Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Spam-Mail DHL Paketankündigung mit Link zur Paketinformation

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 19.01.2014, 15:45   #1
DeRiggy
 
Spam-Mail DHL Paketankündigung mit Link zur Paketinformation - Standard

Spam-Mail DHL Paketankündigung mit Link zur Paketinformation



Hallo zusammen,

auch ich bin auf den in einer angeblich von DHL versandten E-Mail enthaltenen Link gegangen, der schon in anderen Beiträgen hier im Forum beschrieben war. Die Weiterleitung erfolgte auf eine Seite mit der Endung ".ru". Meine Avast InternetSecurity gab den Hinweis aus, dass der Zugriff auf bzw. durch die Seite verweigert wurde. Ich bin jetzt aber trotzdem nicht sicher, ob nicht doch eine Infizierung vorliegen könnte. Irgendwelche Problem mit dem Rechner konnte ich bisher nicht konkret feststellen.

Der vollständige Scan mit Avast ergab keine erkennbaren Infektionen.

Ich habe DeFogger, FRST und GMER ausgeführt, deren Log-Dateien ich folgend poste.

Vielen Dank

DeFogger defogger_disable.log
Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 14:57 on 19/01/2014 (Damari)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
         
FRST: FRST.txt
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-01-2014 01
Ran by Internet (ATTENTION: The logged in user is not administrator) on DAMARIS-PC on 19-01-2014 15:03:30
Running from C:\Users\Internet\Documents
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
() C:\Windows\PLFSetI.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Hidfind.exe
(Dropbox, Inc.) C:\Users\Internet\AppData\Roaming\Dropbox\bin\Dropbox.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
() C:\Program Files (x86)\MouseDriver\OfficeMouse.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8060960 2009-08-06] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] - C:\Program Files\Apoint2K\Apoint.exe [295936 2009-05-22] (Alps Electric Co., Ltd.)
HKLM\...\Run: [PLFSetI] - C:\Windows\PLFSetI.exe [200704 2009-11-20] ()
HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [823840 2009-09-30] (Acer Incorporated)
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2782096 2010-07-26] (CANON INC.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-06-16] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1094736 2009-11-02] (Dritek System Inc.)
HKLM-x32\...\Run: [ArcadeDeluxeAgent] - C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [419112 2009-10-06] (CyberLink Corp.)
HKLM-x32\...\Run: [avast5] - C:\Program Files\Alwil Software\Avast5\avastUI.exe [3764024 2013-12-29] (AVAST Software)
HKLM-x32\...\Run: [iWareV3] - C:\Program Files (x86)\MouseDriver\OfficeMouse.exe [507904 2009-03-27] ()
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\Alwil Software\Avast5\AvastUI.exe [3764024 2013-12-29] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PDFPrint] - C:\Program Files (x86)\PDF24\pdf24.exe [186408 2013-12-12] (Geek Software GmbH)
HKLM\...\Runonce: [MSPCLOCK] - rundll32.exe streamci,StreamingDeviceSetup {97ebaacc-95bd-11d0-a3ea-00a0c9223196},{53172480-4791-11D0-A5D6-28DB04C10000},{53172480-4791-11D0-A5D6-28DB04C10000}
HKLM\...\Runonce: [MSPQM] - rundll32.exe streamci,StreamingDeviceSetup {DDF4358E-BB2C-11D0-A42F-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196}
HKLM\...\Runonce: [MSKSSRV] - rundll32.exe streamci,StreamingDeviceSetup {96E080C7-143C-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196}
HKLM\...\Runonce: [MSTEE.CxTransform] - rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},C:\Windows\inf\ksfilter.inf,MSTEE.Interface.Install
HKLM\...\Runonce: [MSTEE.Splitter] - rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},C:\Windows\inf\ksfilter.inf,MSTEE.Interface.Install
HKLM\...\Runonce: [WDM_DRMKAUD] - rundll32.exe streamci,StreamingDeviceSetup {EEC12DB6-AD9C-4168-8658-B03DAEF417FE},{ABD61E00-9350-47e2-A632-4438B90C6641},{FFBB6E3F-CCFE-4D84-90D9-421418B03A8E},C:\Windows\inf\WDMAUDIO.inf,WDM_DRMKAUD.Interface.Install
HKLM\...\RunOnce: [*Restore] - C:\Windows\System32\rstrui.exe /runonce [296960 2010-11-20] (Microsoft Corporation)
HKLM-x32\...\Runonce: [aswAhAScr.dll] - "C:\Program Files\Alwil Software\Avast5\aswRegSvr.exe" "C:\Program Files\Alwil Software\Avast5\AhAScr.dll" [x]
HKLM-x32\...\Runonce: [aswasOutExt.dll] - "C:\Program Files\Alwil Software\Avast5\aswRegSvr.exe" "C:\Program Files\Alwil Software\Avast5\asOutExt.dll" [x]
HKLM-x32\...\Runonce: [aswasOutExt64.dll] - "C:\Program Files\Alwil Software\Avast5\aswRegSvr64.exe" "C:\Program Files\Alwil Software\Avast5\asOutExt64.dll" [x]
HKLM-x32\...\RunOnce: [20131224] - C:\Program Files\Alwil Software\Avast5\setup\emupdate\bd41a782-b42e-4357-aa60-5afc7ea0c4eb.exe /check [181136 2013-12-30] (AVAST Software)
HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware ] - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation)
HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware  (cleanup)] - rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript [1127496 2013-04-04] (Malwarebytes Corporation)
AppInit_DLLs:  => File Not Found
Startup: C:\Users\Internet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Internet\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5542&r=27360810v706l0468z105t5441y71o
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60049
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,CustomizeSearch = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
URLSearchHook: HKCU - (No Name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - No File
URLSearchHook: HKCU - (No Name) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - No File
SearchScopes: HKLM - DefaultScope {6D466CFD-27C3-485C-807E-1AF633D3A4D1} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKLM - {6D466CFD-27C3-485C-807E-1AF633D3A4D1} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKLM-x32 - {c1d89ae7-449d-4929-b24b-fded04adbe06} URL = hxxp://isearch.glarysoft.com/?q={searchTerms}&src=iesearch
SearchScopes: HKCU - DefaultScope {6D466CFD-27C3-485C-807E-1AF633D3A4D1} URL = 
SearchScopes: HKCU - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} URL = hxxp://www.crawler.com/search/dispatcher.aspx?tp=bs&qkw={searchTerms}&tbid=60049
SearchScopes: HKCU - {3AAF02FD-9BCA-4DF2-B5C3-DAC40429482D} URL = hxxp://de.search.yahoo.com/search?fr=mcafee&p={SearchTerms}
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_de
SearchScopes: HKCU - {76738264-F7CA-431B-9607-D57EC08E7EA1} URL = hxxp://de.search.yahoo.com/search?fr=mcafee&p={SearchTerms}
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - No Name - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Internet\AppData\Roaming\Mozilla\Firefox\Profiles\dod4pf5r.default
FF Homepage: https://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll No File
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.17.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Users\Internet\AppData\Roaming\Mozilla\Firefox\Profiles\dod4pf5r.default\searchplugins\search_engine.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\glarysearch.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\McSiteAdvisor.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Flashblock - C:\Users\Internet\AppData\Roaming\Mozilla\Firefox\Profiles\dod4pf5r.default\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2013-04-17]
FF Extension: No Name - C:\Users\Internet\AppData\Roaming\Mozilla\Firefox\Profiles\dod4pf5r.default\Extensions\Foxdie@tanjihay.com.xpi [2010-10-14]
FF Extension: NoScript - C:\Users\Internet\AppData\Roaming\Mozilla\Firefox\Profiles\dod4pf5r.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2011-07-05]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-28]
FF HKLM-x32\...\Firefox\Extensions: [{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}] - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\
FF Extension: Firefox Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ []
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011-06-20]
FF HKLM-x32\...\Thunderbird\Extensions: [{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}] - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\
FF Extension: Thunderbird Address Book Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ []

==================== Services (Whitelisted) =================

R2 AdobeActiveFileMonitor11.0; C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [171600 2012-09-23] (Adobe Systems Incorporated)
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [50344 2013-12-29] (AVAST Software)
R2 avast! Firewall; C:\Program Files\Alwil Software\Avast5\afwServ.exe [113704 2013-12-29] (AVAST Software)
R2 lmhosts; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [305448 2009-09-11] (Egis Technology Inc.)
R2 NlaSvc; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-11-02] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2013-12-29] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2013-12-29] (AVAST Software)
R1 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [439648 2014-01-08] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-12-02] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-12-02] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1034464 2013-12-29] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [422216 2013-12-29] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [79672 2013-12-29] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2013-12-29] ()
R0 BootDefragDriver; C:\Windows\System32\drivers\BootDefragDriver.sys [17088 2014-01-06] (Glarysoft Ltd)
S3 MEMSWEEP2; C:\Windows\system32\5A05.tmp [6144 2010-05-26] (Sophos Plc)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-08-10] (Corel Corporation)
S3 RSUSBSTOR; C:\Windows\SysWOW64\Drivers\RtsUStor.sys [225280 2009-09-02] (Realtek Semiconductor Corp.)
S3 StarOpen; No ImagePath
S3 Lavasoft Kernexplorer; \??\C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-19 15:03 - 2014-01-19 15:03 - 00019670 _____ C:\Users\Internet\Documents\FRST.txt
2014-01-19 15:02 - 2014-01-19 15:02 - 02076672 _____ (Farbar) C:\Users\Internet\Documents\FRST64.exe
2014-01-19 15:01 - 2014-01-19 15:01 - 00000000 ____D C:\FRST
2014-01-19 14:57 - 2014-01-19 14:57 - 00000474 _____ C:\Users\Internet\Documents\defogger_disable.log
2014-01-19 14:57 - 2014-01-19 14:57 - 00000000 _____ C:\Users\Damari\defogger_reenable
2014-01-19 14:51 - 2014-01-19 14:51 - 00050477 _____ C:\Users\Internet\Documents\Defogger.exe
2014-01-19 14:22 - 2014-01-19 14:22 - 00001087 _____ C:\Users\Public\Desktop\PDF24 Creator.lnk
2014-01-19 14:22 - 2014-01-19 14:22 - 00000000 ____D C:\Users\Internet\AppData\Local\PDF24
2014-01-19 14:22 - 2014-01-19 14:22 - 00000000 ____D C:\Program Files (x86)\PDF24
2014-01-19 14:00 - 2014-01-19 14:00 - 00002023 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-01-19 13:53 - 2014-01-19 13:53 - 00001957 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk
2014-01-19 13:53 - 2014-01-19 13:53 - 00000000 ____D C:\Program Files (x86)\CDBurnerXP
2014-01-19 12:35 - 2014-01-19 12:35 - 00001155 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-01-19 11:29 - 2014-01-19 11:41 - 00000000 ____D C:\AdwCleaner
2014-01-19 09:28 - 2014-01-19 09:28 - 00001117 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-19 09:28 - 2014-01-19 09:28 - 00000000 ____D C:\Users\Damari\AppData\Roaming\Malwarebytes
2014-01-19 09:28 - 2014-01-19 09:28 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-19 09:28 - 2014-01-19 09:28 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-19 09:28 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-18 14:50 - 2014-01-19 11:06 - 00007434 _____ C:\Windows\PFRO.log
2014-01-18 14:36 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-18 14:36 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-18 14:36 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-18 14:36 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-18 14:36 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-18 14:36 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-18 14:36 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-18 14:36 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-18 14:36 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-17 22:35 - 2014-01-17 22:35 - 00000000 ____D C:\Users\Internet\AppData\Roaming\GlarySoft
2014-01-12 17:29 - 2014-01-19 14:36 - 00001456 _____ C:\Windows\setupact.log
2014-01-12 17:29 - 2014-01-12 17:29 - 00000000 _____ C:\Windows\setuperr.log
2014-01-12 16:34 - 2014-01-19 14:36 - 00000336 _____ C:\Windows\Tasks\GlaryInitialize 4.job
2014-01-12 16:34 - 2014-01-18 14:18 - 00000000 ____D C:\Program Files (x86)\Glary Utilities 4
2014-01-12 16:34 - 2014-01-12 16:34 - 00001088 _____ C:\Users\Public\Desktop\Glary Utilities 4.lnk
2014-01-12 16:34 - 2014-01-12 16:34 - 00000000 ____D C:\ProgramData\GlarySoft
2014-01-12 16:34 - 2014-01-06 09:38 - 00117024 _____ (Glarysoft Ltd) C:\Windows\system32\BootDefrag.exe
2014-01-12 16:34 - 2014-01-06 04:28 - 00017088 _____ (Glarysoft Ltd) C:\Windows\system32\Drivers\BootDefragDriver.sys
2013-12-29 23:01 - 2014-01-18 15:13 - 00002047 _____ C:\Users\Public\Desktop\avast! SafeZone.lnk
2013-12-29 23:01 - 2014-01-18 15:13 - 00001987 _____ C:\Users\Public\Desktop\avast! Internet Security.lnk
2013-12-29 23:00 - 2013-12-29 23:01 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2013-12-29 23:00 - 2013-12-29 23:00 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2013-12-29 22:57 - 2013-12-29 22:57 - 00001639 _____ C:\Users\Internet\Documents\License.avastlic
2013-12-29 15:24 - 2013-12-29 15:24 - 00000000 ____D C:\Users\Damari\AppData\Roaming\elsterformular
2013-12-28 18:34 - 2014-01-19 12:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified Files and Folders =======

2014-01-19 15:03 - 2014-01-19 15:03 - 00019670 _____ C:\Users\Internet\Documents\FRST.txt
2014-01-19 15:02 - 2014-01-19 15:02 - 02076672 _____ (Farbar) C:\Users\Internet\Documents\FRST64.exe
2014-01-19 15:01 - 2014-01-19 15:01 - 00000000 ____D C:\FRST
2014-01-19 14:57 - 2014-01-19 14:57 - 00000474 _____ C:\Users\Internet\Documents\defogger_disable.log
2014-01-19 14:57 - 2014-01-19 14:57 - 00000000 _____ C:\Users\Damari\defogger_reenable
2014-01-19 14:57 - 2010-08-24 20:21 - 00000000 ____D C:\Users\Damari
2014-01-19 14:51 - 2014-01-19 14:51 - 00050477 _____ C:\Users\Internet\Documents\Defogger.exe
2014-01-19 14:46 - 2009-07-14 05:45 - 00022896 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-19 14:46 - 2009-07-14 05:45 - 00022896 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-19 14:42 - 2010-03-02 17:32 - 01703195 _____ C:\Windows\WindowsUpdate.log
2014-01-19 14:38 - 2013-08-10 17:11 - 00000000 ___RD C:\Users\Internet\Dropbox
2014-01-19 14:38 - 2013-08-10 17:05 - 00000000 ____D C:\Users\Internet\AppData\Roaming\Dropbox
2014-01-19 14:37 - 2010-11-26 11:56 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-19 14:37 - 2009-10-28 19:12 - 00000000 ____D C:\ProgramData\Adobe
2014-01-19 14:36 - 2014-01-12 17:29 - 00001456 _____ C:\Windows\setupact.log
2014-01-19 14:36 - 2014-01-12 16:34 - 00000336 _____ C:\Windows\Tasks\GlaryInitialize 4.job
2014-01-19 14:36 - 2012-08-26 22:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-19 14:36 - 2010-11-26 10:40 - 00000437 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2014-01-19 14:36 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-19 14:34 - 2013-10-05 19:47 - 00009769 _____ C:\Users\Internet\Desktop\Mappe1.xlsx
2014-01-19 14:28 - 2010-10-08 19:42 - 00000000 ____D C:\Users\Internet\AppData\Roaming\Adobe
2014-01-19 14:26 - 2010-11-26 11:56 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-19 14:22 - 2014-01-19 14:22 - 00001087 _____ C:\Users\Public\Desktop\PDF24 Creator.lnk
2014-01-19 14:22 - 2014-01-19 14:22 - 00000000 ____D C:\Users\Internet\AppData\Local\PDF24
2014-01-19 14:22 - 2014-01-19 14:22 - 00000000 ____D C:\Program Files (x86)\PDF24
2014-01-19 14:19 - 2012-08-27 22:21 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-19 14:14 - 2010-08-29 14:57 - 00000000 ____D C:\Program Files\Paint.NET
2014-01-19 14:00 - 2014-01-19 14:00 - 00002023 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-01-19 13:59 - 2009-10-28 19:11 - 00000000 ____D C:\Program Files (x86)\Adobe
2014-01-19 13:53 - 2014-01-19 13:53 - 00001957 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk
2014-01-19 13:53 - 2014-01-19 13:53 - 00000000 ____D C:\Program Files (x86)\CDBurnerXP
2014-01-19 12:35 - 2014-01-19 12:35 - 00001155 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-01-19 12:35 - 2013-12-28 18:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-01-19 11:41 - 2014-01-19 11:29 - 00000000 ____D C:\AdwCleaner
2014-01-19 11:06 - 2014-01-18 14:50 - 00007434 _____ C:\Windows\PFRO.log
2014-01-19 11:04 - 2010-09-21 14:18 - 00000000 ____D C:\Program Files\WLAN-Netzsuche
2014-01-19 09:28 - 2014-01-19 09:28 - 00001117 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-19 09:28 - 2014-01-19 09:28 - 00000000 ____D C:\Users\Damari\AppData\Roaming\Malwarebytes
2014-01-19 09:28 - 2014-01-19 09:28 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-19 09:28 - 2014-01-19 09:28 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-18 15:42 - 2012-08-27 22:21 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-18 15:42 - 2011-06-20 13:12 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-18 15:13 - 2013-12-29 23:01 - 00002047 _____ C:\Users\Public\Desktop\avast! SafeZone.lnk
2014-01-18 15:13 - 2013-12-29 23:01 - 00001987 _____ C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-01-18 14:51 - 2009-07-14 05:45 - 03485600 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-18 14:47 - 2013-07-29 20:31 - 00000000 ____D C:\Windows\system32\MRT
2014-01-18 14:39 - 2013-03-24 18:46 - 00000000 ____D C:\Program Files\Microsoft Office 15
2014-01-18 14:37 - 2010-10-16 15:56 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-18 14:26 - 2010-10-03 12:50 - 00000950 _____ C:\Windows\wininit.ini
2014-01-18 14:26 - 2010-09-13 20:15 - 00000000 ___RD C:\Users\Internet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-18 14:25 - 2013-08-10 17:11 - 00001032 _____ C:\Users\Internet\Desktop\Dropbox.lnk
2014-01-18 14:25 - 2013-08-10 17:08 - 00000000 ____D C:\Users\Internet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-01-18 14:20 - 2010-09-13 20:14 - 00000000 ____D C:\Users\Internet
2014-01-18 14:18 - 2014-01-12 16:34 - 00000000 ____D C:\Program Files (x86)\Glary Utilities 4
2014-01-18 14:18 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2014-01-18 14:18 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\AppCompat
2014-01-17 22:35 - 2014-01-17 22:35 - 00000000 ____D C:\Users\Internet\AppData\Roaming\GlarySoft
2014-01-12 17:29 - 2014-01-12 17:29 - 00000000 _____ C:\Windows\setuperr.log
2014-01-12 16:36 - 2013-03-16 14:23 - 00000000 ____D C:\Windows\Minidump
2014-01-12 16:36 - 2009-07-27 21:41 - 00000000 ____D C:\Windows\Panther
2014-01-12 16:34 - 2014-01-12 16:34 - 00001088 _____ C:\Users\Public\Desktop\Glary Utilities 4.lnk
2014-01-12 16:34 - 2014-01-12 16:34 - 00000000 ____D C:\ProgramData\GlarySoft
2014-01-12 16:34 - 2010-09-28 17:51 - 00000000 ____D C:\Users\Damari\AppData\Roaming\GlarySoft
2014-01-12 16:34 - 2010-09-11 14:10 - 00000000 ____D C:\Program Files (x86)\Glary Utilities
2014-01-08 12:38 - 2013-03-16 14:34 - 00439648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-01-06 09:38 - 2014-01-12 16:34 - 00117024 _____ (Glarysoft Ltd) C:\Windows\system32\BootDefrag.exe
2014-01-06 04:28 - 2014-01-12 16:34 - 00017088 _____ (Glarysoft Ltd) C:\Windows\system32\Drivers\BootDefragDriver.sys
2014-01-04 12:48 - 2011-05-29 15:16 - 00000000 ____D C:\Users\Internet\AppData\Local\Microsoft Games
2014-01-01 22:43 - 2011-11-27 21:53 - 00000000 ____D C:\ProgramData\tmp
2014-01-01 11:19 - 2011-12-14 20:41 - 00000000 ____D C:\Users\Internet\AppData\Roaming\Skype
2013-12-31 22:03 - 2011-12-14 20:41 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-12-31 22:03 - 2011-12-14 20:41 - 00000000 ____D C:\ProgramData\Skype
2013-12-30 22:02 - 2012-08-27 20:11 - 00000000 ____D C:\Users\Internet\AppData\Roaming\vlc
2013-12-29 23:01 - 2013-12-29 23:00 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2013-12-29 23:00 - 2013-12-29 23:00 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2013-12-29 23:00 - 2013-03-16 14:34 - 00207904 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-12-29 23:00 - 2011-06-20 13:27 - 01034464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-12-29 23:00 - 2011-06-20 13:27 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-12-29 23:00 - 2010-08-29 12:51 - 00422216 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-12-29 23:00 - 2010-08-29 12:51 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-12-29 23:00 - 2010-08-29 12:50 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-12-29 22:57 - 2013-12-29 22:57 - 00001639 _____ C:\Users\Internet\Documents\License.avastlic
2013-12-29 15:26 - 2013-04-06 20:00 - 00000000 ____D C:\Program Files (x86)\ElsterFormular
2013-12-29 15:25 - 2013-04-06 20:14 - 00000000 ____D C:\Users\Internet\AppData\Local\.elfohilfe
2013-12-29 15:24 - 2013-12-29 15:24 - 00000000 ____D C:\Users\Damari\AppData\Roaming\elsterformular
2013-12-29 14:59 - 2010-03-03 02:24 - 00699682 _____ C:\Windows\system32\perfh007.dat
2013-12-29 14:59 - 2010-03-03 02:24 - 00149790 _____ C:\Windows\system32\perfc007.dat
2013-12-29 14:59 - 2009-07-14 06:13 - 01620684 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-28 21:20 - 2013-11-16 10:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox.bak
2013-12-25 15:34 - 2010-11-21 22:20 - 00000000 ____D C:\Users\Internet\Documents\WIR
2013-12-24 17:57 - 2013-02-03 17:15 - 00000000 ____D C:\Users\Internet\AppData\Roaming\dvdcss

Some content of TEMP:
====================
C:\Users\Internet\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\Internet\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Internet\AppData\Local\Temp\uninstmgr-setup-4.6.exe
C:\Users\Internet\AppData\Local\Temp\uninstmgr-setup-5.3.exe
C:\Users\Internet\AppData\Local\Temp\vlc-2.0.5-win32.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================
         
FRST: Additional.txt
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-01-2014 01
Ran by Internet at 2014-01-19 15:04:19
Running from C:\Users\Internet\Documents
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Internet Security (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Internet Security (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Internet Security (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

Acer Arcade Deluxe (x32 Version: 3.0.7006 - CyberLink Corp.)
Acer Arcade Deluxe (x32 Version: 3.0.7006 - CyberLink Corp.) Hidden
Acer Backup Manager (x32 Version: 2.0.0.29 - NewTech Infosystems)
Acer Crystal Eye Webcam (x32 Version: 5.2.9.3 - Suyin Optronics Corp)
Acer ePower Management (x32 Version: 4.05.3004 - Acer Incorporated)
Acer eRecovery Management (x32 Version: 4.05.3005 - Acer Incorporated)
Acer GridVista (x32 Version: 3.01.0730 - Acer Inc.)
Acer Registration (x32 Version: 1.02.3006 - Acer Incorporated)
Acer ScreenSaver (x32 Version: 1.5.0715 - Acer Incorporated)
Acer Updater (x32 Version: 1.01.3017 - Acer Incorporated)
Acrobat.com (x32 Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.8.0.1280 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.8.0.1280 - Adobe Systems Incorporated) Hidden
Adobe Download Assistant (x32 Version: 1.2.6 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.2.6 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 10 ActiveX (x32 Version: 10.0.32.18 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.43 - Adobe Systems Incorporated)
Adobe Premiere Elements 11 (Version: 11.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 11 (Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Reader XI (11.0.06) - Deutsch (x32 Version: 11.0.06 - Adobe Systems Incorporated)
ALPS Touch Pad Driver (Version: 7.105.2015.1103 - Alps Electric)
AMD USB Filter Driver (x32 Version: 1.0.11.86 - Advanced Micro Devices, Inc.) Hidden
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
ATI Catalyst Install Manager (Version: 3.0.732.0 - ATI Technologies, Inc.)
avast! Internet Security (x32 Version: 9.0.2011 - Avast Software)
Backup Manager Basic (x32 Version: 2.0.0.29 - NewTech Infosystems) Hidden
Broadcom Gigabit NetLink Controller (Version: 12.26.02 - Broadcom Corporation)
Canon MP510 (Version:  - )
Canon My Printer (x32 Version:  - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2009.0729.2227.38498 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2009.0729.2227.38498 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2009.0729.2227.38498 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2009.0729.2227.38498 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2009.0729.2227.38498 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2009.0729.2227.38498 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Czech (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Danish (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Dutch (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help English (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Finnish (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help French (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help German (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Greek (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Italian (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Japanese (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Korean (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Polish (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Russian (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Spanish (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Swedish (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Thai (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Turkish (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
ccc-core-static (x32 Version: 2009.0729.2227.38498 - Ihr Firmenname) Hidden
ccc-utility64 (Version: 2009.0729.2227.38498 - ATI) Hidden
CDBurnerXP (x32 Version: 4.5.2.4478 - CDBurnerXP)
Compatibility Pack für 2007 Office System (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Dropbox (HKCU Version: 2.4.11 - Dropbox, Inc.)
Elements 11 Organizer (x32 Version: 11.0 - Ihr Firmenname) Hidden
ElsterFormular (x32 Version: 14.4.12044 - Landesfinanzdirektion Thüringen)
Glary Utilities 4.4 (x32 Version: 4.4.0.86 - Glarysoft Ltd)
Glarysoft Toolbar (x32 Version: 1.2.0 - Glarysoft Ltd)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
HDAUDIO Soft Data Fax Modem with SmartCP (Version: 7.80.4.55 - Conexant Systems)
Identity Card (x32 Version: 1.00.3002 - Acer Incorporated)
IrfanView (remove only) (x32 Version: 4.35 - Irfan Skiljan)
Java 7 Update 25 (64-bit) (Version: 7.0.250 - Oracle)
Launch Manager (x32 Version: 3.0.06 - Acer Inc.)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 - de-de (Version: 15.0.4551.1512 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (x32 Version: 9.7.0621 - Microsoft Corporation)
MouseDriver (x32 Version: 1.00.0000 - )
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
Mozilla Thunderbird 17.0.6 (x86 de) (x32 Version: 17.0.6 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (x32 Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (x32 Version: 4.30.2107.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0 - Microsoft Corporation)
MyWinLocker (x32 Version: 3.1.76.0 - Egis Technology Inc.)
NAVIGON Fresh 3.4.1 (x32 Version: 3.4.1 - NAVIGON)
Nokia Connectivity Cable Driver (x32 Version: 7.1.45.0 - Nokia)
Nokia Ovi Suite (x32 Version: 3.1.1.78 - Nokia)
Nokia Ovi Suite (x32 Version: 3.1.1.78 - Nokia) Hidden
Nokia Ovi Suite Software Updater (x32 Version: 02.07.004.45780 - Nokia Corporation)
NTI Backup Now 5 (x32 Version: 5.1.2.627 - NewTech Infosystems)
NTI Backup Now Standard (x32 Version: 5.1.2.627 - NewTech Infosystems) Hidden
NTI Media Maker 8 (x32 Version: 8.0.12.6623 - NewTech Infosystems)
NTI Media Maker 8 (x32 Version: 8.0.12.6623 - NewTech Infosystems) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
OnlineFotoservice (x32 Version: 5.1.3 - CEWE Stiftung u Co. KGaA)
Ovi Desktop Sync Engine (x32 Version: 1.5.266.0 - Nokia) Hidden
OviMPlatform (x32 Version: 2.7.72.0 - Nokia) Hidden
PC Connectivity Solution (x32 Version: 11.4.19.0 - Nokia)
PDF24 Creator 6.2.0 (x32 Version:  - PDF24.org)
PMB (x32 Version: 5.5.02.12220 - Sony Corporation)
PRE11 STI 64Installer (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
QuickTime (x32 Version: 7.74.80.86 - Apple Inc.)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.5911 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (x32 Version: 6.1.7600.30104 - Realtek Semiconductor Corp.)
Skype Click to Call (x32 Version: 5.8.8855 - Skype Technologies S.A.)
Skype™ 6.11 (x32 Version: 6.11.102 - Skype Technologies S.A.)
Visual C++ 2008 x86 Runtime - (v9.0.30729) (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (x32 Version: 9.0.30729.01 - Microsoft Corporation)
VLC media player 2.0.6 (x32 Version: 2.0.6 - VideoLAN)
VLC media player 2.0.7 (Version: 2.0.7 - VideoLAN)
Welcome Center (x32 Version: 1.00.3008 - Acer Incorporated)
Windows Live Anmelde-Assistent (x32 Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Communications Platform (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Sync (x32 Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live-Uploadtool (x32 Version: 14.0.8014.1029 - Microsoft Corporation)
Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0) (Version: 08/22/2008 7.0.0.0 - Nokia)

==================== Restore Points  =========================

Could not list Restore Points. Check WMI.


==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: C:\Windows\Tasks\Ad-Aware Update (Weekly).job => ?
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => ?
Task: C:\Windows\Tasks\GlaryInitialize 4.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => ?

==================== Loaded Modules (whitelisted) =============

2013-10-19 00:55 - 2013-10-19 00:55 - 25100288 _____ () C:\Users\Internet\AppData\Roaming\Dropbox\bin\libcef.dll
2012-09-02 11:37 - 2009-03-27 20:09 - 00090112 _____ () C:\Program Files (x86)\MouseDriver\dllset.dll
2013-12-02 22:40 - 2013-12-02 22:40 - 19336120 _____ () C:\Program Files\Alwil Software\Avast5\libcef.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:444C53BA
AlternateDataStreams: C:\ProgramData\Temp:4CF61E54
AlternateDataStreams: C:\ProgramData\Temp:4D066AD2

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/19/2014 02:00:18 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile  WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (01/19/2014 01:53:21 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile  WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (01/19/2014 00:56:55 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile  WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (01/19/2014 00:49:33 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile  WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (01/19/2014 00:48:32 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile  WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (01/19/2014 00:41:08 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile  WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (01/19/2014 00:36:21 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile  WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (01/19/2014 00:35:33 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile  WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (01/19/2014 00:35:31 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile  WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (01/19/2014 00:29:11 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: setup.exe_unknown, Version: 0.0.0.0, Zeitstempel: 0x4bc06cda
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc000041d
Fehleroffset: 0x770f11f1
ID des fehlerhaften Prozesses: 0xc74
Startzeit der fehlerhaften Anwendung: 0xsetup.exe_unknown0
Pfad der fehlerhaften Anwendung: setup.exe_unknown1
Pfad des fehlerhaften Moduls: setup.exe_unknown2
Berichtskennung: setup.exe_unknown3


System errors:
=============
Error: (01/19/2014 02:36:45 PM) (Source: ipnathlp) (User: )
Description: 0

Error: (01/19/2014 02:36:37 PM) (Source: amdsata) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\RaidPort0 gefunden.

Error: (01/19/2014 02:36:24 PM) (Source: atikmdag) (User: )
Description: Display is not active

Error: (01/19/2014 02:36:24 PM) (Source: atikmdag) (User: )
Description: CPLIB :: General - Invalid Parameter

Error: (01/19/2014 00:12:00 PM) (Source: ipnathlp) (User: )
Description: 0

Error: (01/19/2014 00:10:25 PM) (Source: amdsata) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\RaidPort0 gefunden.

Error: (01/19/2014 00:10:24 PM) (Source: atikmdag) (User: )
Description: Display is not active

Error: (01/19/2014 00:10:24 PM) (Source: atikmdag) (User: )
Description: CPLIB :: General - Invalid Parameter

Error: (01/19/2014 11:42:11 AM) (Source: amdsata) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\RaidPort0 gefunden.

Error: (01/19/2014 11:42:09 AM) (Source: atikmdag) (User: )
Description: Display is not active


Microsoft Office Sessions:
=========================
Error: (01/19/2014 02:00:18 PM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8

Error: (01/19/2014 01:53:21 PM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8

Error: (01/19/2014 00:56:55 PM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8

Error: (01/19/2014 00:49:33 PM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8

Error: (01/19/2014 00:48:32 PM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8

Error: (01/19/2014 00:41:08 PM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8

Error: (01/19/2014 00:36:21 PM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8

Error: (01/19/2014 00:35:33 PM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8

Error: (01/19/2014 00:35:31 PM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8

Error: (01/19/2014 00:29:11 PM) (Source: Application Error)(User: )
Description: setup.exe_unknown0.0.0.04bc06cdaunknown0.0.0.000000000c000041d770f11f1c7401cf1509ac1ad9a1C:\Users\Internet\AppData\Local\Temp\7zS6180.tmp\setup.exeunknowneaabe412-80fc-11e3-a393-00262d901b56


CodeIntegrity Errors:
===================================
  Date: 2012-08-26 21:09:51.391
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\5A05.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-08-26 21:09:51.313
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\5A05.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2011-10-06 12:03:48.438
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\BC2D.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2011-10-06 12:03:48.406
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\BC2D.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2011-07-16 17:29:20.818
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\E3FE.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2011-07-16 17:29:20.787
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\E3FE.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2011-07-16 16:49:34.685
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\E3FE.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2011-07-16 16:49:34.653
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\E3FE.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2011-07-16 16:44:37.956
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\549A.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2011-07-16 16:44:37.910
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\549A.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Percentage of memory in use: 33%
Total physical RAM: 4094.36 MB
Available physical RAM: 2708.45 MB
Total Pagefile: 10233.54 MB
Available Pagefile: 8692.84 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (ACER) (Fixed) (Total:286.27 GB) (Free:134.63 GB) NTFS

==================== MBR & Partition Table ==================

==================== End Of Log ============================
         
GMER: gmer.log
Code:
ATTFilter
GMER 2.1.19324 - hxxp://www.gmer.net
Rootkit scan 2014-01-19 15:38:17
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\0000005d WDC_WD32 rev.11.0 298,09GB
Running: wp5megvq.exe; Driver: C:\Users\Damari\AppData\Local\Temp\pwriifow.sys


---- User code sections - GMER 2.1 ----

.text   C:\Windows\system32\wininit.exe[540] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                      0000000076dceecd 1 byte [62]
.text   C:\Windows\system32\winlogon.exe[608] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                     0000000076dceecd 1 byte [62]
.text   C:\Windows\system32\services.exe[652] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                     0000000076dceecd 1 byte [62]
.text   C:\Windows\system32\svchost.exe[788] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                      0000000076dceecd 1 byte [62]
.text   C:\Windows\system32\atiesrxx.exe[940] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                     0000000076dceecd 1 byte [62]
.text   C:\Windows\System32\svchost.exe[1000] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                     0000000076dceecd 1 byte [62]
.text   C:\Windows\System32\svchost.exe[288] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                      0000000076dceecd 1 byte [62]
.text   C:\Windows\system32\svchost.exe[440] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                      0000000076dceecd 1 byte [62]
.text   C:\Windows\system32\svchost.exe[644] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                      0000000076dceecd 1 byte [62]
.text   C:\Windows\system32\svchost.exe[1156] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                     0000000076dceecd 1 byte [62]
.text   C:\Windows\system32\atieclxx.exe[1240] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                    0000000076dceecd 1 byte [62]
.text   C:\Program Files\Alwil Software\Avast5\afwServ.exe[1448] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                                  00000000765ba2ba 1 byte [62]
.text   C:\Program Files\Alwil Software\Avast5\afwServ.exe[1448] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                0000000074ce1465 2 bytes [CE, 74]
.text   C:\Program Files\Alwil Software\Avast5\afwServ.exe[1448] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                               0000000074ce14bb 2 bytes [CE, 74]
.text   ...                                                                                                                                             * 2
.text   C:\Windows\System32\spoolsv.exe[1576] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                     0000000076dceecd 1 byte [62]
.text   C:\Windows\system32\svchost.exe[1604] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                     0000000076dceecd 1 byte [62]
.text   C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1696] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                        00000000765ba2ba 1 byte [62]
.text   C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe[1752] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                          0000000076dceecd 1 byte [62]
.text   C:\Program Files (x86)\Acer\Registration\GregHSRW.exe[1780] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                               00000000765ba2ba 1 byte [62]
.text   C:\Windows\system32\svchost.exe[1820] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                     0000000076dceecd 1 byte [62]
.text   C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe[1872] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112     00000000765ba2ba 1 byte [62]
.text   C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe[1872] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69   0000000074ce1465 2 bytes [CE, 74]
.text   C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe[1872] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155  0000000074ce14bb 2 bytes [CE, 74]
.text   ...                                                                                                                                             * 2
.text   C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe[1928] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112        00000000765ba2ba 1 byte [62]
.text   C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe[1952] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                 0000000076dceecd 1 byte [62]
.text   C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe[2000] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                           00000000765ba2ba 1 byte [62]
.text   C:\Windows\system32\svchost.exe[1088] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                     0000000076dceecd 1 byte [62]
.text   C:\Program Files\Acer\Acer Updater\UpdaterService.exe[2056] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                               00000000765ba2ba 1 byte [62]
.text   C:\Windows\system32\svchost.exe[2728] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                     0000000076dceecd 1 byte [62]
.text   C:\Windows\system32\taskhost.exe[3040] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                    0000000076dceecd 1 byte [62]
.text   C:\Windows\system32\Dwm.exe[2232] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                         0000000076dceecd 1 byte [62]
.text   C:\Windows\Explorer.EXE[1280] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                             0000000076dceecd 1 byte [62]
.text   C:\Windows\System32\rundll32.exe[3268] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                    0000000076dceecd 1 byte [62]
.text   C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[3312] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                     0000000076dceecd 1 byte [62]
.text   C:\Program Files\Apoint2K\Apoint.exe[3500] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                0000000076dceecd 1 byte [62]
.text   C:\Windows\PLFSetI.exe[3576] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                                                              00000000765ba2ba 1 byte [62]
.text   C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe[3636] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                         0000000076dceecd 1 byte [62]
.text   C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE[3652] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                        0000000076dceecd 1 byte [62]
.text   C:\Program Files\Apoint2K\ApMsgFwd.exe[3760] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                              0000000076dceecd 1 byte [62]
.text   C:\Windows\system32\SearchIndexer.exe[3932] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                               0000000076dceecd 1 byte [62]
.text   C:\Program Files\Apoint2K\Apntex.exe[3984] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                0000000076dceecd 1 byte [62]
.text   C:\Windows\system32\conhost.exe[4004] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                     0000000076dceecd 1 byte [62]
.text   C:\Program Files\Apoint2K\HidFind.exe[4036] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                               0000000076dceecd 1 byte [62]
.text   C:\Windows\system32\wbem\unsecapp.exe[3120] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                               0000000076dceecd 1 byte [62]
.text   C:\Users\Internet\AppData\Roaming\Dropbox\bin\Dropbox.exe[3088] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                           00000000765ba2ba 1 byte [62]
.text   C:\Users\Internet\AppData\Roaming\Dropbox\bin\Dropbox.exe[3088] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 69                         0000000074ce1465 2 bytes [CE, 74]
.text   C:\Users\Internet\AppData\Roaming\Dropbox\bin\Dropbox.exe[3088] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 155                        0000000074ce14bb 2 bytes [CE, 74]
.text   ...                                                                                                                                             * 2
.text   C:\Program Files (x86)\Launch Manager\LManager.exe[3400] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                                  00000000765ba2ba 1 byte [62]
.text   C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe[2348] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112  00000000765ba2ba 1 byte [62]
.text   C:\Program Files (x86)\MouseDriver\OfficeMouse.exe[3708] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                                  00000000765ba2ba 1 byte [62]
.text   C:\Program Files\Alwil Software\Avast5\AvastUI.exe[3980] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                                  00000000765ba2ba 1 byte [62]
.text   C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe[360] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                         0000000076dceecd 1 byte [62]
.text   C:\Program Files\Windows Media Player\wmpnetwk.exe[3396] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                  0000000076dceecd 1 byte [62]
.text   C:\Program Files (x86)\PDF24\pdf24.exe[268] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                                               00000000765ba2ba 1 byte [62]
.text   C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe[4712] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112   00000000765ba2ba 1 byte [62]
.text   C:\Windows\system32\notepad.exe[3908] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                     0000000076dceecd 1 byte [62]
.text   C:\Windows\system32\notepad.exe[5016] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                     0000000076dceecd 1 byte [62]
.text   C:\Windows\system32\AUDIODG.EXE[572] C:\Windows\System32\kernel32.dll!GetBinaryTypeW + 189                                                      0000000076dceecd 1 byte [62]
.text   C:\Users\Internet\Documents\wp5megvq.exe[2556] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                                            00000000765ba2ba 1 byte [62]

---- User IAT/EAT - GMER 2.1 ----

IAT     C:\Windows\Explorer.EXE[1280] @ C:\Windows\system32\SHLWAPI.dll[KERNEL32.dll!FreeLibraryAndExitThread]                                          [10002350] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\psdprotect.dll
IAT     C:\Windows\Explorer.EXE[1280] @ C:\Windows\system32\SHLWAPI.dll[KERNEL32.dll!CreateThread]                                                      [10003450] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\psdprotect.dll
IAT     C:\Windows\Explorer.EXE[1280] @ C:\Windows\system32\SHELL32.dll[KERNEL32.dll!LoadLibraryA]                                                      [100011e0] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\psdprotect.dll

---- Threads - GMER 2.1 ----

Thread  C:\Windows\System32\svchost.exe [2152:2940]                                                                                                     000007fef42b9688
Thread  C:\Program Files\Windows Media Player\wmpnetwk.exe [3396:1268]                                                                                  000007fefb432a7c

---- Registry - GMER 2.1 ----

Reg     HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Epoch2@Epoch                                                                                7307

---- EOF - GMER 2.1 ----
         

Alt 19.01.2014, 19:00   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Spam-Mail DHL Paketankündigung mit Link zur Paketinformation - Standard

Spam-Mail DHL Paketankündigung mit Link zur Paketinformation



Hi,

FRST bitte nochmal, Tools brauchen immer Adminrechte.
__________________

__________________

Alt 19.01.2014, 19:16   #3
DeRiggy
 
Spam-Mail DHL Paketankündigung mit Link zur Paketinformation - Standard

Spam-Mail DHL Paketankündigung mit Link zur Paketinformation



Hallo Schrauber,

sorry, hier noch FRST mit Admin-Rechten.

FRST: Additional.txt
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-01-2014 01
Ran by Damari at 2014-01-19 19:04:33
Running from C:\Users\Internet\Documents
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Internet Security (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Internet Security (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Internet Security (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

Acer Arcade Deluxe (x32 Version: 3.0.7006 - CyberLink Corp.)
Acer Arcade Deluxe (x32 Version: 3.0.7006 - CyberLink Corp.) Hidden
Acer Backup Manager (x32 Version: 2.0.0.29 - NewTech Infosystems)
Acer Crystal Eye Webcam (x32 Version: 5.2.9.3 - Suyin Optronics Corp)
Acer ePower Management (x32 Version: 4.05.3004 - Acer Incorporated)
Acer eRecovery Management (x32 Version: 4.05.3005 - Acer Incorporated)
Acer GridVista (x32 Version: 3.01.0730 - Acer Inc.)
Acer Registration (x32 Version: 1.02.3006 - Acer Incorporated)
Acer ScreenSaver (x32 Version: 1.5.0715 - Acer Incorporated)
Acer Updater (x32 Version: 1.01.3017 - Acer Incorporated)
Acrobat.com (x32 Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.8.0.1280 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.8.0.1280 - Adobe Systems Incorporated) Hidden
Adobe Download Assistant (x32 Version: 1.2.6 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.2.6 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 10 ActiveX (x32 Version: 10.0.32.18 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.43 - Adobe Systems Incorporated)
Adobe Premiere Elements 11 (Version: 11.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 11 (Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Reader XI (11.0.06) - Deutsch (x32 Version: 11.0.06 - Adobe Systems Incorporated)
ALPS Touch Pad Driver (Version: 7.105.2015.1103 - Alps Electric)
AMD USB Filter Driver (x32 Version: 1.0.11.86 - Advanced Micro Devices, Inc.) Hidden
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
ATI Catalyst Install Manager (Version: 3.0.732.0 - ATI Technologies, Inc.)
avast! Internet Security (x32 Version: 9.0.2011 - Avast Software)
Backup Manager Basic (x32 Version: 2.0.0.29 - NewTech Infosystems) Hidden
Broadcom Gigabit NetLink Controller (Version: 12.26.02 - Broadcom Corporation)
Canon MP510 (Version:  - )
Canon My Printer (x32 Version:  - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2009.0729.2227.38498 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2009.0729.2227.38498 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2009.0729.2227.38498 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2009.0729.2227.38498 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2009.0729.2227.38498 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2009.0729.2227.38498 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Czech (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Danish (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Dutch (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help English (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Finnish (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help French (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help German (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Greek (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Italian (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Japanese (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Korean (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Polish (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Russian (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Spanish (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Swedish (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Thai (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Turkish (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
ccc-core-static (x32 Version: 2009.0729.2227.38498 - Ihr Firmenname) Hidden
ccc-utility64 (Version: 2009.0729.2227.38498 - ATI) Hidden
CDBurnerXP (x32 Version: 4.5.2.4478 - CDBurnerXP)
Compatibility Pack für 2007 Office System (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Elements 11 Organizer (x32 Version: 11.0 - Ihr Firmenname) Hidden
ElsterFormular (x32 Version: 14.4.12044 - Landesfinanzdirektion Thüringen)
Glary Utilities 4.4 (x32 Version: 4.4.0.86 - Glarysoft Ltd)
Glarysoft Toolbar (x32 Version: 1.2.0 - Glarysoft Ltd)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
HDAUDIO Soft Data Fax Modem with SmartCP (Version: 7.80.4.55 - Conexant Systems)
Identity Card (x32 Version: 1.00.3002 - Acer Incorporated)
IrfanView (remove only) (x32 Version: 4.35 - Irfan Skiljan)
Java 7 Update 25 (64-bit) (Version: 7.0.250 - Oracle)
Launch Manager (x32 Version: 3.0.06 - Acer Inc.)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 - de-de (Version: 15.0.4551.1512 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (x32 Version: 9.7.0621 - Microsoft Corporation)
MouseDriver (x32 Version: 1.00.0000 - )
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
Mozilla Thunderbird 17.0.6 (x86 de) (x32 Version: 17.0.6 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (x32 Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (x32 Version: 4.30.2107.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0 - Microsoft Corporation)
MyWinLocker (x32 Version: 3.1.76.0 - Egis Technology Inc.)
NAVIGON Fresh 3.4.1 (x32 Version: 3.4.1 - NAVIGON)
Nokia Connectivity Cable Driver (x32 Version: 7.1.45.0 - Nokia)
Nokia Ovi Suite (x32 Version: 3.1.1.78 - Nokia)
Nokia Ovi Suite (x32 Version: 3.1.1.78 - Nokia) Hidden
Nokia Ovi Suite Software Updater (x32 Version: 02.07.004.45780 - Nokia Corporation)
NTI Backup Now 5 (x32 Version: 5.1.2.627 - NewTech Infosystems)
NTI Backup Now Standard (x32 Version: 5.1.2.627 - NewTech Infosystems) Hidden
NTI Media Maker 8 (x32 Version: 8.0.12.6623 - NewTech Infosystems)
NTI Media Maker 8 (x32 Version: 8.0.12.6623 - NewTech Infosystems) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
OnlineFotoservice (x32 Version: 5.1.3 - CEWE Stiftung u Co. KGaA)
Ovi Desktop Sync Engine (x32 Version: 1.5.266.0 - Nokia) Hidden
OviMPlatform (x32 Version: 2.7.72.0 - Nokia) Hidden
PC Connectivity Solution (x32 Version: 11.4.19.0 - Nokia)
PDF24 Creator 6.2.0 (x32 Version:  - PDF24.org)
PMB (x32 Version: 5.5.02.12220 - Sony Corporation)
PRE11 STI 64Installer (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
QuickTime (x32 Version: 7.74.80.86 - Apple Inc.)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.5911 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (x32 Version: 6.1.7600.30104 - Realtek Semiconductor Corp.)
Skype Click to Call (x32 Version: 5.8.8855 - Skype Technologies S.A.)
Skype™ 6.11 (x32 Version: 6.11.102 - Skype Technologies S.A.)
Visual C++ 2008 x86 Runtime - (v9.0.30729) (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (x32 Version: 9.0.30729.01 - Microsoft Corporation)
VLC media player 2.0.6 (x32 Version: 2.0.6 - VideoLAN)
VLC media player 2.0.7 (Version: 2.0.7 - VideoLAN)
Welcome Center (x32 Version: 1.00.3008 - Acer Incorporated)
Windows Live Anmelde-Assistent (x32 Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Communications Platform (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Sync (x32 Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live-Uploadtool (x32 Version: 14.0.8014.1029 - Microsoft Corporation)
Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0) (Version: 08/22/2008 7.0.0.0 - Nokia)

==================== Restore Points  =========================

19-01-2014 11:19:40 Removed PDF-XChange Viewer
19-01-2014 11:21:09 Removed Apple Application Support
19-01-2014 13:14:16 Removed Paint.NET v3.5.5

==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {140B5480-52C5-46C4-B8BB-6D939E468ADD} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {1B7C2BFB-D51B-46F9-921B-2FB7A90CD983} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-11-26] (Google Inc.)
Task: {24892AF7-CE15-46AE-9B7A-B19C9144BB93} - System32\Tasks\McQcModifier-5c47-a7b0 => C:\ProgramData\McQcModifier-5c47-a7b0\McQcModifier-5c47-a7b0.cmd [2009-08-29] ()
Task: {3FC0A3EF-3A17-4E68-88D5-82D85A163A9D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2013-11-14] (Microsoft Corporation)
Task: {4E3AB02D-CC12-4442-9BB1-D26957ECF848} - System32\Tasks\GlaryInitialize 4 => C:\Program Files (x86)\Glary Utilities 4\Initialize.exe [2014-01-06] (Glarysoft Ltd)
Task: {5259B37A-F68C-42EB-992A-E6B16A1509A0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-11-26] (Google Inc.)
Task: {53CB0CCD-A0AB-41F6-8E86-4434DDCBE9A6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-18] (Adobe Systems Incorporated)
Task: {60B07EAE-4BB8-44C6-A9C2-31E17F65432D} - System32\Tasks\AdobeAAMUpdater-1.0-DAMARIS-PC-Internet => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-06-16] (Adobe Systems Incorporated)
Task: {6157149F-51CC-4F4C-AA9E-CE77C1A7B202} - System32\Tasks\GU4SkipUAC => C:\Program Files (x86)\Glary Utilities 4\Integrator.exe [2014-01-06] (Glarysoft Ltd)
Task: {937EF604-07D3-43CA-8389-6B595AC79110} - System32\Tasks\avast! Emergency Update => C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe [2013-12-29] (AVAST Software)
Task: {96C44108-545F-4527-9C57-1295AA97B71F} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-11-02] (Microsoft Corporation)
Task: {A09A7881-5AA7-4F03-8A02-CA2F62597921} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {C5D8ACCF-DE75-437E-A8F4-F2D0E748E252} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2013-11-14] (Microsoft Corporation)
Task: {EEDD4736-CD4C-4223-992B-A33513BBF6CA} - System32\Tasks\{DC6CD344-A426-45A8-9F3F-68010E6E2E15} => C:\Program Files (x86)\Opera\opera.exe
Task: {FCFB5176-F239-460B-B9C5-8E2A0B048672} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: C:\Windows\Tasks\Ad-Aware Update (Weekly).job => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GlaryInitialize 4.job => C:\Program Files (x86)\Glary Utilities 4\Initialize.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-01-19 11:38 - 2014-01-19 09:14 - 02155520 _____ () C:\Program Files\Alwil Software\Avast5\defs\14011900\algo.dll
2009-02-03 01:33 - 2009-02-03 01:33 - 00460199 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
2008-09-29 01:55 - 2008-09-29 01:55 - 01076224 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ACE.dll
2013-10-19 00:55 - 2013-10-19 00:55 - 25100288 _____ () C:\Users\Internet\AppData\Roaming\Dropbox\bin\libcef.dll
2012-09-02 11:37 - 2009-03-27 20:09 - 00090112 _____ () C:\Program Files (x86)\MouseDriver\dllset.dll
2013-12-02 22:40 - 2013-12-02 22:40 - 19336120 _____ () C:\Program Files\Alwil Software\Avast5\libcef.dll
2014-01-19 12:35 - 2013-12-05 20:36 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:444C53BA
AlternateDataStreams: C:\ProgramData\Temp:4CF61E54
AlternateDataStreams: C:\ProgramData\Temp:4D066AD2

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/19/2014 07:02:26 PM) (Source: System Restore) (User: )
Description: Unbekannter Fehler bei der Systemwiederherstellung: (Windows Update). Zusätzliche Informationen: 0xc0000022.

Error: (01/19/2014 02:00:18 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile  WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (01/19/2014 01:53:21 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile  WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (01/19/2014 00:56:55 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile  WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (01/19/2014 00:49:33 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile  WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (01/19/2014 00:48:32 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile  WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (01/19/2014 00:41:08 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile  WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (01/19/2014 00:36:21 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile  WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (01/19/2014 00:35:33 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile  WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (01/19/2014 00:35:31 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile  WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.


System errors:
=============
Error: (01/19/2014 07:01:59 PM) (Source: atikmdag) (User: )
Description: Display is not active

Error: (01/19/2014 06:58:20 PM) (Source: atikmdag) (User: )
Description: Display is not active

Error: (01/19/2014 05:03:22 PM) (Source: atikmdag) (User: )
Description: Display is not active

Error: (01/19/2014 02:36:45 PM) (Source: ipnathlp) (User: )
Description: 0

Error: (01/19/2014 02:36:37 PM) (Source: amdsata) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\RaidPort0 gefunden.

Error: (01/19/2014 02:36:24 PM) (Source: atikmdag) (User: )
Description: Display is not active

Error: (01/19/2014 02:36:24 PM) (Source: atikmdag) (User: )
Description: CPLIB :: General - Invalid Parameter

Error: (01/19/2014 00:12:00 PM) (Source: ipnathlp) (User: )
Description: 0

Error: (01/19/2014 00:10:25 PM) (Source: amdsata) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\RaidPort0 gefunden.

Error: (01/19/2014 00:10:24 PM) (Source: atikmdag) (User: )
Description: Display is not active


Microsoft Office Sessions:
=========================
Error: (01/19/2014 07:02:26 PM) (Source: System Restore)(User: )
Description: Windows Update0xc0000022

Error: (01/19/2014 02:00:18 PM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8

Error: (01/19/2014 01:53:21 PM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8

Error: (01/19/2014 00:56:55 PM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8

Error: (01/19/2014 00:49:33 PM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8

Error: (01/19/2014 00:48:32 PM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8

Error: (01/19/2014 00:41:08 PM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8

Error: (01/19/2014 00:36:21 PM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8

Error: (01/19/2014 00:35:33 PM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8

Error: (01/19/2014 00:35:31 PM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8


CodeIntegrity Errors:
===================================
  Date: 2012-08-26 21:09:51.391
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\5A05.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-08-26 21:09:51.313
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\5A05.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2011-10-06 12:03:48.438
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\BC2D.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2011-10-06 12:03:48.406
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\BC2D.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2011-07-16 17:29:20.818
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\E3FE.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2011-07-16 17:29:20.787
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\E3FE.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2011-07-16 16:49:34.685
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\E3FE.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2011-07-16 16:49:34.653
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\E3FE.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2011-07-16 16:44:37.956
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\549A.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2011-07-16 16:44:37.910
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\549A.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Percentage of memory in use: 40%
Total physical RAM: 4094.36 MB
Available physical RAM: 2433.41 MB
Total Pagefile: 10233.54 MB
Available Pagefile: 8108.64 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (ACER) (Fixed) (Total:286.27 GB) (Free:134.68 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298 GB) (Disk ID: E755E755)
Partition 1: (Not Active) - (Size=12 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=286 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
FRST: FRST.txt

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-01-2014 01
Ran by Damari (administrator) on DAMARIS-PC on 19-01-2014 19:03:38
Running from C:\Users\Internet\Documents
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\afwServ.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
() C:\Windows\PLFSetI.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Hidfind.exe
(Dropbox, Inc.) C:\Users\Internet\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
() C:\Program Files (x86)\MouseDriver\OfficeMouse.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wbengine.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
() C:\Windows\PLFSetI.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Hidfind.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
() C:\Program Files (x86)\MouseDriver\OfficeMouse.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\reader_sl.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8060960 2009-08-06] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] - C:\Program Files\Apoint2K\Apoint.exe [295936 2009-05-22] (Alps Electric Co., Ltd.)
HKLM\...\Run: [PLFSetI] - C:\Windows\PLFSetI.exe [200704 2009-11-20] ()
HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [823840 2009-09-30] (Acer Incorporated)
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2782096 2010-07-26] (CANON INC.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-06-16] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1094736 2009-11-02] (Dritek System Inc.)
HKLM-x32\...\Run: [ArcadeDeluxeAgent] - C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [419112 2009-10-06] (CyberLink Corp.)
HKLM-x32\...\Run: [avast5] - C:\Program Files\Alwil Software\Avast5\avastUI.exe [3764024 2013-12-29] (AVAST Software)
HKLM-x32\...\Run: [iWareV3] - C:\Program Files (x86)\MouseDriver\OfficeMouse.exe [507904 2009-03-27] ()
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\Alwil Software\Avast5\AvastUI.exe [3764024 2013-12-29] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PDFPrint] - C:\Program Files (x86)\PDF24\pdf24.exe [186408 2013-12-12] (Geek Software GmbH)
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-08] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-08] ()
AppInit_DLLs:  => File Not Found
Startup: C:\Users\Internet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Damari\AppData\Roaming\Dropbox\bin\Dropbox.exe (No File)

==================== Internet (Whitelisted) ====================

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,CustomizeSearch = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM - DefaultScope {6D466CFD-27C3-485C-807E-1AF633D3A4D1} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKLM - {6D466CFD-27C3-485C-807E-1AF633D3A4D1} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKLM-x32 - {c1d89ae7-449d-4929-b24b-fded04adbe06} URL = hxxp://isearch.glarysoft.com/?q={searchTerms}&src=iesearch
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_de
SearchScopes: HKCU - {6D466CFD-27C3-485C-807E-1AF633D3A4D1} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKCU - {c1d89ae7-449d-4929-b24b-fded04adbe06} URL = hxxp://isearch.glarysoft.com/?q={searchTerms}&src=iesearch
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default
FF DefaultSearchEngine: SuchMaschine
FF SearchEngineOrder.1: SuchMaschine
FF SelectedSearchEngine: SuchMaschine
FF Homepage: hxxp://www.google.de
FF Keyword.URL: hxxp://www.sm.de/?q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll No File
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.17.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\searchplugins\search_engine.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\glarysearch.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\McSiteAdvisor.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Fast Dial - C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\Extensions\fastdial@telega.phpnet.us [2013-08-21]
FF Extension: Stop Autoplay - C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\Extensions\{2e61e246-e640-4c56-b1ed-f146dbed48cd} [2010-10-12]
FF Extension: BetterPrivacy - C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3} [2010-10-12]
FF Extension: gui:config - C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\Extensions\guiconfig@slosd.net.xpi [2011-06-20]
FF Extension: Locationbar² - C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\Extensions\locationbar2@design-noir.de.xpi [2011-06-20]
FF Extension: OptimizeGoogle - C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\Extensions\optimizegoogle@optimizegoogle.com.xpi [2011-06-20]
FF Extension: FlashGot - C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2011-06-20]
FF Extension: Flashblock - C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}.xpi [2011-12-12]
FF Extension: NoScript - C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2011-06-20]
FF Extension: Adblock Plus - C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-06-20]
FF Extension: Download Statusbar - C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi [2011-06-20]
FF Extension: DownThemAll! - C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2011-06-20]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-28]
FF HKLM-x32\...\Firefox\Extensions: [{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}] - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\
FF Extension: Firefox Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ []
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011-06-20]
FF HKLM-x32\...\Thunderbird\Extensions: [{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}] - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\
FF Extension: Thunderbird Address Book Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ []

==================== Services (Whitelisted) =================

R2 AdobeActiveFileMonitor11.0; C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [171600 2012-09-23] (Adobe Systems Incorporated)
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [50344 2013-12-29] (AVAST Software)
R2 avast! Firewall; C:\Program Files\Alwil Software\Avast5\afwServ.exe [113704 2013-12-29] (AVAST Software)
S3 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [305448 2009-09-11] (Egis Technology Inc.)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-11-02] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2013-12-29] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2013-12-29] (AVAST Software)
R1 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [439648 2014-01-08] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-12-02] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-12-02] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1034464 2013-12-29] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [422216 2013-12-29] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [79672 2013-12-29] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2013-12-29] ()
R0 BootDefragDriver; C:\Windows\System32\drivers\BootDefragDriver.sys [17088 2014-01-06] (Glarysoft Ltd)
S3 MEMSWEEP2; C:\Windows\system32\5A05.tmp [6144 2010-05-26] (Sophos Plc)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-08-10] (Corel Corporation)
S3 RSUSBSTOR; C:\Windows\SysWOW64\Drivers\RtsUStor.sys [225280 2009-09-02] (Realtek Semiconductor Corp.)
S3 StarOpen; No ImagePath
S3 Lavasoft Kernexplorer; \??\C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [x]
U3 pwriifow; \??\C:\Users\Damari\AppData\Local\Temp\pwriifow.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-19 19:02 - 2014-01-19 19:02 - 00000000 ____D C:\Users\Damari\AppData\Roaming\AVAST Software
2014-01-19 15:38 - 2014-01-19 15:38 - 00012862 _____ C:\Users\Internet\Documents\gmer.log
2014-01-19 15:25 - 2014-01-19 15:25 - 00379904 _____ C:\Users\Internet\Documents\wp5megvq.exe
2014-01-19 15:04 - 2014-01-19 15:04 - 00031078 _____ C:\Users\Internet\Documents\Addition.txt
2014-01-19 15:03 - 2014-01-19 19:04 - 00020220 _____ C:\Users\Internet\Documents\FRST.txt
2014-01-19 15:02 - 2014-01-19 15:02 - 02076672 _____ (Farbar) C:\Users\Internet\Documents\FRST64.exe
2014-01-19 15:01 - 2014-01-19 15:01 - 00000000 ____D C:\FRST
2014-01-19 14:57 - 2014-01-19 14:57 - 00000474 _____ C:\Users\Internet\Documents\defogger_disable.log
2014-01-19 14:57 - 2014-01-19 14:57 - 00000000 _____ C:\Users\Damari\defogger_reenable
2014-01-19 14:51 - 2014-01-19 14:51 - 00050477 _____ C:\Users\Internet\Documents\Defogger.exe
2014-01-19 14:22 - 2014-01-19 14:22 - 00001087 _____ C:\Users\Public\Desktop\PDF24 Creator.lnk
2014-01-19 14:22 - 2014-01-19 14:22 - 00000000 ____D C:\Users\Internet\AppData\Local\PDF24
2014-01-19 14:22 - 2014-01-19 14:22 - 00000000 ____D C:\Program Files (x86)\PDF24
2014-01-19 14:00 - 2014-01-19 14:00 - 00002023 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-01-19 13:53 - 2014-01-19 13:53 - 00001957 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk
2014-01-19 13:53 - 2014-01-19 13:53 - 00000000 ____D C:\Program Files (x86)\CDBurnerXP
2014-01-19 12:35 - 2014-01-19 12:35 - 00001155 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-01-19 11:29 - 2014-01-19 11:41 - 00000000 ____D C:\AdwCleaner
2014-01-19 09:28 - 2014-01-19 09:28 - 00001117 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-19 09:28 - 2014-01-19 09:28 - 00000000 ____D C:\Users\Damari\AppData\Roaming\Malwarebytes
2014-01-19 09:28 - 2014-01-19 09:28 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-19 09:28 - 2014-01-19 09:28 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-19 09:28 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-18 14:50 - 2014-01-19 11:06 - 00007434 _____ C:\Windows\PFRO.log
2014-01-18 14:36 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-18 14:36 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-18 14:36 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-18 14:36 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-18 14:36 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-18 14:36 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-18 14:36 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-18 14:36 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-18 14:36 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-17 22:35 - 2014-01-17 22:35 - 00000000 ____D C:\Users\Internet\AppData\Roaming\GlarySoft
2014-01-12 17:29 - 2014-01-19 18:58 - 00001624 _____ C:\Windows\setupact.log
2014-01-12 17:29 - 2014-01-12 17:29 - 00000000 _____ C:\Windows\setuperr.log
2014-01-12 16:34 - 2014-01-19 19:03 - 00000336 _____ C:\Windows\Tasks\GlaryInitialize 4.job
2014-01-12 16:34 - 2014-01-18 14:18 - 00000000 ____D C:\Program Files (x86)\Glary Utilities 4
2014-01-12 16:34 - 2014-01-12 16:34 - 00002978 _____ C:\Windows\System32\Tasks\GU4SkipUAC
2014-01-12 16:34 - 2014-01-12 16:34 - 00002638 _____ C:\Windows\System32\Tasks\GlaryInitialize 4
2014-01-12 16:34 - 2014-01-12 16:34 - 00001088 _____ C:\Users\Public\Desktop\Glary Utilities 4.lnk
2014-01-12 16:34 - 2014-01-12 16:34 - 00000000 ____D C:\ProgramData\GlarySoft
2014-01-12 16:34 - 2014-01-06 09:38 - 00117024 _____ (Glarysoft Ltd) C:\Windows\system32\BootDefrag.exe
2014-01-12 16:34 - 2014-01-06 04:28 - 00017088 _____ (Glarysoft Ltd) C:\Windows\system32\Drivers\BootDefragDriver.sys
2014-01-12 16:33 - 2014-01-12 16:33 - 11965000 _____ C:\Users\Damari\Downloads\gu4setup.exe
2013-12-29 23:01 - 2014-01-18 15:13 - 00002047 _____ C:\Users\Public\Desktop\avast! SafeZone.lnk
2013-12-29 23:01 - 2014-01-18 15:13 - 00001987 _____ C:\Users\Public\Desktop\avast! Internet Security.lnk
2013-12-29 23:00 - 2013-12-29 23:01 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2013-12-29 23:00 - 2013-12-29 23:00 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2013-12-29 22:57 - 2013-12-29 22:57 - 00001639 _____ C:\Users\Internet\Documents\License.avastlic
2013-12-29 15:24 - 2013-12-29 15:24 - 00000000 ____D C:\Users\Damari\AppData\Roaming\elsterformular
2013-12-28 18:34 - 2014-01-19 12:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified Files and Folders =======

2014-01-19 19:04 - 2014-01-19 15:03 - 00020220 _____ C:\Users\Internet\Documents\FRST.txt
2014-01-19 19:03 - 2014-01-12 16:34 - 00000336 _____ C:\Windows\Tasks\GlaryInitialize 4.job
2014-01-19 19:03 - 2010-03-02 17:32 - 01704023 _____ C:\Windows\WindowsUpdate.log
2014-01-19 19:02 - 2014-01-19 19:02 - 00000000 ____D C:\Users\Damari\AppData\Roaming\AVAST Software
2014-01-19 19:02 - 2012-08-27 20:42 - 00001429 _____ C:\Users\Damari\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-19 19:02 - 2010-11-26 11:56 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-19 19:02 - 2010-08-24 20:21 - 00120000 _____ C:\Users\Damari\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-19 18:58 - 2014-01-12 17:29 - 00001624 _____ C:\Windows\setupact.log
2014-01-19 18:58 - 2012-08-27 22:21 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-19 18:58 - 2010-11-26 11:56 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-19 15:38 - 2014-01-19 15:38 - 00012862 _____ C:\Users\Internet\Documents\gmer.log
2014-01-19 15:25 - 2014-01-19 15:25 - 00379904 _____ C:\Users\Internet\Documents\wp5megvq.exe
2014-01-19 15:04 - 2014-01-19 15:04 - 00031078 _____ C:\Users\Internet\Documents\Addition.txt
2014-01-19 15:02 - 2014-01-19 15:02 - 02076672 _____ (Farbar) C:\Users\Internet\Documents\FRST64.exe
2014-01-19 15:01 - 2014-01-19 15:01 - 00000000 ____D C:\FRST
2014-01-19 14:57 - 2014-01-19 14:57 - 00000474 _____ C:\Users\Internet\Documents\defogger_disable.log
2014-01-19 14:57 - 2014-01-19 14:57 - 00000000 _____ C:\Users\Damari\defogger_reenable
2014-01-19 14:57 - 2010-08-24 20:21 - 00000000 ____D C:\Users\Damari
2014-01-19 14:51 - 2014-01-19 14:51 - 00050477 _____ C:\Users\Internet\Documents\Defogger.exe
2014-01-19 14:46 - 2009-07-14 05:45 - 00022896 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-19 14:46 - 2009-07-14 05:45 - 00022896 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-19 14:38 - 2013-08-10 17:11 - 00000000 ___RD C:\Users\Internet\Dropbox
2014-01-19 14:38 - 2013-08-10 17:05 - 00000000 ____D C:\Users\Internet\AppData\Roaming\Dropbox
2014-01-19 14:37 - 2009-10-28 19:12 - 00000000 ____D C:\ProgramData\Adobe
2014-01-19 14:36 - 2012-08-26 22:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-19 14:36 - 2010-11-26 10:40 - 00000437 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2014-01-19 14:36 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-19 14:34 - 2013-10-05 19:47 - 00009769 _____ C:\Users\Internet\Desktop\Mappe1.xlsx
2014-01-19 14:28 - 2010-10-08 19:42 - 00000000 ____D C:\Users\Internet\AppData\Roaming\Adobe
2014-01-19 14:22 - 2014-01-19 14:22 - 00001087 _____ C:\Users\Public\Desktop\PDF24 Creator.lnk
2014-01-19 14:22 - 2014-01-19 14:22 - 00000000 ____D C:\Users\Internet\AppData\Local\PDF24
2014-01-19 14:22 - 2014-01-19 14:22 - 00000000 ____D C:\Program Files (x86)\PDF24
2014-01-19 14:14 - 2010-08-29 14:57 - 00000000 ____D C:\Program Files\Paint.NET
2014-01-19 14:00 - 2014-01-19 14:00 - 00002023 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-01-19 14:00 - 2010-09-06 13:10 - 00000000 ____D C:\Users\Damari\AppData\Local\Adobe
2014-01-19 13:59 - 2009-10-28 19:11 - 00000000 ____D C:\Program Files (x86)\Adobe
2014-01-19 13:53 - 2014-01-19 13:53 - 00001957 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk
2014-01-19 13:53 - 2014-01-19 13:53 - 00000000 ____D C:\Program Files (x86)\CDBurnerXP
2014-01-19 12:35 - 2014-01-19 12:35 - 00001155 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-01-19 12:35 - 2013-12-28 18:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-01-19 11:41 - 2014-01-19 11:29 - 00000000 ____D C:\AdwCleaner
2014-01-19 11:38 - 2012-08-26 21:44 - 00004184 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2014-01-19 11:33 - 2010-08-24 20:22 - 00000000 ___RD C:\Users\Damari\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-19 11:06 - 2014-01-18 14:50 - 00007434 _____ C:\Windows\PFRO.log
2014-01-19 11:04 - 2010-09-21 14:18 - 00000000 ____D C:\Program Files\WLAN-Netzsuche
2014-01-19 09:28 - 2014-01-19 09:28 - 00001117 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-19 09:28 - 2014-01-19 09:28 - 00000000 ____D C:\Users\Damari\AppData\Roaming\Malwarebytes
2014-01-19 09:28 - 2014-01-19 09:28 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-19 09:28 - 2014-01-19 09:28 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-18 15:42 - 2012-08-27 22:21 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-18 15:42 - 2012-08-27 22:21 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-01-18 15:42 - 2011-06-20 13:12 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-18 15:13 - 2013-12-29 23:01 - 00002047 _____ C:\Users\Public\Desktop\avast! SafeZone.lnk
2014-01-18 15:13 - 2013-12-29 23:01 - 00001987 _____ C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-01-18 14:51 - 2009-07-14 05:45 - 03485600 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-18 14:47 - 2013-07-29 20:31 - 00000000 ____D C:\Windows\system32\MRT
2014-01-18 14:39 - 2013-03-24 18:46 - 00000000 ____D C:\Program Files\Microsoft Office 15
2014-01-18 14:37 - 2010-10-16 15:56 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-18 14:26 - 2010-10-03 12:50 - 00000950 _____ C:\Windows\wininit.ini
2014-01-18 14:26 - 2010-09-13 20:15 - 00000000 ___RD C:\Users\Internet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-18 14:25 - 2013-08-10 17:11 - 00001032 _____ C:\Users\Internet\Desktop\Dropbox.lnk
2014-01-18 14:25 - 2013-08-10 17:08 - 00000000 ____D C:\Users\Internet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-01-18 14:20 - 2010-09-13 20:14 - 00000000 ____D C:\Users\Internet
2014-01-18 14:18 - 2014-01-12 16:34 - 00000000 ____D C:\Program Files (x86)\Glary Utilities 4
2014-01-18 14:18 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2014-01-18 14:18 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\AppCompat
2014-01-17 22:35 - 2014-01-17 22:35 - 00000000 ____D C:\Users\Internet\AppData\Roaming\GlarySoft
2014-01-12 17:29 - 2014-01-12 17:29 - 00000000 _____ C:\Windows\setuperr.log
2014-01-12 16:36 - 2013-03-16 14:23 - 00000000 ____D C:\Windows\Minidump
2014-01-12 16:36 - 2009-07-27 21:41 - 00000000 ____D C:\Windows\Panther
2014-01-12 16:34 - 2014-01-12 16:34 - 00002978 _____ C:\Windows\System32\Tasks\GU4SkipUAC
2014-01-12 16:34 - 2014-01-12 16:34 - 00002638 _____ C:\Windows\System32\Tasks\GlaryInitialize 4
2014-01-12 16:34 - 2014-01-12 16:34 - 00001088 _____ C:\Users\Public\Desktop\Glary Utilities 4.lnk
2014-01-12 16:34 - 2014-01-12 16:34 - 00000000 ____D C:\ProgramData\GlarySoft
2014-01-12 16:34 - 2010-09-28 17:51 - 00000000 ____D C:\Users\Damari\AppData\Roaming\GlarySoft
2014-01-12 16:34 - 2010-09-11 14:10 - 00000000 ____D C:\Program Files (x86)\Glary Utilities
2014-01-12 16:33 - 2014-01-12 16:33 - 11965000 _____ C:\Users\Damari\Downloads\gu4setup.exe
2014-01-08 12:38 - 2013-03-16 14:34 - 00439648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-01-06 09:38 - 2014-01-12 16:34 - 00117024 _____ (Glarysoft Ltd) C:\Windows\system32\BootDefrag.exe
2014-01-06 04:28 - 2014-01-12 16:34 - 00017088 _____ (Glarysoft Ltd) C:\Windows\system32\Drivers\BootDefragDriver.sys
2014-01-04 12:48 - 2011-05-29 15:16 - 00000000 ____D C:\Users\Internet\AppData\Local\Microsoft Games
2014-01-01 22:43 - 2011-11-27 21:53 - 00000000 ____D C:\ProgramData\tmp
2014-01-01 11:19 - 2011-12-14 20:41 - 00000000 ____D C:\Users\Internet\AppData\Roaming\Skype
2013-12-31 22:03 - 2011-12-14 20:41 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-12-31 22:03 - 2011-12-14 20:41 - 00000000 ____D C:\ProgramData\Skype
2013-12-30 22:02 - 2012-08-27 20:11 - 00000000 ____D C:\Users\Internet\AppData\Roaming\vlc
2013-12-29 23:01 - 2013-12-29 23:00 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2013-12-29 23:00 - 2013-12-29 23:00 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2013-12-29 23:00 - 2013-03-16 14:34 - 00207904 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-12-29 23:00 - 2011-06-20 13:27 - 01034464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-12-29 23:00 - 2011-06-20 13:27 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-12-29 23:00 - 2010-08-29 12:51 - 00422216 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-12-29 23:00 - 2010-08-29 12:51 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-12-29 23:00 - 2010-08-29 12:50 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-12-29 22:57 - 2013-12-29 22:57 - 00001639 _____ C:\Users\Internet\Documents\License.avastlic
2013-12-29 15:26 - 2013-04-06 20:00 - 00000000 ____D C:\Program Files (x86)\ElsterFormular
2013-12-29 15:25 - 2013-04-06 20:14 - 00000000 ____D C:\Users\Internet\AppData\Local\.elfohilfe
2013-12-29 15:24 - 2013-12-29 15:24 - 00000000 ____D C:\Users\Damari\AppData\Roaming\elsterformular
2013-12-29 14:59 - 2010-03-03 02:24 - 00699682 _____ C:\Windows\system32\perfh007.dat
2013-12-29 14:59 - 2010-03-03 02:24 - 00149790 _____ C:\Windows\system32\perfc007.dat
2013-12-29 14:59 - 2009-07-14 06:13 - 01620684 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-28 21:20 - 2013-11-16 10:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox.bak
2013-12-25 15:34 - 2010-11-21 22:20 - 00000000 ____D C:\Users\Internet\Documents\WIR
2013-12-24 17:57 - 2013-02-03 17:15 - 00000000 ____D C:\Users\Internet\AppData\Roaming\dvdcss

Some content of TEMP:
====================
C:\Users\Damari\AppData\Local\Temp\OfficeSetup.exe
C:\Users\Damari\AppData\Local\Temp\Quarantine.exe
C:\Users\Internet\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\Internet\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Internet\AppData\Local\Temp\uninstmgr-setup-4.6.exe
C:\Users\Internet\AppData\Local\Temp\uninstmgr-setup-5.3.exe
C:\Users\Internet\AppData\Local\Temp\vlc-2.0.5-win32.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-10 14:40

==================== End Of Log ============================
         
--- --- ---
__________________

Alt 20.01.2014, 21:34   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Spam-Mail DHL Paketankündigung mit Link zur Paketinformation - Standard

Spam-Mail DHL Paketankündigung mit Link zur Paketinformation



Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!
Downloade dir bitte Combofix vom folgenden Downloadspiegel

Link 1


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 20.01.2014, 22:31   #5
DeRiggy
 
Spam-Mail DHL Paketankündigung mit Link zur Paketinformation - Standard

Spam-Mail DHL Paketankündigung mit Link zur Paketinformation



So, habe Combofix ausgeführt. Siehe unten die erstellte Log-Datei.

Code:
ATTFilter
ComboFix 14-01-16.03 - Damari 20.01.2014  22:03:57.1.2 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.4094.2762 [GMT 1:00]
ausgeführt von:: c:\users\Damari\Desktop\ComboFix.exe
AV: avast! Internet Security *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
FW: avast! Internet Security *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
SP: avast! Internet Security *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\program files (x86)\Common Files\Acer GameZone online.ico
c:\programdata\xmlB24E.tmp
c:\programdata\xmlB2BC.tmp
c:\programdata\xmlB2BD.tmp
c:\programdata\xmlB2BE.tmp
c:\users\Internet\AppData\Roaming\.#
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-12-20 bis 2014-01-20  ))))))))))))))))))))))))))))))
.
.
2014-01-20 21:11 . 2014-01-20 21:11	--------	d-----w-	c:\users\Standardbenutzung\AppData\Local\temp
2014-01-20 21:11 . 2014-01-20 21:11	--------	d-----w-	c:\users\Internet\AppData\Local\temp
2014-01-20 21:11 . 2014-01-20 21:11	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-01-19 18:02 . 2014-01-19 18:02	--------	d-----w-	c:\users\Damari\AppData\Roaming\AVAST Software
2014-01-19 14:01 . 2014-01-19 14:01	--------	d-----w-	C:\FRST
2014-01-19 13:22 . 2014-01-19 13:22	--------	d-----w-	c:\users\Internet\AppData\Local\PDF24
2014-01-19 13:22 . 2014-01-19 13:22	--------	d-----w-	c:\program files (x86)\PDF24
2014-01-19 12:53 . 2014-01-19 12:53	--------	d-----w-	c:\program files (x86)\CDBurnerXP
2014-01-19 10:29 . 2014-01-19 10:41	--------	d-----w-	C:\AdwCleaner
2014-01-19 08:28 . 2014-01-19 08:28	--------	d-----w-	c:\users\Damari\AppData\Roaming\Malwarebytes
2014-01-19 08:28 . 2014-01-19 08:28	--------	d-----w-	c:\programdata\Malwarebytes
2014-01-18 14:13 . 2014-01-18 14:13	--------	d-s---w-	c:\windows\SysWow64\Microsoft
2014-01-18 13:48 . 2013-12-04 03:28	10315576	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{BC248E24-4233-49B3-AE6D-F24CBEAB7764}\mpengine.dll
2014-01-18 13:36 . 2013-11-27 01:41	343040	----a-w-	c:\windows\system32\drivers\usbhub.sys
2014-01-18 13:36 . 2013-11-27 01:41	99840	----a-w-	c:\windows\system32\drivers\usbccgp.sys
2014-01-18 13:36 . 2013-11-27 01:41	53248	----a-w-	c:\windows\system32\drivers\usbehci.sys
2014-01-18 13:36 . 2013-11-27 01:41	325120	----a-w-	c:\windows\system32\drivers\usbport.sys
2014-01-18 13:36 . 2013-11-27 01:41	25600	----a-w-	c:\windows\system32\drivers\usbohci.sys
2014-01-18 13:36 . 2013-11-27 01:41	30720	----a-w-	c:\windows\system32\drivers\usbuhci.sys
2014-01-18 13:36 . 2013-11-27 01:41	7808	----a-w-	c:\windows\system32\drivers\usbd.sys
2014-01-18 13:36 . 2013-11-26 11:40	376768	----a-w-	c:\windows\system32\drivers\netio.sys
2014-01-18 13:36 . 2013-11-26 10:32	3156480	----a-w-	c:\windows\system32\win32k.sys
2014-01-17 21:35 . 2014-01-17 21:35	--------	d-----w-	c:\users\Internet\AppData\Roaming\GlarySoft
2014-01-12 15:34 . 2014-01-20 20:49	--------	d-----w-	c:\programdata\GlarySoft
2013-12-29 22:00 . 2013-12-29 22:01	79672	----a-w-	c:\windows\system32\drivers\aswstm.sys
2013-12-29 22:00 . 2013-12-29 22:00	28184	----a-w-	c:\windows\system32\drivers\aswKbd.sys
2013-12-29 14:24 . 2013-12-29 14:24	--------	d-----w-	c:\users\Damari\AppData\Roaming\elsterformular
2013-12-28 16:16 . 2013-12-28 16:16	1236816	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-18 14:42 . 2012-08-27 21:21	692616	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-01-18 14:42 . 2011-06-20 12:12	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-01-18 13:37 . 2010-10-16 14:56	86054176	----a-w-	c:\windows\system32\MRT.exe
2014-01-18 13:34 . 2013-03-24 17:48	566480	----a-w-	c:\programdata\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2014-01-08 11:38 . 2013-03-16 13:34	439648	----a-w-	c:\windows\system32\drivers\aswNdisFlt.sys
2013-12-29 22:00 . 2013-03-16 13:34	207904	----a-w-	c:\windows\system32\drivers\aswVmm.sys
2013-12-29 22:00 . 2011-06-20 12:27	334136	----a-w-	c:\windows\system32\aswBoot.exe
2013-12-29 22:00 . 2011-06-20 12:27	1034464	----a-w-	c:\windows\system32\drivers\aswSnx.sys
2013-12-29 22:00 . 2010-08-29 11:51	422216	----a-w-	c:\windows\system32\drivers\aswSP.sys
2013-12-29 22:00 . 2010-08-29 11:51	78648	----a-w-	c:\windows\system32\drivers\aswMonFlt.sys
2013-12-29 22:00 . 2010-08-29 11:50	43152	----a-w-	c:\windows\avastSS.scr
2013-12-28 16:16 . 2013-02-27 14:20	893552	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2013-12-28 16:16 . 2013-02-27 14:20	42168	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2013-12-14 18:35 . 2011-12-19 20:17	893552	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2013-12-14 18:35 . 2011-12-19 20:16	42168	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2013-12-02 21:40 . 2013-03-16 13:34	65776	----a-w-	c:\windows\system32\drivers\aswRvrt.sys
2013-12-02 21:40 . 2012-08-26 20:44	92544	----a-w-	c:\windows\system32\drivers\aswRdr2.sys
2013-11-26 11:54 . 2013-12-11 22:11	23183360	----a-w-	c:\windows\system32\mshtml.dll
2013-11-26 10:19 . 2013-12-11 22:11	2724864	----a-w-	c:\windows\system32\mshtml.tlb
2013-11-26 10:18 . 2013-12-11 22:11	4096	----a-w-	c:\windows\system32\ieetwcollectorres.dll
2013-11-26 09:48 . 2013-12-11 22:11	66048	----a-w-	c:\windows\system32\iesetup.dll
2013-11-26 09:46 . 2013-12-11 22:11	48640	----a-w-	c:\windows\system32\ieetwproxystub.dll
2013-11-26 09:41 . 2013-12-11 22:10	2764288	----a-w-	c:\windows\system32\iertutil.dll
2013-11-26 09:29 . 2013-12-11 22:11	53760	----a-w-	c:\windows\system32\jsproxy.dll
2013-11-26 09:27 . 2013-12-11 22:11	33792	----a-w-	c:\windows\system32\iernonce.dll
2013-11-26 09:23 . 2013-12-11 22:11	2724864	----a-w-	c:\windows\SysWow64\mshtml.tlb
2013-11-26 09:21 . 2013-12-11 22:11	574976	----a-w-	c:\windows\system32\ieui.dll
2013-11-26 09:18 . 2013-12-11 22:11	139264	----a-w-	c:\windows\system32\ieUnatt.exe
2013-11-26 09:18 . 2013-12-11 22:11	111616	----a-w-	c:\windows\system32\ieetwcollector.exe
2013-11-26 09:16 . 2013-12-11 22:11	708608	----a-w-	c:\windows\system32\jscript9diag.dll
2013-11-26 08:57 . 2013-12-11 22:11	218624	----a-w-	c:\windows\system32\ie4uinit.exe
2013-11-26 08:35 . 2013-12-11 22:10	5769216	----a-w-	c:\windows\system32\jscript9.dll
2013-11-26 08:28 . 2013-12-11 22:11	553472	----a-w-	c:\windows\SysWow64\jscript9diag.dll
2013-11-26 08:16 . 2013-12-11 22:10	4243968	----a-w-	c:\windows\SysWow64\jscript9.dll
2013-11-26 08:02 . 2013-12-11 22:10	1995264	----a-w-	c:\windows\system32\inetcpl.cpl
2013-11-26 07:48 . 2013-12-11 22:10	12996608	----a-w-	c:\windows\system32\ieframe.dll
2013-11-26 07:32 . 2013-12-11 22:10	1928192	----a-w-	c:\windows\SysWow64\inetcpl.cpl
2013-11-26 07:07 . 2013-12-11 22:10	2334208	----a-w-	c:\windows\system32\wininet.dll
2013-11-26 06:40 . 2013-12-11 22:10	1395200	----a-w-	c:\windows\system32\urlmon.dll
2013-11-26 06:34 . 2013-12-11 22:11	817664	----a-w-	c:\windows\system32\ieapfltr.dll
2013-11-26 06:33 . 2013-12-11 22:10	1820160	----a-w-	c:\windows\SysWow64\wininet.dll
2013-11-23 18:26 . 2013-12-11 22:02	417792	----a-w-	c:\windows\SysWow64\WMPhoto.dll
2013-11-23 17:47 . 2013-12-11 22:02	465920	----a-w-	c:\windows\system32\WMPhoto.dll
2013-11-20 21:50 . 2013-11-20 21:50	194048	----a-w-	c:\windows\SysWow64\elshyph.dll
2013-11-20 21:50 . 2013-11-20 21:50	940032	----a-w-	c:\windows\system32\MsSpellCheckingFacility.exe
2013-11-20 21:50 . 2013-11-20 21:50	942592	----a-w-	c:\windows\system32\jsIntl.dll
2013-11-20 21:50 . 2013-11-20 21:50	90112	----a-w-	c:\windows\system32\SetIEInstalledDate.exe
2013-11-20 21:50 . 2013-11-20 21:50	86016	----a-w-	c:\windows\SysWow64\iesysprep.dll
2013-11-20 21:50 . 2013-11-20 21:50	86016	----a-w-	c:\windows\system32\RegisterIEPKEYs.exe
2013-11-20 21:50 . 2013-11-20 21:50	84992	----a-w-	c:\windows\system32\mshtmled.dll
2013-11-20 21:50 . 2013-11-20 21:50	83968	----a-w-	c:\windows\system32\MshtmlDac.dll
2013-11-20 21:50 . 2013-11-20 21:50	81408	----a-w-	c:\windows\system32\icardie.dll
2013-11-20 21:50 . 2013-11-20 21:50	774144	----a-w-	c:\windows\system32\jscript.dll
2013-11-20 21:50 . 2013-11-20 21:50	77312	----a-w-	c:\windows\system32\tdc.ocx
2013-11-20 21:50 . 2013-11-20 21:50	74240	----a-w-	c:\windows\SysWow64\SetIEInstalledDate.exe
2013-11-20 21:50 . 2013-11-20 21:50	71680	----a-w-	c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-11-20 21:50 . 2013-11-20 21:50	645120	----a-w-	c:\windows\SysWow64\jsIntl.dll
2013-11-20 21:50 . 2013-11-20 21:50	626176	----a-w-	c:\windows\system32\msfeeds.dll
2013-11-20 21:50 . 2013-11-20 21:50	62464	----a-w-	c:\windows\SysWow64\tdc.ocx
2013-11-20 21:50 . 2013-11-20 21:50	62464	----a-w-	c:\windows\system32\pngfilt.dll
2013-11-20 21:50 . 2013-11-20 21:50	61952	----a-w-	c:\windows\SysWow64\MshtmlDac.dll
2013-11-20 21:50 . 2013-11-20 21:50	61952	----a-w-	c:\windows\SysWow64\iesetup.dll
2013-11-20 21:50 . 2013-11-20 21:50	616104	----a-w-	c:\windows\system32\ieapfltr.dat
2013-11-20 21:50 . 2013-11-20 21:50	548352	----a-w-	c:\windows\system32\vbscript.dll
2013-11-20 21:50 . 2013-11-20 21:50	52224	----a-w-	c:\windows\system32\msfeedsbs.dll
2013-11-20 21:50 . 2013-11-20 21:50	51200	----a-w-	c:\windows\SysWow64\ieetwproxystub.dll
2013-11-20 21:50 . 2013-11-20 21:50	48640	----a-w-	c:\windows\SysWow64\mshtmler.dll
2013-11-20 21:50 . 2013-11-20 21:50	48640	----a-w-	c:\windows\system32\mshtmler.dll
2013-11-20 21:50 . 2013-11-20 21:50	48128	----a-w-	c:\windows\system32\imgutil.dll
2013-11-20 21:50 . 2013-11-20 21:50	454656	----a-w-	c:\windows\SysWow64\vbscript.dll
2013-11-20 21:50 . 2013-11-20 21:50	453120	----a-w-	c:\windows\system32\dxtmsft.dll
2013-11-20 21:50 . 2013-11-20 21:50	413696	----a-w-	c:\windows\system32\html.iec
2013-11-20 21:50 . 2013-11-20 21:50	40448	----a-w-	c:\windows\system32\JavaScriptCollectionAgent.dll
2013-11-20 21:50 . 2013-11-20 21:50	36352	----a-w-	c:\windows\SysWow64\imgutil.dll
2013-11-20 21:50 . 2013-11-20 21:50	34816	----a-w-	c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2013-11-20 21:50 . 2013-11-20 21:50	337408	----a-w-	c:\windows\SysWow64\html.iec
2013-11-20 21:50 . 2013-11-20 21:50	30208	----a-w-	c:\windows\system32\licmgr10.dll
2013-11-20 21:50 . 2013-11-20 21:50	296960	----a-w-	c:\windows\system32\dxtrans.dll
2013-11-20 21:50 . 2013-11-20 21:50	263376	----a-w-	c:\windows\system32\iedkcs32.dll
2013-11-20 21:50 . 2013-11-20 21:50	247808	----a-w-	c:\windows\system32\msls31.dll
2013-11-20 21:50 . 2013-11-20 21:50	24576	----a-w-	c:\windows\SysWow64\licmgr10.dll
2013-11-20 21:50 . 2013-11-20 21:50	243200	----a-w-	c:\windows\system32\webcheck.dll
2013-11-20 21:50 . 2013-11-20 21:50	235520	----a-w-	c:\windows\system32\url.dll
2013-11-20 21:50 . 2013-11-20 21:50	235008	----a-w-	c:\windows\system32\elshyph.dll
2013-11-20 21:50 . 2013-11-20 21:50	195584	----a-w-	c:\windows\system32\msrating.dll
2013-11-20 21:50 . 2013-11-20 21:50	182272	----a-w-	c:\windows\SysWow64\msls31.dll
2013-11-20 21:50 . 2013-11-20 21:50	167424	----a-w-	c:\windows\system32\iexpress.exe
2013-11-20 21:50 . 2013-11-20 21:50	151552	----a-w-	c:\windows\SysWow64\iexpress.exe
2013-11-20 21:50 . 2013-11-20 21:50	147968	----a-w-	c:\windows\system32\occache.dll
2013-11-20 21:50 . 2013-11-20 21:50	143872	----a-w-	c:\windows\system32\wextract.exe
2013-11-20 21:50 . 2013-11-20 21:50	139264	----a-w-	c:\windows\SysWow64\wextract.exe
2013-11-20 21:50 . 2013-11-20 21:50	13824	----a-w-	c:\windows\system32\mshta.exe
2013-11-20 21:50 . 2013-11-20 21:50	135680	----a-w-	c:\windows\system32\iepeers.dll
2013-11-20 21:50 . 2013-11-20 21:50	13312	----a-w-	c:\windows\SysWow64\mshta.exe
2013-11-20 21:50 . 2013-11-20 21:50	13312	----a-w-	c:\windows\system32\msfeedssync.exe
2013-11-20 21:50 . 2013-11-20 21:50	131072	----a-w-	c:\windows\system32\IEAdvpack.dll
2013-11-20 21:50 . 2013-11-20 21:50	1228800	----a-w-	c:\windows\system32\mshtmlmedia.dll
2013-11-20 21:50 . 2013-11-20 21:50	112128	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2013-11-20 21:50 . 2013-11-20 21:50	111616	----a-w-	c:\windows\SysWow64\IEAdvpack.dll
2013-11-20 21:50 . 2013-11-20 21:50	105984	----a-w-	c:\windows\system32\iesysprep.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-01-18 13:36	1727176	----a-w-	c:\program files\Microsoft Office 15\root\office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-01-18 13:36	1727176	----a-w-	c:\program files\Microsoft Office 15\root\office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-01-18 13:36	1727176	----a-w-	c:\program files\Microsoft Office 15\root\office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2009-09-11 05:41	120104	----a-w-	c:\program files (x86)\EgisTec\MyWinLocker 3\x86\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2009-11-01 1094736]
"ArcadeDeluxeAgent"="c:\program files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" [2009-10-06 419112]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2013-12-29 3764024]
"iWareV3"="c:\program files (x86)\MouseDriver\OfficeMouse.exe" [2009-03-27 507904]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888]
"AvastUI.exe"="c:\program files\Alwil Software\Avast5\AvastUI.exe" [2013-12-29 3764024]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-12-21 959904]
"PDFPrint"="c:\program files (x86)\PDF24\pdf24.exe" [2013-12-12 186408]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-disabled]
"PMBVolumeWatcher"=c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys;c:\program files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [x]
R3 MEMSWEEP2;MEMSWEEP2;c:\windows\system32\5A05.tmp;c:\windows\SYSNATIVE\5A05.tmp [x]
R3 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe;c:\program files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [x]
R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys;c:\windows\SYSNATIVE\drivers\aswKbd.sys [x]
S1 aswNdisFlt;Avast! Firewall Driver;c:\windows\system32\DRIVERS\aswNdisFlt.sys;c:\windows\SYSNATIVE\DRIVERS\aswNdisFlt.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDVDisk.sys [x]
S2 AdobeActiveFileMonitor11.0;Adobe Active File Monitor V11;c:\program files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe;c:\program files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 avast! Firewall;avast! Firewall;c:\program files\Alwil Software\Avast5\afwServ.exe;c:\program files\Alwil Software\Avast5\afwServ.exe [x]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [x]
S2 Greg_Service;GRegService;c:\program files (x86)\Acer\Registration\GregHSRW.exe;c:\program files (x86)\Acer\Registration\GregHSRW.exe [x]
S2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [x]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [x]
S2 OfficeSvc;Microsoft Office-Dienst;c:\program files\Microsoft Office 15\ClientX64\integratedoffice.exe;c:\program files\Microsoft Office 15\ClientX64\integratedoffice.exe [x]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [x]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
S3 CAXHWAZL;CAXHWAZL;c:\windows\system32\DRIVERS\CAXHWAZL.sys;c:\windows\SYSNATIVE\DRIVERS\CAXHWAZL.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2014-01-20 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-27 14:42]
.
2014-01-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-26 10:55]
.
2014-01-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-26 10:55]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-01-18 13:36	2331336	----a-w-	c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-01-18 13:36	2331336	----a-w-	c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-01-18 13:36	2331336	----a-w-	c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-12-29 22:00	287280	----a-w-	c:\program files\Alwil Software\Avast5\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2009-09-11 05:44	137512	----a-w-	c:\program files (x86)\EgisTec\MyWinLocker 3\x64\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-08-06 8060960]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2009-05-22 295936]
"PLFSetI"="c:\windows\PLFSetI.exe" [2009-11-20 200704]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2009-09-30 823840]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2010-07-26 2782096]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-06-16 499608]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.com
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\
FF - prefs.js: browser.search.selectedEngine - SuchMaschine
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de
FF - prefs.js: keyword.URL - hxxp://www.sm.de/?q=
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
c:\users\Internet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk - c:\users\Damari\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup
SafeBoot-mcmscsvc
SafeBoot-MCODS
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
AddRemove-Glarysoft Toolbar - c:\program files (x86)\Glarysoft Toolbar\uninstaller.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\MEMSWEEP2]
"ImagePath"="\??\c:\windows\system32\5A05.tmp"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.0_03"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.0_04"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.0_05"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_01"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_01"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_02"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_02"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_03"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_03"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_04"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_04"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_05"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_05"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_06"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_06"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_07"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_07"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_08"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_08"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_09"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_09"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_10"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_10"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_11"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_11"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_12"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_12"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_13"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_13"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_14"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_14"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_15"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_15"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_16"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_16"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_17"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_17"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_18"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_18"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_19"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_19"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_20"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_20"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_21"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_21"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_01"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_01"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_02"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_02"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_03"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_03"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_04"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_04"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_01"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_01"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_02"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_02"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_03"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_03"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_04"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_04"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_05"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_05"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_06"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_06"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_07"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_07"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_01"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_01"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_02"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_02"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_03"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_03"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_04"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_04"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_05"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_05"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_06"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_06"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_07"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_07"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_08"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_08"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_09"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_09"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_10"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_10"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_11"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_11"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_12"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_12"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_13"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_13"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_14"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_14"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_15"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_15"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_16"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_16"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_17"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_17"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_18"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_18"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_19"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_19"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_20"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_20"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_21"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_21"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_22"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_22"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_23"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_23"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_24"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_24"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_25"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_25"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_26"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_26"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_27"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_27"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_28"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_28"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_29"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_29"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_30"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_30"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_31"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_31"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0032-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_32"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0032-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_32"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0033-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_33"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0033-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_33"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_34"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_34"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0035-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_35"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0035-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_35"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0036-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_36"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0036-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_36"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0037-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_37"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0037-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_37"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0038-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_38"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0038-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_38"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0039-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_39"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0039-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_39"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0040-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_40"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0040-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_40"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0041-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_41"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0041-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_41"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0042-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_42"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0042-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_42"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0043-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_43"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0043-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_43"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0014-0002-FFFF-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_01"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_01"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_01"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_02"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_02"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_02"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_03"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_03"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_03"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_04"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_04"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_04"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_05"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_05"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_05"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_06"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_06"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_06"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_07"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_07"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_07"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_08"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_08"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_08"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_09"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_09"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_09"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_10"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_10"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_10"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_11"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_11"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_11"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_12"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_12"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_12"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_13"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_13"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_13"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_14"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_14"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_14"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_15"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_15"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_15"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_16"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_16"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_16"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_17"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_17"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_17"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_18"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_18"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_18"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_19"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_19"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_19"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_20"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_20"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_20"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_21"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_21"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_21"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_22"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_22"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_22"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_23"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_23"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_23"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_24"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_24"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_24"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_25"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_25"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_25"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_26"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_26"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_26"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_27"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_27"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_27"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_28"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_28"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_28"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_29"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_29"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_29"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_30"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_30"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_30"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_31"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_31"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_31"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_32"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_32"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_32"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_33"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_33"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_33"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_34"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_34"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_34"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_35"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_35"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_35"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_36"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_36"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_36"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_37"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_37"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_37"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_38"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_38"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_38"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_39"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_39"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_39"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_40"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_40"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_40"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_41"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_41"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_41"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0042-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_42"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0042-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_42"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0042-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_42"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0043-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_43"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0043-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_43"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0043-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_43"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0044-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_44"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0044-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_44"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0044-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_44"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0045-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_45"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0045-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_45"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0045-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_45"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0046-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_46"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0046-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_46"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0046-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_46"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0047-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_47"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0047-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_47"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0047-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_47"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0048-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_48"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0048-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_48"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0048-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_48"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0049-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_49"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0049-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_49"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0049-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_49"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0050-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_50"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0050-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_50"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0050-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_50"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0051-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_51"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0051-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_51"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0051-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_51"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0015-0000-FFFF-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_01"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_01"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_01"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_02"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_02"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_02"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_03"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_03"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_03"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_04"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_04"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_04"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_05"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_05"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_05"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_06"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_06"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_06"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_07"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_07"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_07"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_08"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_08"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_08"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_09"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_09"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_09"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_10"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_10"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_10"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_11"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_11"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_11"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_12"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_12"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_12"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_13"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_13"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_13"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_14"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_14"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_14"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_15"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_15"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_15"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_16"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_16"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_16"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_17"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_17"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_17"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_18"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_18"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_18"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_19"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_19"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_19"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_20"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_20"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_20"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_21"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_21"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_21"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_22"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_22"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_22"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_23"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_23"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_23"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_24"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_24"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_24"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_25"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_25"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_25"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_26"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_26"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_26"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_27"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_27"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_27"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_28"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_28"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_28"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_29"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_29"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_29"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_30"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_30"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_30"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_31"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_31"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_31"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_32"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_32"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_32"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_33"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_33"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_33"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_34"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_34"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_34"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_35"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_35"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_35"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_36"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_36"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_36"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_37"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_37"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_37"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_38"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_38"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_38"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_39"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_39"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_39"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_40"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_40"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_40"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_41"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_41"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_41"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_42"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_42"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_42"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_43"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_43"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_43"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0044-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_44"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0044-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_44"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0044-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_44"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_45"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_45"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_45"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0046-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_46"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0046-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_46"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0046-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_46"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0047-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_47"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0047-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_47"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0047-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_47"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0048-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_48"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0048-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_48"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0048-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_48"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0049-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_49"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0049-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_49"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0049-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_49"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0050-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_50"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0050-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_50"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0050-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_50"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0051-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_51"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0051-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_51"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0051-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_51"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0016-0000-FFFF-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_01"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_01"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_01"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_02"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_02"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_02"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_03"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_03"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_03"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_04"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_04"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_04"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_05"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_05"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_05"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_06"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_06"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_06"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_07"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_07"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_07"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_08"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_08"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_08"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_09"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_09"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_09"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_10"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_10"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_10"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_11"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_11"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_11"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_12"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_12"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_12"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_13"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_13"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_13"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_14"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_14"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_14"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_15"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_15"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_15"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_16"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_16"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_16"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_17"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_17"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_17"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0018-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_18"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0018-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_18"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0018-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_18"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0019-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_19"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0019-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_19"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0019-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_19"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0020-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_20"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0020-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_20"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0020-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_20"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_21"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_21"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_21"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0022-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_22"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0022-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_22"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0022-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_22"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0023-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_23"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0023-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_23"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0023-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_23"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0024-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_24"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0024-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_24"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0024-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_24"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_25"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_25"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_25"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{CAFEEFAC-0017-0000-FFFF-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0"
.
[HKEY_USERS\S-1-5-21-2947144883-2258469559-3983478463-1000_Classes\CLSID\{E19F9331-3110-11D4-991C-005004D3B3DB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.0_02"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-01-20  22:14:03
ComboFix-quarantined-files.txt  2014-01-20 21:14
.
Vor Suchlauf: 12 Verzeichnis(se), 144.202.170.368 Bytes frei
Nach Suchlauf: 17 Verzeichnis(se), 145.487.511.552 Bytes frei
.
- - End Of File - - 1AA5FB6C91FD9A695B9EB7B9F4BC0629
         
Freue mich über neue Anweisungen und Anmerkungen!


Alt 21.01.2014, 12:31   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Spam-Mail DHL Paketankündigung mit Link zur Paketinformation - Standard

Spam-Mail DHL Paketankündigung mit Link zur Paketinformation



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
--> Spam-Mail DHL Paketankündigung mit Link zur Paketinformation

Alt 21.01.2014, 22:38   #7
DeRiggy
 
Spam-Mail DHL Paketankündigung mit Link zur Paketinformation - Standard

Spam-Mail DHL Paketankündigung mit Link zur Paketinformation



Hallo Schrauber,

habe die genannten Programme durchgeführt. Die Log-Dateien dazu nun folgend:

Malwarebytes Anti-Malware
Code:
ATTFilter
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.01.21.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Damari :: DAMARIS-PC [Administrator]

21.01.2014 20:37:26
mbam-log-2014-01-21 (20-37-26).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 455701
Laufzeit: 1 Stunde(n), 21 Minute(n), 14 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
         
AdwCleaner
Code:
ATTFilter
# AdwCleaner v3.017 - Bericht erstellt am 21/01/2014 um 22:06:24
# Aktualisiert 12/01/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Damari - DAMARIS-PC
# Gestartet von : C:\Users\Damari\Desktop\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v26.0 (de)

[ Datei : C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\prefs.js ]


[ Datei : C:\Users\Internet\AppData\Roaming\Mozilla\Firefox\Profiles\dod4pf5r.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [7076 octets] - [19/01/2014 11:29:50]
AdwCleaner[R1].txt - [1032 octets] - [19/01/2014 11:40:03]
AdwCleaner[R2].txt - [1151 octets] - [21/01/2014 22:04:34]
AdwCleaner[S0].txt - [6808 octets] - [19/01/2014 11:33:05]
AdwCleaner[S1].txt - [1094 octets] - [19/01/2014 11:41:07]
AdwCleaner[S2].txt - [1073 octets] - [21/01/2014 22:06:24]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1133 octets] ##########
         
Junkware Removal Tool
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 7 Home Premium x64
Ran by Damari on 21.01.2014 at 22:15:47,64
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] "C:\Users\Damari\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\user pinned\startmenu\startfenster.lnk"
Successfully deleted: [File] "C:\Users\Damari\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\user pinned\taskbar\startfenster.lnk"



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\Damari\AppData\Roaming\mozilla\firefox\profiles\k2na0f3f.default\minidumps [2 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 21.01.2014 at 22:24:05,89
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
Neues FRST

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-01-2014 01
Ran by Damari (administrator) on DAMARIS-PC on 21-01-2014 22:30:19
Running from C:\Users\Damari\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\afwServ.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
() C:\Windows\PLFSetI.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Hidfind.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
() C:\Program Files (x86)\MouseDriver\OfficeMouse.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8060960 2009-08-06] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] - C:\Program Files\Apoint2K\Apoint.exe [295936 2009-05-22] (Alps Electric Co., Ltd.)
HKLM\...\Run: [PLFSetI] - C:\Windows\PLFSetI.exe [200704 2009-11-20] ()
HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [823840 2009-09-30] (Acer Incorporated)
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2782096 2010-07-26] (CANON INC.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-06-16] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1094736 2009-11-02] (Dritek System Inc.)
HKLM-x32\...\Run: [ArcadeDeluxeAgent] - C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [419112 2009-10-06] (CyberLink Corp.)
HKLM-x32\...\Run: [avast5] - C:\Program Files\Alwil Software\Avast5\avastUI.exe [3764024 2013-12-29] (AVAST Software)
HKLM-x32\...\Run: [iWareV3] - C:\Program Files (x86)\MouseDriver\OfficeMouse.exe [507904 2009-03-27] ()
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\Alwil Software\Avast5\AvastUI.exe [3764024 2013-12-29] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PDFPrint] - C:\Program Files (x86)\PDF24\pdf24.exe [186408 2013-12-12] (Geek Software GmbH)
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-08] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-08] ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,CustomizeSearch = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {6D466CFD-27C3-485C-807E-1AF633D3A4D1} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKLM - {6D466CFD-27C3-485C-807E-1AF633D3A4D1} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKLM-x32 - {c1d89ae7-449d-4929-b24b-fded04adbe06} URL = hxxp://isearch.glarysoft.com/?q={searchTerms}&src=iesearch
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_de
SearchScopes: HKCU - {6D466CFD-27C3-485C-807E-1AF633D3A4D1} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKCU - {c1d89ae7-449d-4929-b24b-fded04adbe06} URL = hxxp://isearch.glarysoft.com/?q={searchTerms}&src=iesearch
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default
FF DefaultSearchEngine: SuchMaschine
FF SearchEngineOrder.1: SuchMaschine
FF SelectedSearchEngine: SuchMaschine
FF Homepage: hxxp://www.google.de
FF Keyword.URL: hxxp://www.sm.de/?q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll No File
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.17.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\searchplugins\search_engine.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\glarysearch.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\McSiteAdvisor.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Fast Dial - C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\Extensions\fastdial@telega.phpnet.us [2014-01-20]
FF Extension: Stop Autoplay - C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\Extensions\{2e61e246-e640-4c56-b1ed-f146dbed48cd} [2010-10-12]
FF Extension: Flashblock - C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2014-01-20]
FF Extension: BetterPrivacy - C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3} [2010-10-12]
FF Extension: gui:config - C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\Extensions\guiconfig@slosd.net.xpi [2011-06-20]
FF Extension: Locationbar² - C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\Extensions\locationbar2@design-noir.de.xpi [2011-06-20]
FF Extension: OptimizeGoogle - C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\Extensions\optimizegoogle@optimizegoogle.com.xpi [2011-06-20]
FF Extension: FlashGot - C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2011-06-20]
FF Extension: NoScript - C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2011-06-20]
FF Extension: Adblock Plus - C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-06-20]
FF Extension: Download Statusbar - C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi [2011-06-20]
FF Extension: DownThemAll! - C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2011-06-20]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-28]
FF HKLM-x32\...\Firefox\Extensions: [{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}] - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\
FF Extension: Firefox Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ []
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011-06-20]
FF HKLM-x32\...\Thunderbird\Extensions: [{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}] - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\
FF Extension: Thunderbird Address Book Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ []

==================== Services (Whitelisted) =================

R2 AdobeActiveFileMonitor11.0; C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [171600 2012-09-23] (Adobe Systems Incorporated)
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [50344 2013-12-29] (AVAST Software)
R2 avast! Firewall; C:\Program Files\Alwil Software\Avast5\afwServ.exe [113704 2013-12-29] (AVAST Software)
S3 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [305448 2009-09-11] (Egis Technology Inc.)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-11-02] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2013-12-29] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2013-12-29] (AVAST Software)
R1 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [439648 2014-01-08] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-12-02] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-12-02] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1034464 2013-12-29] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [422216 2013-12-29] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [79672 2013-12-29] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2013-12-29] ()
S3 MEMSWEEP2; C:\Windows\system32\5A05.tmp [6144 2010-05-26] (Sophos Plc)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-08-10] (Corel Corporation)
S3 RSUSBSTOR; C:\Windows\SysWOW64\Drivers\RtsUStor.sys [225280 2009-09-02] (Realtek Semiconductor Corp.)
S3 StarOpen; No ImagePath
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 Lavasoft Kernexplorer; \??\C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-21 22:30 - 2014-01-21 22:30 - 00018918 _____ C:\Users\Damari\Desktop\FRST.txt
2014-01-21 22:24 - 2014-01-21 22:24 - 00001046 _____ C:\Users\Damari\Desktop\JRT.txt
2014-01-21 22:15 - 2014-01-21 22:15 - 00000000 ____D C:\Windows\ERUNT
2014-01-21 22:12 - 2014-01-21 22:12 - 01037068 _____ (Thisisu) C:\Users\Damari\Desktop\JRT.exe
2014-01-21 22:02 - 2014-01-21 22:02 - 01236282 _____ C:\Users\Damari\Desktop\adwcleaner.exe
2014-01-21 20:34 - 2014-01-21 20:34 - 00001117 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-21 20:34 - 2014-01-21 20:34 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-21 20:34 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-21 20:33 - 2014-01-21 20:33 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Damari\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-20 22:21 - 2014-01-20 22:14 - 00119585 _____ C:\Users\Internet\Documents\ComboFix.txt
2014-01-20 22:14 - 2014-01-20 22:14 - 00119585 _____ C:\ComboFix.txt
2014-01-20 22:01 - 2014-01-20 22:14 - 00000000 ____D C:\Qoobox
2014-01-20 22:01 - 2014-01-20 22:12 - 00000000 ____D C:\Windows\erdnt
2014-01-20 22:01 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2014-01-20 22:01 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2014-01-20 22:01 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-01-20 22:01 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-01-20 22:01 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-01-20 22:01 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2014-01-20 22:01 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2014-01-20 22:01 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2014-01-19 19:02 - 2014-01-19 19:02 - 00000000 ____D C:\Users\Damari\AppData\Roaming\AVAST Software
2014-01-19 15:38 - 2014-01-19 15:38 - 00012862 _____ C:\Users\Internet\Documents\gmer.log
2014-01-19 15:25 - 2014-01-19 15:25 - 00379904 _____ C:\Users\Internet\Documents\wp5megvq.exe
2014-01-19 15:04 - 2014-01-19 19:04 - 00034336 _____ C:\Users\Internet\Documents\Addition.txt
2014-01-19 15:03 - 2014-01-19 19:04 - 00036739 _____ C:\Users\Internet\Documents\FRST.txt
2014-01-19 15:02 - 2014-01-19 15:02 - 02076672 _____ (Farbar) C:\Users\Damari\Desktop\FRST64.exe
2014-01-19 15:01 - 2014-01-19 15:01 - 00000000 ____D C:\FRST
2014-01-19 14:57 - 2014-01-19 14:57 - 00000474 _____ C:\Users\Internet\Documents\defogger_disable.log
2014-01-19 14:57 - 2014-01-19 14:57 - 00000000 _____ C:\Users\Damari\defogger_reenable
2014-01-19 14:51 - 2014-01-19 14:51 - 00050477 _____ C:\Users\Internet\Documents\Defogger.exe
2014-01-19 14:22 - 2014-01-19 14:22 - 00001087 _____ C:\Users\Public\Desktop\PDF24 Creator.lnk
2014-01-19 14:22 - 2014-01-19 14:22 - 00000000 ____D C:\Users\Internet\AppData\Local\PDF24
2014-01-19 14:22 - 2014-01-19 14:22 - 00000000 ____D C:\Program Files (x86)\PDF24
2014-01-19 14:00 - 2014-01-19 14:00 - 00002023 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-01-19 13:53 - 2014-01-19 13:53 - 00001957 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk
2014-01-19 13:53 - 2014-01-19 13:53 - 00000000 ____D C:\Program Files (x86)\CDBurnerXP
2014-01-19 12:35 - 2014-01-19 12:35 - 00001155 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-01-19 11:29 - 2014-01-21 22:06 - 00000000 ____D C:\AdwCleaner
2014-01-19 09:28 - 2014-01-19 09:28 - 00000000 ____D C:\Users\Damari\AppData\Roaming\Malwarebytes
2014-01-19 09:28 - 2014-01-19 09:28 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-18 14:50 - 2014-01-20 22:25 - 00007986 _____ C:\Windows\PFRO.log
2014-01-18 14:36 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-18 14:36 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-18 14:36 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-18 14:36 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-18 14:36 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-18 14:36 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-18 14:36 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-18 14:36 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-18 14:36 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-17 22:35 - 2014-01-17 22:35 - 00000000 ____D C:\Users\Internet\AppData\Roaming\GlarySoft
2014-01-12 17:29 - 2014-01-21 22:07 - 00002800 _____ C:\Windows\setupact.log
2014-01-12 17:29 - 2014-01-12 17:29 - 00000000 _____ C:\Windows\setuperr.log
2014-01-12 16:34 - 2014-01-20 21:49 - 00000000 ____D C:\ProgramData\GlarySoft
2014-01-12 16:33 - 2014-01-12 16:33 - 11965000 _____ C:\Users\Damari\Downloads\gu4setup.exe
2013-12-29 23:01 - 2014-01-18 15:13 - 00002047 _____ C:\Users\Public\Desktop\avast! SafeZone.lnk
2013-12-29 23:01 - 2014-01-18 15:13 - 00001987 _____ C:\Users\Public\Desktop\avast! Internet Security.lnk
2013-12-29 23:00 - 2013-12-29 23:01 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2013-12-29 23:00 - 2013-12-29 23:00 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2013-12-29 22:57 - 2013-12-29 22:57 - 00001639 _____ C:\Users\Internet\Documents\License.avastlic
2013-12-29 15:24 - 2013-12-29 15:24 - 00000000 ____D C:\Users\Damari\AppData\Roaming\elsterformular
2013-12-28 18:34 - 2014-01-19 12:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified Files and Folders =======

2014-01-21 22:30 - 2014-01-21 22:30 - 00018918 _____ C:\Users\Damari\Desktop\FRST.txt
2014-01-21 22:26 - 2010-11-26 11:56 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-21 22:24 - 2014-01-21 22:24 - 00001046 _____ C:\Users\Damari\Desktop\JRT.txt
2014-01-21 22:19 - 2012-08-27 22:21 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-21 22:16 - 2009-07-14 05:45 - 00022896 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-21 22:16 - 2009-07-14 05:45 - 00022896 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-21 22:15 - 2014-01-21 22:15 - 00000000 ____D C:\Windows\ERUNT
2014-01-21 22:12 - 2014-01-21 22:12 - 01037068 _____ (Thisisu) C:\Users\Damari\Desktop\JRT.exe
2014-01-21 22:08 - 2010-11-26 11:56 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-21 22:08 - 2010-11-26 10:40 - 00000437 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2014-01-21 22:07 - 2014-01-12 17:29 - 00002800 _____ C:\Windows\setupact.log
2014-01-21 22:07 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-21 22:06 - 2014-01-19 11:29 - 00000000 ____D C:\AdwCleaner
2014-01-21 22:06 - 2010-03-02 17:32 - 01779891 _____ C:\Windows\WindowsUpdate.log
2014-01-21 22:02 - 2014-01-21 22:02 - 01236282 _____ C:\Users\Damari\Desktop\adwcleaner.exe
2014-01-21 20:34 - 2014-01-21 20:34 - 00001117 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-21 20:34 - 2014-01-21 20:34 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-21 20:33 - 2014-01-21 20:33 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Damari\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-21 20:23 - 2012-08-26 21:44 - 00004184 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2014-01-20 22:25 - 2014-01-18 14:50 - 00007986 _____ C:\Windows\PFRO.log
2014-01-20 22:14 - 2014-01-20 22:21 - 00119585 _____ C:\Users\Internet\Documents\ComboFix.txt
2014-01-20 22:14 - 2014-01-20 22:14 - 00119585 _____ C:\ComboFix.txt
2014-01-20 22:14 - 2014-01-20 22:01 - 00000000 ____D C:\Qoobox
2014-01-20 22:14 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Default
2014-01-20 22:12 - 2014-01-20 22:01 - 00000000 ____D C:\Windows\erdnt
2014-01-20 22:12 - 2010-09-13 20:15 - 00000000 ___RD C:\Users\Internet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-20 22:11 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2014-01-20 21:49 - 2014-01-12 16:34 - 00000000 ____D C:\ProgramData\GlarySoft
2014-01-20 21:49 - 2010-10-12 17:52 - 00000000 ____D C:\Users\Damari\AppData\Local\Mozilla
2014-01-20 21:49 - 2010-09-28 17:51 - 00000000 ____D C:\Users\Damari\AppData\Roaming\GlarySoft
2014-01-20 18:32 - 2013-08-10 17:05 - 00000000 ____D C:\Users\Internet\AppData\Roaming\Dropbox
2014-01-20 18:31 - 2013-08-10 17:11 - 00000000 ___RD C:\Users\Internet\Dropbox
2014-01-20 18:28 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2014-01-19 19:04 - 2014-01-19 15:04 - 00034336 _____ C:\Users\Internet\Documents\Addition.txt
2014-01-19 19:04 - 2014-01-19 15:03 - 00036739 _____ C:\Users\Internet\Documents\FRST.txt
2014-01-19 19:02 - 2014-01-19 19:02 - 00000000 ____D C:\Users\Damari\AppData\Roaming\AVAST Software
2014-01-19 19:02 - 2012-08-27 20:42 - 00001429 _____ C:\Users\Damari\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-19 19:02 - 2010-08-24 20:21 - 00120000 _____ C:\Users\Damari\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-19 15:38 - 2014-01-19 15:38 - 00012862 _____ C:\Users\Internet\Documents\gmer.log
2014-01-19 15:25 - 2014-01-19 15:25 - 00379904 _____ C:\Users\Internet\Documents\wp5megvq.exe
2014-01-19 15:02 - 2014-01-19 15:02 - 02076672 _____ (Farbar) C:\Users\Damari\Desktop\FRST64.exe
2014-01-19 15:01 - 2014-01-19 15:01 - 00000000 ____D C:\FRST
2014-01-19 14:57 - 2014-01-19 14:57 - 00000474 _____ C:\Users\Internet\Documents\defogger_disable.log
2014-01-19 14:57 - 2014-01-19 14:57 - 00000000 _____ C:\Users\Damari\defogger_reenable
2014-01-19 14:57 - 2010-08-24 20:21 - 00000000 ____D C:\Users\Damari
2014-01-19 14:51 - 2014-01-19 14:51 - 00050477 _____ C:\Users\Internet\Documents\Defogger.exe
2014-01-19 14:37 - 2009-10-28 19:12 - 00000000 ____D C:\ProgramData\Adobe
2014-01-19 14:36 - 2012-08-26 22:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-19 14:34 - 2013-10-05 19:47 - 00009769 _____ C:\Users\Internet\Desktop\Mappe1.xlsx
2014-01-19 14:28 - 2010-10-08 19:42 - 00000000 ____D C:\Users\Internet\AppData\Roaming\Adobe
2014-01-19 14:22 - 2014-01-19 14:22 - 00001087 _____ C:\Users\Public\Desktop\PDF24 Creator.lnk
2014-01-19 14:22 - 2014-01-19 14:22 - 00000000 ____D C:\Users\Internet\AppData\Local\PDF24
2014-01-19 14:22 - 2014-01-19 14:22 - 00000000 ____D C:\Program Files (x86)\PDF24
2014-01-19 14:14 - 2010-08-29 14:57 - 00000000 ____D C:\Program Files\Paint.NET
2014-01-19 14:00 - 2014-01-19 14:00 - 00002023 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-01-19 14:00 - 2010-09-06 13:10 - 00000000 ____D C:\Users\Damari\AppData\Local\Adobe
2014-01-19 13:59 - 2009-10-28 19:11 - 00000000 ____D C:\Program Files (x86)\Adobe
2014-01-19 13:53 - 2014-01-19 13:53 - 00001957 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk
2014-01-19 13:53 - 2014-01-19 13:53 - 00000000 ____D C:\Program Files (x86)\CDBurnerXP
2014-01-19 12:35 - 2014-01-19 12:35 - 00001155 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-01-19 12:35 - 2013-12-28 18:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-01-19 11:33 - 2010-08-24 20:22 - 00000000 ___RD C:\Users\Damari\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-19 11:04 - 2010-09-21 14:18 - 00000000 ____D C:\Program Files\WLAN-Netzsuche
2014-01-19 09:28 - 2014-01-19 09:28 - 00000000 ____D C:\Users\Damari\AppData\Roaming\Malwarebytes
2014-01-19 09:28 - 2014-01-19 09:28 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-18 15:42 - 2012-08-27 22:21 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-18 15:42 - 2012-08-27 22:21 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-01-18 15:42 - 2011-06-20 13:12 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-18 15:13 - 2013-12-29 23:01 - 00002047 _____ C:\Users\Public\Desktop\avast! SafeZone.lnk
2014-01-18 15:13 - 2013-12-29 23:01 - 00001987 _____ C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-01-18 14:51 - 2009-07-14 05:45 - 03485600 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-18 14:47 - 2013-07-29 20:31 - 00000000 ____D C:\Windows\system32\MRT
2014-01-18 14:39 - 2013-03-24 18:46 - 00000000 ____D C:\Program Files\Microsoft Office 15
2014-01-18 14:37 - 2010-10-16 15:56 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-18 14:26 - 2010-10-03 12:50 - 00000950 _____ C:\Windows\wininit.ini
2014-01-18 14:25 - 2013-08-10 17:11 - 00001032 _____ C:\Users\Internet\Desktop\Dropbox.lnk
2014-01-18 14:25 - 2013-08-10 17:08 - 00000000 ____D C:\Users\Internet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-01-18 14:20 - 2010-09-13 20:14 - 00000000 ____D C:\Users\Internet
2014-01-18 14:18 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2014-01-18 14:18 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\AppCompat
2014-01-17 22:35 - 2014-01-17 22:35 - 00000000 ____D C:\Users\Internet\AppData\Roaming\GlarySoft
2014-01-12 17:29 - 2014-01-12 17:29 - 00000000 _____ C:\Windows\setuperr.log
2014-01-12 16:36 - 2013-03-16 14:23 - 00000000 ____D C:\Windows\Minidump
2014-01-12 16:36 - 2009-07-27 21:41 - 00000000 ____D C:\Windows\Panther
2014-01-12 16:34 - 2010-09-11 14:10 - 00000000 ____D C:\Program Files (x86)\Glary Utilities
2014-01-12 16:33 - 2014-01-12 16:33 - 11965000 _____ C:\Users\Damari\Downloads\gu4setup.exe
2014-01-08 12:38 - 2013-03-16 14:34 - 00439648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-01-04 12:48 - 2011-05-29 15:16 - 00000000 ____D C:\Users\Internet\AppData\Local\Microsoft Games
2014-01-01 22:43 - 2011-11-27 21:53 - 00000000 ____D C:\ProgramData\tmp
2014-01-01 11:19 - 2011-12-14 20:41 - 00000000 ____D C:\Users\Internet\AppData\Roaming\Skype
2013-12-31 22:03 - 2011-12-14 20:41 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-12-31 22:03 - 2011-12-14 20:41 - 00000000 ____D C:\ProgramData\Skype
2013-12-30 22:02 - 2012-08-27 20:11 - 00000000 ____D C:\Users\Internet\AppData\Roaming\vlc
2013-12-29 23:01 - 2013-12-29 23:00 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2013-12-29 23:00 - 2013-12-29 23:00 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2013-12-29 23:00 - 2013-03-16 14:34 - 00207904 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-12-29 23:00 - 2011-06-20 13:27 - 01034464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-12-29 23:00 - 2011-06-20 13:27 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-12-29 23:00 - 2010-08-29 12:51 - 00422216 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-12-29 23:00 - 2010-08-29 12:51 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-12-29 23:00 - 2010-08-29 12:50 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-12-29 22:57 - 2013-12-29 22:57 - 00001639 _____ C:\Users\Internet\Documents\License.avastlic
2013-12-29 15:26 - 2013-04-06 20:00 - 00000000 ____D C:\Program Files (x86)\ElsterFormular
2013-12-29 15:25 - 2013-04-06 20:14 - 00000000 ____D C:\Users\Internet\AppData\Local\.elfohilfe
2013-12-29 15:24 - 2013-12-29 15:24 - 00000000 ____D C:\Users\Damari\AppData\Roaming\elsterformular
2013-12-29 14:59 - 2010-03-03 02:24 - 00699682 _____ C:\Windows\system32\perfh007.dat
2013-12-29 14:59 - 2010-03-03 02:24 - 00149790 _____ C:\Windows\system32\perfc007.dat
2013-12-29 14:59 - 2009-07-14 06:13 - 01620684 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-28 21:20 - 2013-11-16 10:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox.bak
2013-12-25 15:34 - 2010-11-21 22:20 - 00000000 ____D C:\Users\Internet\Documents\WIR
2013-12-24 17:57 - 2013-02-03 17:15 - 00000000 ____D C:\Users\Internet\AppData\Roaming\dvdcss

Some content of TEMP:
====================
C:\Users\Damari\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-10 14:40

==================== End Of Log ============================
         
--- --- ---


Gruß,
Rick

Alt 22.01.2014, 15:27   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Spam-Mail DHL Paketankündigung mit Link zur Paketinformation - Standard

Spam-Mail DHL Paketankündigung mit Link zur Paketinformation




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 22.01.2014, 22:33   #9
DeRiggy
 
Spam-Mail DHL Paketankündigung mit Link zur Paketinformation - Standard

Spam-Mail DHL Paketankündigung mit Link zur Paketinformation



Hallo Schrauber!

So, habe jetzt alle Tools durchlaufen lassen. Folgend sind wieder die Log-Dateien aufgeführt.

ESET Online Scanner
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=f4609e2c2f145740a02e798237db14e9
# engine=16754
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-01-22 09:04:11
# local_time=2014-01-22 10:04:11 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=770 16774141 100 80 305081 2073819 0 0
# compatibility_mode=5893 16776574 100 94 134844 142054501 0 0
# scanned=214204
# found=0
# cleaned=0
# scan_time=8576
         
Security Check
Code:
ATTFilter
 Results of screen317's Security Check version 0.99.79  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
avast! Internet Security   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Malwarebytes Anti-Malware Version 1.75.0.1300  
 Adobe Flash Player 10 Flash Player out of Date! 
  Adobe Flash Player 12.0.0.43 Flash Player out of Date!  
 Adobe Reader XI  
 Mozilla Firefox (26.0) 
 Mozilla Thunderbird (17.0.6) 
````````Process Check: objlist.exe by Laurent````````  
 Alwil Software Avast5 AvastSvc.exe  
 Alwil Software Avast5 afwServ.exe  
 Alwil Software Avast5 AvastUI.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
         
FRST

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-01-2014 02
Ran by Damari (administrator) on DAMARIS-PC on 22-01-2014 22:18:40
Running from C:\Users\Damari\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\afwServ.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
() C:\Windows\PLFSetI.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Hidfind.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
() C:\Program Files (x86)\MouseDriver\OfficeMouse.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8060960 2009-08-06] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] - C:\Program Files\Apoint2K\Apoint.exe [295936 2009-05-22] (Alps Electric Co., Ltd.)
HKLM\...\Run: [PLFSetI] - C:\Windows\PLFSetI.exe [200704 2009-11-20] ()
HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [823840 2009-09-30] (Acer Incorporated)
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2782096 2010-07-26] (CANON INC.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-06-16] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1094736 2009-11-02] (Dritek System Inc.)
HKLM-x32\...\Run: [ArcadeDeluxeAgent] - C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [419112 2009-10-06] (CyberLink Corp.)
HKLM-x32\...\Run: [avast5] - C:\Program Files\Alwil Software\Avast5\avastUI.exe [3764024 2013-12-29] (AVAST Software)
HKLM-x32\...\Run: [iWareV3] - C:\Program Files (x86)\MouseDriver\OfficeMouse.exe [507904 2009-03-27] ()
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\Alwil Software\Avast5\AvastUI.exe [3764024 2013-12-29] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PDFPrint] - C:\Program Files (x86)\PDF24\pdf24.exe [186408 2013-12-12] (Geek Software GmbH)
HKLM-x32\...\RunOnce: [20131224] - C:\Program Files\Alwil Software\Avast5\setup\emupdate\9b9bdc61-d3cd-4450-8d41-880c52213a21.exe /check [181136 2014-01-22] (AVAST Software)
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-08] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-08] ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,CustomizeSearch = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {6D466CFD-27C3-485C-807E-1AF633D3A4D1} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKLM - {6D466CFD-27C3-485C-807E-1AF633D3A4D1} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKLM-x32 - {c1d89ae7-449d-4929-b24b-fded04adbe06} URL = hxxp://isearch.glarysoft.com/?q={searchTerms}&src=iesearch
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_de
SearchScopes: HKCU - {6D466CFD-27C3-485C-807E-1AF633D3A4D1} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKCU - {c1d89ae7-449d-4929-b24b-fded04adbe06} URL = hxxp://isearch.glarysoft.com/?q={searchTerms}&src=iesearch
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default
FF DefaultSearchEngine: SuchMaschine
FF SearchEngineOrder.1: SuchMaschine
FF SelectedSearchEngine: SuchMaschine
FF Homepage: hxxp://www.google.de
FF Keyword.URL: hxxp://www.sm.de/?q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll No File
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.17.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\searchplugins\search_engine.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\glarysearch.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\McSiteAdvisor.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Fast Dial - C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\Extensions\fastdial@telega.phpnet.us [2014-01-20]
FF Extension: Stop Autoplay - C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\Extensions\{2e61e246-e640-4c56-b1ed-f146dbed48cd} [2010-10-12]
FF Extension: Flashblock - C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2014-01-20]
FF Extension: BetterPrivacy - C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3} [2010-10-12]
FF Extension: gui:config - C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\Extensions\guiconfig@slosd.net.xpi [2011-06-20]
FF Extension: Locationbar² - C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\Extensions\locationbar2@design-noir.de.xpi [2011-06-20]
FF Extension: OptimizeGoogle - C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\Extensions\optimizegoogle@optimizegoogle.com.xpi [2011-06-20]
FF Extension: FlashGot - C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2011-06-20]
FF Extension: NoScript - C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2011-06-20]
FF Extension: Adblock Plus - C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-06-20]
FF Extension: Download Statusbar - C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi [2011-06-20]
FF Extension: DownThemAll! - C:\Users\Damari\AppData\Roaming\Mozilla\Firefox\Profiles\k2na0f3f.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2011-06-20]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-28]
FF HKLM-x32\...\Firefox\Extensions: [{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}] - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\
FF Extension: Firefox Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ []
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011-06-20]
FF HKLM-x32\...\Thunderbird\Extensions: [{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}] - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\
FF Extension: Thunderbird Address Book Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ []

==================== Services (Whitelisted) =================

R2 AdobeActiveFileMonitor11.0; C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [171600 2012-09-23] (Adobe Systems Incorporated)
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [50344 2013-12-29] (AVAST Software)
R2 avast! Firewall; C:\Program Files\Alwil Software\Avast5\afwServ.exe [113704 2013-12-29] (AVAST Software)
S3 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [305448 2009-09-11] (Egis Technology Inc.)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-11-02] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2013-12-29] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2013-12-29] (AVAST Software)
R1 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [439648 2014-01-08] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-12-02] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-12-02] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1034464 2013-12-29] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [422216 2013-12-29] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [79672 2013-12-29] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2013-12-29] ()
S3 MEMSWEEP2; C:\Windows\system32\5A05.tmp [6144 2010-05-26] (Sophos Plc)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-08-10] (Corel Corporation)
S3 RSUSBSTOR; C:\Windows\SysWOW64\Drivers\RtsUStor.sys [225280 2009-09-02] (Realtek Semiconductor Corp.)
S3 StarOpen; No ImagePath
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 Lavasoft Kernexplorer; \??\C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-22 22:18 - 2014-01-22 22:18 - 00000000 ____D C:\Users\Damari\Desktop\FRST-OlderVersion
2014-01-22 19:32 - 2014-01-22 19:32 - 00987425 _____ C:\Users\Damari\Desktop\SecurityCheck.exe
2014-01-22 19:31 - 2014-01-22 19:31 - 02347384 _____ (ESET) C:\Users\Damari\Desktop\esetsmartinstaller_enu.exe
2014-01-21 22:30 - 2014-01-22 22:18 - 00019098 _____ C:\Users\Damari\Desktop\FRST.txt
2014-01-21 22:24 - 2014-01-21 22:24 - 00001046 _____ C:\Users\Damari\Desktop\JRT.txt
2014-01-21 22:15 - 2014-01-21 22:15 - 00000000 ____D C:\Windows\ERUNT
2014-01-21 22:12 - 2014-01-21 22:12 - 01037068 _____ (Thisisu) C:\Users\Damari\Desktop\JRT.exe
2014-01-21 22:02 - 2014-01-21 22:02 - 01236282 _____ C:\Users\Damari\Desktop\adwcleaner.exe
2014-01-21 20:34 - 2014-01-21 20:34 - 00001117 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-21 20:34 - 2014-01-21 20:34 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-21 20:34 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-21 20:33 - 2014-01-21 20:33 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Damari\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-20 22:21 - 2014-01-20 22:14 - 00119585 _____ C:\Users\Internet\Documents\ComboFix.txt
2014-01-20 22:14 - 2014-01-20 22:14 - 00119585 _____ C:\ComboFix.txt
2014-01-20 22:01 - 2014-01-20 22:14 - 00000000 ____D C:\Qoobox
2014-01-20 22:01 - 2014-01-20 22:12 - 00000000 ____D C:\Windows\erdnt
2014-01-20 22:01 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2014-01-20 22:01 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2014-01-20 22:01 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-01-20 22:01 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-01-20 22:01 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-01-20 22:01 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2014-01-20 22:01 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2014-01-20 22:01 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2014-01-19 19:02 - 2014-01-19 19:02 - 00000000 ____D C:\Users\Damari\AppData\Roaming\AVAST Software
2014-01-19 15:38 - 2014-01-19 15:38 - 00012862 _____ C:\Users\Internet\Documents\gmer.log
2014-01-19 15:25 - 2014-01-19 15:25 - 00379904 _____ C:\Users\Internet\Documents\wp5megvq.exe
2014-01-19 15:04 - 2014-01-19 19:04 - 00034336 _____ C:\Users\Internet\Documents\Addition.txt
2014-01-19 15:03 - 2014-01-19 19:04 - 00036739 _____ C:\Users\Internet\Documents\FRST.txt
2014-01-19 15:02 - 2014-01-22 22:18 - 02077696 _____ (Farbar) C:\Users\Damari\Desktop\FRST64.exe
2014-01-19 15:01 - 2014-01-22 22:18 - 00000000 ____D C:\FRST
2014-01-19 14:57 - 2014-01-19 14:57 - 00000474 _____ C:\Users\Internet\Documents\defogger_disable.log
2014-01-19 14:57 - 2014-01-19 14:57 - 00000000 _____ C:\Users\Damari\defogger_reenable
2014-01-19 14:51 - 2014-01-19 14:51 - 00050477 _____ C:\Users\Internet\Documents\Defogger.exe
2014-01-19 14:22 - 2014-01-19 14:22 - 00001087 _____ C:\Users\Public\Desktop\PDF24 Creator.lnk
2014-01-19 14:22 - 2014-01-19 14:22 - 00000000 ____D C:\Users\Internet\AppData\Local\PDF24
2014-01-19 14:22 - 2014-01-19 14:22 - 00000000 ____D C:\Program Files (x86)\PDF24
2014-01-19 14:00 - 2014-01-19 14:00 - 00002023 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-01-19 13:53 - 2014-01-19 13:53 - 00001957 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk
2014-01-19 13:53 - 2014-01-19 13:53 - 00000000 ____D C:\Program Files (x86)\CDBurnerXP
2014-01-19 12:35 - 2014-01-19 12:35 - 00001155 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-01-19 11:29 - 2014-01-21 22:06 - 00000000 ____D C:\AdwCleaner
2014-01-19 09:28 - 2014-01-19 09:28 - 00000000 ____D C:\Users\Damari\AppData\Roaming\Malwarebytes
2014-01-19 09:28 - 2014-01-19 09:28 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-18 14:50 - 2014-01-20 22:25 - 00007986 _____ C:\Windows\PFRO.log
2014-01-18 14:36 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-18 14:36 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-18 14:36 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-18 14:36 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-18 14:36 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-18 14:36 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-18 14:36 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-18 14:36 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-18 14:36 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-17 22:35 - 2014-01-17 22:35 - 00000000 ____D C:\Users\Internet\AppData\Roaming\GlarySoft
2014-01-12 17:29 - 2014-01-22 19:30 - 00003416 _____ C:\Windows\setupact.log
2014-01-12 17:29 - 2014-01-12 17:29 - 00000000 _____ C:\Windows\setuperr.log
2014-01-12 16:34 - 2014-01-20 21:49 - 00000000 ____D C:\ProgramData\GlarySoft
2014-01-12 16:33 - 2014-01-12 16:33 - 11965000 _____ C:\Users\Damari\Downloads\gu4setup.exe
2013-12-29 23:01 - 2014-01-18 15:13 - 00002047 _____ C:\Users\Public\Desktop\avast! SafeZone.lnk
2013-12-29 23:01 - 2014-01-18 15:13 - 00001987 _____ C:\Users\Public\Desktop\avast! Internet Security.lnk
2013-12-29 23:00 - 2013-12-29 23:01 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2013-12-29 23:00 - 2013-12-29 23:00 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2013-12-29 22:57 - 2013-12-29 22:57 - 00001639 _____ C:\Users\Internet\Documents\License.avastlic
2013-12-29 15:24 - 2013-12-29 15:24 - 00000000 ____D C:\Users\Damari\AppData\Roaming\elsterformular
2013-12-28 18:34 - 2014-01-19 12:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified Files and Folders =======

2014-01-22 22:19 - 2014-01-21 22:30 - 00019098 _____ C:\Users\Damari\Desktop\FRST.txt
2014-01-22 22:19 - 2012-08-27 22:21 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-22 22:18 - 2014-01-22 22:18 - 00000000 ____D C:\Users\Damari\Desktop\FRST-OlderVersion
2014-01-22 22:18 - 2014-01-19 15:02 - 02077696 _____ (Farbar) C:\Users\Damari\Desktop\FRST64.exe
2014-01-22 22:18 - 2014-01-19 15:01 - 00000000 ____D C:\FRST
2014-01-22 22:03 - 2010-03-02 17:32 - 01798930 _____ C:\Windows\WindowsUpdate.log
2014-01-22 21:26 - 2010-11-26 11:56 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-22 21:26 - 2010-11-26 11:56 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-22 19:39 - 2010-03-03 02:24 - 00699682 _____ C:\Windows\system32\perfh007.dat
2014-01-22 19:39 - 2010-03-03 02:24 - 00149790 _____ C:\Windows\system32\perfc007.dat
2014-01-22 19:39 - 2009-07-14 06:13 - 01620684 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-22 19:32 - 2014-01-22 19:32 - 00987425 _____ C:\Users\Damari\Desktop\SecurityCheck.exe
2014-01-22 19:31 - 2014-01-22 19:31 - 02347384 _____ (ESET) C:\Users\Damari\Desktop\esetsmartinstaller_enu.exe
2014-01-22 19:30 - 2014-01-12 17:29 - 00003416 _____ C:\Windows\setupact.log
2014-01-22 11:31 - 2009-07-14 05:45 - 00022896 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-22 11:31 - 2009-07-14 05:45 - 00022896 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-22 11:24 - 2010-11-26 10:40 - 00000437 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2014-01-22 11:24 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-22 08:40 - 2012-08-26 21:44 - 00004184 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2014-01-21 22:24 - 2014-01-21 22:24 - 00001046 _____ C:\Users\Damari\Desktop\JRT.txt
2014-01-21 22:15 - 2014-01-21 22:15 - 00000000 ____D C:\Windows\ERUNT
2014-01-21 22:12 - 2014-01-21 22:12 - 01037068 _____ (Thisisu) C:\Users\Damari\Desktop\JRT.exe
2014-01-21 22:06 - 2014-01-19 11:29 - 00000000 ____D C:\AdwCleaner
2014-01-21 22:02 - 2014-01-21 22:02 - 01236282 _____ C:\Users\Damari\Desktop\adwcleaner.exe
2014-01-21 20:34 - 2014-01-21 20:34 - 00001117 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-21 20:34 - 2014-01-21 20:34 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-21 20:33 - 2014-01-21 20:33 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Damari\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-20 22:25 - 2014-01-18 14:50 - 00007986 _____ C:\Windows\PFRO.log
2014-01-20 22:14 - 2014-01-20 22:21 - 00119585 _____ C:\Users\Internet\Documents\ComboFix.txt
2014-01-20 22:14 - 2014-01-20 22:14 - 00119585 _____ C:\ComboFix.txt
2014-01-20 22:14 - 2014-01-20 22:01 - 00000000 ____D C:\Qoobox
2014-01-20 22:14 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Default
2014-01-20 22:12 - 2014-01-20 22:01 - 00000000 ____D C:\Windows\erdnt
2014-01-20 22:12 - 2010-09-13 20:15 - 00000000 ___RD C:\Users\Internet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-20 22:11 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2014-01-20 21:49 - 2014-01-12 16:34 - 00000000 ____D C:\ProgramData\GlarySoft
2014-01-20 21:49 - 2010-10-12 17:52 - 00000000 ____D C:\Users\Damari\AppData\Local\Mozilla
2014-01-20 21:49 - 2010-09-28 17:51 - 00000000 ____D C:\Users\Damari\AppData\Roaming\GlarySoft
2014-01-20 18:32 - 2013-08-10 17:05 - 00000000 ____D C:\Users\Internet\AppData\Roaming\Dropbox
2014-01-20 18:31 - 2013-08-10 17:11 - 00000000 ___RD C:\Users\Internet\Dropbox
2014-01-20 18:28 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2014-01-19 19:04 - 2014-01-19 15:04 - 00034336 _____ C:\Users\Internet\Documents\Addition.txt
2014-01-19 19:04 - 2014-01-19 15:03 - 00036739 _____ C:\Users\Internet\Documents\FRST.txt
2014-01-19 19:02 - 2014-01-19 19:02 - 00000000 ____D C:\Users\Damari\AppData\Roaming\AVAST Software
2014-01-19 19:02 - 2012-08-27 20:42 - 00001429 _____ C:\Users\Damari\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-19 19:02 - 2010-08-24 20:21 - 00120000 _____ C:\Users\Damari\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-19 15:38 - 2014-01-19 15:38 - 00012862 _____ C:\Users\Internet\Documents\gmer.log
2014-01-19 15:25 - 2014-01-19 15:25 - 00379904 _____ C:\Users\Internet\Documents\wp5megvq.exe
2014-01-19 14:57 - 2014-01-19 14:57 - 00000474 _____ C:\Users\Internet\Documents\defogger_disable.log
2014-01-19 14:57 - 2014-01-19 14:57 - 00000000 _____ C:\Users\Damari\defogger_reenable
2014-01-19 14:57 - 2010-08-24 20:21 - 00000000 ____D C:\Users\Damari
2014-01-19 14:51 - 2014-01-19 14:51 - 00050477 _____ C:\Users\Internet\Documents\Defogger.exe
2014-01-19 14:37 - 2009-10-28 19:12 - 00000000 ____D C:\ProgramData\Adobe
2014-01-19 14:36 - 2012-08-26 22:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-19 14:34 - 2013-10-05 19:47 - 00009769 _____ C:\Users\Internet\Desktop\Mappe1.xlsx
2014-01-19 14:28 - 2010-10-08 19:42 - 00000000 ____D C:\Users\Internet\AppData\Roaming\Adobe
2014-01-19 14:22 - 2014-01-19 14:22 - 00001087 _____ C:\Users\Public\Desktop\PDF24 Creator.lnk
2014-01-19 14:22 - 2014-01-19 14:22 - 00000000 ____D C:\Users\Internet\AppData\Local\PDF24
2014-01-19 14:22 - 2014-01-19 14:22 - 00000000 ____D C:\Program Files (x86)\PDF24
2014-01-19 14:14 - 2010-08-29 14:57 - 00000000 ____D C:\Program Files\Paint.NET
2014-01-19 14:00 - 2014-01-19 14:00 - 00002023 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-01-19 14:00 - 2010-09-06 13:10 - 00000000 ____D C:\Users\Damari\AppData\Local\Adobe
2014-01-19 13:59 - 2009-10-28 19:11 - 00000000 ____D C:\Program Files (x86)\Adobe
2014-01-19 13:53 - 2014-01-19 13:53 - 00001957 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk
2014-01-19 13:53 - 2014-01-19 13:53 - 00000000 ____D C:\Program Files (x86)\CDBurnerXP
2014-01-19 12:35 - 2014-01-19 12:35 - 00001155 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-01-19 12:35 - 2013-12-28 18:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-01-19 11:33 - 2010-08-24 20:22 - 00000000 ___RD C:\Users\Damari\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-19 11:04 - 2010-09-21 14:18 - 00000000 ____D C:\Program Files\WLAN-Netzsuche
2014-01-19 09:28 - 2014-01-19 09:28 - 00000000 ____D C:\Users\Damari\AppData\Roaming\Malwarebytes
2014-01-19 09:28 - 2014-01-19 09:28 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-18 15:42 - 2012-08-27 22:21 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-18 15:42 - 2012-08-27 22:21 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-01-18 15:42 - 2011-06-20 13:12 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-18 15:13 - 2013-12-29 23:01 - 00002047 _____ C:\Users\Public\Desktop\avast! SafeZone.lnk
2014-01-18 15:13 - 2013-12-29 23:01 - 00001987 _____ C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-01-18 14:51 - 2009-07-14 05:45 - 03485600 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-18 14:47 - 2013-07-29 20:31 - 00000000 ____D C:\Windows\system32\MRT
2014-01-18 14:39 - 2013-03-24 18:46 - 00000000 ____D C:\Program Files\Microsoft Office 15
2014-01-18 14:37 - 2010-10-16 15:56 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-18 14:26 - 2010-10-03 12:50 - 00000950 _____ C:\Windows\wininit.ini
2014-01-18 14:25 - 2013-08-10 17:11 - 00001032 _____ C:\Users\Internet\Desktop\Dropbox.lnk
2014-01-18 14:25 - 2013-08-10 17:08 - 00000000 ____D C:\Users\Internet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-01-18 14:20 - 2010-09-13 20:14 - 00000000 ____D C:\Users\Internet
2014-01-18 14:18 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2014-01-18 14:18 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\AppCompat
2014-01-17 22:35 - 2014-01-17 22:35 - 00000000 ____D C:\Users\Internet\AppData\Roaming\GlarySoft
2014-01-12 17:29 - 2014-01-12 17:29 - 00000000 _____ C:\Windows\setuperr.log
2014-01-12 16:36 - 2013-03-16 14:23 - 00000000 ____D C:\Windows\Minidump
2014-01-12 16:36 - 2009-07-27 21:41 - 00000000 ____D C:\Windows\Panther
2014-01-12 16:34 - 2010-09-11 14:10 - 00000000 ____D C:\Program Files (x86)\Glary Utilities
2014-01-12 16:33 - 2014-01-12 16:33 - 11965000 _____ C:\Users\Damari\Downloads\gu4setup.exe
2014-01-08 12:38 - 2013-03-16 14:34 - 00439648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-01-04 12:48 - 2011-05-29 15:16 - 00000000 ____D C:\Users\Internet\AppData\Local\Microsoft Games
2014-01-01 22:43 - 2011-11-27 21:53 - 00000000 ____D C:\ProgramData\tmp
2014-01-01 11:19 - 2011-12-14 20:41 - 00000000 ____D C:\Users\Internet\AppData\Roaming\Skype
2013-12-31 22:03 - 2011-12-14 20:41 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-12-31 22:03 - 2011-12-14 20:41 - 00000000 ____D C:\ProgramData\Skype
2013-12-30 22:02 - 2012-08-27 20:11 - 00000000 ____D C:\Users\Internet\AppData\Roaming\vlc
2013-12-29 23:01 - 2013-12-29 23:00 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2013-12-29 23:00 - 2013-12-29 23:00 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2013-12-29 23:00 - 2013-03-16 14:34 - 00207904 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-12-29 23:00 - 2011-06-20 13:27 - 01034464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-12-29 23:00 - 2011-06-20 13:27 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-12-29 23:00 - 2010-08-29 12:51 - 00422216 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-12-29 23:00 - 2010-08-29 12:51 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-12-29 23:00 - 2010-08-29 12:50 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-12-29 22:57 - 2013-12-29 22:57 - 00001639 _____ C:\Users\Internet\Documents\License.avastlic
2013-12-29 15:26 - 2013-04-06 20:00 - 00000000 ____D C:\Program Files (x86)\ElsterFormular
2013-12-29 15:25 - 2013-04-06 20:14 - 00000000 ____D C:\Users\Internet\AppData\Local\.elfohilfe
2013-12-29 15:24 - 2013-12-29 15:24 - 00000000 ____D C:\Users\Damari\AppData\Roaming\elsterformular
2013-12-28 21:20 - 2013-11-16 10:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox.bak
2013-12-25 15:34 - 2010-11-21 22:20 - 00000000 ____D C:\Users\Internet\Documents\WIR
2013-12-24 17:57 - 2013-02-03 17:15 - 00000000 ____D C:\Users\Internet\AppData\Roaming\dvdcss

Some content of TEMP:
====================
C:\Users\Damari\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-10 14:40

==================== End Of Log ============================
         
--- --- ---

--- --- ---


So wirklich Probleme hatte ich ja nicht festgestellt. Wollte nur auf Nummer sicher gehen. Vielleicht hatte ja doch die Avast Internet Security die Infizierung bereits verhindert. Oder war bei den ganzen Log-Dateien irgendetwas auffälliges zu sehen, das entfernt wurde? Ist denn jetzt mein Rechner wieder clean und kann normal (z.B. Internetbanking) genutzt werden? Vielen Dank auf jeden Fall schon mal für Deine Hilfe!!!

Gruß,
Rick

Alt 23.01.2014, 19:29   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Spam-Mail DHL Paketankündigung mit Link zur Paketinformation - Standard

Spam-Mail DHL Paketankündigung mit Link zur Paketinformation



Flash updaten.

Wir haben en bissl Adware entfernt. Onlinebanking kannste machen.


Fertig

Falls Du Lob oder Kritik loswerden möchtest kannst Du das hier tun


Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.


Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 23.01.2014, 23:04   #11
DeRiggy
 
Spam-Mail DHL Paketankündigung mit Link zur Paketinformation - Standard

Spam-Mail DHL Paketankündigung mit Link zur Paketinformation



Hallo Schrauber,

vielen, vielen Dank für Deine Hilfe und für Deine Tipps. Das Abo kannst Du somit stoppen.

Gruß,
Rick

Alt 24.01.2014, 14:37   #12
schrauber
/// the machine
/// TB-Ausbilder
 

Spam-Mail DHL Paketankündigung mit Link zur Paketinformation - Standard

Spam-Mail DHL Paketankündigung mit Link zur Paketinformation



Gern Geschehen
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Spam-Mail DHL Paketankündigung mit Link zur Paketinformation
ad-aware, antivirus, avast, branding, browser, canon, defender, desktop, e-mail, error, explorer, fehler, firefox, flash player, helper, home, launch, mozilla, problem, realtek, registry, richtlinie, rundll, scan, security, services.exe, software, svchost.exe, taskhost.exe, temp




Ähnliche Themen: Spam-Mail DHL Paketankündigung mit Link zur Paketinformation


  1. Auf Link einer Spam-Mail geklickt
    Plagegeister aller Art und deren Bekämpfung - 20.09.2015 (8)
  2. Link in Spam-Mail geklickt - Eset meldet Bedrohungen
    Log-Analyse und Auswertung - 16.08.2015 (19)
  3. DHL Paketankündigung - Link angeklickt - Rechner verseucht?
    Log-Analyse und Auswertung - 27.05.2015 (17)
  4. DHL Paketankündigung fake email - leider versehentlich den Sendungsstatus link angeklickt - Infiziert?
    Plagegeister aller Art und deren Bekämpfung - 13.05.2015 (38)
  5. DHL-Paketankündigung Mail - versehentlich Link angeklickt
    Plagegeister aller Art und deren Bekämpfung - 10.05.2015 (9)
  6. ,,keineantwortadresse@web.de'' - Spam Mail wurde ausgehend meines Email Accounts versendet. Mit Inhalt: Link eines Pharmazieonline portals
    Log-Analyse und Auswertung - 24.04.2015 (16)
  7. Trojaner(?) nach Öffnung von Link in DHL Paketankündigung
    Log-Analyse und Auswertung - 11.04.2015 (18)
  8. DHL-Paketankündigung-Email Link geöffnet
    Log-Analyse und Auswertung - 11.03.2015 (13)
  9. Aus Spam-Mail Link Trojaner Mal/DrodZp-A gefangen?
    Log-Analyse und Auswertung - 08.03.2015 (7)
  10. Paketankündigung zu Ihrer Sendung 056538393990‏ - DHL SPAM (paket@dhl.de)
    Log-Analyse und Auswertung - 18.09.2014 (22)
  11. SPAM Mail von yahoo.com erhalten und auf Link geklickt
    Log-Analyse und Auswertung - 30.06.2014 (13)
  12. SPAM Mail von Telekom und auf Link geklickt
    Log-Analyse und Auswertung - 17.06.2014 (3)
  13. Frau hat Link in SPAM-Mail geöffnet
    Log-Analyse und Auswertung - 08.06.2014 (5)
  14. Yahoo-acoount versendet E-Mail mit Spam-Link
    Plagegeister aller Art und deren Bekämpfung - 14.04.2014 (1)
  15. Spam Mail Link angeklickt
    Log-Analyse und Auswertung - 05.03.2014 (10)
  16. dhl Spam: Paketankündigung zu Ihrer Sendung 083747799393
    Diskussionsforum - 13.08.2013 (0)
  17. spam-mail über mein web.de-account versendet, spam-mail auch im gesendet Ordner
    Log-Analyse und Auswertung - 16.11.2011 (3)

Zum Thema Spam-Mail DHL Paketankündigung mit Link zur Paketinformation - Hallo zusammen, auch ich bin auf den in einer angeblich von DHL versandten E-Mail enthaltenen Link gegangen, der schon in anderen Beiträgen hier im Forum beschrieben war. Die Weiterleitung erfolgte - Spam-Mail DHL Paketankündigung mit Link zur Paketinformation...
Archiv
Du betrachtest: Spam-Mail DHL Paketankündigung mit Link zur Paketinformation auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.