-08-01 18:06 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-08-01 18:06 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-08-01 18:03 - 2014-08-01 18:06 - 05567414 ____R (Swearware) C:\Users\Finanzdienstleistung\Desktop\ComboFix.exe
2014-07-29 17:12 - 2014-07-29 17:13 - 00110924 _____ () C:\Users\Finanzdienstleistung\Downloads\Addition.txt
2014-07-29 17:09 - 2014-08-03 18:32 - 00018442 _____ () C:\Users\Finanzdienstleistung\Downloads\FRST.txt
2014-07-28 17:05 - 2014-07-28 17:05 - 00000000 ____D () C:\Users\Finanzdienstleistung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-07-28 17:03 - 2014-07-28 17:04 - 07920175 _____ () C:\Users\Finanzdienstleistung\Downloads\npp.6.6.8.Installer.exe
2014-07-28 01:20 - 2014-07-28 01:20 - 00002013 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-07-28 01:20 - 2014-07-28 01:19 - 00026136 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-07-28 01:19 - 2014-07-28 01:19 - 00270752 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-07-27 08:18 - 2014-07-27 08:18 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\AVAST Software
2014-07-26 19:45 - 2014-07-26 19:45 - 00027304 _____ () C:\Users\Finanzdienstleistung\Desktop\logs.zip
2014-07-26 19:12 - 2014-07-26 19:12 - 00380416 _____ () C:\Users\Finanzdienstleistung\Downloads\ckmygz4f.exe
2014-07-26 19:08 - 2014-08-03 18:32 - 00000000 ___DC () C:\FRST
2014-07-26 19:07 - 2014-08-03 18:32 - 01084928 ____C (Farbar) C:\Users\Finanzdienstleistung\Downloads\FRST.exe
2014-07-26 19:06 - 2014-07-26 19:06 - 00000502 _____ () C:\Users\Finanzdienstleistung\Downloads\defogger_disable.log
2014-07-26 19:06 - 2014-07-26 19:06 - 00000000 _____ () C:\Users\Finanzdienstleistung\defogger_reenable
2014-07-26 19:05 - 2014-07-26 19:05 - 00050477 _____ () C:\Users\Finanzdienstleistung\Downloads\Defogger.exe
2014-07-26 18:31 - 2014-07-26 18:31 - 00000000 ____D () C:\ProgramData\MAGIX
2014-07-26 18:25 - 2014-07-28 01:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-07-26 18:25 - 2014-07-26 18:25 - 00000000 ____D () C:\Users\Finanzdienstleistung\AppData\Roaming\AVAST Software
2014-07-26 18:24 - 2014-07-26 18:25 - 00414520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-07-26 18:24 - 2014-07-26 18:24 - 00779536 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-07-26 18:24 - 2014-07-26 18:24 - 00276432 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-07-26 18:24 - 2014-07-26 18:24 - 00192352 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-07-26 18:24 - 2014-07-26 18:24 - 00081768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-07-26 18:24 - 2014-07-26 18:24 - 00071944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-07-26 18:24 - 2014-07-26 18:24 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-07-26 18:24 - 2014-07-26 18:24 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-07-26 18:24 - 2014-07-26 18:24 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-07-26 18:24 - 2014-07-26 18:24 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-07-26 18:24 - 2014-07-26 18:24 - 00000000 ___DC () C:\Program Files\AVAST Software
2014-07-26 18:22 - 2014-07-26 18:24 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-07-26 18:21 - 2014-07-26 18:22 - 91906368 _____ (AVAST Software) C:\Users\Finanzdienstleistung\Downloads\avast_free_antivirus_setup_9_0_2021 (1).exe
2014-07-26 17:59 - 2014-07-26 18:00 - 00700783 ____R (Swearware) C:\Users\Finanzdienstleistung\Downloads\dds+.exe
2014-07-26 17:47 - 2014-07-26 17:47 - 04845176 _____ (AVAST Software) C:\Users\Finanzdienstleistung\Downloads\avast_clear.exe
2014-07-24 17:13 - 2014-07-24 17:15 - 143880056 _____ () C:\Users\Gast\Downloads\avira_free_antivirus_de_464.exe
2014-07-24 02:11 - 2014-07-24 18:44 - 00000000 ____D () C:\ProgramData\ItogiVhovu
2014-07-24 02:10 - 2014-07-24 23:18 - 00000000 ____D () C:\ProgramData\OvmaTmed
2014-07-24 00:37 - 2014-07-24 00:38 - 91906368 _____ (AVAST Software) C:\Users\Finanzdienstleistung\Downloads\avast_free_antivirus_setup_9_0_2021.exe
2014-07-23 12:40 - 2014-07-23 12:40 - 00000000 ____D () C:\Users\Finanzdienstleistung\AppData\Roaming\DesktopIconGoodgame
2014-07-22 15:18 - 2014-07-23 11:41 - 00000000 ____D () C:\Users\Finanzdienstleistung\Desktop\Schad
2014-07-21 17:07 - 2014-07-21 17:07 - 00000000 ____D () C:\ProgramData\firebird
2014-07-21 17:06 - 2014-07-21 17:06 - 00000000 ____D () C:\Users\Finanzdienstleistung\AppData\Roaming\NUERNBERGER
2014-07-21 17:05 - 2014-07-21 17:05 - 00000000 ____D () C:\Users\Finanzdienstleistung\Documents\NuernbergerBT
2014-07-21 17:05 - 2014-07-21 17:05 - 00000000 ____D () C:\Users\Finanzdienstleistung\AppData\Local\Nuernberger_Versicherungs
2014-07-21 15:28 - 2014-07-24 16:12 - 00000000 ___DC () C:\Program Files\NÜRNBERGER AutoUpdater
2014-07-21 15:28 - 2014-07-24 16:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NÜRNBERGER AutoUpdater
2014-07-21 15:25 - 2014-07-21 15:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NÜRNBERGER BTnet 02.2014
2014-07-21 15:16 - 2014-07-21 15:16 - 00000000 ____D () C:\Users\Finanzdienstleistung\AppData\Roaming\Keseling
2014-07-21 11:42 - 2014-07-21 11:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alte Leipziger Verbund
2014-07-21 11:27 - 2014-07-21 11:30 - 00000000 ____D () C:\Windows\Downloaded Installations
2014-07-21 02:22 - 2014-07-23 21:33 - 00000000 ____D () C:\ProgramData\OkhoHamu
2014-07-19 23:00 - 2014-07-21 10:27 - 00000000 ____D () C:\ProgramData\IvqeKjaqu
2014-07-19 16:23 - 2014-07-19 16:23 - 00012313 _____ () C:\Users\Finanzdienstleistung\Downloads\Abrechnung Garbpflege 2014.xlsx
2014-07-19 16:23 - 2014-07-19 16:23 - 00012313 _____ () C:\Users\Finanzdienstleistung\Downloads\Abrechnung Garbpflege 2014 (1).xlsx
2014-07-11 03:06 - 2014-07-11 03:06 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-10 22:19 - 2014-07-14 06:11 - 00000000 ____D () C:\Users\Finanzdienstleistung\Desktop\Neuer Ordner (4)
2014-07-10 15:40 - 2014-07-10 15:40 - 00000000 ____D () C:\Users\Finanzdienstleistung\Desktop\Lisa ****
2014-07-10 09:40 - 2014-07-01 03:38 - 00402944 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-10 09:40 - 2014-07-01 03:35 - 00303104 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-09 12:21 - 2014-07-10 22:57 - 00000000 ____D () C:\Users\Finanzdienstleistung\Desktop\Neuer Ordner (3)

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-03 18:34 - 2014-07-29 17:09 - 00018442 _____ () C:\Users\Finanzdienstleistung\Downloads\FRST.txt
2014-08-03 18:32 - 2014-08-03 18:32 - 00000000 ____D () C:\Users\Finanzdienstleistung\Downloads\FRST-OlderVersion
2014-08-03 18:32 - 2014-07-26 19:08 - 00000000 ___DC () C:\FRST
2014-08-03 18:32 - 2014-07-26 19:07 - 01084928 ____C (Farbar) C:\Users\Finanzdienstleistung\Downloads\FRST.exe
2014-08-03 18:25 - 2014-08-03 18:25 - 00003923 _____ () C:\Users\Finanzdienstleistung\Desktop\JRT.txt
2014-08-03 18:20 - 2014-08-03 18:20 - 00000000 ____D () C:\Windows\ERUNT
2014-08-03 18:19 - 2014-08-03 18:19 - 00042686 _____ () C:\Users\Finanzdienstleistung\Desktop\AdwCleaner[S0].txt
2014-08-03 18:06 - 2012-02-05 15:05 - 00000000 ____D () C:\Users\Finanzdienstleistung\AppData\Roaming\Dropbox
2014-08-03 18:02 - 2009-07-14 06:34 - 00019568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-03 18:02 - 2009-07-14 06:34 - 00019568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-03 17:57 - 2014-02-15 10:11 - 00338300 _____ () C:\Windows\PFRO.log
2014-08-03 17:57 - 2014-02-15 10:11 - 00008456 _____ () C:\Windows\setupact.log
2014-08-03 17:57 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-03 17:55 - 2010-01-04 16:26 - 01984234 _____ () C:\Windows\WindowsUpdate.log
2014-08-03 17:53 - 2014-08-03 17:39 - 00000000 ___DC () C:\AdwCleaner
2014-08-03 17:52 - 2012-01-27 23:34 - 00000000 ____D () C:\Users\Gast
2014-08-03 17:52 - 2010-01-04 16:28 - 00000000 ____D () C:\Users\Finanzdienstleistung
2014-08-03 17:38 - 2014-08-03 17:38 - 00007148 _____ () C:\Users\Finanzdienstleistung\Desktop\mbam.txt
2014-08-03 17:36 - 2012-04-12 23:28 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-03 17:05 - 2014-08-03 17:05 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-03 17:04 - 2014-08-03 17:04 - 00001020 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-08-03 17:04 - 2014-08-03 17:04 - 00000000 ___DC () C:\Program Files\ Malwarebytes Anti-Malware 
2014-08-03 17:04 - 2014-08-03 17:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-08-03 16:58 - 2014-08-03 16:58 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Finanzdienstleistung\Desktop\mbam-setup-2.0.2.1012.exe
2014-08-03 16:58 - 2014-08-03 16:58 - 01361309 _____ () C:\Users\Finanzdienstleistung\Desktop\adwcleaner_3.302.exe
2014-08-03 16:58 - 2014-08-03 16:58 - 01016261 _____ (Thisisu) C:\Users\Finanzdienstleistung\Desktop\JRT.exe
2014-08-01 18:42 - 2014-04-09 13:41 - 00001020 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-08-01 18:42 - 2014-04-09 13:41 - 00001008 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-08-01 18:30 - 2014-08-01 18:30 - 00026652 ____C () C:\ComboFix.txt
2014-08-01 18:30 - 2014-08-01 18:06 - 00000000 ___DC () C:\Qoobox
2014-08-01 18:30 - 2014-08-01 18:06 - 00000000 ___DC () C:\ComboFix
2014-08-01 18:30 - 2009-07-14 04:37 - 00000000 __RHD () C:\Users\Default
2014-08-01 18:30 - 2009-07-14 04:37 - 00000000 ___RD () C:\Users\Public
2014-08-01 18:27 - 2014-08-01 18:06 - 00000000 ____D () C:\Windows\erdnt
2014-08-01 18:25 - 2009-07-14 04:04 - 00000215 ____C () C:\Windows\system.ini
2014-08-01 18:20 - 2010-01-04 23:10 - 00000000 ____D () C:\Users\Finanzdienstleistung\AppData\Roaming\Adobe
2014-08-01 18:16 - 2010-01-04 23:13 - 00000000 ____D () C:\ProgramData\TEMP
2014-08-01 18:10 - 2011-05-23 10:14 - 13345792 ___SH () C:\Users\Finanzdienstleistung\Desktop\Thumbs.db
2014-08-01 18:06 - 2014-08-01 18:03 - 05567414 ____R (Swearware) C:\Users\Finanzdienstleistung\Desktop\ComboFix.exe
2014-07-30 22:03 - 2014-02-17 18:21 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-07-30 11:47 - 2010-04-29 21:25 - 00000000 ____D () C:\Users\Finanzdienstleistung\AppData\Roaming\ZoomBrowser EX
2014-07-30 11:42 - 2010-04-29 21:30 - 00000000 ____D () C:\Users\Finanzdienstleistung\AppData\Roaming\CameraWindowDC
2014-07-29 17:13 - 2014-07-29 17:12 - 00110924 _____ () C:\Users\Finanzdienstleistung\Downloads\Addition.txt
2014-07-28 17:06 - 2010-06-27 12:53 - 00000000 ____D () C:\Users\Finanzdienstleistung\AppData\Roaming\Notepad++
2014-07-28 17:05 - 2014-07-28 17:05 - 00000000 ____D () C:\Users\Finanzdienstleistung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-07-28 17:05 - 2010-06-27 12:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-07-28 17:05 - 2010-06-27 12:53 - 00000000 ____D () C:\Program Files\Notepad++
2014-07-28 17:04 - 2014-07-28 17:03 - 07920175 _____ () C:\Users\Finanzdienstleistung\Downloads\npp.6.6.8.Installer.exe
2014-07-28 01:23 - 2011-08-07 15:46 - 00000000 ____D () C:\Program Files\VideoLAN
2014-07-28 01:20 - 2014-07-28 01:20 - 00002013 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-07-28 01:20 - 2014-07-26 18:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-07-28 01:19 - 2014-07-28 01:20 - 00026136 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-07-28 01:19 - 2014-07-28 01:19 - 00270752 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-07-27 08:18 - 2014-07-27 08:18 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\AVAST Software
2014-07-26 19:45 - 2014-07-26 19:45 - 00027304 _____ () C:\Users\Finanzdienstleistung\Desktop\logs.zip
2014-07-26 19:13 - 2011-07-21 11:08 - 14026240 ___SH () C:\Users\Finanzdienstleistung\Downloads\Thumbs.db
2014-07-26 19:12 - 2014-07-26 19:12 - 00380416 _____ () C:\Users\Finanzdienstleistung\Downloads\ckmygz4f.exe
2014-07-26 19:06 - 2014-07-26 19:06 - 00000502 _____ () C:\Users\Finanzdienstleistung\Downloads\defogger_disable.log
2014-07-26 19:06 - 2014-07-26 19:06 - 00000000 _____ () C:\Users\Finanzdienstleistung\defogger_reenable
2014-07-26 19:05 - 2014-07-26 19:05 - 00050477 _____ () C:\Users\Finanzdienstleistung\Downloads\Defogger.exe
2014-07-26 18:31 - 2014-07-26 18:31 - 00000000 ____D () C:\ProgramData\MAGIX
2014-07-26 18:31 - 2010-12-20 19:04 - 00000000 ____D () C:\Users\Finanzdienstleistung\Documents\MAGIX_MxTray
2014-07-26 18:25 - 2014-07-26 18:25 - 00000000 ____D () C:\Users\Finanzdienstleistung\AppData\Roaming\AVAST Software
2014-07-26 18:25 - 2014-07-26 18:24 - 00414520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-07-26 18:24 - 2014-07-26 18:24 - 00779536 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-07-26 18:24 - 2014-07-26 18:24 - 00276432 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-07-26 18:24 - 2014-07-26 18:24 - 00192352 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-07-26 18:24 - 2014-07-26 18:24 - 00081768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-07-26 18:24 - 2014-07-26 18:24 - 00071944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-07-26 18:24 - 2014-07-26 18:24 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-07-26 18:24 - 2014-07-26 18:24 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-07-26 18:24 - 2014-07-26 18:24 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-07-26 18:24 - 2014-07-26 18:24 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-07-26 18:24 - 2014-07-26 18:24 - 00000000 ___DC () C:\Program Files\AVAST Software
2014-07-26 18:24 - 2014-07-26 18:22 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-07-26 18:22 - 2014-07-26 18:21 - 91906368 _____ (AVAST Software) C:\Users\Finanzdienstleistung\Downloads\avast_free_antivirus_setup_9_0_2021 (1).exe
2014-07-26 18:00 - 2014-07-26 17:59 - 00700783 ____R (Swearware) C:\Users\Finanzdienstleistung\Downloads\dds+.exe
2014-07-26 17:47 - 2014-07-26 17:47 - 04845176 _____ (AVAST Software) C:\Users\Finanzdienstleistung\Downloads\avast_clear.exe
2014-07-26 17:33 - 2012-03-09 12:29 - 00000000 ____D () C:\ProgramData\Avira
2014-07-25 11:11 - 2014-02-14 21:43 - 00001059 _____ () C:\Users\Finanzdienstleistung\Desktop\Dropbox.lnk
2014-07-25 11:11 - 2012-02-05 15:06 - 00000000 ____D () C:\Users\Finanzdienstleistung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-07-24 23:18 - 2014-07-24 02:10 - 00000000 ____D () C:\ProgramData\OvmaTmed
2014-07-24 22:50 - 2014-02-20 19:33 - 00000000 ___DC () C:\Program Files\Microsoft Silverlight
2014-07-24 22:50 - 2012-05-09 09:25 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-07-24 22:15 - 2012-03-14 23:17 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-07-24 18:44 - 2014-07-24 02:11 - 00000000 ____D () C:\ProgramData\ItogiVhovu
2014-07-24 17:15 - 2014-07-24 17:13 - 143880056 _____ () C:\Users\Gast\Downloads\avira_free_antivirus_de_464.exe
2014-07-24 16:12 - 2014-07-21 15:28 - 00000000 ___DC () C:\Program Files\NÜRNBERGER AutoUpdater
2014-07-24 16:12 - 2014-07-21 15:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NÜRNBERGER AutoUpdater
2014-07-24 03:01 - 2014-02-20 19:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-24 00:38 - 2014-07-24 00:37 - 91906368 _____ (AVAST Software) C:\Users\Finanzdienstleistung\Downloads\avast_free_antivirus_setup_9_0_2021.exe
2014-07-23 22:55 - 2011-08-07 11:12 - 00000046 _____ () C:\Windows\PCCT.INI
2014-07-23 22:08 - 2013-08-16 03:02 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-23 21:33 - 2014-07-21 02:22 - 00000000 ____D () C:\ProgramData\OkhoHamu
2014-07-23 21:33 - 2009-10-14 05:07 - 00000000 ____D () C:\Windows\Panther
2014-07-23 12:40 - 2014-07-23 12:40 - 00000000 ____D () C:\Users\Finanzdienstleistung\AppData\Roaming\DesktopIconGoodgame
2014-07-23 12:33 - 2013-08-09 12:13 - 00000000 ____D () C:\ProgramData\Package Cache
2014-07-23 11:41 - 2014-07-22 15:18 - 00000000 ____D () C:\Users\Finanzdienstleistung\Desktop\Schad
2014-07-23 11:21 - 2013-10-27 12:54 - 00111984 _____ () C:\Users\Finanzdienstleistung\AppData\Local\GDIPFONTCACHEV1.DAT
2014-07-23 01:32 - 2009-11-10 20:44 - 01653464 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-22 15:22 - 2014-06-24 15:37 - 00000000 ____D () C:\Users\Finanzdienstleistung\Desktop\Lämmle
2014-07-21 17:07 - 2014-07-21 17:07 - 00000000 ____D () C:\ProgramData\firebird
2014-07-21 17:06 - 2014-07-21 17:06 - 00000000 ____D () C:\Users\Finanzdienstleistung\AppData\Roaming\NUERNBERGER
2014-07-21 17:06 - 2010-01-06 13:28 - 00000000 ____D () C:\Users\Finanzdienstleistung\Desktop\KV
2014-07-21 17:05 - 2014-07-21 17:05 - 00000000 ____D () C:\Users\Finanzdienstleistung\Documents\NuernbergerBT
2014-07-21 17:05 - 2014-07-21 17:05 - 00000000 ____D () C:\Users\Finanzdienstleistung\AppData\Local\Nuernberger_Versicherungs
2014-07-21 15:51 - 2013-10-27 11:20 - 00423168 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-21 15:29 - 2010-01-06 13:35 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-07-21 15:28 - 2011-02-13 15:04 - 00000000 ____D () C:\Program Files\NuernbergerBT
2014-07-21 15:28 - 2010-12-09 12:39 - 00000000 ____D () C:\Users\Finanzdienstleistung\AppData\Local\Downloaded Installations
2014-07-21 15:28 - 2010-04-16 22:02 - 00000000 ____D () C:\ProgramData\Nuernberger
2014-07-21 15:27 - 2010-01-19 16:55 - 00000000 ____D () C:\temp
2014-07-21 15:25 - 2014-07-21 15:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NÜRNBERGER BTnet 02.2014
2014-07-21 15:16 - 2014-07-21 15:16 - 00000000 ____D () C:\Users\Finanzdienstleistung\AppData\Roaming\Keseling
2014-07-21 14:38 - 2011-07-05 16:36 - 00000000 ____D () C:\Users\Finanzdienstleistung\Desktop\Kundenangebote
2014-07-21 11:42 - 2014-07-21 11:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alte Leipziger Verbund
2014-07-21 11:42 - 2011-03-06 16:22 - 00000000 ____D () C:\Program Files\Common Files\AlteLeipziger
2014-07-21 11:30 - 2014-07-21 11:27 - 00000000 ____D () C:\Windows\Downloaded Installations
2014-07-21 10:27 - 2014-07-19 23:00 - 00000000 ____D () C:\ProgramData\IvqeKjaqu
2014-07-20 15:49 - 2013-08-31 22:28 - 00000000 ____D () C:\Users\Finanzdienstleistung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppsHat
2014-07-19 16:23 - 2014-07-19 16:23 - 00012313 _____ () C:\Users\Finanzdienstleistung\Downloads\Abrechnung Garbpflege 2014.xlsx
2014-07-19 16:23 - 2014-07-19 16:23 - 00012313 _____ () C:\Users\Finanzdienstleistung\Downloads\Abrechnung Garbpflege 2014 (1).xlsx
2014-07-14 06:11 - 2014-07-10 22:19 - 00000000 ____D () C:\Users\Finanzdienstleistung\Desktop\Neuer Ordner (4)
2014-07-14 06:08 - 2009-07-14 06:52 - 00000000 ____D () C:\Windows\twain_32
2014-07-12 19:44 - 2011-05-12 21:16 - 00013824 _____ () C:\Users\Finanzdienstleistung\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-07-11 15:28 - 2013-01-30 23:51 - 00000000 ____D () C:\Users\Finanzdienstleistung\Desktop\Selbstdarstellung
2014-07-11 03:06 - 2014-07-11 03:06 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-11 03:05 - 2010-01-04 16:43 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-10 22:57 - 2014-07-09 12:21 - 00000000 ____D () C:\Users\Finanzdienstleistung\Desktop\Neuer Ordner (3)
2014-07-10 15:40 - 2014-07-10 15:40 - 00000000 ____D () C:\Users\Finanzdienstleistung\Desktop\Lisa ****
2014-07-09 12:36 - 2012-04-12 23:28 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-07-09 12:36 - 2011-09-24 22:43 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-07-08 17:52 - 2014-04-27 14:10 - 00000000 ____D () C:\Users\Finanzdienstleistung\Desktop\Neuer Ordner
2014-07-08 15:22 - 2014-06-26 14:46 - 00000000 ____D () C:\Users\Finanzdienstleistung\Desktop\Neuer Ordner (2)
2014-07-08 12:01 - 2014-06-02 12:46 - 00000000 ____D () C:\Users\Finanzdienstleistung\Desktop\Neubewerbg. Komp

Files to move or delete:
====================
C:\Users\Finanzdienstleistung\dxdllreg.exe


Some content of TEMP:
====================
C:\Users\Finanzdienstleistung\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmptyfmj3.dll
C:\Users\Finanzdienstleistung\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-28 02:33

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---

--- --- ---

Antwort

Themen zu Windows 7 - Malware gefunden - regsrv32 - Fehlermeldung bei Systemboot
besser, conduitsearch, conduitsearch entfernen, fehlermeldung, forums, homebanking, intern, malware gefunden, melden, mobogenie, mobogenie entfernen, pup.optional.delta.a, pup.optional.mysearchdial, pup.optional.wedownloadmanager.a, schei, systemstart, windows 7, überschritten, zuletzt



Ähnliche Themen: Windows 7 - Malware gefunden - regsrv32 - Fehlermeldung bei Systemboot


  1. Windows 7: Malware Gefunden und unerwünschte Programme
    Log-Analyse und Auswertung - 28.07.2015 (10)
  2. C:\Windows\System32\cmd. exe Fehlermeldung bat=exe konnte nicht gefunden werden
    Plagegeister aller Art und deren Bekämpfung - 27.02.2015 (17)
  3. C:\Windows\System32\cmd. exe Fehlermeldung bat=exe konnte nicht gefunden werden
    Log-Analyse und Auswertung - 26.12.2014 (11)
  4. Windows 7 64 bit home: Malware oder Spyware gefunden, Avira Scan hat das Problem nicht behoben
    Log-Analyse und Auswertung - 29.10.2014 (13)
  5. Windows 7 Rechner wird immer langsamer Malware gefunden
    Plagegeister aller Art und deren Bekämpfung - 21.10.2014 (12)
  6. Windows 8.1: Avira hat Malware gefunden-Aktion: Zugriff verweigert
    Log-Analyse und Auswertung - 19.08.2014 (5)
  7. C:\Windows\System32\cmd. exe Fehlermeldung bat=exe konnte nicht gefunden werden
    Log-Analyse und Auswertung - 16.08.2014 (17)
  8. C:\Windows\System32\cmd. exe Fehlermeldung bat=exe konnte nicht gefunden werden
    Log-Analyse und Auswertung - 19.07.2014 (14)
  9. Windows 7: Malware ADWARE/InstallCore.Gen7 mit Avira gefunden
    Log-Analyse und Auswertung - 27.05.2014 (13)
  10. Windows Vista. Es wurde aktive malware auf ihrem system gefunden
    Plagegeister aller Art und deren Bekämpfung - 10.04.2014 (15)
  11. Fehlermeldung beim Start von Windows RunDll Modul nicht gefunden
    Plagegeister aller Art und deren Bekämpfung - 16.03.2014 (17)
  12. Windows 7 Fehlermeldung " ..HomeTab\TBUpdater.dll" nicht gefunden
    Plagegeister aller Art und deren Bekämpfung - 15.11.2013 (16)
  13. Weißer Bildschirm bei Windows XP nach start - zuvor Malware gefunden
    Log-Analyse und Auswertung - 23.05.2013 (19)
  14. Avira, Malware gefunden , Exploit EXP/CVE-2008-5353, GMER unterbrochen, Windows runtergefahren, Neustart erfolgreich
    Log-Analyse und Auswertung - 23.03.2013 (7)
  15. Logfileauswertung - Fehlermeldung C:\WINDOWS\svchost.exe" konnte nicht gefunden
    Log-Analyse und Auswertung - 29.12.2009 (1)
  16. Fehlermeldung nach Windows Log-In "Wingdy32.rom nicht gefunden"
    Log-Analyse und Auswertung - 09.12.2008 (1)
  17. is-OAJPO.exe wurde nicht gefunden! (Windows Fehlermeldung)
    Log-Analyse und Auswertung - 22.08.2006 (7)

Zum Thema Windows 7 - Malware gefunden - regsrv32 - Fehlermeldung bei Systemboot - Hallo mir wurde hier: http://www.trojaner-board.de/156890-...32-fehler.html geraten, mich besser in diesem Bereich des Forums zu melden, da scheinbar auf meinem Rechner Malware läuft! Ich bitte also offiziell dringend um Hilfe! Wie - Windows 7 - Malware gefunden - regsrv32 - Fehlermeldung bei Systemboot...
Archiv
Du betrachtest: Windows 7 - Malware gefunden - regsrv32 - Fehlermeldung bei Systemboot auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.