| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Spam-Mail DHL Paketankündigung mit Link zur PaketinformationWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
19.01.2014, 15:45
| #1 |
| |  Spam-Mail DHL Paketankündigung mit Link zur Paketinformation Hallo zusammen, auch ich bin auf den in einer angeblich von DHL versandten E-Mail enthaltenen Link gegangen, der schon in anderen Beiträgen hier im Forum beschrieben war. Die Weiterleitung erfolgte auf eine Seite mit der Endung ".ru". Meine Avast InternetSecurity gab den Hinweis aus, dass der Zugriff auf bzw. durch die Seite verweigert wurde. Ich bin jetzt aber trotzdem nicht sicher, ob nicht doch eine Infizierung vorliegen könnte. Irgendwelche Problem mit dem Rechner konnte ich bisher nicht konkret feststellen. Der vollständige Scan mit Avast ergab keine erkennbaren Infektionen. Ich habe DeFogger, FRST und GMER ausgeführt, deren Log-Dateien ich folgend poste. Vielen Dank DeFogger defogger_disable.log Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 14:57 on 19/01/2014 (Damari)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-01-2014 01
Ran by Internet (ATTENTION: The logged in user is not administrator) on DAMARIS-PC on 19-01-2014 15:03:30
Running from C:\Users\Internet\Documents
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
() C:\Windows\PLFSetI.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Hidfind.exe
(Dropbox, Inc.) C:\Users\Internet\AppData\Roaming\Dropbox\bin\Dropbox.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
() C:\Program Files (x86)\MouseDriver\OfficeMouse.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8060960 2009-08-06] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] - C:\Program Files\Apoint2K\Apoint.exe [295936 2009-05-22] (Alps Electric Co., Ltd.)
HKLM\...\Run: [PLFSetI] - C:\Windows\PLFSetI.exe [200704 2009-11-20] ()
HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [823840 2009-09-30] (Acer Incorporated)
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2782096 2010-07-26] (CANON INC.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-06-16] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1094736 2009-11-02] (Dritek System Inc.)
HKLM-x32\...\Run: [ArcadeDeluxeAgent] - C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [419112 2009-10-06] (CyberLink Corp.)
HKLM-x32\...\Run: [avast5] - C:\Program Files\Alwil Software\Avast5\avastUI.exe [3764024 2013-12-29] (AVAST Software)
HKLM-x32\...\Run: [iWareV3] - C:\Program Files (x86)\MouseDriver\OfficeMouse.exe [507904 2009-03-27] ()
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\Alwil Software\Avast5\AvastUI.exe [3764024 2013-12-29] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PDFPrint] - C:\Program Files (x86)\PDF24\pdf24.exe [186408 2013-12-12] (Geek Software GmbH)
HKLM\...\Runonce: [MSPCLOCK] - rundll32.exe streamci,StreamingDeviceSetup {97ebaacc-95bd-11d0-a3ea-00a0c9223196},{53172480-4791-11D0-A5D6-28DB04C10000},{53172480-4791-11D0-A5D6-28DB04C10000}
HKLM\...\Runonce: [MSPQM] - rundll32.exe streamci,StreamingDeviceSetup {DDF4358E-BB2C-11D0-A42F-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196}
HKLM\...\Runonce: [MSKSSRV] - rundll32.exe streamci,StreamingDeviceSetup {96E080C7-143C-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196}
HKLM\...\Runonce: [MSTEE.CxTransform] - rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},C:\Windows\inf\ksfilter.inf,MSTEE.Interface.Install
HKLM\...\Runonce: [MSTEE.Splitter] - rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},C:\Windows\inf\ksfilter.inf,MSTEE.Interface.Install
HKLM\...\Runonce: [WDM_DRMKAUD] - rundll32.exe streamci,StreamingDeviceSetup {EEC12DB6-AD9C-4168-8658-B03DAEF417FE},{ABD61E00-9350-47e2-A632-4438B90C6641},{FFBB6E3F-CCFE-4D84-90D9-421418B03A8E},C:\Windows\inf\WDMAUDIO.inf,WDM_DRMKAUD.Interface.Install
HKLM\...\RunOnce: [*Restore] - C:\Windows\System32\rstrui.exe /runonce [296960 2010-11-20] (Microsoft Corporation)
HKLM-x32\...\Runonce: [aswAhAScr.dll] - "C:\Program Files\Alwil Software\Avast5\aswRegSvr.exe" "C:\Program Files\Alwil Software\Avast5\AhAScr.dll" [x]
HKLM-x32\...\Runonce: [aswasOutExt.dll] - "C:\Program Files\Alwil Software\Avast5\aswRegSvr.exe" "C:\Program Files\Alwil Software\Avast5\asOutExt.dll" [x]
HKLM-x32\...\Runonce: [aswasOutExt64.dll] - "C:\Program Files\Alwil Software\Avast5\aswRegSvr64.exe" "C:\Program Files\Alwil Software\Avast5\asOutExt64.dll" [x]
HKLM-x32\...\RunOnce: [20131224] - C:\Program Files\Alwil Software\Avast5\setup\emupdate\bd41a782-b42e-4357-aa60-5afc7ea0c4eb.exe /check [181136 2013-12-30] (AVAST Software)
HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware ] - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation)
HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware (cleanup)] - rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript [1127496 2013-04-04] (Malwarebytes Corporation)
AppInit_DLLs: => File Not Found
Startup: C:\Users\Internet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Internet\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5542&r=27360810v706l0468z105t5441y71o
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60049
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,CustomizeSearch = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
URLSearchHook: HKCU - (No Name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - No File
URLSearchHook: HKCU - (No Name) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - No File
SearchScopes: HKLM - DefaultScope {6D466CFD-27C3-485C-807E-1AF633D3A4D1} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKLM - {6D466CFD-27C3-485C-807E-1AF633D3A4D1} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKLM-x32 - {c1d89ae7-449d-4929-b24b-fded04adbe06} URL = hxxp://isearch.glarysoft.com/?q={searchTerms}&src=iesearch
SearchScopes: HKCU - DefaultScope {6D466CFD-27C3-485C-807E-1AF633D3A4D1} URL =
SearchScopes: HKCU - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} URL = hxxp://www.crawler.com/search/dispatcher.aspx?tp=bs&qkw={searchTerms}&tbid=60049
SearchScopes: HKCU - {3AAF02FD-9BCA-4DF2-B5C3-DAC40429482D} URL = hxxp://de.search.yahoo.com/search?fr=mcafee&p={SearchTerms}
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_de
SearchScopes: HKCU - {76738264-F7CA-431B-9607-D57EC08E7EA1} URL = hxxp://de.search.yahoo.com/search?fr=mcafee&p={SearchTerms}
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - No Name - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Internet\AppData\Roaming\Mozilla\Firefox\Profiles\dod4pf5r.default
FF Homepage: https://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll No File
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.17.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Users\Internet\AppData\Roaming\Mozilla\Firefox\Profiles\dod4pf5r.default\searchplugins\search_engine.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\glarysearch.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\McSiteAdvisor.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Flashblock - C:\Users\Internet\AppData\Roaming\Mozilla\Firefox\Profiles\dod4pf5r.default\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2013-04-17]
FF Extension: No Name - C:\Users\Internet\AppData\Roaming\Mozilla\Firefox\Profiles\dod4pf5r.default\Extensions\Foxdie@tanjihay.com.xpi [2010-10-14]
FF Extension: NoScript - C:\Users\Internet\AppData\Roaming\Mozilla\Firefox\Profiles\dod4pf5r.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2011-07-05]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-28]
FF HKLM-x32\...\Firefox\Extensions: [{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}] - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\
FF Extension: Firefox Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ []
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011-06-20]
FF HKLM-x32\...\Thunderbird\Extensions: [{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}] - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\
FF Extension: Thunderbird Address Book Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ []
==================== Services (Whitelisted) =================
R2 AdobeActiveFileMonitor11.0; C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [171600 2012-09-23] (Adobe Systems Incorporated)
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [50344 2013-12-29] (AVAST Software)
R2 avast! Firewall; C:\Program Files\Alwil Software\Avast5\afwServ.exe [113704 2013-12-29] (AVAST Software)
R2 lmhosts; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [305448 2009-09-11] (Egis Technology Inc.)
R2 NlaSvc; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-11-02] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2013-12-29] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2013-12-29] (AVAST Software)
R1 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [439648 2014-01-08] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-12-02] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-12-02] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1034464 2013-12-29] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [422216 2013-12-29] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [79672 2013-12-29] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2013-12-29] ()
R0 BootDefragDriver; C:\Windows\System32\drivers\BootDefragDriver.sys [17088 2014-01-06] (Glarysoft Ltd)
S3 MEMSWEEP2; C:\Windows\system32\5A05.tmp [6144 2010-05-26] (Sophos Plc)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-08-10] (Corel Corporation)
S3 RSUSBSTOR; C:\Windows\SysWOW64\Drivers\RtsUStor.sys [225280 2009-09-02] (Realtek Semiconductor Corp.)
S3 StarOpen; No ImagePath
S3 Lavasoft Kernexplorer; \??\C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-19 15:03 - 2014-01-19 15:03 - 00019670 _____ C:\Users\Internet\Documents\FRST.txt
2014-01-19 15:02 - 2014-01-19 15:02 - 02076672 _____ (Farbar) C:\Users\Internet\Documents\FRST64.exe
2014-01-19 15:01 - 2014-01-19 15:01 - 00000000 ____D C:\FRST
2014-01-19 14:57 - 2014-01-19 14:57 - 00000474 _____ C:\Users\Internet\Documents\defogger_disable.log
2014-01-19 14:57 - 2014-01-19 14:57 - 00000000 _____ C:\Users\Damari\defogger_reenable
2014-01-19 14:51 - 2014-01-19 14:51 - 00050477 _____ C:\Users\Internet\Documents\Defogger.exe
2014-01-19 14:22 - 2014-01-19 14:22 - 00001087 _____ C:\Users\Public\Desktop\PDF24 Creator.lnk
2014-01-19 14:22 - 2014-01-19 14:22 - 00000000 ____D C:\Users\Internet\AppData\Local\PDF24
2014-01-19 14:22 - 2014-01-19 14:22 - 00000000 ____D C:\Program Files (x86)\PDF24
2014-01-19 14:00 - 2014-01-19 14:00 - 00002023 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-01-19 13:53 - 2014-01-19 13:53 - 00001957 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk
2014-01-19 13:53 - 2014-01-19 13:53 - 00000000 ____D C:\Program Files (x86)\CDBurnerXP
2014-01-19 12:35 - 2014-01-19 12:35 - 00001155 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-01-19 11:29 - 2014-01-19 11:41 - 00000000 ____D C:\AdwCleaner
2014-01-19 09:28 - 2014-01-19 09:28 - 00001117 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-19 09:28 - 2014-01-19 09:28 - 00000000 ____D C:\Users\Damari\AppData\Roaming\Malwarebytes
2014-01-19 09:28 - 2014-01-19 09:28 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-19 09:28 - 2014-01-19 09:28 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-19 09:28 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-18 14:50 - 2014-01-19 11:06 - 00007434 _____ C:\Windows\PFRO.log
2014-01-18 14:36 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-18 14:36 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-18 14:36 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-18 14:36 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-18 14:36 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-18 14:36 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-18 14:36 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-18 14:36 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-18 14:36 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-17 22:35 - 2014-01-17 22:35 - 00000000 ____D C:\Users\Internet\AppData\Roaming\GlarySoft
2014-01-12 17:29 - 2014-01-19 14:36 - 00001456 _____ C:\Windows\setupact.log
2014-01-12 17:29 - 2014-01-12 17:29 - 00000000 _____ C:\Windows\setuperr.log
2014-01-12 16:34 - 2014-01-19 14:36 - 00000336 _____ C:\Windows\Tasks\GlaryInitialize 4.job
2014-01-12 16:34 - 2014-01-18 14:18 - 00000000 ____D C:\Program Files (x86)\Glary Utilities 4
2014-01-12 16:34 - 2014-01-12 16:34 - 00001088 _____ C:\Users\Public\Desktop\Glary Utilities 4.lnk
2014-01-12 16:34 - 2014-01-12 16:34 - 00000000 ____D C:\ProgramData\GlarySoft
2014-01-12 16:34 - 2014-01-06 09:38 - 00117024 _____ (Glarysoft Ltd) C:\Windows\system32\BootDefrag.exe
2014-01-12 16:34 - 2014-01-06 04:28 - 00017088 _____ (Glarysoft Ltd) C:\Windows\system32\Drivers\BootDefragDriver.sys
2013-12-29 23:01 - 2014-01-18 15:13 - 00002047 _____ C:\Users\Public\Desktop\avast! SafeZone.lnk
2013-12-29 23:01 - 2014-01-18 15:13 - 00001987 _____ C:\Users\Public\Desktop\avast! Internet Security.lnk
2013-12-29 23:00 - 2013-12-29 23:01 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2013-12-29 23:00 - 2013-12-29 23:00 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2013-12-29 22:57 - 2013-12-29 22:57 - 00001639 _____ C:\Users\Internet\Documents\License.avastlic
2013-12-29 15:24 - 2013-12-29 15:24 - 00000000 ____D C:\Users\Damari\AppData\Roaming\elsterformular
2013-12-28 18:34 - 2014-01-19 12:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
==================== One Month Modified Files and Folders =======
2014-01-19 15:03 - 2014-01-19 15:03 - 00019670 _____ C:\Users\Internet\Documents\FRST.txt
2014-01-19 15:02 - 2014-01-19 15:02 - 02076672 _____ (Farbar) C:\Users\Internet\Documents\FRST64.exe
2014-01-19 15:01 - 2014-01-19 15:01 - 00000000 ____D C:\FRST
2014-01-19 14:57 - 2014-01-19 14:57 - 00000474 _____ C:\Users\Internet\Documents\defogger_disable.log
2014-01-19 14:57 - 2014-01-19 14:57 - 00000000 _____ C:\Users\Damari\defogger_reenable
2014-01-19 14:57 - 2010-08-24 20:21 - 00000000 ____D C:\Users\Damari
2014-01-19 14:51 - 2014-01-19 14:51 - 00050477 _____ C:\Users\Internet\Documents\Defogger.exe
2014-01-19 14:46 - 2009-07-14 05:45 - 00022896 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-19 14:46 - 2009-07-14 05:45 - 00022896 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-19 14:42 - 2010-03-02 17:32 - 01703195 _____ C:\Windows\WindowsUpdate.log
2014-01-19 14:38 - 2013-08-10 17:11 - 00000000 ___RD C:\Users\Internet\Dropbox
2014-01-19 14:38 - 2013-08-10 17:05 - 00000000 ____D C:\Users\Internet\AppData\Roaming\Dropbox
2014-01-19 14:37 - 2010-11-26 11:56 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-19 14:37 - 2009-10-28 19:12 - 00000000 ____D C:\ProgramData\Adobe
2014-01-19 14:36 - 2014-01-12 17:29 - 00001456 _____ C:\Windows\setupact.log
2014-01-19 14:36 - 2014-01-12 16:34 - 00000336 _____ C:\Windows\Tasks\GlaryInitialize 4.job
2014-01-19 14:36 - 2012-08-26 22:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-19 14:36 - 2010-11-26 10:40 - 00000437 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2014-01-19 14:36 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-19 14:34 - 2013-10-05 19:47 - 00009769 _____ C:\Users\Internet\Desktop\Mappe1.xlsx
2014-01-19 14:28 - 2010-10-08 19:42 - 00000000 ____D C:\Users\Internet\AppData\Roaming\Adobe
2014-01-19 14:26 - 2010-11-26 11:56 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-19 14:22 - 2014-01-19 14:22 - 00001087 _____ C:\Users\Public\Desktop\PDF24 Creator.lnk
2014-01-19 14:22 - 2014-01-19 14:22 - 00000000 ____D C:\Users\Internet\AppData\Local\PDF24
2014-01-19 14:22 - 2014-01-19 14:22 - 00000000 ____D C:\Program Files (x86)\PDF24
2014-01-19 14:19 - 2012-08-27 22:21 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-19 14:14 - 2010-08-29 14:57 - 00000000 ____D C:\Program Files\Paint.NET
2014-01-19 14:00 - 2014-01-19 14:00 - 00002023 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-01-19 13:59 - 2009-10-28 19:11 - 00000000 ____D C:\Program Files (x86)\Adobe
2014-01-19 13:53 - 2014-01-19 13:53 - 00001957 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk
2014-01-19 13:53 - 2014-01-19 13:53 - 00000000 ____D C:\Program Files (x86)\CDBurnerXP
2014-01-19 12:35 - 2014-01-19 12:35 - 00001155 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-01-19 12:35 - 2013-12-28 18:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-01-19 11:41 - 2014-01-19 11:29 - 00000000 ____D C:\AdwCleaner
2014-01-19 11:06 - 2014-01-18 14:50 - 00007434 _____ C:\Windows\PFRO.log
2014-01-19 11:04 - 2010-09-21 14:18 - 00000000 ____D C:\Program Files\WLAN-Netzsuche
2014-01-19 09:28 - 2014-01-19 09:28 - 00001117 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-19 09:28 - 2014-01-19 09:28 - 00000000 ____D C:\Users\Damari\AppData\Roaming\Malwarebytes
2014-01-19 09:28 - 2014-01-19 09:28 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-19 09:28 - 2014-01-19 09:28 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-18 15:42 - 2012-08-27 22:21 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-18 15:42 - 2011-06-20 13:12 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-18 15:13 - 2013-12-29 23:01 - 00002047 _____ C:\Users\Public\Desktop\avast! SafeZone.lnk
2014-01-18 15:13 - 2013-12-29 23:01 - 00001987 _____ C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-01-18 14:51 - 2009-07-14 05:45 - 03485600 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-18 14:47 - 2013-07-29 20:31 - 00000000 ____D C:\Windows\system32\MRT
2014-01-18 14:39 - 2013-03-24 18:46 - 00000000 ____D C:\Program Files\Microsoft Office 15
2014-01-18 14:37 - 2010-10-16 15:56 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-18 14:26 - 2010-10-03 12:50 - 00000950 _____ C:\Windows\wininit.ini
2014-01-18 14:26 - 2010-09-13 20:15 - 00000000 ___RD C:\Users\Internet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-18 14:25 - 2013-08-10 17:11 - 00001032 _____ C:\Users\Internet\Desktop\Dropbox.lnk
2014-01-18 14:25 - 2013-08-10 17:08 - 00000000 ____D C:\Users\Internet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-01-18 14:20 - 2010-09-13 20:14 - 00000000 ____D C:\Users\Internet
2014-01-18 14:18 - 2014-01-12 16:34 - 00000000 ____D C:\Program Files (x86)\Glary Utilities 4
2014-01-18 14:18 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2014-01-18 14:18 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\AppCompat
2014-01-17 22:35 - 2014-01-17 22:35 - 00000000 ____D C:\Users\Internet\AppData\Roaming\GlarySoft
2014-01-12 17:29 - 2014-01-12 17:29 - 00000000 _____ C:\Windows\setuperr.log
2014-01-12 16:36 - 2013-03-16 14:23 - 00000000 ____D C:\Windows\Minidump
2014-01-12 16:36 - 2009-07-27 21:41 - 00000000 ____D C:\Windows\Panther
2014-01-12 16:34 - 2014-01-12 16:34 - 00001088 _____ C:\Users\Public\Desktop\Glary Utilities 4.lnk
2014-01-12 16:34 - 2014-01-12 16:34 - 00000000 ____D C:\ProgramData\GlarySoft
2014-01-12 16:34 - 2010-09-28 17:51 - 00000000 ____D C:\Users\Damari\AppData\Roaming\GlarySoft
2014-01-12 16:34 - 2010-09-11 14:10 - 00000000 ____D C:\Program Files (x86)\Glary Utilities
2014-01-08 12:38 - 2013-03-16 14:34 - 00439648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-01-06 09:38 - 2014-01-12 16:34 - 00117024 _____ (Glarysoft Ltd) C:\Windows\system32\BootDefrag.exe
2014-01-06 04:28 - 2014-01-12 16:34 - 00017088 _____ (Glarysoft Ltd) C:\Windows\system32\Drivers\BootDefragDriver.sys
2014-01-04 12:48 - 2011-05-29 15:16 - 00000000 ____D C:\Users\Internet\AppData\Local\Microsoft Games
2014-01-01 22:43 - 2011-11-27 21:53 - 00000000 ____D C:\ProgramData\tmp
2014-01-01 11:19 - 2011-12-14 20:41 - 00000000 ____D C:\Users\Internet\AppData\Roaming\Skype
2013-12-31 22:03 - 2011-12-14 20:41 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-12-31 22:03 - 2011-12-14 20:41 - 00000000 ____D C:\ProgramData\Skype
2013-12-30 22:02 - 2012-08-27 20:11 - 00000000 ____D C:\Users\Internet\AppData\Roaming\vlc
2013-12-29 23:01 - 2013-12-29 23:00 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2013-12-29 23:00 - 2013-12-29 23:00 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2013-12-29 23:00 - 2013-03-16 14:34 - 00207904 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-12-29 23:00 - 2011-06-20 13:27 - 01034464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-12-29 23:00 - 2011-06-20 13:27 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-12-29 23:00 - 2010-08-29 12:51 - 00422216 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-12-29 23:00 - 2010-08-29 12:51 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-12-29 23:00 - 2010-08-29 12:50 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-12-29 22:57 - 2013-12-29 22:57 - 00001639 _____ C:\Users\Internet\Documents\License.avastlic
2013-12-29 15:26 - 2013-04-06 20:00 - 00000000 ____D C:\Program Files (x86)\ElsterFormular
2013-12-29 15:25 - 2013-04-06 20:14 - 00000000 ____D C:\Users\Internet\AppData\Local\.elfohilfe
2013-12-29 15:24 - 2013-12-29 15:24 - 00000000 ____D C:\Users\Damari\AppData\Roaming\elsterformular
2013-12-29 14:59 - 2010-03-03 02:24 - 00699682 _____ C:\Windows\system32\perfh007.dat
2013-12-29 14:59 - 2010-03-03 02:24 - 00149790 _____ C:\Windows\system32\perfc007.dat
2013-12-29 14:59 - 2009-07-14 06:13 - 01620684 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-28 21:20 - 2013-11-16 10:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox.bak
2013-12-25 15:34 - 2010-11-21 22:20 - 00000000 ____D C:\Users\Internet\Documents\WIR
2013-12-24 17:57 - 2013-02-03 17:15 - 00000000 ____D C:\Users\Internet\AppData\Roaming\dvdcss
Some content of TEMP:
====================
C:\Users\Internet\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\Internet\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Internet\AppData\Local\Temp\uninstmgr-setup-4.6.exe
C:\Users\Internet\AppData\Local\Temp\uninstmgr-setup-5.3.exe
C:\Users\Internet\AppData\Local\Temp\vlc-2.0.5-win32.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-01-2014 01
Ran by Internet at 2014-01-19 15:04:19
Running from C:\Users\Internet\Documents
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: avast! Internet Security (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Internet Security (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Internet Security (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
==================== Installed Programs ======================
Acer Arcade Deluxe (x32 Version: 3.0.7006 - CyberLink Corp.)
Acer Arcade Deluxe (x32 Version: 3.0.7006 - CyberLink Corp.) Hidden
Acer Backup Manager (x32 Version: 2.0.0.29 - NewTech Infosystems)
Acer Crystal Eye Webcam (x32 Version: 5.2.9.3 - Suyin Optronics Corp)
Acer ePower Management (x32 Version: 4.05.3004 - Acer Incorporated)
Acer eRecovery Management (x32 Version: 4.05.3005 - Acer Incorporated)
Acer GridVista (x32 Version: 3.01.0730 - Acer Inc.)
Acer Registration (x32 Version: 1.02.3006 - Acer Incorporated)
Acer ScreenSaver (x32 Version: 1.5.0715 - Acer Incorporated)
Acer Updater (x32 Version: 1.01.3017 - Acer Incorporated)
Acrobat.com (x32 Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.8.0.1280 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.8.0.1280 - Adobe Systems Incorporated) Hidden
Adobe Download Assistant (x32 Version: 1.2.6 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.2.6 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 10 ActiveX (x32 Version: 10.0.32.18 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.43 - Adobe Systems Incorporated)
Adobe Premiere Elements 11 (Version: 11.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 11 (Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Reader XI (11.0.06) - Deutsch (x32 Version: 11.0.06 - Adobe Systems Incorporated)
ALPS Touch Pad Driver (Version: 7.105.2015.1103 - Alps Electric)
AMD USB Filter Driver (x32 Version: 1.0.11.86 - Advanced Micro Devices, Inc.) Hidden
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
ATI Catalyst Install Manager (Version: 3.0.732.0 - ATI Technologies, Inc.)
avast! Internet Security (x32 Version: 9.0.2011 - Avast Software)
Backup Manager Basic (x32 Version: 2.0.0.29 - NewTech Infosystems) Hidden
Broadcom Gigabit NetLink Controller (Version: 12.26.02 - Broadcom Corporation)
Canon MP510 (Version: - )
Canon My Printer (x32 Version: - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2009.0729.2227.38498 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2009.0729.2227.38498 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2009.0729.2227.38498 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2009.0729.2227.38498 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2009.0729.2227.38498 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2009.0729.2227.38498 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Czech (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Danish (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Dutch (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help English (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Finnish (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help French (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help German (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Greek (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Italian (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Japanese (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Korean (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Polish (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Russian (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Spanish (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Swedish (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Thai (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Turkish (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
ccc-core-static (x32 Version: 2009.0729.2227.38498 - Ihr Firmenname) Hidden
ccc-utility64 (Version: 2009.0729.2227.38498 - ATI) Hidden
CDBurnerXP (x32 Version: 4.5.2.4478 - CDBurnerXP)
Compatibility Pack für 2007 Office System (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Dropbox (HKCU Version: 2.4.11 - Dropbox, Inc.)
Elements 11 Organizer (x32 Version: 11.0 - Ihr Firmenname) Hidden
ElsterFormular (x32 Version: 14.4.12044 - Landesfinanzdirektion Thüringen)
Glary Utilities 4.4 (x32 Version: 4.4.0.86 - Glarysoft Ltd)
Glarysoft Toolbar (x32 Version: 1.2.0 - Glarysoft Ltd)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
HDAUDIO Soft Data Fax Modem with SmartCP (Version: 7.80.4.55 - Conexant Systems)
Identity Card (x32 Version: 1.00.3002 - Acer Incorporated)
IrfanView (remove only) (x32 Version: 4.35 - Irfan Skiljan)
Java 7 Update 25 (64-bit) (Version: 7.0.250 - Oracle)
Launch Manager (x32 Version: 3.0.06 - Acer Inc.)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 - de-de (Version: 15.0.4551.1512 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (x32 Version: 9.7.0621 - Microsoft Corporation)
MouseDriver (x32 Version: 1.00.0000 - )
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
Mozilla Thunderbird 17.0.6 (x86 de) (x32 Version: 17.0.6 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (x32 Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (x32 Version: 4.30.2107.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0 - Microsoft Corporation)
MyWinLocker (x32 Version: 3.1.76.0 - Egis Technology Inc.)
NAVIGON Fresh 3.4.1 (x32 Version: 3.4.1 - NAVIGON)
Nokia Connectivity Cable Driver (x32 Version: 7.1.45.0 - Nokia)
Nokia Ovi Suite (x32 Version: 3.1.1.78 - Nokia)
Nokia Ovi Suite (x32 Version: 3.1.1.78 - Nokia) Hidden
Nokia Ovi Suite Software Updater (x32 Version: 02.07.004.45780 - Nokia Corporation)
NTI Backup Now 5 (x32 Version: 5.1.2.627 - NewTech Infosystems)
NTI Backup Now Standard (x32 Version: 5.1.2.627 - NewTech Infosystems) Hidden
NTI Media Maker 8 (x32 Version: 8.0.12.6623 - NewTech Infosystems)
NTI Media Maker 8 (x32 Version: 8.0.12.6623 - NewTech Infosystems) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
OnlineFotoservice (x32 Version: 5.1.3 - CEWE Stiftung u Co. KGaA)
Ovi Desktop Sync Engine (x32 Version: 1.5.266.0 - Nokia) Hidden
OviMPlatform (x32 Version: 2.7.72.0 - Nokia) Hidden
PC Connectivity Solution (x32 Version: 11.4.19.0 - Nokia)
PDF24 Creator 6.2.0 (x32 Version: - PDF24.org)
PMB (x32 Version: 5.5.02.12220 - Sony Corporation)
PRE11 STI 64Installer (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
QuickTime (x32 Version: 7.74.80.86 - Apple Inc.)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.5911 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (x32 Version: 6.1.7600.30104 - Realtek Semiconductor Corp.)
Skype Click to Call (x32 Version: 5.8.8855 - Skype Technologies S.A.)
Skype™ 6.11 (x32 Version: 6.11.102 - Skype Technologies S.A.)
Visual C++ 2008 x86 Runtime - (v9.0.30729) (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (x32 Version: 9.0.30729.01 - Microsoft Corporation)
VLC media player 2.0.6 (x32 Version: 2.0.6 - VideoLAN)
VLC media player 2.0.7 (Version: 2.0.7 - VideoLAN)
Welcome Center (x32 Version: 1.00.3008 - Acer Incorporated)
Windows Live Anmelde-Assistent (x32 Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Communications Platform (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Sync (x32 Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live-Uploadtool (x32 Version: 14.0.8014.1029 - Microsoft Corporation)
Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0) (Version: 08/22/2008 7.0.0.0 - Nokia)
==================== Restore Points =========================
Could not list Restore Points. Check WMI.
==================== Hosts content: ==========================
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: C:\Windows\Tasks\Ad-Aware Update (Weekly).job => ?
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => ?
Task: C:\Windows\Tasks\GlaryInitialize 4.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => ?
==================== Loaded Modules (whitelisted) =============
2013-10-19 00:55 - 2013-10-19 00:55 - 25100288 _____ () C:\Users\Internet\AppData\Roaming\Dropbox\bin\libcef.dll
2012-09-02 11:37 - 2009-03-27 20:09 - 00090112 _____ () C:\Program Files (x86)\MouseDriver\dllset.dll
2013-12-02 22:40 - 2013-12-02 22:40 - 19336120 _____ () C:\Program Files\Alwil Software\Avast5\libcef.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\Temp:444C53BA
AlternateDataStreams: C:\ProgramData\Temp:4CF61E54
AlternateDataStreams: C:\ProgramData\Temp:4D066AD2
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (01/19/2014 02:00:18 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (01/19/2014 01:53:21 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (01/19/2014 00:56:55 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (01/19/2014 00:49:33 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (01/19/2014 00:48:32 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (01/19/2014 00:41:08 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (01/19/2014 00:36:21 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (01/19/2014 00:35:33 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (01/19/2014 00:35:31 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (01/19/2014 00:29:11 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: setup.exe_unknown, Version: 0.0.0.0, Zeitstempel: 0x4bc06cda
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc000041d
Fehleroffset: 0x770f11f1
ID des fehlerhaften Prozesses: 0xc74
Startzeit der fehlerhaften Anwendung: 0xsetup.exe_unknown0
Pfad der fehlerhaften Anwendung: setup.exe_unknown1
Pfad des fehlerhaften Moduls: setup.exe_unknown2
Berichtskennung: setup.exe_unknown3
System errors:
=============
Error: (01/19/2014 02:36:45 PM) (Source: ipnathlp) (User: )
Description: 0
Error: (01/19/2014 02:36:37 PM) (Source: amdsata) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\RaidPort0 gefunden.
Error: (01/19/2014 02:36:24 PM) (Source: atikmdag) (User: )
Description: Display is not active
Error: (01/19/2014 02:36:24 PM) (Source: atikmdag) (User: )
Description: CPLIB :: General - Invalid Parameter
Error: (01/19/2014 00:12:00 PM) (Source: ipnathlp) (User: )
Description: 0
Error: (01/19/2014 00:10:25 PM) (Source: amdsata) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\RaidPort0 gefunden.
Error: (01/19/2014 00:10:24 PM) (Source: atikmdag) (User: )
Description: Display is not active
Error: (01/19/2014 00:10:24 PM) (Source: atikmdag) (User: )
Description: CPLIB :: General - Invalid Parameter
Error: (01/19/2014 11:42:11 AM) (Source: amdsata) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\RaidPort0 gefunden.
Error: (01/19/2014 11:42:09 AM) (Source: atikmdag) (User: )
Description: Display is not active
Microsoft Office Sessions:
=========================
Error: (01/19/2014 02:00:18 PM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8
Error: (01/19/2014 01:53:21 PM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8
Error: (01/19/2014 00:56:55 PM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8
Error: (01/19/2014 00:49:33 PM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8
Error: (01/19/2014 00:48:32 PM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8
Error: (01/19/2014 00:41:08 PM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8
Error: (01/19/2014 00:36:21 PM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8
Error: (01/19/2014 00:35:33 PM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8
Error: (01/19/2014 00:35:31 PM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8
Error: (01/19/2014 00:29:11 PM) (Source: Application Error)(User: )
Description: setup.exe_unknown0.0.0.04bc06cdaunknown0.0.0.000000000c000041d770f11f1c7401cf1509ac1ad9a1C:\Users\Internet\AppData\Local\Temp\7zS6180.tmp\setup.exeunknowneaabe412-80fc-11e3-a393-00262d901b56
CodeIntegrity Errors:
===================================
Date: 2012-08-26 21:09:51.391
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\5A05.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-08-26 21:09:51.313
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\5A05.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2011-10-06 12:03:48.438
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\BC2D.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2011-10-06 12:03:48.406
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\BC2D.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2011-07-16 17:29:20.818
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\E3FE.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2011-07-16 17:29:20.787
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\E3FE.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2011-07-16 16:49:34.685
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\E3FE.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2011-07-16 16:49:34.653
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\E3FE.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2011-07-16 16:44:37.956
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\549A.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2011-07-16 16:44:37.910
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\549A.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Percentage of memory in use: 33%
Total physical RAM: 4094.36 MB
Available physical RAM: 2708.45 MB
Total Pagefile: 10233.54 MB
Available Pagefile: 8692.84 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: (ACER) (Fixed) (Total:286.27 GB) (Free:134.63 GB) NTFS
==================== MBR & Partition Table ==================
==================== End Of Log ============================
Code:
ATTFilter GMER 2.1.19324 - hxxp://www.gmer.net
Rootkit scan 2014-01-19 15:38:17
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\0000005d WDC_WD32 rev.11.0 298,09GB
Running: wp5megvq.exe; Driver: C:\Users\Damari\AppData\Local\Temp\pwriifow.sys
---- User code sections - GMER 2.1 ----
.text C:\Windows\system32\wininit.exe[540] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076dceecd 1 byte [62]
.text C:\Windows\system32\winlogon.exe[608] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076dceecd 1 byte [62]
.text C:\Windows\system32\services.exe[652] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076dceecd 1 byte [62]
.text C:\Windows\system32\svchost.exe[788] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076dceecd 1 byte [62]
.text C:\Windows\system32\atiesrxx.exe[940] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076dceecd 1 byte [62]
.text C:\Windows\System32\svchost.exe[1000] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076dceecd 1 byte [62]
.text C:\Windows\System32\svchost.exe[288] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076dceecd 1 byte [62]
.text C:\Windows\system32\svchost.exe[440] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076dceecd 1 byte [62]
.text C:\Windows\system32\svchost.exe[644] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076dceecd 1 byte [62]
.text C:\Windows\system32\svchost.exe[1156] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076dceecd 1 byte [62]
.text C:\Windows\system32\atieclxx.exe[1240] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076dceecd 1 byte [62]
.text C:\Program Files\Alwil Software\Avast5\afwServ.exe[1448] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 00000000765ba2ba 1 byte [62]
.text C:\Program Files\Alwil Software\Avast5\afwServ.exe[1448] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000074ce1465 2 bytes [CE, 74]
.text C:\Program Files\Alwil Software\Avast5\afwServ.exe[1448] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000074ce14bb 2 bytes [CE, 74]
.text ... * 2
.text C:\Windows\System32\spoolsv.exe[1576] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076dceecd 1 byte [62]
.text C:\Windows\system32\svchost.exe[1604] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076dceecd 1 byte [62]
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1696] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 00000000765ba2ba 1 byte [62]
.text C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe[1752] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076dceecd 1 byte [62]
.text C:\Program Files (x86)\Acer\Registration\GregHSRW.exe[1780] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 00000000765ba2ba 1 byte [62]
.text C:\Windows\system32\svchost.exe[1820] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076dceecd 1 byte [62]
.text C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe[1872] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 00000000765ba2ba 1 byte [62]
.text C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe[1872] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000074ce1465 2 bytes [CE, 74]
.text C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe[1872] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000074ce14bb 2 bytes [CE, 74]
.text ... * 2
.text C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe[1928] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 00000000765ba2ba 1 byte [62]
.text C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe[1952] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076dceecd 1 byte [62]
.text C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe[2000] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 00000000765ba2ba 1 byte [62]
.text C:\Windows\system32\svchost.exe[1088] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076dceecd 1 byte [62]
.text C:\Program Files\Acer\Acer Updater\UpdaterService.exe[2056] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 00000000765ba2ba 1 byte [62]
.text C:\Windows\system32\svchost.exe[2728] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076dceecd 1 byte [62]
.text C:\Windows\system32\taskhost.exe[3040] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076dceecd 1 byte [62]
.text C:\Windows\system32\Dwm.exe[2232] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076dceecd 1 byte [62]
.text C:\Windows\Explorer.EXE[1280] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076dceecd 1 byte [62]
.text C:\Windows\System32\rundll32.exe[3268] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076dceecd 1 byte [62]
.text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[3312] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076dceecd 1 byte [62]
.text C:\Program Files\Apoint2K\Apoint.exe[3500] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076dceecd 1 byte [62]
.text C:\Windows\PLFSetI.exe[3576] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 00000000765ba2ba 1 byte [62]
.text C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe[3636] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076dceecd 1 byte [62]
.text C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE[3652] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076dceecd 1 byte [62]
.text C:\Program Files\Apoint2K\ApMsgFwd.exe[3760] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076dceecd 1 byte [62]
.text C:\Windows\system32\SearchIndexer.exe[3932] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076dceecd 1 byte [62]
.text C:\Program Files\Apoint2K\Apntex.exe[3984] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076dceecd 1 byte [62]
.text C:\Windows\system32\conhost.exe[4004] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076dceecd 1 byte [62]
.text C:\Program Files\Apoint2K\HidFind.exe[4036] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076dceecd 1 byte [62]
.text C:\Windows\system32\wbem\unsecapp.exe[3120] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076dceecd 1 byte [62]
.text C:\Users\Internet\AppData\Roaming\Dropbox\bin\Dropbox.exe[3088] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 00000000765ba2ba 1 byte [62]
.text C:\Users\Internet\AppData\Roaming\Dropbox\bin\Dropbox.exe[3088] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 69 0000000074ce1465 2 bytes [CE, 74]
.text C:\Users\Internet\AppData\Roaming\Dropbox\bin\Dropbox.exe[3088] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 155 0000000074ce14bb 2 bytes [CE, 74]
.text ... * 2
.text C:\Program Files (x86)\Launch Manager\LManager.exe[3400] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 00000000765ba2ba 1 byte [62]
.text C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe[2348] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 00000000765ba2ba 1 byte [62]
.text C:\Program Files (x86)\MouseDriver\OfficeMouse.exe[3708] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 00000000765ba2ba 1 byte [62]
.text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[3980] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 00000000765ba2ba 1 byte [62]
.text C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe[360] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076dceecd 1 byte [62]
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3396] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076dceecd 1 byte [62]
.text C:\Program Files (x86)\PDF24\pdf24.exe[268] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 00000000765ba2ba 1 byte [62]
.text C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe[4712] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 00000000765ba2ba 1 byte [62]
.text C:\Windows\system32\notepad.exe[3908] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076dceecd 1 byte [62]
.text C:\Windows\system32\notepad.exe[5016] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076dceecd 1 byte [62]
.text C:\Windows\system32\AUDIODG.EXE[572] C:\Windows\System32\kernel32.dll!GetBinaryTypeW + 189 0000000076dceecd 1 byte [62]
.text C:\Users\Internet\Documents\wp5megvq.exe[2556] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 00000000765ba2ba 1 byte [62]
---- User IAT/EAT - GMER 2.1 ----
IAT C:\Windows\Explorer.EXE[1280] @ C:\Windows\system32\SHLWAPI.dll[KERNEL32.dll!FreeLibraryAndExitThread] [10002350] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\psdprotect.dll
IAT C:\Windows\Explorer.EXE[1280] @ C:\Windows\system32\SHLWAPI.dll[KERNEL32.dll!CreateThread] [10003450] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\psdprotect.dll
IAT C:\Windows\Explorer.EXE[1280] @ C:\Windows\system32\SHELL32.dll[KERNEL32.dll!LoadLibraryA] [100011e0] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\psdprotect.dll
---- Threads - GMER 2.1 ----
Thread C:\Windows\System32\svchost.exe [2152:2940] 000007fef42b9688
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [3396:1268] 000007fefb432a7c
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Epoch2@Epoch 7307
---- EOF - GMER 2.1 ----
|
|
19.01.2014, 19:00
| #2 |
| /// the machine /// TB-Ausbilder    | Spam-Mail DHL Paketankündigung mit Link zur Paketinformation Hi,
__________________FRST bitte nochmal, Tools brauchen immer Adminrechte.
__________________ |
|
19.01.2014, 19:16
| #3 |
| | Spam-Mail DHL Paketankündigung mit Link zur Paketinformation Hallo Schrauber,
__________________sorry, hier noch FRST mit Admin-Rechten. FRST: Additional.txt Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-01-2014 01
Ran by Damari at 2014-01-19 19:04:33
Running from C:\Users\Internet\Documents
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: avast! Internet Security (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Internet Security (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Internet Security (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
==================== Installed Programs ======================
Acer Arcade Deluxe (x32 Version: 3.0.7006 - CyberLink Corp.)
Acer Arcade Deluxe (x32 Version: 3.0.7006 - CyberLink Corp.) Hidden
Acer Backup Manager (x32 Version: 2.0.0.29 - NewTech Infosystems)
Acer Crystal Eye Webcam (x32 Version: 5.2.9.3 - Suyin Optronics Corp)
Acer ePower Management (x32 Version: 4.05.3004 - Acer Incorporated)
Acer eRecovery Management (x32 Version: 4.05.3005 - Acer Incorporated)
Acer GridVista (x32 Version: 3.01.0730 - Acer Inc.)
Acer Registration (x32 Version: 1.02.3006 - Acer Incorporated)
Acer ScreenSaver (x32 Version: 1.5.0715 - Acer Incorporated)
Acer Updater (x32 Version: 1.01.3017 - Acer Incorporated)
Acrobat.com (x32 Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.8.0.1280 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.8.0.1280 - Adobe Systems Incorporated) Hidden
Adobe Download Assistant (x32 Version: 1.2.6 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.2.6 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 10 ActiveX (x32 Version: 10.0.32.18 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.43 - Adobe Systems Incorporated)
Adobe Premiere Elements 11 (Version: 11.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 11 (Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Reader XI (11.0.06) - Deutsch (x32 Version: 11.0.06 - Adobe Systems Incorporated)
ALPS Touch Pad Driver (Version: 7.105.2015.1103 - Alps Electric)
AMD USB Filter Driver (x32 Version: 1.0.11.86 - Advanced Micro Devices, Inc.) Hidden
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
ATI Catalyst Install Manager (Version: 3.0.732.0 - ATI Technologies, Inc.)
avast! Internet Security (x32 Version: 9.0.2011 - Avast Software)
Backup Manager Basic (x32 Version: 2.0.0.29 - NewTech Infosystems) Hidden
Broadcom Gigabit NetLink Controller (Version: 12.26.02 - Broadcom Corporation)
Canon MP510 (Version: - )
Canon My Printer (x32 Version: - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2009.0729.2227.38498 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2009.0729.2227.38498 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2009.0729.2227.38498 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2009.0729.2227.38498 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2009.0729.2227.38498 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2009.0729.2227.38498 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Czech (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Danish (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Dutch (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help English (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Finnish (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help French (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help German (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Greek (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Italian (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Japanese (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Korean (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Polish (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Russian (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Spanish (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Swedish (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Thai (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Turkish (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
ccc-core-static (x32 Version: 2009.0729.2227.38498 - Ihr Firmenname) Hidden
ccc-utility64 (Version: 2009.0729.2227.38498 - ATI) Hidden
CDBurnerXP (x32 Version: 4.5.2.4478 - CDBurnerXP)
Compatibility Pack für 2007 Office System (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Elements 11 Organizer (x32 Version: 11.0 - Ihr Firmenname) Hidden
ElsterFormular (x32 Version: 14.4.12044 - Landesfinanzdirektion Thüringen)
Glary Utilities 4.4 (x32 Version: 4.4.0.86 - Glarysoft Ltd)
Glarysoft Toolbar (x32 Version: 1.2.0 - Glarysoft Ltd)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
HDAUDIO Soft Data Fax Modem with SmartCP (Version: 7.80.4.55 - Conexant Systems)
Identity Card (x32 Version: 1.00.3002 - Acer Incorporated)
IrfanView (remove only) (x32 Version: 4.35 - Irfan Skiljan)
Java 7 Update 25 (64-bit) (Version: 7.0.250 - Oracle)
Launch Manager (x32 Version: 3.0.06 - Acer Inc.)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 - de-de (Version: 15.0.4551.1512 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (x32 Version: 9.7.0621 - Microsoft Corporation)
MouseDriver (x32 Version: 1.00.0000 - )
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
Mozilla Thunderbird 17.0.6 (x86 de) (x32 Version: 17.0.6 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (x32 Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (x32 Version: 4.30.2107.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0 - Microsoft Corporation)
MyWinLocker (x32 Version: 3.1.76.0 - Egis Technology Inc.)
NAVIGON Fresh 3.4.1 (x32 Version: 3.4.1 - NAVIGON)
Nokia Connectivity Cable Driver (x32 Version: 7.1.45.0 - Nokia)
Nokia Ovi Suite (x32 Version: 3.1.1.78 - Nokia)
Nokia Ovi Suite (x32 Version: 3.1.1.78 - Nokia) Hidden
Nokia Ovi Suite Software Updater (x32 Version: 02.07.004.45780 - Nokia Corporation)
NTI Backup Now 5 (x32 Version: 5.1.2.627 - NewTech Infosystems)
NTI Backup Now Standard (x32 Version: 5.1.2.627 - NewTech Infosystems) Hidden
NTI Media Maker 8 (x32 Version: 8.0.12.6623 - NewTech Infosystems)
NTI Media Maker 8 (x32 Version: 8.0.12.6623 - NewTech Infosystems) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
OnlineFotoservice (x32 Version: 5.1.3 - CEWE Stiftung u Co. KGaA)
Ovi Desktop Sync Engine (x32 Version: 1.5.266.0 - Nokia) Hidden
OviMPlatform (x32 Version: 2.7.72.0 - Nokia) Hidden
PC Connectivity Solution (x32 Version: 11.4.19.0 - Nokia)
PDF24 Creator 6.2.0 (x32 Version: - PDF24.org)
PMB (x32 Version: 5.5.02.12220 - Sony Corporation)
PRE11 STI 64Installer (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
QuickTime (x32 Version: 7.74.80.86 - Apple Inc.)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.5911 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (x32 Version: 6.1.7600.30104 - Realtek Semiconductor Corp.)
Skype Click to Call (x32 Version: 5.8.8855 - Skype Technologies S.A.)
Skype™ 6.11 (x32 Version: 6.11.102 - Skype Technologies S.A.)
Visual C++ 2008 x86 Runtime - (v9.0.30729) (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (x32 Version: 9.0.30729.01 - Microsoft Corporation)
VLC media player 2.0.6 (x32 Version: 2.0.6 - VideoLAN)
VLC media player 2.0.7 (Version: 2.0.7 - VideoLAN)
Welcome Center (x32 Version: 1.00.3008 - Acer Incorporated)
Windows Live Anmelde-Assistent (x32 Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Communications Platform (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Sync (x32 Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live-Uploadtool (x32 Version: 14.0.8014.1029 - Microsoft Corporation)
Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0) (Version: 08/22/2008 7.0.0.0 - Nokia)
==================== Restore Points =========================
19-01-2014 11:19:40 Removed PDF-XChange Viewer
19-01-2014 11:21:09 Removed Apple Application Support
19-01-2014 13:14:16 Removed Paint.NET v3.5.5
==================== Hosts content: ==========================
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {140B5480-52C5-46C4-B8BB-6D939E468ADD} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {1B7C2BFB-D51B-46F9-921B-2FB7A90CD983} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-11-26] (Google Inc.)
Task: {24892AF7-CE15-46AE-9B7A-B19C9144BB93} - System32\Tasks\McQcModifier-5c47-a7b0 => C:\ProgramData\McQcModifier-5c47-a7b0\McQcModifier-5c47-a7b0.cmd [2009-08-29] ()
Task: {3FC0A3EF-3A17-4E68-88D5-82D85A163A9D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2013-11-14] (Microsoft Corporation)
Task: {4E3AB02D-CC12-4442-9BB1-D26957ECF848} - System32\Tasks\GlaryInitialize 4 => C:\Program Files (x86)\Glary Utilities 4\Initialize.exe [2014-01-06] (Glarysoft Ltd)
Task: {5259B37A-F68C-42EB-992A-E6B16A1509A0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-11-26] (Google Inc.)
Task: {53CB0CCD-A0AB-41F6-8E86-4434DDCBE9A6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-18] (Adobe Systems Incorporated)
Task: {60B07EAE-4BB8-44C6-A9C2-31E17F65432D} - System32\Tasks\AdobeAAMUpdater-1.0-DAMARIS-PC-Internet => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-06-16] (Adobe Systems Incorporated)
Task: {6157149F-51CC-4F4C-AA9E-CE77C1A7B202} - System32\Tasks\GU4SkipUAC => C:\Program Files (x86)\Glary Utilities 4\Integrator.exe [2014-01-06] (Glarysoft Ltd)
Task: {937EF604-07D3-43CA-8389-6B595AC79110} - System32\Tasks\avast! Emergency Update => C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe [2013-12-29] (AVAST Software)
Task: {96C44108-545F-4527-9C57-1295AA97B71F} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-11-02] (Microsoft Corporation)
Task: {A09A7881-5AA7-4F03-8A02-CA2F62597921} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {C5D8ACCF-DE75-437E-A8F4-F2D0E748E252} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2013-11-14] (Microsoft Corporation)
Task: {EEDD4736-CD4C-4223-992B-A33513BBF6CA} - System32\Tasks\{DC6CD344-A426-45A8-9F3F-68010E6E2E15} => C:\Program Files (x86)\Opera\opera.exe
Task: {FCFB5176-F239-460B-B9C5-8E2A0B048672} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: C:\Windows\Tasks\Ad-Aware Update (Weekly).job => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GlaryInitialize 4.job => C:\Program Files (x86)\Glary Utilities 4\Initialize.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-01-19 11:38 - 2014-01-19 09:14 - 02155520 _____ () C:\Program Files\Alwil Software\Avast5\defs\14011900\algo.dll
2009-02-03 01:33 - 2009-02-03 01:33 - 00460199 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
2008-09-29 01:55 - 2008-09-29 01:55 - 01076224 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ACE.dll
2013-10-19 00:55 - 2013-10-19 00:55 - 25100288 _____ () C:\Users\Internet\AppData\Roaming\Dropbox\bin\libcef.dll
2012-09-02 11:37 - 2009-03-27 20:09 - 00090112 _____ () C:\Program Files (x86)\MouseDriver\dllset.dll
2013-12-02 22:40 - 2013-12-02 22:40 - 19336120 _____ () C:\Program Files\Alwil Software\Avast5\libcef.dll
2014-01-19 12:35 - 2013-12-05 20:36 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\Temp:444C53BA
AlternateDataStreams: C:\ProgramData\Temp:4CF61E54
AlternateDataStreams: C:\ProgramData\Temp:4D066AD2
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (01/19/2014 07:02:26 PM) (Source: System Restore) (User: )
Description: Unbekannter Fehler bei der Systemwiederherstellung: (Windows Update). Zusätzliche Informationen: 0xc0000022.
Error: (01/19/2014 02:00:18 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (01/19/2014 01:53:21 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (01/19/2014 00:56:55 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (01/19/2014 00:49:33 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (01/19/2014 00:48:32 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (01/19/2014 00:41:08 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (01/19/2014 00:36:21 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (01/19/2014 00:35:33 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (01/19/2014 00:35:31 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
System errors:
=============
Error: (01/19/2014 07:01:59 PM) (Source: atikmdag) (User: )
Description: Display is not active
Error: (01/19/2014 06:58:20 PM) (Source: atikmdag) (User: )
Description: Display is not active
Error: (01/19/2014 05:03:22 PM) (Source: atikmdag) (User: )
Description: Display is not active
Error: (01/19/2014 02:36:45 PM) (Source: ipnathlp) (User: )
Description: 0
Error: (01/19/2014 02:36:37 PM) (Source: amdsata) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\RaidPort0 gefunden.
Error: (01/19/2014 02:36:24 PM) (Source: atikmdag) (User: )
Description: Display is not active
Error: (01/19/2014 02:36:24 PM) (Source: atikmdag) (User: )
Description: CPLIB :: General - Invalid Parameter
Error: (01/19/2014 00:12:00 PM) (Source: ipnathlp) (User: )
Description: 0
Error: (01/19/2014 00:10:25 PM) (Source: amdsata) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\RaidPort0 gefunden.
Error: (01/19/2014 00:10:24 PM) (Source: atikmdag) (User: )
Description: Display is not active
Microsoft Office Sessions:
=========================
Error: (01/19/2014 07:02:26 PM) (Source: System Restore)(User: )
Description: Windows Update0xc0000022
Error: (01/19/2014 02:00:18 PM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8
Error: (01/19/2014 01:53:21 PM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8
Error: (01/19/2014 00:56:55 PM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8
Error: (01/19/2014 00:49:33 PM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8
Error: (01/19/2014 00:48:32 PM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8
Error: (01/19/2014 00:41:08 PM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8
Error: (01/19/2014 00:36:21 PM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8
Error: (01/19/2014 00:35:33 PM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8
Error: (01/19/2014 00:35:31 PM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8
CodeIntegrity Errors:
===================================
Date: 2012-08-26 21:09:51.391
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\5A05.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-08-26 21:09:51.313
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\5A05.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2011-10-06 12:03:48.438
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\BC2D.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2011-10-06 12:03:48.406
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\BC2D.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2011-07-16 17:29:20.818
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\E3FE.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2011-07-16 17:29:20.787
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\E3FE.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2011-07-16 16:49:34.685
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\E3FE.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2011-07-16 16:49:34.653
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\E3FE.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2011-07-16 16:44:37.956
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\549A.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2011-07-16 16:44:37.910
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\549A.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Percentage of memory in use: 40%
Total physical RAM: 4094.36 MB
Available physical RAM: 2433.41 MB
Total Pagefile: 10233.54 MB
Available Pagefile: 8108.64 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: (ACER) (Fixed) (Total:286.27 GB) (Free:134.68 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298 GB) (Disk ID: E755E755)
Partition 1: (Not Active) - (Size=12 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=286 GB) - (Type=07 NTFS)
==================== End Of Log ============================
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-01-2014 01
Ran by Damari (administrator) on DAMARIS-PC on 19-01-2014 19:03:38
Running from C:\Users\Internet\Documents
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\afwServ.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
() C:\Windows\PLFSetI.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Hidfind.exe
(Dropbox, Inc.) C:\Users\Internet\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
() C:\Program Files (x86)\MouseDriver\OfficeMouse.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wbengine.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
() C:\Windows\PLFSetI.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Hidfind.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
() C:\Program Files (x86)\MouseDriver\OfficeMouse.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\reader_sl.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8060960 2009-08-06] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] - C:\Program Files\Apoint2K\Apoint.exe [295936 2009-05-22] (Alps Electric Co., Ltd.)
HKLM\...\Run: [PLFSetI] - C:\Windows\PLFSetI.exe [200704 2009-11-20] ()
HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [823840 2009-09-30] (Acer Incorporated)
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2782096 2010-07-26] (CANON INC.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-06-16] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1094736 2009-11-02] (Dritek System Inc.)
HKLM-x32\...\Run: [ArcadeDeluxeAgent] - C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [419112 2009-10-06] (CyberLink Corp.)
HKLM-x32\...\Run: [avast5] - C:\Program Files\Alwil Software\Avast5\avastUI.exe [3764024 2013-12-29] (AVAST Software)
HKLM-x32\...\Run: [iWareV3] - C:\Program Files (x86)\MouseDriver\OfficeMouse.exe [507904 2009-03-27] ()
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\Alwil Software\Avast5\AvastUI.exe [3764024 2013-12-29] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PDFPrint] - C:\Program Files (x86)\PDF24\pdf24.exe [186408 2013-12-12] (Geek Software GmbH)
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-08] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-08] ()
AppInit_DLLs: => File Not Found
Startup: C:\Users\Internet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Damari\AppData\Roaming\Dropbox\bin\Dropbox.exe (No File)
==================== Internet (Whitelisted) ====================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,CustomizeSearch = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM - DefaultScope {6D466CFD-27C3-485C-807E-1AF633D3A4D1} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKLM - {6D466CFD-27C3-485C-807E-1AF633D3A4D1} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKLM-x32 - {c1d89ae7-449d-4929-b24b-fded04adbe06} URL = hxxp://isearch.glarysoft.com/?q={searchTerms}&src=iesearch
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_de
SearchScopes: HKCU - {6D466CFD-27C3-485C-807E-1AF633D3A4D1} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKCU - {c1d89ae7-449d-4929-b24b-fded04adbe06} URL = hxxp://isearch.glarysoft.com/?q={searchTerms}&src=iesearch
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default
FF DefaultSearchEngine: SuchMaschine
FF SearchEngineOrder.1: SuchMaschine
FF SelectedSearchEngine: SuchMaschine
FF Homepage: hxxp://www.google.de
FF Keyword.URL: hxxp://www.sm.de/?q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll No File
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.17.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\searchplugins\search_engine.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\glarysearch.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\McSiteAdvisor.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Fast Dial - C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\Extensions\fastdial@telega.phpnet.us [2013-08-21]
FF Extension: Stop Autoplay - C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\Extensions\{2e61e246-e640-4c56-b1ed-f146dbed48cd} [2010-10-12]
FF Extension: BetterPrivacy - C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3} [2010-10-12]
FF Extension: gui:config - C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\Extensions\guiconfig@slosd.net.xpi [2011-06-20]
FF Extension: Locationbar² - C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\Extensions\locationbar2@design-noir.de.xpi [2011-06-20]
FF Extension: OptimizeGoogle - C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\Extensions\optimizegoogle@optimizegoogle.com.xpi [2011-06-20]
FF Extension: FlashGot - C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2011-06-20]
FF Extension: Flashblock - C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}.xpi [2011-12-12]
FF Extension: NoScript - C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2011-06-20]
FF Extension: Adblock Plus - C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-06-20]
FF Extension: Download Statusbar - C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi [2011-06-20]
FF Extension: DownThemAll! - C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2011-06-20]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-28]
FF HKLM-x32\...\Firefox\Extensions: [{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}] - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\
FF Extension: Firefox Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ []
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011-06-20]
FF HKLM-x32\...\Thunderbird\Extensions: [{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}] - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\
FF Extension: Thunderbird Address Book Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ []
==================== Services (Whitelisted) =================
R2 AdobeActiveFileMonitor11.0; C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [171600 2012-09-23] (Adobe Systems Incorporated)
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [50344 2013-12-29] (AVAST Software)
R2 avast! Firewall; C:\Program Files\Alwil Software\Avast5\afwServ.exe [113704 2013-12-29] (AVAST Software)
S3 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [305448 2009-09-11] (Egis Technology Inc.)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-11-02] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2013-12-29] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2013-12-29] (AVAST Software)
R1 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [439648 2014-01-08] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-12-02] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-12-02] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1034464 2013-12-29] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [422216 2013-12-29] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [79672 2013-12-29] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2013-12-29] ()
R0 BootDefragDriver; C:\Windows\System32\drivers\BootDefragDriver.sys [17088 2014-01-06] (Glarysoft Ltd)
S3 MEMSWEEP2; C:\Windows\system32\5A05.tmp [6144 2010-05-26] (Sophos Plc)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-08-10] (Corel Corporation)
S3 RSUSBSTOR; C:\Windows\SysWOW64\Drivers\RtsUStor.sys [225280 2009-09-02] (Realtek Semiconductor Corp.)
S3 StarOpen; No ImagePath
S3 Lavasoft Kernexplorer; \??\C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [x]
U3 pwriifow; \??\C:\Users\Damari\AppData\Local\Temp\pwriifow.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-19 19:02 - 2014-01-19 19:02 - 00000000 ____D C:\Users\Damari\AppData\Roaming\AVAST Software
2014-01-19 15:38 - 2014-01-19 15:38 - 00012862 _____ C:\Users\Internet\Documents\gmer.log
2014-01-19 15:25 - 2014-01-19 15:25 - 00379904 _____ C:\Users\Internet\Documents\wp5megvq.exe
2014-01-19 15:04 - 2014-01-19 15:04 - 00031078 _____ C:\Users\Internet\Documents\Addition.txt
2014-01-19 15:03 - 2014-01-19 19:04 - 00020220 _____ C:\Users\Internet\Documents\FRST.txt
2014-01-19 15:02 - 2014-01-19 15:02 - 02076672 _____ (Farbar) C:\Users\Internet\Documents\FRST64.exe
2014-01-19 15:01 - 2014-01-19 15:01 - 00000000 ____D C:\FRST
2014-01-19 14:57 - 2014-01-19 14:57 - 00000474 _____ C:\Users\Internet\Documents\defogger_disable.log
2014-01-19 14:57 - 2014-01-19 14:57 - 00000000 _____ C:\Users\Damari\defogger_reenable
2014-01-19 14:51 - 2014-01-19 14:51 - 00050477 _____ C:\Users\Internet\Documents\Defogger.exe
2014-01-19 14:22 - 2014-01-19 14:22 - 00001087 _____ C:\Users\Public\Desktop\PDF24 Creator.lnk
2014-01-19 14:22 - 2014-01-19 14:22 - 00000000 ____D C:\Users\Internet\AppData\Local\PDF24
2014-01-19 14:22 - 2014-01-19 14:22 - 00000000 ____D C:\Program Files (x86)\PDF24
2014-01-19 14:00 - 2014-01-19 14:00 - 00002023 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-01-19 13:53 - 2014-01-19 13:53 - 00001957 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk
2014-01-19 13:53 - 2014-01-19 13:53 - 00000000 ____D C:\Program Files (x86)\CDBurnerXP
2014-01-19 12:35 - 2014-01-19 12:35 - 00001155 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-01-19 11:29 - 2014-01-19 11:41 - 00000000 ____D C:\AdwCleaner
2014-01-19 09:28 - 2014-01-19 09:28 - 00001117 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-19 09:28 - 2014-01-19 09:28 - 00000000 ____D C:\Users\Damari\AppData\Roaming\Malwarebytes
2014-01-19 09:28 - 2014-01-19 09:28 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-19 09:28 - 2014-01-19 09:28 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-19 09:28 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-18 14:50 - 2014-01-19 11:06 - 00007434 _____ C:\Windows\PFRO.log
2014-01-18 14:36 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-18 14:36 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-18 14:36 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-18 14:36 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-18 14:36 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-18 14:36 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-18 14:36 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-18 14:36 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-18 14:36 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-17 22:35 - 2014-01-17 22:35 - 00000000 ____D C:\Users\Internet\AppData\Roaming\GlarySoft
2014-01-12 17:29 - 2014-01-19 18:58 - 00001624 _____ C:\Windows\setupact.log
2014-01-12 17:29 - 2014-01-12 17:29 - 00000000 _____ C:\Windows\setuperr.log
2014-01-12 16:34 - 2014-01-19 19:03 - 00000336 _____ C:\Windows\Tasks\GlaryInitialize 4.job
2014-01-12 16:34 - 2014-01-18 14:18 - 00000000 ____D C:\Program Files (x86)\Glary Utilities 4
2014-01-12 16:34 - 2014-01-12 16:34 - 00002978 _____ C:\Windows\System32\Tasks\GU4SkipUAC
2014-01-12 16:34 - 2014-01-12 16:34 - 00002638 _____ C:\Windows\System32\Tasks\GlaryInitialize 4
2014-01-12 16:34 - 2014-01-12 16:34 - 00001088 _____ C:\Users\Public\Desktop\Glary Utilities 4.lnk
2014-01-12 16:34 - 2014-01-12 16:34 - 00000000 ____D C:\ProgramData\GlarySoft
2014-01-12 16:34 - 2014-01-06 09:38 - 00117024 _____ (Glarysoft Ltd) C:\Windows\system32\BootDefrag.exe
2014-01-12 16:34 - 2014-01-06 04:28 - 00017088 _____ (Glarysoft Ltd) C:\Windows\system32\Drivers\BootDefragDriver.sys
2014-01-12 16:33 - 2014-01-12 16:33 - 11965000 _____ C:\Users\Damari\Downloads\gu4setup.exe
2013-12-29 23:01 - 2014-01-18 15:13 - 00002047 _____ C:\Users\Public\Desktop\avast! SafeZone.lnk
2013-12-29 23:01 - 2014-01-18 15:13 - 00001987 _____ C:\Users\Public\Desktop\avast! Internet Security.lnk
2013-12-29 23:00 - 2013-12-29 23:01 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2013-12-29 23:00 - 2013-12-29 23:00 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2013-12-29 22:57 - 2013-12-29 22:57 - 00001639 _____ C:\Users\Internet\Documents\License.avastlic
2013-12-29 15:24 - 2013-12-29 15:24 - 00000000 ____D C:\Users\Damari\AppData\Roaming\elsterformular
2013-12-28 18:34 - 2014-01-19 12:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
==================== One Month Modified Files and Folders =======
2014-01-19 19:04 - 2014-01-19 15:03 - 00020220 _____ C:\Users\Internet\Documents\FRST.txt
2014-01-19 19:03 - 2014-01-12 16:34 - 00000336 _____ C:\Windows\Tasks\GlaryInitialize 4.job
2014-01-19 19:03 - 2010-03-02 17:32 - 01704023 _____ C:\Windows\WindowsUpdate.log
2014-01-19 19:02 - 2014-01-19 19:02 - 00000000 ____D C:\Users\Damari\AppData\Roaming\AVAST Software
2014-01-19 19:02 - 2012-08-27 20:42 - 00001429 _____ C:\Users\Damari\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-19 19:02 - 2010-11-26 11:56 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-19 19:02 - 2010-08-24 20:21 - 00120000 _____ C:\Users\Damari\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-19 18:58 - 2014-01-12 17:29 - 00001624 _____ C:\Windows\setupact.log
2014-01-19 18:58 - 2012-08-27 22:21 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-19 18:58 - 2010-11-26 11:56 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-19 15:38 - 2014-01-19 15:38 - 00012862 _____ C:\Users\Internet\Documents\gmer.log
2014-01-19 15:25 - 2014-01-19 15:25 - 00379904 _____ C:\Users\Internet\Documents\wp5megvq.exe
2014-01-19 15:04 - 2014-01-19 15:04 - 00031078 _____ C:\Users\Internet\Documents\Addition.txt
2014-01-19 15:02 - 2014-01-19 15:02 - 02076672 _____ (Farbar) C:\Users\Internet\Documents\FRST64.exe
2014-01-19 15:01 - 2014-01-19 15:01 - 00000000 ____D C:\FRST
2014-01-19 14:57 - 2014-01-19 14:57 - 00000474 _____ C:\Users\Internet\Documents\defogger_disable.log
2014-01-19 14:57 - 2014-01-19 14:57 - 00000000 _____ C:\Users\Damari\defogger_reenable
2014-01-19 14:57 - 2010-08-24 20:21 - 00000000 ____D C:\Users\Damari
2014-01-19 14:51 - 2014-01-19 14:51 - 00050477 _____ C:\Users\Internet\Documents\Defogger.exe
2014-01-19 14:46 - 2009-07-14 05:45 - 00022896 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-19 14:46 - 2009-07-14 05:45 - 00022896 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-19 14:38 - 2013-08-10 17:11 - 00000000 ___RD C:\Users\Internet\Dropbox
2014-01-19 14:38 - 2013-08-10 17:05 - 00000000 ____D C:\Users\Internet\AppData\Roaming\Dropbox
2014-01-19 14:37 - 2009-10-28 19:12 - 00000000 ____D C:\ProgramData\Adobe
2014-01-19 14:36 - 2012-08-26 22:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-19 14:36 - 2010-11-26 10:40 - 00000437 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2014-01-19 14:36 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-19 14:34 - 2013-10-05 19:47 - 00009769 _____ C:\Users\Internet\Desktop\Mappe1.xlsx
2014-01-19 14:28 - 2010-10-08 19:42 - 00000000 ____D C:\Users\Internet\AppData\Roaming\Adobe
2014-01-19 14:22 - 2014-01-19 14:22 - 00001087 _____ C:\Users\Public\Desktop\PDF24 Creator.lnk
2014-01-19 14:22 - 2014-01-19 14:22 - 00000000 ____D C:\Users\Internet\AppData\Local\PDF24
2014-01-19 14:22 - 2014-01-19 14:22 - 00000000 ____D C:\Program Files (x86)\PDF24
2014-01-19 14:14 - 2010-08-29 14:57 - 00000000 ____D C:\Program Files\Paint.NET
2014-01-19 14:00 - 2014-01-19 14:00 - 00002023 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-01-19 14:00 - 2010-09-06 13:10 - 00000000 ____D C:\Users\Damari\AppData\Local\Adobe
2014-01-19 13:59 - 2009-10-28 19:11 - 00000000 ____D C:\Program Files (x86)\Adobe
2014-01-19 13:53 - 2014-01-19 13:53 - 00001957 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk
2014-01-19 13:53 - 2014-01-19 13:53 - 00000000 ____D C:\Program Files (x86)\CDBurnerXP
2014-01-19 12:35 - 2014-01-19 12:35 - 00001155 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-01-19 12:35 - 2013-12-28 18:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-01-19 11:41 - 2014-01-19 11:29 - 00000000 ____D C:\AdwCleaner
2014-01-19 11:38 - 2012-08-26 21:44 - 00004184 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2014-01-19 11:33 - 2010-08-24 20:22 - 00000000 ___RD C:\Users\Damari\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-19 11:06 - 2014-01-18 14:50 - 00007434 _____ C:\Windows\PFRO.log
2014-01-19 11:04 - 2010-09-21 14:18 - 00000000 ____D C:\Program Files\WLAN-Netzsuche
2014-01-19 09:28 - 2014-01-19 09:28 - 00001117 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-19 09:28 - 2014-01-19 09:28 - 00000000 ____D C:\Users\Damari\AppData\Roaming\Malwarebytes
2014-01-19 09:28 - 2014-01-19 09:28 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-19 09:28 - 2014-01-19 09:28 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-18 15:42 - 2012-08-27 22:21 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-18 15:42 - 2012-08-27 22:21 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-01-18 15:42 - 2011-06-20 13:12 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-18 15:13 - 2013-12-29 23:01 - 00002047 _____ C:\Users\Public\Desktop\avast! SafeZone.lnk
2014-01-18 15:13 - 2013-12-29 23:01 - 00001987 _____ C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-01-18 14:51 - 2009-07-14 05:45 - 03485600 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-18 14:47 - 2013-07-29 20:31 - 00000000 ____D C:\Windows\system32\MRT
2014-01-18 14:39 - 2013-03-24 18:46 - 00000000 ____D C:\Program Files\Microsoft Office 15
2014-01-18 14:37 - 2010-10-16 15:56 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-18 14:26 - 2010-10-03 12:50 - 00000950 _____ C:\Windows\wininit.ini
2014-01-18 14:26 - 2010-09-13 20:15 - 00000000 ___RD C:\Users\Internet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-18 14:25 - 2013-08-10 17:11 - 00001032 _____ C:\Users\Internet\Desktop\Dropbox.lnk
2014-01-18 14:25 - 2013-08-10 17:08 - 00000000 ____D C:\Users\Internet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-01-18 14:20 - 2010-09-13 20:14 - 00000000 ____D C:\Users\Internet
2014-01-18 14:18 - 2014-01-12 16:34 - 00000000 ____D C:\Program Files (x86)\Glary Utilities 4
2014-01-18 14:18 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2014-01-18 14:18 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\AppCompat
2014-01-17 22:35 - 2014-01-17 22:35 - 00000000 ____D C:\Users\Internet\AppData\Roaming\GlarySoft
2014-01-12 17:29 - 2014-01-12 17:29 - 00000000 _____ C:\Windows\setuperr.log
2014-01-12 16:36 - 2013-03-16 14:23 - 00000000 ____D C:\Windows\Minidump
2014-01-12 16:36 - 2009-07-27 21:41 - 00000000 ____D C:\Windows\Panther
2014-01-12 16:34 - 2014-01-12 16:34 - 00002978 _____ C:\Windows\System32\Tasks\GU4SkipUAC
2014-01-12 16:34 - 2014-01-12 16:34 - 00002638 _____ C:\Windows\System32\Tasks\GlaryInitialize 4
2014-01-12 16:34 - 2014-01-12 16:34 - 00001088 _____ C:\Users\Public\Desktop\Glary Utilities 4.lnk
2014-01-12 16:34 - 2014-01-12 16:34 - 00000000 ____D C:\ProgramData\GlarySoft
2014-01-12 16:34 - 2010-09-28 17:51 - 00000000 ____D C:\Users\Damari\AppData\Roaming\GlarySoft
2014-01-12 16:34 - 2010-09-11 14:10 - 00000000 ____D C:\Program Files (x86)\Glary Utilities
2014-01-12 16:33 - 2014-01-12 16:33 - 11965000 _____ C:\Users\Damari\Downloads\gu4setup.exe
2014-01-08 12:38 - 2013-03-16 14:34 - 00439648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-01-06 09:38 - 2014-01-12 16:34 - 00117024 _____ (Glarysoft Ltd) C:\Windows\system32\BootDefrag.exe
2014-01-06 04:28 - 2014-01-12 16:34 - 00017088 _____ (Glarysoft Ltd) C:\Windows\system32\Drivers\BootDefragDriver.sys
2014-01-04 12:48 - 2011-05-29 15:16 - 00000000 ____D C:\Users\Internet\AppData\Local\Microsoft Games
2014-01-01 22:43 - 2011-11-27 21:53 - 00000000 ____D C:\ProgramData\tmp
2014-01-01 11:19 - 2011-12-14 20:41 - 00000000 ____D C:\Users\Internet\AppData\Roaming\Skype
2013-12-31 22:03 - 2011-12-14 20:41 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-12-31 22:03 - 2011-12-14 20:41 - 00000000 ____D C:\ProgramData\Skype
2013-12-30 22:02 - 2012-08-27 20:11 - 00000000 ____D C:\Users\Internet\AppData\Roaming\vlc
2013-12-29 23:01 - 2013-12-29 23:00 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2013-12-29 23:00 - 2013-12-29 23:00 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2013-12-29 23:00 - 2013-03-16 14:34 - 00207904 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-12-29 23:00 - 2011-06-20 13:27 - 01034464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-12-29 23:00 - 2011-06-20 13:27 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-12-29 23:00 - 2010-08-29 12:51 - 00422216 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-12-29 23:00 - 2010-08-29 12:51 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-12-29 23:00 - 2010-08-29 12:50 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-12-29 22:57 - 2013-12-29 22:57 - 00001639 _____ C:\Users\Internet\Documents\License.avastlic
2013-12-29 15:26 - 2013-04-06 20:00 - 00000000 ____D C:\Program Files (x86)\ElsterFormular
2013-12-29 15:25 - 2013-04-06 20:14 - 00000000 ____D C:\Users\Internet\AppData\Local\.elfohilfe
2013-12-29 15:24 - 2013-12-29 15:24 - 00000000 ____D C:\Users\Damari\AppData\Roaming\elsterformular
2013-12-29 14:59 - 2010-03-03 02:24 - 00699682 _____ C:\Windows\system32\perfh007.dat
2013-12-29 14:59 - 2010-03-03 02:24 - 00149790 _____ C:\Windows\system32\perfc007.dat
2013-12-29 14:59 - 2009-07-14 06:13 - 01620684 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-28 21:20 - 2013-11-16 10:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox.bak
2013-12-25 15:34 - 2010-11-21 22:20 - 00000000 ____D C:\Users\Internet\Documents\WIR
2013-12-24 17:57 - 2013-02-03 17:15 - 00000000 ____D C:\Users\Internet\AppData\Roaming\dvdcss
Some content of TEMP:
====================
C:\Users\Damari\AppData\Local\Temp\OfficeSetup.exe
C:\Users\Damari\AppData\Local\Temp\Quarantine.exe
C:\Users\Internet\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\Internet\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Internet\AppData\Local\Temp\uninstmgr-setup-4.6.exe
C:\Users\Internet\AppData\Local\Temp\uninstmgr-setup-5.3.exe
C:\Users\Internet\AppData\Local\Temp\vlc-2.0.5-win32.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-01-10 14:40
==================== End Of Log ============================
|
|
20.01.2014, 21:34
| #4 | |
| /// the machine /// TB-Ausbilder | Spam-Mail DHL Paketankündigung mit Link zur PaketinformationCombofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!Downloade dir bitte Combofix vom folgenden Downloadspiegel Link 1 WICHTIG - Speichere Combofix auf deinem Desktop
Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort. Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten Zitat:
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
20.01.2014, 22:31
| #5 |
| | Spam-Mail DHL Paketankündigung mit Link zur Paketinformation So, habe Combofix ausgeführt. Siehe unten die erstellte Log-Datei. Code:
ATTFilter ComboFix 14-01-16.03 - Damari 20.01.2014 22:03:57.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.4094.2762 [GMT 1:00]
ausgeführt von:: c:\users\Damari\Desktop\ComboFix.exe
AV: avast! Internet Security *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
FW: avast! Internet Security *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
SP: avast! Internet Security *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\program files (x86)\Common Files\Acer GameZone online.ico
c:\programdata\xmlB24E.tmp
c:\programdata\xmlB2BC.tmp
c:\programdata\xmlB2BD.tmp
c:\programdata\xmlB2BE.tmp
c:\users\Internet\AppData\Roaming\.#
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-12-20 bis 2014-01-20 ))))))))))))))))))))))))))))))
.
.
2014-01-20 21:11 . 2014-01-20 21:11 -------- d-----w- c:\users\Standardbenutzung\AppData\Local\temp
2014-01-20 21:11 . 2014-01-20 21:11 -------- d-----w- c:\users\Internet\AppData\Local\temp
2014-01-20 21:11 . 2014-01-20 21:11 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-01-19 18:02 . 2014-01-19 18:02 -------- d-----w- c:\users\Damari\AppData\Roaming\AVAST Software
2014-01-19 14:01 . 2014-01-19 14:01 -------- d-----w- C:\FRST
2014-01-19 13:22 . 2014-01-19 13:22 -------- d-----w- c:\users\Internet\AppData\Local\PDF24
2014-01-19 13:22 . 2014-01-19 13:22 -------- d-----w- c:\program files (x86)\PDF24
2014-01-19 12:53 . 2014-01-19 12:53 -------- d-----w- c:\program files (x86)\CDBurnerXP
2014-01-19 10:29 . 2014-01-19 10:41 -------- d-----w- C:\AdwCleaner
2014-01-19 08:28 . 2014-01-19 08:28 -------- d-----w- c:\users\Damari\AppData\Roaming\Malwarebytes
2014-01-19 08:28 . 2014-01-19 08:28 -------- d-----w- c:\programdata\Malwarebytes
2014-01-18 14:13 . 2014-01-18 14:13 -------- d-s---w- c:\windows\SysWow64\Microsoft
2014-01-18 13:48 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{BC248E24-4233-49B3-AE6D-F24CBEAB7764}\mpengine.dll
2014-01-18 13:36 . 2013-11-27 01:41 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2014-01-18 13:36 . 2013-11-27 01:41 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2014-01-18 13:36 . 2013-11-27 01:41 53248 ----a-w- c:\windows\system32\drivers\usbehci.sys
2014-01-18 13:36 . 2013-11-27 01:41 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2014-01-18 13:36 . 2013-11-27 01:41 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2014-01-18 13:36 . 2013-11-27 01:41 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2014-01-18 13:36 . 2013-11-27 01:41 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
2014-01-18 13:36 . 2013-11-26 11:40 376768 ----a-w- c:\windows\system32\drivers\netio.sys
2014-01-18 13:36 . 2013-11-26 10:32 3156480 ----a-w- c:\windows\system32\win32k.sys
2014-01-17 21:35 . 2014-01-17 21:35 -------- d-----w- c:\users\Internet\AppData\Roaming\GlarySoft
2014-01-12 15:34 . 2014-01-20 20:49 -------- d-----w- c:\programdata\GlarySoft
2013-12-29 22:00 . 2013-12-29 22:01 79672 ----a-w- c:\windows\system32\drivers\aswstm.sys
2013-12-29 22:00 . 2013-12-29 22:00 28184 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2013-12-29 14:24 . 2013-12-29 14:24 -------- d-----w- c:\users\Damari\AppData\Roaming\elsterformular
2013-12-28 16:16 . 2013-12-28 16:16 1236816 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-18 14:42 . 2012-08-27 21:21 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-01-18 14:42 . 2011-06-20 12:12 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-01-18 13:37 . 2010-10-16 14:56 86054176 ----a-w- c:\windows\system32\MRT.exe
2014-01-18 13:34 . 2013-03-24 17:48 566480 ----a-w- c:\programdata\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2014-01-08 11:38 . 2013-03-16 13:34 439648 ----a-w- c:\windows\system32\drivers\aswNdisFlt.sys
2013-12-29 22:00 . 2013-03-16 13:34 207904 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-12-29 22:00 . 2011-06-20 12:27 334136 ----a-w- c:\windows\system32\aswBoot.exe
2013-12-29 22:00 . 2011-06-20 12:27 1034464 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-12-29 22:00 . 2010-08-29 11:51 422216 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-12-29 22:00 . 2010-08-29 11:51 78648 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-12-29 22:00 . 2010-08-29 11:50 43152 ----a-w- c:\windows\avastSS.scr
2013-12-28 16:16 . 2013-02-27 14:20 893552 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2013-12-28 16:16 . 2013-02-27 14:20 42168 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2013-12-14 18:35 . 2011-12-19 20:17 893552 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2013-12-14 18:35 . 2011-12-19 20:16 42168 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2013-12-02 21:40 . 2013-03-16 13:34 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-12-02 21:40 . 2012-08-26 20:44 92544 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-11-26 11:54 . 2013-12-11 22:11 23183360 ----a-w- c:\windows\system32\mshtml.dll
2013-11-26 10:19 . 2013-12-11 22:11 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2013-11-26 10:18 . 2013-12-11 22:11 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2013-11-26 09:48 . 2013-12-11 22:11 66048 ----a-w- c:\windows\system32\iesetup.dll
2013-11-26 09:46 . 2013-12-11 22:11 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2013-11-26 09:41 . 2013-12-11 22:10 2764288 ----a-w- c:\windows\system32\iertutil.dll
2013-11-26 09:29 . 2013-12-11 22:11 53760 ----a-w- c:\windows\system32\jsproxy.dll
2013-11-26 09:27 . 2013-12-11 22:11 33792 ----a-w- c:\windows\system32\iernonce.dll
2013-11-26 09:23 . 2013-12-11 22:11 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-11-26 09:21 . 2013-12-11 22:11 574976 ----a-w- c:\windows\system32\ieui.dll
2013-11-26 09:18 . 2013-12-11 22:11 139264 ----a-w- c:\windows\system32\ieUnatt.exe
2013-11-26 09:18 . 2013-12-11 22:11 111616 ----a-w- c:\windows\system32\ieetwcollector.exe
2013-11-26 09:16 . 2013-12-11 22:11 708608 ----a-w- c:\windows\system32\jscript9diag.dll
2013-11-26 08:57 . 2013-12-11 22:11 218624 ----a-w- c:\windows\system32\ie4uinit.exe
2013-11-26 08:35 . 2013-12-11 22:10 5769216 ----a-w- c:\windows\system32\jscript9.dll
2013-11-26 08:28 . 2013-12-11 22:11 553472 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2013-11-26 08:16 . 2013-12-11 22:10 4243968 ----a-w- c:\windows\SysWow64\jscript9.dll
2013-11-26 08:02 . 2013-12-11 22:10 1995264 ----a-w- c:\windows\system32\inetcpl.cpl
2013-11-26 07:48 . 2013-12-11 22:10 12996608 ----a-w- c:\windows\system32\ieframe.dll
2013-11-26 07:32 . 2013-12-11 22:10 1928192 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2013-11-26 07:07 . 2013-12-11 22:10 2334208 ----a-w- c:\windows\system32\wininet.dll
2013-11-26 06:40 . 2013-12-11 22:10 1395200 ----a-w- c:\windows\system32\urlmon.dll
2013-11-26 06:34 . 2013-12-11 22:11 817664 ----a-w- c:\windows\system32\ieapfltr.dll
2013-11-26 06:33 . 2013-12-11 22:10 1820160 ----a-w- c:\windows\SysWow64\wininet.dll
2013-11-23 18:26 . 2013-12-11 22:02 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-11-23 17:47 . 2013-12-11 22:02 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2013-11-20 21:50 . 2013-11-20 21:50 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-11-20 21:50 . 2013-11-20 21:50 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-11-20 21:50 . 2013-11-20 21:50 942592 ----a-w- c:\windows\system32\jsIntl.dll
2013-11-20 21:50 . 2013-11-20 21:50 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-11-20 21:50 . 2013-11-20 21:50 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2013-11-20 21:50 . 2013-11-20 21:50 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-11-20 21:50 . 2013-11-20 21:50 84992 ----a-w- c:\windows\system32\mshtmled.dll
2013-11-20 21:50 . 2013-11-20 21:50 83968 ----a-w- c:\windows\system32\MshtmlDac.dll
2013-11-20 21:50 . 2013-11-20 21:50 81408 ----a-w- c:\windows\system32\icardie.dll
2013-11-20 21:50 . 2013-11-20 21:50 774144 ----a-w- c:\windows\system32\jscript.dll
2013-11-20 21:50 . 2013-11-20 21:50 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-11-20 21:50 . 2013-11-20 21:50 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-11-20 21:50 . 2013-11-20 21:50 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-11-20 21:50 . 2013-11-20 21:50 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2013-11-20 21:50 . 2013-11-20 21:50 626176 ----a-w- c:\windows\system32\msfeeds.dll
2013-11-20 21:50 . 2013-11-20 21:50 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-11-20 21:50 . 2013-11-20 21:50 62464 ----a-w- c:\windows\system32\pngfilt.dll
2013-11-20 21:50 . 2013-11-20 21:50 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2013-11-20 21:50 . 2013-11-20 21:50 61952 ----a-w- c:\windows\SysWow64\iesetup.dll
2013-11-20 21:50 . 2013-11-20 21:50 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2013-11-20 21:50 . 2013-11-20 21:50 548352 ----a-w- c:\windows\system32\vbscript.dll
2013-11-20 21:50 . 2013-11-20 21:50 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-11-20 21:50 . 2013-11-20 21:50 51200 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2013-11-20 21:50 . 2013-11-20 21:50 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-11-20 21:50 . 2013-11-20 21:50 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-11-20 21:50 . 2013-11-20 21:50 48128 ----a-w- c:\windows\system32\imgutil.dll
2013-11-20 21:50 . 2013-11-20 21:50 454656 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-11-20 21:50 . 2013-11-20 21:50 453120 ----a-w- c:\windows\system32\dxtmsft.dll
2013-11-20 21:50 . 2013-11-20 21:50 413696 ----a-w- c:\windows\system32\html.iec
2013-11-20 21:50 . 2013-11-20 21:50 40448 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2013-11-20 21:50 . 2013-11-20 21:50 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-11-20 21:50 . 2013-11-20 21:50 34816 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2013-11-20 21:50 . 2013-11-20 21:50 337408 ----a-w- c:\windows\SysWow64\html.iec
2013-11-20 21:50 . 2013-11-20 21:50 30208 ----a-w- c:\windows\system32\licmgr10.dll
2013-11-20 21:50 . 2013-11-20 21:50 296960 ----a-w- c:\windows\system32\dxtrans.dll
2013-11-20 21:50 . 2013-11-20 21:50 263376 ----a-w- c:\windows\system32\iedkcs32.dll
2013-11-20 21:50 . 2013-11-20 21:50 247808 ----a-w- c:\windows\system32\msls31.dll
2013-11-20 21:50 . 2013-11-20 21:50 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-11-20 21:50 . 2013-11-20 21:50 243200 ----a-w- c:\windows\system32\webcheck.dll
2013-11-20 21:50 . 2013-11-20 21:50 235520 ----a-w- c:\windows\system32\url.dll
2013-11-20 21:50 . 2013-11-20 21:50 235008 ----a-w- c:\windows\system32\elshyph.dll
2013-11-20 21:50 . 2013-11-20 21:50 195584 ----a-w- c:\windows\system32\msrating.dll
2013-11-20 21:50 . 2013-11-20 21:50 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2013-11-20 21:50 . 2013-11-20 21:50 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-11-20 21:50 . 2013-11-20 21:50 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-11-20 21:50 . 2013-11-20 21:50 147968 ----a-w- c:\windows\system32\occache.dll
2013-11-20 21:50 . 2013-11-20 21:50 143872 ----a-w- c:\windows\system32\wextract.exe
2013-11-20 21:50 . 2013-11-20 21:50 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2013-11-20 21:50 . 2013-11-20 21:50 13824 ----a-w- c:\windows\system32\mshta.exe
2013-11-20 21:50 . 2013-11-20 21:50 135680 ----a-w- c:\windows\system32\iepeers.dll
2013-11-20 21:50 . 2013-11-20 21:50 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2013-11-20 21:50 . 2013-11-20 21:50 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2013-11-20 21:50 . 2013-11-20 21:50 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-11-20 21:50 . 2013-11-20 21:50 1228800 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-11-20 21:50 . 2013-11-20 21:50 112128 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-11-20 21:50 . 2013-11-20 21:50 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-11-20 21:50 . 2013-11-20 21:50 105984 ----a-w- c:\windows\system32\iesysprep.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-01-18 13:36 1727176 ----a-w- c:\program files\Microsoft Office 15\root\office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-01-18 13:36 1727176 ----a-w- c:\program files\Microsoft Office 15\root\office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-01-18 13:36 1727176 ----a-w- c:\program files\Microsoft Office 15\root\office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2009-09-11 05:41 120104 ----a-w- c:\program files (x86)\EgisTec\MyWinLocker 3\x86\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2009-11-01 1094736]
"ArcadeDeluxeAgent"="c:\program files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" [2009-10-06 419112]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2013-12-29 3764024]
"iWareV3"="c:\program files (x86)\MouseDriver\OfficeMouse.exe" [2009-03-27 507904]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888]
"AvastUI.exe"="c:\program files\Alwil Software\Avast5\AvastUI.exe" [2013-12-29 3764024]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-12-21 959904]
"PDFPrint"="c:\program files (x86)\PDF24\pdf24.exe" [2013-12-12 186408]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-disabled]
"PMBVolumeWatcher"=c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys;c:\program files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [x]
R3 MEMSWEEP2;MEMSWEEP2;c:\windows\system32\5A05.tmp;c:\windows\SYSNATIVE\5A05.tmp [x]
R3 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe;c:\program files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [x]
R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys;c:\windows\SYSNATIVE\drivers\aswKbd.sys [x]
S1 aswNdisFlt;Avast! Firewall Driver;c:\windows\system32\DRIVERS\aswNdisFlt.sys;c:\windows\SYSNATIVE\DRIVERS\aswNdisFlt.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDVDisk.sys [x]
S2 AdobeActiveFileMonitor11.0;Adobe Active File Monitor V11;c:\program files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe;c:\program files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 avast! Firewall;avast! Firewall;c:\program files\Alwil Software\Avast5\afwServ.exe;c:\program files\Alwil Software\Avast5\afwServ.exe [x]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [x]
S2 Greg_Service;GRegService;c:\program files (x86)\Acer\Registration\GregHSRW.exe;c:\program files (x86)\Acer\Registration\GregHSRW.exe [x]
S2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [x]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [x]
S2 OfficeSvc;Microsoft Office-Dienst;c:\program files\Microsoft Office 15\ClientX64\integratedoffice.exe;c:\program files\Microsoft Office 15\ClientX64\integratedoffice.exe [x]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [x]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
S3 CAXHWAZL;CAXHWAZL;c:\windows\system32\DRIVERS\CAXHWAZL.sys;c:\windows\SYSNATIVE\DRIVERS\CAXHWAZL.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2014-01-20 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-27 14:42]
.
2014-01-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-26 10:55]
.
2014-01-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-26 10:55]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-01-18 13:36 2331336 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-01-18 13:36 2331336 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-01-18 13:36 2331336 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-12-29 22:00 287280 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2009-09-11 05:44 137512 ----a-w- c:\program files (x86)\EgisTec\MyWinLocker 3\x64\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-08-06 8060960]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2009-05-22 295936]
"PLFSetI"="c:\windows\PLFSetI.exe" [2009-11-20 200704]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2009-09-30 823840]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2010-07-26 2782096]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-06-16 499608]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.com
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\
FF - prefs.js: browser.search.selectedEngine - SuchMaschine
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de
FF - prefs.js: keyword.URL - hxxp://www.sm.de/?q=
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
c:\users\Internet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk - c:\users\Damari\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup
SafeBoot-mcmscsvc
SafeBoot-MCODS
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
AddRemove-Glarysoft Toolbar - c:\program files (x86)\Glarysoft Toolbar\uninstaller.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\MEMSWEEP2]
"ImagePath"="\??\c:\windows\system32\5A05.tmp"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.0_03"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.0_04"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.0_05"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_01"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_01"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_02"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_02"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_03"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_03"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_04"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_04"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_05"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_05"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_06"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_06"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_07"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_07"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_08"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_08"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_09"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_09"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_10"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_10"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_11"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_11"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_12"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_12"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_13"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_13"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_14"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_14"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_15"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_15"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_16"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_16"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_17"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_17"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_18"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_18"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_19"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_19"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_20"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_20"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_21"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_21"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_01"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_01"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_02"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_02"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_03"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_03"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_04"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_04"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_01"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_01"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_02"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_02"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_03"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_03"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_04"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_04"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_05"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_05"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_06"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_06"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_07"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_07"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_01"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_01"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_02"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_02"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_03"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_03"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_04"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_04"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_05"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_05"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_06"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_06"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_07"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_07"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_08"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_08"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_09"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_09"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_10"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_10"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_11"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_11"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_12"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_12"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_13"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_13"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_14"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_14"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_15"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_15"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_16"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_16"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_17"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_17"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_18"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_18"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_19"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_19"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_20"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_20"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_21"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_21"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_22"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_22"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_23"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_23"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_24"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_24"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_25"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_25"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_26"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_26"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_27"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_27"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_28"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_28"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_29"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_29"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_30"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_30"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_31"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_31"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0032-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_32"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0032-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_32"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0033-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_33"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0033-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_33"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_34"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_34"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0035-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_35"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0035-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_35"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0036-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_36"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0036-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_36"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0037-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_37"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0037-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_37"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0038-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_38"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0038-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_38"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0039-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_39"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0039-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_39"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0040-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_40"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0040-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_40"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0041-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_41"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0041-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_41"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0042-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_42"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0042-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_42"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0043-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_43"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0043-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_43"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-FFFF-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_01"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_01"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_01"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_02"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_02"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_02"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_03"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_03"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_03"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_04"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_04"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_04"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_05"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_05"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_05"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_06"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_06"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_06"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_07"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_07"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_07"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_08"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_08"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_08"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_09"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_09"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_09"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_10"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_10"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_10"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_11"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_11"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_11"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_12"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_12"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_12"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_13"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_13"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_13"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_14"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_14"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_14"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_15"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_15"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_15"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_16"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_16"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_16"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_17"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_17"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_17"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_18"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_18"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_18"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_19"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_19"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_19"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_20"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_20"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_20"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_21"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_21"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_21"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_22"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_22"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_22"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_23"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_23"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_23"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_24"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_24"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_24"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_25"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_25"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_25"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_26"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_26"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_26"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_27"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_27"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_27"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_28"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_28"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_28"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_29"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_29"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_29"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_30"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_30"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_30"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_31"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_31"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_31"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_32"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_32"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_32"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_33"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_33"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_33"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_34"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_34"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_34"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_35"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_35"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_35"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_36"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_36"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_36"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_37"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_37"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_37"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_38"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_38"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_38"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_39"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_39"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_39"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_40"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_40"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_40"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_41"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_41"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_41"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0042-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_42"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0042-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_42"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0042-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_42"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0043-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_43"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0043-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_43"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0043-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_43"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0044-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_44"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0044-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_44"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0044-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_44"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0045-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_45"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0045-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_45"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0045-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_45"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0046-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_46"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0046-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_46"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0046-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_46"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0047-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_47"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0047-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_47"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0047-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_47"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0048-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_48"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0048-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_48"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0048-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_48"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0049-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_49"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0049-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_49"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0049-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_49"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0050-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_50"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0050-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_50"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0050-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_50"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0051-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_51"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0051-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_51"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0051-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_51"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-FFFF-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_01"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_01"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_01"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_02"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_02"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_02"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_03"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_03"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_03"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_04"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_04"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_04"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_05"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_05"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_05"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_06"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_06"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_06"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_07"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_07"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_07"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_08"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_08"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_08"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_09"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_09"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_09"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_10"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_10"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_10"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_11"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_11"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_11"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_12"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_12"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_12"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_13"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_13"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_13"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_14"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_14"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_14"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_15"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_15"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_15"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_16"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_16"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_16"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_17"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_17"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_17"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_18"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_18"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_18"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_19"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_19"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_19"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_20"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_20"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_20"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_21"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_21"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_21"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_22"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_22"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_22"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_23"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_23"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_23"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_24"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_24"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_24"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_25"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_25"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_25"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_26"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_26"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_26"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_27"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_27"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_27"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_28"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_28"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_28"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_29"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_29"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_29"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_30"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_30"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_30"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_31"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_31"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_31"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_32"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_32"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_32"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_33"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_33"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_33"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_34"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_34"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_34"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_35"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_35"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_35"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_36"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_36"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_36"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_37"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_37"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_37"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_38"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_38"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_38"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_39"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_39"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_39"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_40"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_40"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_40"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_41"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_41"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_41"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_42"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_42"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_42"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_43"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_43"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_43"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0044-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_44"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0044-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_44"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0044-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_44"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_45"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_45"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_45"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0046-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_46"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0046-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_46"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0046-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_46"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0047-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_47"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0047-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_47"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0047-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_47"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0048-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_48"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0048-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_48"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0048-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_48"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0049-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_49"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0049-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_49"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0049-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_49"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0050-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_50"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0050-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_50"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0050-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_50"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0051-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_51"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0051-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_51"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0051-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_51"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-FFFF-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_01"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_01"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_01"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_02"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_02"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_02"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_03"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_03"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_03"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_04"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_04"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_04"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_05"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_05"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_05"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_06"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_06"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_06"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_07"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_07"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_07"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_08"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_08"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_08"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_09"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_09"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_09"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_10"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_10"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_10"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_11"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_11"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_11"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_12"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_12"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_12"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_13"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_13"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_13"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_14"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_14"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_14"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_15"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_15"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_15"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_16"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_16"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_16"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_17"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_17"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_17"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0018-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_18"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0018-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_18"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0018-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_18"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0019-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_19"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0019-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_19"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0019-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_19"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0020-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_20"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0020-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_20"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0020-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_20"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_21"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_21"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_21"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0022-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_22"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0022-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_22"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0022-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_22"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0023-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_23"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0023-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_23"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0023-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_23"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0024-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_24"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0024-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_24"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0024-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_24"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_25"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_25"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_25"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-FFFF-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{E19F9331-3110-11D4-991C-005004D3B3DB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.0_02"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-01-20 22:14:03
ComboFix-quarantined-files.txt 2014-01-20 21:14
.
Vor Suchlauf: 12 Verzeichnis(se), 144.202.170.368 Bytes frei
Nach Suchlauf: 17 Verzeichnis(se), 145.487.511.552 Bytes frei
.
- - End Of File - - 1AA5FB6C91FD9A695B9EB7B9F4BC0629
|
|
21.01.2014, 12:31
| #6 |
| /// the machine /// TB-Ausbilder | Spam-Mail DHL Paketankündigung mit Link zur Paketinformation Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ --> Spam-Mail DHL Paketankündigung mit Link zur Paketinformation |
|
21.01.2014, 22:38
| #7 |
| | Spam-Mail DHL Paketankündigung mit Link zur Paketinformation Hallo Schrauber, habe die genannten Programme durchgeführt. Die Log-Dateien dazu nun folgend: Malwarebytes Anti-Malware Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2014.01.21.07 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 11.0.9600.16476 Damari :: DAMARIS-PC [Administrator] 21.01.2014 20:37:26 mbam-log-2014-01-21 (20-37-26).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 455701 Laufzeit: 1 Stunde(n), 21 Minute(n), 14 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter # AdwCleaner v3.017 - Bericht erstellt am 21/01/2014 um 22:06:24
# Aktualisiert 12/01/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Damari - DAMARIS-PC
# Gestartet von : C:\Users\Damari\Desktop\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.16428
-\\ Mozilla Firefox v26.0 (de)
[ Datei : C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\prefs.js ]
[ Datei : C:\Users\Internet\AppData\Roaming\Mozilla\Firefox\Profiles\dod4pf5r.default\prefs.js ]
*************************
AdwCleaner[R0].txt - [7076 octets] - [19/01/2014 11:29:50]
AdwCleaner[R1].txt - [1032 octets] - [19/01/2014 11:40:03]
AdwCleaner[R2].txt - [1151 octets] - [21/01/2014 22:04:34]
AdwCleaner[S0].txt - [6808 octets] - [19/01/2014 11:33:05]
AdwCleaner[S1].txt - [1094 octets] - [19/01/2014 11:41:07]
AdwCleaner[S2].txt - [1073 octets] - [21/01/2014 22:06:24]
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1133 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 7 Home Premium x64
Ran by Damari on 21.01.2014 at 22:15:47,64
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
Successfully deleted: [File] "C:\Users\Damari\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\user pinned\startmenu\startfenster.lnk"
Successfully deleted: [File] "C:\Users\Damari\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\user pinned\taskbar\startfenster.lnk"
~~~ Folders
~~~ FireFox
Emptied folder: C:\Users\Damari\AppData\Roaming\mozilla\firefox\profiles\k2na0f3f.default\minidumps [2 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 21.01.2014 at 22:24:05,89
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-01-2014 01
Ran by Damari (administrator) on DAMARIS-PC on 21-01-2014 22:30:19
Running from C:\Users\Damari\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\afwServ.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
() C:\Windows\PLFSetI.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Hidfind.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
() C:\Program Files (x86)\MouseDriver\OfficeMouse.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8060960 2009-08-06] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] - C:\Program Files\Apoint2K\Apoint.exe [295936 2009-05-22] (Alps Electric Co., Ltd.)
HKLM\...\Run: [PLFSetI] - C:\Windows\PLFSetI.exe [200704 2009-11-20] ()
HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [823840 2009-09-30] (Acer Incorporated)
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2782096 2010-07-26] (CANON INC.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-06-16] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1094736 2009-11-02] (Dritek System Inc.)
HKLM-x32\...\Run: [ArcadeDeluxeAgent] - C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [419112 2009-10-06] (CyberLink Corp.)
HKLM-x32\...\Run: [avast5] - C:\Program Files\Alwil Software\Avast5\avastUI.exe [3764024 2013-12-29] (AVAST Software)
HKLM-x32\...\Run: [iWareV3] - C:\Program Files (x86)\MouseDriver\OfficeMouse.exe [507904 2009-03-27] ()
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\Alwil Software\Avast5\AvastUI.exe [3764024 2013-12-29] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PDFPrint] - C:\Program Files (x86)\PDF24\pdf24.exe [186408 2013-12-12] (Geek Software GmbH)
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-08] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-08] ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,CustomizeSearch = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {6D466CFD-27C3-485C-807E-1AF633D3A4D1} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKLM - {6D466CFD-27C3-485C-807E-1AF633D3A4D1} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKLM-x32 - {c1d89ae7-449d-4929-b24b-fded04adbe06} URL = hxxp://isearch.glarysoft.com/?q={searchTerms}&src=iesearch
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_de
SearchScopes: HKCU - {6D466CFD-27C3-485C-807E-1AF633D3A4D1} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKCU - {c1d89ae7-449d-4929-b24b-fded04adbe06} URL = hxxp://isearch.glarysoft.com/?q={searchTerms}&src=iesearch
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default
FF DefaultSearchEngine: SuchMaschine
FF SearchEngineOrder.1: SuchMaschine
FF SelectedSearchEngine: SuchMaschine
FF Homepage: hxxp://www.google.de
FF Keyword.URL: hxxp://www.sm.de/?q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll No File
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.17.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\searchplugins\search_engine.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\glarysearch.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\McSiteAdvisor.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Fast Dial - C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\Extensions\fastdial@telega.phpnet.us [2014-01-20]
FF Extension: Stop Autoplay - C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\Extensions\{2e61e246-e640-4c56-b1ed-f146dbed48cd} [2010-10-12]
FF Extension: Flashblock - C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2014-01-20]
FF Extension: BetterPrivacy - C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3} [2010-10-12]
FF Extension: gui:config - C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\Extensions\guiconfig@slosd.net.xpi [2011-06-20]
FF Extension: Locationbar² - C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\Extensions\locationbar2@design-noir.de.xpi [2011-06-20]
FF Extension: OptimizeGoogle - C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\Extensions\optimizegoogle@optimizegoogle.com.xpi [2011-06-20]
FF Extension: FlashGot - C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2011-06-20]
FF Extension: NoScript - C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2011-06-20]
FF Extension: Adblock Plus - C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-06-20]
FF Extension: Download Statusbar - C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi [2011-06-20]
FF Extension: DownThemAll! - C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2011-06-20]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-28]
FF HKLM-x32\...\Firefox\Extensions: [{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}] - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\
FF Extension: Firefox Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ []
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011-06-20]
FF HKLM-x32\...\Thunderbird\Extensions: [{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}] - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\
FF Extension: Thunderbird Address Book Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ []
==================== Services (Whitelisted) =================
R2 AdobeActiveFileMonitor11.0; C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [171600 2012-09-23] (Adobe Systems Incorporated)
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [50344 2013-12-29] (AVAST Software)
R2 avast! Firewall; C:\Program Files\Alwil Software\Avast5\afwServ.exe [113704 2013-12-29] (AVAST Software)
S3 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [305448 2009-09-11] (Egis Technology Inc.)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-11-02] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2013-12-29] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2013-12-29] (AVAST Software)
R1 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [439648 2014-01-08] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-12-02] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-12-02] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1034464 2013-12-29] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [422216 2013-12-29] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [79672 2013-12-29] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2013-12-29] ()
S3 MEMSWEEP2; C:\Windows\system32\5A05.tmp [6144 2010-05-26] (Sophos Plc)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-08-10] (Corel Corporation)
S3 RSUSBSTOR; C:\Windows\SysWOW64\Drivers\RtsUStor.sys [225280 2009-09-02] (Realtek Semiconductor Corp.)
S3 StarOpen; No ImagePath
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 Lavasoft Kernexplorer; \??\C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-21 22:30 - 2014-01-21 22:30 - 00018918 _____ C:\Users\Damari\Desktop\FRST.txt
2014-01-21 22:24 - 2014-01-21 22:24 - 00001046 _____ C:\Users\Damari\Desktop\JRT.txt
2014-01-21 22:15 - 2014-01-21 22:15 - 00000000 ____D C:\Windows\ERUNT
2014-01-21 22:12 - 2014-01-21 22:12 - 01037068 _____ (Thisisu) C:\Users\Damari\Desktop\JRT.exe
2014-01-21 22:02 - 2014-01-21 22:02 - 01236282 _____ C:\Users\Damari\Desktop\adwcleaner.exe
2014-01-21 20:34 - 2014-01-21 20:34 - 00001117 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-21 20:34 - 2014-01-21 20:34 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-21 20:34 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-21 20:33 - 2014-01-21 20:33 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Damari\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-20 22:21 - 2014-01-20 22:14 - 00119585 _____ C:\Users\Internet\Documents\ComboFix.txt
2014-01-20 22:14 - 2014-01-20 22:14 - 00119585 _____ C:\ComboFix.txt
2014-01-20 22:01 - 2014-01-20 22:14 - 00000000 ____D C:\Qoobox
2014-01-20 22:01 - 2014-01-20 22:12 - 00000000 ____D C:\Windows\erdnt
2014-01-20 22:01 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2014-01-20 22:01 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2014-01-20 22:01 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-01-20 22:01 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-01-20 22:01 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-01-20 22:01 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2014-01-20 22:01 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2014-01-20 22:01 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2014-01-19 19:02 - 2014-01-19 19:02 - 00000000 ____D C:\Users\Damari\AppData\Roaming\AVAST Software
2014-01-19 15:38 - 2014-01-19 15:38 - 00012862 _____ C:\Users\Internet\Documents\gmer.log
2014-01-19 15:25 - 2014-01-19 15:25 - 00379904 _____ C:\Users\Internet\Documents\wp5megvq.exe
2014-01-19 15:04 - 2014-01-19 19:04 - 00034336 _____ C:\Users\Internet\Documents\Addition.txt
2014-01-19 15:03 - 2014-01-19 19:04 - 00036739 _____ C:\Users\Internet\Documents\FRST.txt
2014-01-19 15:02 - 2014-01-19 15:02 - 02076672 _____ (Farbar) C:\Users\Damari\Desktop\FRST64.exe
2014-01-19 15:01 - 2014-01-19 15:01 - 00000000 ____D C:\FRST
2014-01-19 14:57 - 2014-01-19 14:57 - 00000474 _____ C:\Users\Internet\Documents\defogger_disable.log
2014-01-19 14:57 - 2014-01-19 14:57 - 00000000 _____ C:\Users\Damari\defogger_reenable
2014-01-19 14:51 - 2014-01-19 14:51 - 00050477 _____ C:\Users\Internet\Documents\Defogger.exe
2014-01-19 14:22 - 2014-01-19 14:22 - 00001087 _____ C:\Users\Public\Desktop\PDF24 Creator.lnk
2014-01-19 14:22 - 2014-01-19 14:22 - 00000000 ____D C:\Users\Internet\AppData\Local\PDF24
2014-01-19 14:22 - 2014-01-19 14:22 - 00000000 ____D C:\Program Files (x86)\PDF24
2014-01-19 14:00 - 2014-01-19 14:00 - 00002023 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-01-19 13:53 - 2014-01-19 13:53 - 00001957 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk
2014-01-19 13:53 - 2014-01-19 13:53 - 00000000 ____D C:\Program Files (x86)\CDBurnerXP
2014-01-19 12:35 - 2014-01-19 12:35 - 00001155 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-01-19 11:29 - 2014-01-21 22:06 - 00000000 ____D C:\AdwCleaner
2014-01-19 09:28 - 2014-01-19 09:28 - 00000000 ____D C:\Users\Damari\AppData\Roaming\Malwarebytes
2014-01-19 09:28 - 2014-01-19 09:28 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-18 14:50 - 2014-01-20 22:25 - 00007986 _____ C:\Windows\PFRO.log
2014-01-18 14:36 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-18 14:36 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-18 14:36 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-18 14:36 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-18 14:36 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-18 14:36 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-18 14:36 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-18 14:36 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-18 14:36 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-17 22:35 - 2014-01-17 22:35 - 00000000 ____D C:\Users\Internet\AppData\Roaming\GlarySoft
2014-01-12 17:29 - 2014-01-21 22:07 - 00002800 _____ C:\Windows\setupact.log
2014-01-12 17:29 - 2014-01-12 17:29 - 00000000 _____ C:\Windows\setuperr.log
2014-01-12 16:34 - 2014-01-20 21:49 - 00000000 ____D C:\ProgramData\GlarySoft
2014-01-12 16:33 - 2014-01-12 16:33 - 11965000 _____ C:\Users\Damari\Downloads\gu4setup.exe
2013-12-29 23:01 - 2014-01-18 15:13 - 00002047 _____ C:\Users\Public\Desktop\avast! SafeZone.lnk
2013-12-29 23:01 - 2014-01-18 15:13 - 00001987 _____ C:\Users\Public\Desktop\avast! Internet Security.lnk
2013-12-29 23:00 - 2013-12-29 23:01 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2013-12-29 23:00 - 2013-12-29 23:00 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2013-12-29 22:57 - 2013-12-29 22:57 - 00001639 _____ C:\Users\Internet\Documents\License.avastlic
2013-12-29 15:24 - 2013-12-29 15:24 - 00000000 ____D C:\Users\Damari\AppData\Roaming\elsterformular
2013-12-28 18:34 - 2014-01-19 12:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
==================== One Month Modified Files and Folders =======
2014-01-21 22:30 - 2014-01-21 22:30 - 00018918 _____ C:\Users\Damari\Desktop\FRST.txt
2014-01-21 22:26 - 2010-11-26 11:56 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-21 22:24 - 2014-01-21 22:24 - 00001046 _____ C:\Users\Damari\Desktop\JRT.txt
2014-01-21 22:19 - 2012-08-27 22:21 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-21 22:16 - 2009-07-14 05:45 - 00022896 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-21 22:16 - 2009-07-14 05:45 - 00022896 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-21 22:15 - 2014-01-21 22:15 - 00000000 ____D C:\Windows\ERUNT
2014-01-21 22:12 - 2014-01-21 22:12 - 01037068 _____ (Thisisu) C:\Users\Damari\Desktop\JRT.exe
2014-01-21 22:08 - 2010-11-26 11:56 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-21 22:08 - 2010-11-26 10:40 - 00000437 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2014-01-21 22:07 - 2014-01-12 17:29 - 00002800 _____ C:\Windows\setupact.log
2014-01-21 22:07 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-21 22:06 - 2014-01-19 11:29 - 00000000 ____D C:\AdwCleaner
2014-01-21 22:06 - 2010-03-02 17:32 - 01779891 _____ C:\Windows\WindowsUpdate.log
2014-01-21 22:02 - 2014-01-21 22:02 - 01236282 _____ C:\Users\Damari\Desktop\adwcleaner.exe
2014-01-21 20:34 - 2014-01-21 20:34 - 00001117 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-21 20:34 - 2014-01-21 20:34 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-21 20:33 - 2014-01-21 20:33 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Damari\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-21 20:23 - 2012-08-26 21:44 - 00004184 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2014-01-20 22:25 - 2014-01-18 14:50 - 00007986 _____ C:\Windows\PFRO.log
2014-01-20 22:14 - 2014-01-20 22:21 - 00119585 _____ C:\Users\Internet\Documents\ComboFix.txt
2014-01-20 22:14 - 2014-01-20 22:14 - 00119585 _____ C:\ComboFix.txt
2014-01-20 22:14 - 2014-01-20 22:01 - 00000000 ____D C:\Qoobox
2014-01-20 22:14 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Default
2014-01-20 22:12 - 2014-01-20 22:01 - 00000000 ____D C:\Windows\erdnt
2014-01-20 22:12 - 2010-09-13 20:15 - 00000000 ___RD C:\Users\Internet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-20 22:11 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2014-01-20 21:49 - 2014-01-12 16:34 - 00000000 ____D C:\ProgramData\GlarySoft
2014-01-20 21:49 - 2010-10-12 17:52 - 00000000 ____D C:\Users\Damari\AppData\Local\Mozilla
2014-01-20 21:49 - 2010-09-28 17:51 - 00000000 ____D C:\Users\Damari\AppData\Roaming\GlarySoft
2014-01-20 18:32 - 2013-08-10 17:05 - 00000000 ____D C:\Users\Internet\AppData\Roaming\Dropbox
2014-01-20 18:31 - 2013-08-10 17:11 - 00000000 ___RD C:\Users\Internet\Dropbox
2014-01-20 18:28 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2014-01-19 19:04 - 2014-01-19 15:04 - 00034336 _____ C:\Users\Internet\Documents\Addition.txt
2014-01-19 19:04 - 2014-01-19 15:03 - 00036739 _____ C:\Users\Internet\Documents\FRST.txt
2014-01-19 19:02 - 2014-01-19 19:02 - 00000000 ____D C:\Users\Damari\AppData\Roaming\AVAST Software
2014-01-19 19:02 - 2012-08-27 20:42 - 00001429 _____ C:\Users\Damari\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-19 19:02 - 2010-08-24 20:21 - 00120000 _____ C:\Users\Damari\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-19 15:38 - 2014-01-19 15:38 - 00012862 _____ C:\Users\Internet\Documents\gmer.log
2014-01-19 15:25 - 2014-01-19 15:25 - 00379904 _____ C:\Users\Internet\Documents\wp5megvq.exe
2014-01-19 15:02 - 2014-01-19 15:02 - 02076672 _____ (Farbar) C:\Users\Damari\Desktop\FRST64.exe
2014-01-19 15:01 - 2014-01-19 15:01 - 00000000 ____D C:\FRST
2014-01-19 14:57 - 2014-01-19 14:57 - 00000474 _____ C:\Users\Internet\Documents\defogger_disable.log
2014-01-19 14:57 - 2014-01-19 14:57 - 00000000 _____ C:\Users\Damari\defogger_reenable
2014-01-19 14:57 - 2010-08-24 20:21 - 00000000 ____D C:\Users\Damari
2014-01-19 14:51 - 2014-01-19 14:51 - 00050477 _____ C:\Users\Internet\Documents\Defogger.exe
2014-01-19 14:37 - 2009-10-28 19:12 - 00000000 ____D C:\ProgramData\Adobe
2014-01-19 14:36 - 2012-08-26 22:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-19 14:34 - 2013-10-05 19:47 - 00009769 _____ C:\Users\Internet\Desktop\Mappe1.xlsx
2014-01-19 14:28 - 2010-10-08 19:42 - 00000000 ____D C:\Users\Internet\AppData\Roaming\Adobe
2014-01-19 14:22 - 2014-01-19 14:22 - 00001087 _____ C:\Users\Public\Desktop\PDF24 Creator.lnk
2014-01-19 14:22 - 2014-01-19 14:22 - 00000000 ____D C:\Users\Internet\AppData\Local\PDF24
2014-01-19 14:22 - 2014-01-19 14:22 - 00000000 ____D C:\Program Files (x86)\PDF24
2014-01-19 14:14 - 2010-08-29 14:57 - 00000000 ____D C:\Program Files\Paint.NET
2014-01-19 14:00 - 2014-01-19 14:00 - 00002023 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-01-19 14:00 - 2010-09-06 13:10 - 00000000 ____D C:\Users\Damari\AppData\Local\Adobe
2014-01-19 13:59 - 2009-10-28 19:11 - 00000000 ____D C:\Program Files (x86)\Adobe
2014-01-19 13:53 - 2014-01-19 13:53 - 00001957 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk
2014-01-19 13:53 - 2014-01-19 13:53 - 00000000 ____D C:\Program Files (x86)\CDBurnerXP
2014-01-19 12:35 - 2014-01-19 12:35 - 00001155 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-01-19 12:35 - 2013-12-28 18:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-01-19 11:33 - 2010-08-24 20:22 - 00000000 ___RD C:\Users\Damari\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-19 11:04 - 2010-09-21 14:18 - 00000000 ____D C:\Program Files\WLAN-Netzsuche
2014-01-19 09:28 - 2014-01-19 09:28 - 00000000 ____D C:\Users\Damari\AppData\Roaming\Malwarebytes
2014-01-19 09:28 - 2014-01-19 09:28 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-18 15:42 - 2012-08-27 22:21 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-18 15:42 - 2012-08-27 22:21 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-01-18 15:42 - 2011-06-20 13:12 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-18 15:13 - 2013-12-29 23:01 - 00002047 _____ C:\Users\Public\Desktop\avast! SafeZone.lnk
2014-01-18 15:13 - 2013-12-29 23:01 - 00001987 _____ C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-01-18 14:51 - 2009-07-14 05:45 - 03485600 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-18 14:47 - 2013-07-29 20:31 - 00000000 ____D C:\Windows\system32\MRT
2014-01-18 14:39 - 2013-03-24 18:46 - 00000000 ____D C:\Program Files\Microsoft Office 15
2014-01-18 14:37 - 2010-10-16 15:56 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-18 14:26 - 2010-10-03 12:50 - 00000950 _____ C:\Windows\wininit.ini
2014-01-18 14:25 - 2013-08-10 17:11 - 00001032 _____ C:\Users\Internet\Desktop\Dropbox.lnk
2014-01-18 14:25 - 2013-08-10 17:08 - 00000000 ____D C:\Users\Internet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-01-18 14:20 - 2010-09-13 20:14 - 00000000 ____D C:\Users\Internet
2014-01-18 14:18 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2014-01-18 14:18 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\AppCompat
2014-01-17 22:35 - 2014-01-17 22:35 - 00000000 ____D C:\Users\Internet\AppData\Roaming\GlarySoft
2014-01-12 17:29 - 2014-01-12 17:29 - 00000000 _____ C:\Windows\setuperr.log
2014-01-12 16:36 - 2013-03-16 14:23 - 00000000 ____D C:\Windows\Minidump
2014-01-12 16:36 - 2009-07-27 21:41 - 00000000 ____D C:\Windows\Panther
2014-01-12 16:34 - 2010-09-11 14:10 - 00000000 ____D C:\Program Files (x86)\Glary Utilities
2014-01-12 16:33 - 2014-01-12 16:33 - 11965000 _____ C:\Users\Damari\Downloads\gu4setup.exe
2014-01-08 12:38 - 2013-03-16 14:34 - 00439648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-01-04 12:48 - 2011-05-29 15:16 - 00000000 ____D C:\Users\Internet\AppData\Local\Microsoft Games
2014-01-01 22:43 - 2011-11-27 21:53 - 00000000 ____D C:\ProgramData\tmp
2014-01-01 11:19 - 2011-12-14 20:41 - 00000000 ____D C:\Users\Internet\AppData\Roaming\Skype
2013-12-31 22:03 - 2011-12-14 20:41 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-12-31 22:03 - 2011-12-14 20:41 - 00000000 ____D C:\ProgramData\Skype
2013-12-30 22:02 - 2012-08-27 20:11 - 00000000 ____D C:\Users\Internet\AppData\Roaming\vlc
2013-12-29 23:01 - 2013-12-29 23:00 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2013-12-29 23:00 - 2013-12-29 23:00 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2013-12-29 23:00 - 2013-03-16 14:34 - 00207904 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-12-29 23:00 - 2011-06-20 13:27 - 01034464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-12-29 23:00 - 2011-06-20 13:27 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-12-29 23:00 - 2010-08-29 12:51 - 00422216 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-12-29 23:00 - 2010-08-29 12:51 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-12-29 23:00 - 2010-08-29 12:50 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-12-29 22:57 - 2013-12-29 22:57 - 00001639 _____ C:\Users\Internet\Documents\License.avastlic
2013-12-29 15:26 - 2013-04-06 20:00 - 00000000 ____D C:\Program Files (x86)\ElsterFormular
2013-12-29 15:25 - 2013-04-06 20:14 - 00000000 ____D C:\Users\Internet\AppData\Local\.elfohilfe
2013-12-29 15:24 - 2013-12-29 15:24 - 00000000 ____D C:\Users\Damari\AppData\Roaming\elsterformular
2013-12-29 14:59 - 2010-03-03 02:24 - 00699682 _____ C:\Windows\system32\perfh007.dat
2013-12-29 14:59 - 2010-03-03 02:24 - 00149790 _____ C:\Windows\system32\perfc007.dat
2013-12-29 14:59 - 2009-07-14 06:13 - 01620684 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-28 21:20 - 2013-11-16 10:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox.bak
2013-12-25 15:34 - 2010-11-21 22:20 - 00000000 ____D C:\Users\Internet\Documents\WIR
2013-12-24 17:57 - 2013-02-03 17:15 - 00000000 ____D C:\Users\Internet\AppData\Roaming\dvdcss
Some content of TEMP:
====================
C:\Users\Damari\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-01-10 14:40
==================== End Of Log ============================
Gruß, Rick |
|
22.01.2014, 15:27
| #8 |
| /// the machine /// TB-Ausbilder | Spam-Mail DHL Paketankündigung mit Link zur PaketinformationESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
22.01.2014, 22:33
| #9 |
| | Spam-Mail DHL Paketankündigung mit Link zur Paketinformation Hallo Schrauber! So, habe jetzt alle Tools durchlaufen lassen. Folgend sind wieder die Log-Dateien aufgeführt. ESET Online Scanner Code:
ATTFilter ESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=f4609e2c2f145740a02e798237db14e9
# engine=16754
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-01-22 09:04:11
# local_time=2014-01-22 10:04:11 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=770 16774141 100 80 305081 2073819 0 0
# compatibility_mode=5893 16776574 100 94 134844 142054501 0 0
# scanned=214204
# found=0
# cleaned=0
# scan_time=8576
Code:
ATTFilter Results of screen317's Security Check version 0.99.79 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` avast! Internet Security Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware Version 1.75.0.1300 Adobe Flash Player 10 Flash Player out of Date! Adobe Flash Player 12.0.0.43 Flash Player out of Date! Adobe Reader XI Mozilla Firefox (26.0) Mozilla Thunderbird (17.0.6) ````````Process Check: objlist.exe by Laurent```````` Alwil Software Avast5 AvastSvc.exe Alwil Software Avast5 afwServ.exe Alwil Software Avast5 AvastUI.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: ````````````````````End of Log`````````````````````` FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-01-2014 02
Ran by Damari (administrator) on DAMARIS-PC on 22-01-2014 22:18:40
Running from C:\Users\Damari\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\afwServ.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
() C:\Windows\PLFSetI.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Hidfind.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
() C:\Program Files (x86)\MouseDriver\OfficeMouse.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8060960 2009-08-06] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] - C:\Program Files\Apoint2K\Apoint.exe [295936 2009-05-22] (Alps Electric Co., Ltd.)
HKLM\...\Run: [PLFSetI] - C:\Windows\PLFSetI.exe [200704 2009-11-20] ()
HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [823840 2009-09-30] (Acer Incorporated)
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2782096 2010-07-26] (CANON INC.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-06-16] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1094736 2009-11-02] (Dritek System Inc.)
HKLM-x32\...\Run: [ArcadeDeluxeAgent] - C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [419112 2009-10-06] (CyberLink Corp.)
HKLM-x32\...\Run: [avast5] - C:\Program Files\Alwil Software\Avast5\avastUI.exe [3764024 2013-12-29] (AVAST Software)
HKLM-x32\...\Run: [iWareV3] - C:\Program Files (x86)\MouseDriver\OfficeMouse.exe [507904 2009-03-27] ()
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\Alwil Software\Avast5\AvastUI.exe [3764024 2013-12-29] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PDFPrint] - C:\Program Files (x86)\PDF24\pdf24.exe [186408 2013-12-12] (Geek Software GmbH)
HKLM-x32\...\RunOnce: [20131224] - C:\Program Files\Alwil Software\Avast5\setup\emupdate\9b9bdc61-d3cd-4450-8d41-880c52213a21.exe /check [181136 2014-01-22] (AVAST Software)
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-08] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-08] ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,CustomizeSearch = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {6D466CFD-27C3-485C-807E-1AF633D3A4D1} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKLM - {6D466CFD-27C3-485C-807E-1AF633D3A4D1} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKLM-x32 - {c1d89ae7-449d-4929-b24b-fded04adbe06} URL = hxxp://isearch.glarysoft.com/?q={searchTerms}&src=iesearch
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_de
SearchScopes: HKCU - {6D466CFD-27C3-485C-807E-1AF633D3A4D1} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKCU - {c1d89ae7-449d-4929-b24b-fded04adbe06} URL = hxxp://isearch.glarysoft.com/?q={searchTerms}&src=iesearch
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default
FF DefaultSearchEngine: SuchMaschine
FF SearchEngineOrder.1: SuchMaschine
FF SelectedSearchEngine: SuchMaschine
FF Homepage: hxxp://www.google.de
FF Keyword.URL: hxxp://www.sm.de/?q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll No File
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.17.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\searchplugins\search_engine.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\glarysearch.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\McSiteAdvisor.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Fast Dial - C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\Extensions\fastdial@telega.phpnet.us [2014-01-20]
FF Extension: Stop Autoplay - C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\Extensions\{2e61e246-e640-4c56-b1ed-f146dbed48cd} [2010-10-12]
FF Extension: Flashblock - C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2014-01-20]
FF Extension: BetterPrivacy - C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3} [2010-10-12]
FF Extension: gui:config - C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\Extensions\guiconfig@slosd.net.xpi [2011-06-20]
FF Extension: Locationbar² - C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\Extensions\locationbar2@design-noir.de.xpi [2011-06-20]
FF Extension: OptimizeGoogle - C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\Extensions\optimizegoogle@optimizegoogle.com.xpi [2011-06-20]
FF Extension: FlashGot - C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2011-06-20]
FF Extension: NoScript - C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2011-06-20]
FF Extension: Adblock Plus - C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-06-20]
FF Extension: Download Statusbar - C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi [2011-06-20]
FF Extension: DownThemAll! - C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2011-06-20]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-28]
FF HKLM-x32\...\Firefox\Extensions: [{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}] - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\
FF Extension: Firefox Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ []
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011-06-20]
FF HKLM-x32\...\Thunderbird\Extensions: [{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}] - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\
FF Extension: Thunderbird Address Book Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ []
==================== Services (Whitelisted) =================
R2 AdobeActiveFileMonitor11.0; C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [171600 2012-09-23] (Adobe Systems Incorporated)
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [50344 2013-12-29] (AVAST Software)
R2 avast! Firewall; C:\Program Files\Alwil Software\Avast5\afwServ.exe [113704 2013-12-29] (AVAST Software)
S3 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [305448 2009-09-11] (Egis Technology Inc.)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-11-02] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2013-12-29] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2013-12-29] (AVAST Software)
R1 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [439648 2014-01-08] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-12-02] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-12-02] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1034464 2013-12-29] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [422216 2013-12-29] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [79672 2013-12-29] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2013-12-29] ()
S3 MEMSWEEP2; C:\Windows\system32\5A05.tmp [6144 2010-05-26] (Sophos Plc)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-08-10] (Corel Corporation)
S3 RSUSBSTOR; C:\Windows\SysWOW64\Drivers\RtsUStor.sys [225280 2009-09-02] (Realtek Semiconductor Corp.)
S3 StarOpen; No ImagePath
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 Lavasoft Kernexplorer; \??\C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-22 22:18 - 2014-01-22 22:18 - 00000000 ____D C:\Users\Damari\Desktop\FRST-OlderVersion
2014-01-22 19:32 - 2014-01-22 19:32 - 00987425 _____ C:\Users\Damari\Desktop\SecurityCheck.exe
2014-01-22 19:31 - 2014-01-22 19:31 - 02347384 _____ (ESET) C:\Users\Damari\Desktop\esetsmartinstaller_enu.exe
2014-01-21 22:30 - 2014-01-22 22:18 - 00019098 _____ C:\Users\Damari\Desktop\FRST.txt
2014-01-21 22:24 - 2014-01-21 22:24 - 00001046 _____ C:\Users\Damari\Desktop\JRT.txt
2014-01-21 22:15 - 2014-01-21 22:15 - 00000000 ____D C:\Windows\ERUNT
2014-01-21 22:12 - 2014-01-21 22:12 - 01037068 _____ (Thisisu) C:\Users\Damari\Desktop\JRT.exe
2014-01-21 22:02 - 2014-01-21 22:02 - 01236282 _____ C:\Users\Damari\Desktop\adwcleaner.exe
2014-01-21 20:34 - 2014-01-21 20:34 - 00001117 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-21 20:34 - 2014-01-21 20:34 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-21 20:34 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-21 20:33 - 2014-01-21 20:33 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Damari\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-20 22:21 - 2014-01-20 22:14 - 00119585 _____ C:\Users\Internet\Documents\ComboFix.txt
2014-01-20 22:14 - 2014-01-20 22:14 - 00119585 _____ C:\ComboFix.txt
2014-01-20 22:01 - 2014-01-20 22:14 - 00000000 ____D C:\Qoobox
2014-01-20 22:01 - 2014-01-20 22:12 - 00000000 ____D C:\Windows\erdnt
2014-01-20 22:01 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2014-01-20 22:01 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2014-01-20 22:01 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-01-20 22:01 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-01-20 22:01 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-01-20 22:01 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2014-01-20 22:01 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2014-01-20 22:01 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2014-01-19 19:02 - 2014-01-19 19:02 - 00000000 ____D C:\Users\Damari\AppData\Roaming\AVAST Software
2014-01-19 15:38 - 2014-01-19 15:38 - 00012862 _____ C:\Users\Internet\Documents\gmer.log
2014-01-19 15:25 - 2014-01-19 15:25 - 00379904 _____ C:\Users\Internet\Documents\wp5megvq.exe
2014-01-19 15:04 - 2014-01-19 19:04 - 00034336 _____ C:\Users\Internet\Documents\Addition.txt
2014-01-19 15:03 - 2014-01-19 19:04 - 00036739 _____ C:\Users\Internet\Documents\FRST.txt
2014-01-19 15:02 - 2014-01-22 22:18 - 02077696 _____ (Farbar) C:\Users\Damari\Desktop\FRST64.exe
2014-01-19 15:01 - 2014-01-22 22:18 - 00000000 ____D C:\FRST
2014-01-19 14:57 - 2014-01-19 14:57 - 00000474 _____ C:\Users\Internet\Documents\defogger_disable.log
2014-01-19 14:57 - 2014-01-19 14:57 - 00000000 _____ C:\Users\Damari\defogger_reenable
2014-01-19 14:51 - 2014-01-19 14:51 - 00050477 _____ C:\Users\Internet\Documents\Defogger.exe
2014-01-19 14:22 - 2014-01-19 14:22 - 00001087 _____ C:\Users\Public\Desktop\PDF24 Creator.lnk
2014-01-19 14:22 - 2014-01-19 14:22 - 00000000 ____D C:\Users\Internet\AppData\Local\PDF24
2014-01-19 14:22 - 2014-01-19 14:22 - 00000000 ____D C:\Program Files (x86)\PDF24
2014-01-19 14:00 - 2014-01-19 14:00 - 00002023 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-01-19 13:53 - 2014-01-19 13:53 - 00001957 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk
2014-01-19 13:53 - 2014-01-19 13:53 - 00000000 ____D C:\Program Files (x86)\CDBurnerXP
2014-01-19 12:35 - 2014-01-19 12:35 - 00001155 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-01-19 11:29 - 2014-01-21 22:06 - 00000000 ____D C:\AdwCleaner
2014-01-19 09:28 - 2014-01-19 09:28 - 00000000 ____D C:\Users\Damari\AppData\Roaming\Malwarebytes
2014-01-19 09:28 - 2014-01-19 09:28 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-18 14:50 - 2014-01-20 22:25 - 00007986 _____ C:\Windows\PFRO.log
2014-01-18 14:36 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-18 14:36 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-18 14:36 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-18 14:36 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-18 14:36 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-18 14:36 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-18 14:36 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-18 14:36 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-18 14:36 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-17 22:35 - 2014-01-17 22:35 - 00000000 ____D C:\Users\Internet\AppData\Roaming\GlarySoft
2014-01-12 17:29 - 2014-01-22 19:30 - 00003416 _____ C:\Windows\setupact.log
2014-01-12 17:29 - 2014-01-12 17:29 - 00000000 _____ C:\Windows\setuperr.log
2014-01-12 16:34 - 2014-01-20 21:49 - 00000000 ____D C:\ProgramData\GlarySoft
2014-01-12 16:33 - 2014-01-12 16:33 - 11965000 _____ C:\Users\Damari\Downloads\gu4setup.exe
2013-12-29 23:01 - 2014-01-18 15:13 - 00002047 _____ C:\Users\Public\Desktop\avast! SafeZone.lnk
2013-12-29 23:01 - 2014-01-18 15:13 - 00001987 _____ C:\Users\Public\Desktop\avast! Internet Security.lnk
2013-12-29 23:00 - 2013-12-29 23:01 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2013-12-29 23:00 - 2013-12-29 23:00 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2013-12-29 22:57 - 2013-12-29 22:57 - 00001639 _____ C:\Users\Internet\Documents\License.avastlic
2013-12-29 15:24 - 2013-12-29 15:24 - 00000000 ____D C:\Users\Damari\AppData\Roaming\elsterformular
2013-12-28 18:34 - 2014-01-19 12:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
==================== One Month Modified Files and Folders =======
2014-01-22 22:19 - 2014-01-21 22:30 - 00019098 _____ C:\Users\Damari\Desktop\FRST.txt
2014-01-22 22:19 - 2012-08-27 22:21 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-22 22:18 - 2014-01-22 22:18 - 00000000 ____D C:\Users\Damari\Desktop\FRST-OlderVersion
2014-01-22 22:18 - 2014-01-19 15:02 - 02077696 _____ (Farbar) C:\Users\Damari\Desktop\FRST64.exe
2014-01-22 22:18 - 2014-01-19 15:01 - 00000000 ____D C:\FRST
2014-01-22 22:03 - 2010-03-02 17:32 - 01798930 _____ C:\Windows\WindowsUpdate.log
2014-01-22 21:26 - 2010-11-26 11:56 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-22 21:26 - 2010-11-26 11:56 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-22 19:39 - 2010-03-03 02:24 - 00699682 _____ C:\Windows\system32\perfh007.dat
2014-01-22 19:39 - 2010-03-03 02:24 - 00149790 _____ C:\Windows\system32\perfc007.dat
2014-01-22 19:39 - 2009-07-14 06:13 - 01620684 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-22 19:32 - 2014-01-22 19:32 - 00987425 _____ C:\Users\Damari\Desktop\SecurityCheck.exe
2014-01-22 19:31 - 2014-01-22 19:31 - 02347384 _____ (ESET) C:\Users\Damari\Desktop\esetsmartinstaller_enu.exe
2014-01-22 19:30 - 2014-01-12 17:29 - 00003416 _____ C:\Windows\setupact.log
2014-01-22 11:31 - 2009-07-14 05:45 - 00022896 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-22 11:31 - 2009-07-14 05:45 - 00022896 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-22 11:24 - 2010-11-26 10:40 - 00000437 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2014-01-22 11:24 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-22 08:40 - 2012-08-26 21:44 - 00004184 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2014-01-21 22:24 - 2014-01-21 22:24 - 00001046 _____ C:\Users\Damari\Desktop\JRT.txt
2014-01-21 22:15 - 2014-01-21 22:15 - 00000000 ____D C:\Windows\ERUNT
2014-01-21 22:12 - 2014-01-21 22:12 - 01037068 _____ (Thisisu) C:\Users\Damari\Desktop\JRT.exe
2014-01-21 22:06 - 2014-01-19 11:29 - 00000000 ____D C:\AdwCleaner
2014-01-21 22:02 - 2014-01-21 22:02 - 01236282 _____ C:\Users\Damari\Desktop\adwcleaner.exe
2014-01-21 20:34 - 2014-01-21 20:34 - 00001117 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-21 20:34 - 2014-01-21 20:34 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-21 20:33 - 2014-01-21 20:33 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Damari\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-20 22:25 - 2014-01-18 14:50 - 00007986 _____ C:\Windows\PFRO.log
2014-01-20 22:14 - 2014-01-20 22:21 - 00119585 _____ C:\Users\Internet\Documents\ComboFix.txt
2014-01-20 22:14 - 2014-01-20 22:14 - 00119585 _____ C:\ComboFix.txt
2014-01-20 22:14 - 2014-01-20 22:01 - 00000000 ____D C:\Qoobox
2014-01-20 22:14 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Default
2014-01-20 22:12 - 2014-01-20 22:01 - 00000000 ____D C:\Windows\erdnt
2014-01-20 22:12 - 2010-09-13 20:15 - 00000000 ___RD C:\Users\Internet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-20 22:11 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2014-01-20 21:49 - 2014-01-12 16:34 - 00000000 ____D C:\ProgramData\GlarySoft
2014-01-20 21:49 - 2010-10-12 17:52 - 00000000 ____D C:\Users\Damari\AppData\Local\Mozilla
2014-01-20 21:49 - 2010-09-28 17:51 - 00000000 ____D C:\Users\Damari\AppData\Roaming\GlarySoft
2014-01-20 18:32 - 2013-08-10 17:05 - 00000000 ____D C:\Users\Internet\AppData\Roaming\Dropbox
2014-01-20 18:31 - 2013-08-10 17:11 - 00000000 ___RD C:\Users\Internet\Dropbox
2014-01-20 18:28 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2014-01-19 19:04 - 2014-01-19 15:04 - 00034336 _____ C:\Users\Internet\Documents\Addition.txt
2014-01-19 19:04 - 2014-01-19 15:03 - 00036739 _____ C:\Users\Internet\Documents\FRST.txt
2014-01-19 19:02 - 2014-01-19 19:02 - 00000000 ____D C:\Users\Damari\AppData\Roaming\AVAST Software
2014-01-19 19:02 - 2012-08-27 20:42 - 00001429 _____ C:\Users\Damari\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-19 19:02 - 2010-08-24 20:21 - 00120000 _____ C:\Users\Damari\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-19 15:38 - 2014-01-19 15:38 - 00012862 _____ C:\Users\Internet\Documents\gmer.log
2014-01-19 15:25 - 2014-01-19 15:25 - 00379904 _____ C:\Users\Internet\Documents\wp5megvq.exe
2014-01-19 14:57 - 2014-01-19 14:57 - 00000474 _____ C:\Users\Internet\Documents\defogger_disable.log
2014-01-19 14:57 - 2014-01-19 14:57 - 00000000 _____ C:\Users\Damari\defogger_reenable
2014-01-19 14:57 - 2010-08-24 20:21 - 00000000 ____D C:\Users\Damari
2014-01-19 14:51 - 2014-01-19 14:51 - 00050477 _____ C:\Users\Internet\Documents\Defogger.exe
2014-01-19 14:37 - 2009-10-28 19:12 - 00000000 ____D C:\ProgramData\Adobe
2014-01-19 14:36 - 2012-08-26 22:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-19 14:34 - 2013-10-05 19:47 - 00009769 _____ C:\Users\Internet\Desktop\Mappe1.xlsx
2014-01-19 14:28 - 2010-10-08 19:42 - 00000000 ____D C:\Users\Internet\AppData\Roaming\Adobe
2014-01-19 14:22 - 2014-01-19 14:22 - 00001087 _____ C:\Users\Public\Desktop\PDF24 Creator.lnk
2014-01-19 14:22 - 2014-01-19 14:22 - 00000000 ____D C:\Users\Internet\AppData\Local\PDF24
2014-01-19 14:22 - 2014-01-19 14:22 - 00000000 ____D C:\Program Files (x86)\PDF24
2014-01-19 14:14 - 2010-08-29 14:57 - 00000000 ____D C:\Program Files\Paint.NET
2014-01-19 14:00 - 2014-01-19 14:00 - 00002023 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-01-19 14:00 - 2010-09-06 13:10 - 00000000 ____D C:\Users\Damari\AppData\Local\Adobe
2014-01-19 13:59 - 2009-10-28 19:11 - 00000000 ____D C:\Program Files (x86)\Adobe
2014-01-19 13:53 - 2014-01-19 13:53 - 00001957 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk
2014-01-19 13:53 - 2014-01-19 13:53 - 00000000 ____D C:\Program Files (x86)\CDBurnerXP
2014-01-19 12:35 - 2014-01-19 12:35 - 00001155 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-01-19 12:35 - 2013-12-28 18:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-01-19 11:33 - 2010-08-24 20:22 - 00000000 ___RD C:\Users\Damari\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-19 11:04 - 2010-09-21 14:18 - 00000000 ____D C:\Program Files\WLAN-Netzsuche
2014-01-19 09:28 - 2014-01-19 09:28 - 00000000 ____D C:\Users\Damari\AppData\Roaming\Malwarebytes
2014-01-19 09:28 - 2014-01-19 09:28 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-18 15:42 - 2012-08-27 22:21 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-18 15:42 - 2012-08-27 22:21 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-01-18 15:42 - 2011-06-20 13:12 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-18 15:13 - 2013-12-29 23:01 - 00002047 _____ C:\Users\Public\Desktop\avast! SafeZone.lnk
2014-01-18 15:13 - 2013-12-29 23:01 - 00001987 _____ C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-01-18 14:51 - 2009-07-14 05:45 - 03485600 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-18 14:47 - 2013-07-29 20:31 - 00000000 ____D C:\Windows\system32\MRT
2014-01-18 14:39 - 2013-03-24 18:46 - 00000000 ____D C:\Program Files\Microsoft Office 15
2014-01-18 14:37 - 2010-10-16 15:56 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-18 14:26 - 2010-10-03 12:50 - 00000950 _____ C:\Windows\wininit.ini
2014-01-18 14:25 - 2013-08-10 17:11 - 00001032 _____ C:\Users\Internet\Desktop\Dropbox.lnk
2014-01-18 14:25 - 2013-08-10 17:08 - 00000000 ____D C:\Users\Internet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-01-18 14:20 - 2010-09-13 20:14 - 00000000 ____D C:\Users\Internet
2014-01-18 14:18 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2014-01-18 14:18 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\AppCompat
2014-01-17 22:35 - 2014-01-17 22:35 - 00000000 ____D C:\Users\Internet\AppData\Roaming\GlarySoft
2014-01-12 17:29 - 2014-01-12 17:29 - 00000000 _____ C:\Windows\setuperr.log
2014-01-12 16:36 - 2013-03-16 14:23 - 00000000 ____D C:\Windows\Minidump
2014-01-12 16:36 - 2009-07-27 21:41 - 00000000 ____D C:\Windows\Panther
2014-01-12 16:34 - 2010-09-11 14:10 - 00000000 ____D C:\Program Files (x86)\Glary Utilities
2014-01-12 16:33 - 2014-01-12 16:33 - 11965000 _____ C:\Users\Damari\Downloads\gu4setup.exe
2014-01-08 12:38 - 2013-03-16 14:34 - 00439648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-01-04 12:48 - 2011-05-29 15:16 - 00000000 ____D C:\Users\Internet\AppData\Local\Microsoft Games
2014-01-01 22:43 - 2011-11-27 21:53 - 00000000 ____D C:\ProgramData\tmp
2014-01-01 11:19 - 2011-12-14 20:41 - 00000000 ____D C:\Users\Internet\AppData\Roaming\Skype
2013-12-31 22:03 - 2011-12-14 20:41 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-12-31 22:03 - 2011-12-14 20:41 - 00000000 ____D C:\ProgramData\Skype
2013-12-30 22:02 - 2012-08-27 20:11 - 00000000 ____D C:\Users\Internet\AppData\Roaming\vlc
2013-12-29 23:01 - 2013-12-29 23:00 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2013-12-29 23:00 - 2013-12-29 23:00 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2013-12-29 23:00 - 2013-03-16 14:34 - 00207904 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-12-29 23:00 - 2011-06-20 13:27 - 01034464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-12-29 23:00 - 2011-06-20 13:27 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-12-29 23:00 - 2010-08-29 12:51 - 00422216 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-12-29 23:00 - 2010-08-29 12:51 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-12-29 23:00 - 2010-08-29 12:50 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-12-29 22:57 - 2013-12-29 22:57 - 00001639 _____ C:\Users\Internet\Documents\License.avastlic
2013-12-29 15:26 - 2013-04-06 20:00 - 00000000 ____D C:\Program Files (x86)\ElsterFormular
2013-12-29 15:25 - 2013-04-06 20:14 - 00000000 ____D C:\Users\Internet\AppData\Local\.elfohilfe
2013-12-29 15:24 - 2013-12-29 15:24 - 00000000 ____D C:\Users\Damari\AppData\Roaming\elsterformular
2013-12-28 21:20 - 2013-11-16 10:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox.bak
2013-12-25 15:34 - 2010-11-21 22:20 - 00000000 ____D C:\Users\Internet\Documents\WIR
2013-12-24 17:57 - 2013-02-03 17:15 - 00000000 ____D C:\Users\Internet\AppData\Roaming\dvdcss
Some content of TEMP:
====================
C:\Users\Damari\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-01-10 14:40
==================== End Of Log ============================
--- --- --- So wirklich Probleme hatte ich ja nicht festgestellt. Wollte nur auf Nummer sicher gehen. Vielleicht hatte ja doch die Avast Internet Security die Infizierung bereits verhindert. Oder war bei den ganzen Log-Dateien irgendetwas auffälliges zu sehen, das entfernt wurde? Ist denn jetzt mein Rechner wieder clean und kann normal (z.B. Internetbanking) genutzt werden? Vielen Dank auf jeden Fall schon mal für Deine Hilfe!!! Gruß, Rick |
|
23.01.2014, 19:29
| #10 |
| /// the machine /// TB-Ausbilder | Spam-Mail DHL Paketankündigung mit Link zur Paketinformation Flash updaten. Wir haben en bissl Adware entfernt. Onlinebanking kannste machen. Fertig Falls Du Lob oder Kritik loswerden möchtest kannst Du das hier tun Die Reihenfolge ist hier entscheidend.
Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
23.01.2014, 23:04
| #11 |
| | Spam-Mail DHL Paketankündigung mit Link zur Paketinformation Hallo Schrauber, vielen, vielen Dank für Deine Hilfe und für Deine Tipps. Das Abo kannst Du somit stoppen. Gruß, Rick |
|
24.01.2014, 14:37
| #12 |
| /// the machine /// TB-Ausbilder | Spam-Mail DHL Paketankündigung mit Link zur Paketinformation Gern Geschehen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Spam-Mail DHL Paketankündigung mit Link zur Paketinformation |
| ad-aware, antivirus, avast, branding, browser, canon, defender, desktop, e-mail, error, explorer, fehler, firefox, flash player, helper, home, launch, mozilla, problem, realtek, registry, richtlinie, rundll, scan, security, services.exe, software, svchost.exe, taskhost.exe, temp |
Linear-Darstellung
