| |
| |||||||
Log-Analyse und Auswertung: Windows 7: Laptop wurde sehr langsamWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
19.01.2014, 20:23
| #1 |
| |  Windows 7: Laptop wurde sehr langsam Ich hatte mit meinen Freunden eine Party wo wir ein bisschen gespielt haben. (Battlefield) Seitdem lässt sich bei mir Garry's Mod nicht mehr öffnen (Keine Rückmeldung und Absturz) und mein Laptop bleibt bei allem hängen und wurde Langsam(Keine Rückmeldung). Letztens wollte ich nachschauen wieviel Speicher noch frei ist und dabei ist mein Computer hängen geblieben (Keine Rückmeldung), das passiert bei jeder Kleinigkeit... Was ich noch gemerkt habe ist, dass beim TaskManager fast nur 1-2% CPU-Auslastung angezeigt wird aber der Computer dabei immer hängen bleibt... Logs habe ich schon gemacht: (Anhang) |
|
19.01.2014, 21:37
| #2 |
| /// TB-Ausbilder   | Windows 7: Laptop wurde sehr langsam Hi,
__________________hänge die Logfiles bitte nicht an (das erschwert mir das Auswerten massiv), sondern füge deren Inhalt direkt innerhalb von Codetags ein: [code]Inhalt Logfile[/code]. (Anleitung)) Falls es zu viele Zeichen sind, verteile die Logs auf mehrere Posts.
__________________ |
|
19.01.2014, 21:49
| #3 |
| | Windows 7: Laptop wurde sehr langsamCode:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-01-2014 03
Ran by ***** at 2014-01-19 19:28:50
Running from C:\Users\*****\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
==================== Installed Programs ======================
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.43 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (x32 Version: 11.0.06 - Adobe Systems Incorporated)
Advertising Center (x32 Version: 0.0.0.1 - Nero AG) Hidden
Anytime USB Charge Utility (x32 Version: 1.00.00.001 - FUJITSU LIMITED)
Browser Stabilizer (x32 Version: - WorldLoad)
Canon MP Navigator EX 1.0 (x32 Version: - )
CCleaner (Version: 4.05 - Piriform)
ClamWin Free Antivirus 0.98 (x32 Version: - alch)
Control ActiveX de Windows Live Mesh para conexiones remotas (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Counter-Strike: Source (x32 Version: - Valve)
CPUID CPU-Z 1.68 (Version: - )
Craften Terminal 3.4.5 (x32 Version: 3.4.5 - Craften.de)
CyberLink YouCam (x32 Version: 3.0.1908.7636 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.0.1908.7636 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DeskUpdate 4.11 (x32 Version: 4.11.0074 - Fujitsu Technology Solutions)
DownnSSave (x32 Version: - DownaSAvve)
Entity Framework Designer für Visual Studio 2012 - DEU (x32 Version: 11.1.20810.00 - Microsoft Corporation)
Erforderliche Komponenten für SSDT (x32 Version: 11.0.2100.60 - Microsoft Corporation)
FJ Camera (x32 Version: 5.8.52016.0 - Sonix)
Free YouTube to MP3 Converter version 3.12.4.622 (x32 Version: 3.12.4.622 - DVDVideoSoft Ltd.)
Fujitsu Display Manager (Version: 7.01.20.212 - FUJITSU LIMITED) Hidden
Fujitsu Display Manager (x32 Version: - )
Fujitsu Hotkey Utility (x32 Version: 3.70.0.0 - FUJITSU LIMITED)
Fujitsu Hotkey Utility (x32 Version: 3.70.0.0 - FUJITSU LIMITED) Hidden
Fujitsu MobilityCenter Extension Utility (Version: 3.01.00.001 - FUJITSU LIMITED) Hidden
Fujitsu MobilityCenter Extension Utility (x32 Version: 3.01.00.001 - FUJITSU LIMITED)
Fujitsu System Extension Utility (Version: 3.3.0.0 - FUJITSU LIMITED) Hidden
Fujitsu System Extension Utility (x32 Version: 3.3.0.0 - FUJITSU LIMITED)
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Garry's Mod (x32 Version: - Facepunch Studios) <==== ATTENTION
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
GIMP 2.8.6 (Version: 2.8.6 - The GIMP Team)
Google Chrome (x32 Version: 31.0.1650.63 - Google Inc.)
Google Earth Plug-in (x32 Version: 7.1.2.2041 - Google)
Google Talk Plugin (x32 Version: 4.9.1.16010 - Google)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
HP Photo Creations (x32 Version: 1.0.0.5192 - HP Photo Creations)
HP Photosmart 5510 series - Grundlegende Software für das Gerät (Version: 25.0.621.0 - Hewlett-Packard Co.)
HP Photosmart 5510 series Hilfe (x32 Version: 140.0.2.2 - Hewlett Packard)
HP Update (x32 Version: 5.003.000.004 - Hewlett-Packard)
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
Intel PROSet Wireless (Version: - ) Hidden
Intel(R) Management Engine Components (x32 Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (x32 Version: 8.15.10.2372 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (Version: 1.0.0.0454 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi Software (Version: 14.0.2000 - Intel Corporation)
Intel(R) WiDi (x32 Version: 2.1.35.0 - Intel Corporation)
Intel(R) Wireless Display (Version: - )
Java 7 Update 17 (64-bit) (Version: 7.0.170 - Oracle)
Java 7 Update 45 (x32 Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 29 (x32 Version: 6.0.290 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LifeBook Application Panel (Version: 8.2.1.0 - FUJITSU LIMITED) Hidden
LifeBook Application Panel (x32 Version: 8.2.1.0 - FUJITSU LIMITED)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Multi-Targeting Pack (x32 Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (x32 Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (x32 Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (x32 Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8402.2 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.0 (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (Version: 1.0.30319 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.0 Language Pack - DEU (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (Version: 1.0.30319 - Microsoft Corporation) Hidden
Microsoft Help Viewer 2.0 (x32 Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (x32 Version: 2.0.50727 - Microsoft Corporation) Hidden
Microsoft Help Viewer 2.0 Language Pack - DEU (x32 Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.0 Language Pack - DEU (x32 Version: 2.0.50727 - Microsoft Corporation) Hidden
Microsoft NuGet - Visual Studio Express 2012 for Windows Desktop (x32 Version: 2.0.30717.9005 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.4.0304.0 - Microsoft Corporation) Hidden
Microsoft Security Client DE-DE Language Pack (Version: 2.1.1116.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (Version: 4.4.304.0 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Small Basic v1.0 (x32 Version: 1.0.0.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (x32 Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x32 Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service (x32 Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (11.1.20828.01) (x32 Version: 11.1.20828.01 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - DEU (11.1.20828.01) (x32 Version: 11.1.20828.01 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 32bit Compilers - DEU Resources (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Core Libraries (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Debug Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86-x64 Compilers (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Express Prerequisites x64 - DEU (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Shell (Minimum) (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Shell (Minimum) Interop Assemblies (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Shell-(Mindest)-Ressourcen (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Tools für SQL Server Compact 4.0 SP1 DEU (x32 Version: 4.0.8876.1 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012-Vorbereitung (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Express 2012 for Windows Desktop (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Express 2012 für Windows Desktop - DEU (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Express 2012 für Windows Desktop - DEU (x32 Version: 11.0.50727.42 - Microsoft Corporation)
Microsoft Visual Studio Team Foundation Server 2012 Object Model (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Object Model Language Pack - DEU (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Team Explorer (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Team Explorer Language Pack - DEU (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2012 XAML UI Designer Core (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2012 XAML UI Designer deu Resources (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft-System-CLR-Typen für SQL Server 2012 (x32 Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (Version: 11.0.2100.60 - Microsoft Corporation)
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
Nero 9 Essentials (x32 Version: - Nero AG)
Nero BurnRights (x32 Version: 3.4.10.100 - Nero AG) Hidden
Nero BurnRights Help (x32 Version: 3.4.4.100 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 9.0.0.1 - Nero AG) Hidden
Nero CoverDesigner (x32 Version: 4.4.9.203 - Nero AG) Hidden
Nero CoverDesigner Help (x32 Version: 4.4.6.100 - Nero AG) Hidden
Nero DiscSpeed (x32 Version: 5.4.7.202 - Nero AG) Hidden
Nero DiscSpeed Help (x32 Version: 5.4.4.100 - Nero AG) Hidden
Nero DriveSpeed (x32 Version: 4.4.10.100 - Nero AG) Hidden
Nero DriveSpeed Help (x32 Version: 4.4.4.100 - Nero AG) Hidden
Nero InfoTool (x32 Version: 6.4.7.204 - Nero AG) Hidden
Nero InfoTool Help (x32 Version: 6.4.4.100 - Nero AG) Hidden
Nero Installer (x32 Version: 4.4.8.1 - Nero AG) Hidden
Nero StartSmart (x32 Version: 9.4.11.207 - Nero AG) Hidden
Nero StartSmart Help (x32 Version: 9.4.1.100 - Nero AG) Hidden
Nero StartSmart OEM (x32 Version: 9.4.10.100 - Nero AG) Hidden
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
Notepad++ (x32 Version: 6.5.1 - Notepad++ Team)
NVIDIA GeForce Experience 1.8.1 (Version: 1.8.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 332.21 (Version: 332.21 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.142.992 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus Update 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.0725 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.0725 (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA ShadowPlay 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 332.21 (Version: 332.21 - NVIDIA Corporation) Hidden
NVIDIA Update 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.19 (Version: 1.2.19 - NVIDIA Corporation)
PDF-Viewer (Version: 2.5.213.1 - Tracker Software Products Ltd)
Plugfree NETWORK (Version: 5.4.0.1 - FUJITSU LIMITED)
Plugfree NETWORK (Version: 5.4.001 - FUJITSU LIMITED) Hidden
Power Saving Utility (x32 Version: 32.01.10.009 - FUJITSU LIMITED)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6263 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (x32 Version: 6.1.7600.30120 - Realtek Semiconductor Corp.)
ScanSoft OmniPage SE 4 (x32 Version: 15.2.0020 - Nuance Communications, Inc.)
SHIELD Streaming (Version: 1.6.85 - NVIDIA Corporation) Hidden
Skype Click to Call (x32 Version: 5.10.9560 - Skype Technologies S.A.)
SkypEmoticons (x32 Version: - )
Skype™ 6.0 (x32 Version: 6.0.126 - Skype Technologies S.A.)
Spotify (HKCU Version: 0.9.6.81.gd359a796 - Spotify AB)
Steam (x32 Version: - Valve Corporation)
Studie zur Verbesserung von HP Photosmart 5510 series Produkten (Version: 25.0.621.0 - Hewlett-Packard Co.)
Synaptics Pointing Device Driver (Version: 14.0.16.0 - Synaptics Incorporated)
Update for Microsoft Visual Studio 2012 (KB2781514) (x32 Version: 11.0.51219 - Microsoft Corporation)
Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Software Development Kit (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x64 Remote (Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x86 Remote (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x64 Remote (Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x86 Remote (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
WinRAR 4.01 (32-Bit) (x32 Version: 4.01.0 - win.rar GmbH)
==================== Restore Points =========================
19-01-2014 14:20:50 DirectX wurde installiert
==================== Hosts content: ==========================
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {04682D1E-B998-440A-9E9F-786139A74E2D} - System32\Tasks\Fujitsu\DeskUpdate => c:\Fujitsu\Programs\DeskUpdate\ducmd.exe [2010-10-13] (Fujitsu Technology Solutions)
Task: {07D0796E-4AC5-447C-8B61-0C41267A2ABE} - System32\Tasks\{89F1831C-2FCB-4743-ACDB-171CAF6F2F80} => Chrome.exe
Task: {0EAB6ED0-0D3C-45E3-9C88-96671F376E3D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-11-25] (Google Inc.)
Task: {29CAE71E-4139-4E9A-9B4E-DA56384A291B} - \AdobeFlashPlayerUpdate 2 No Task File
Task: {382DC7CB-5038-42A6-B311-877A581A2AF6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-18] (Adobe Systems Incorporated)
Task: {3FF846D6-9636-4282-8C42-D617F6DFF18D} - System32\Tasks\KMS Activation => C:\Program Files (x86)\KMSpico\RandomFile.exe
Task: {4D7FBDE9-6EF1-4163-9BF3-61B4B23A9BF5} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2109869091-239777414-2284813190-1001UA => C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-07] (Google Inc.)
Task: {4FA404BF-2491-4374-8A2E-6D282FFD3AB3} - System32\Tasks\Software Updater Ui => C:\Program Files (x86)\SelfUpdater\SoftwareUpdater.Ui.exe
Task: {578B0478-8895-4F80-AC3E-B0C878D39A79} - System32\Tasks\HPCustParticipation HP Photosmart 5510 series => C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPCustPartic.exe [2011-09-16] (Hewlett-Packard Co.)
Task: {62D7961C-7A94-4893-BA8F-43B9FF05236C} - \AdobeFlashPlayerUpdate No Task File
Task: {6A72B051-92F6-45B4-AA0D-10E79AA9D3B2} - System32\Tasks\YourFile Update => C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe <==== ATTENTION
Task: {77EC7A8C-7F2D-469D-9540-DEC96B1A7A5A} - System32\Tasks\{97BD9277-E868-4F1D-BDBF-108BBC496872} => Firefox.exe hxxp://ui.skype.com/ui/0/6.1.0.129.272/de/abandoninstall?page=tsProgressBar
Task: {7E747F27-EC37-4F35-95A9-4737965C5754} - System32\Tasks\{D6BB28D1-7725-4BA7-B189-F452A1687370} => Firefox.exe hxxp://ui.skype.com/ui/0/6.1.0.129.272/de/abandoninstall?page=tsProgressBar
Task: {8C6235A7-FD6F-4942-BDAA-E68E63DD8C1D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-08-21] (Piriform Ltd)
Task: {ADB38ECF-6014-4F4B-B47F-E209BFB01EAD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-11-25] (Google Inc.)
Task: {BDCEC4D7-A5C9-41BE-9060-A90B6761F4FE} - System32\Tasks\HP Photo Creations Messager => C:\ProgramData\HP Photo Creations\MessageCheck.exe [2011-02-15] ()
Task: {C16FCD7F-E8BA-4769-A143-742AEC75C548} - System32\Tasks\Fujitsu\DeskUpdateRetry => c:\Fujitsu\Programs\DeskUpdate\ducmd.exe [2010-10-13] (Fujitsu Technology Solutions)
Task: {C53B161B-7FB5-4D3E-B4E2-6EF74E0093A9} - System32\Tasks\{256938B0-4E57-434B-82C1-ACFF33706394} => Chrome.exe
Task: {C56BDCF0-2D97-45BF-82A9-27D66A5EB153} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2109869091-239777414-2284813190-1001Core => C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-07] (Google Inc.)
Task: {C993F2C3-4C24-4C23-A022-C0A8D889BF4E} - System32\Tasks\{DBA49D7C-F2BC-4998-AC8F-FF277453767C} => Chrome.exe
Task: {FF143291-5B3C-45F3-9466-017D09DF3883} - System32\Tasks\Software Updater => C:\Program Files (x86)\SelfUpdater\SoftwareUpdater.Bootstrapper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2109869091-239777414-2284813190-1001Core.job => C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2109869091-239777414-2284813190-1001UA.job => C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HP Photo Creations Messager.job => C:\ProgramData\HP Photo Creations\MessageCheck.exe
==================== Loaded Modules (whitelisted) =============
2011-11-17 15:14 - 2011-05-28 22:05 - 00164864 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2014-01-18 21:48 - 2008-04-19 17:35 - 00080384 _____ () C:\Program Files (x86)\ClamWin\bin\ExpShell64.dll
2012-06-18 16:24 - 2012-06-18 16:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2013-12-27 14:01 - 2013-12-27 14:01 - 04496384 _____ () C:\ProgramData\Browser Stabilizer\BrowserStabilizer_x64.dll
2011-05-02 01:21 - 2011-04-15 02:16 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-01-05 20:53 - 2011-01-05 20:53 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2013-12-27 14:01 - 2013-12-27 14:01 - 04531712 _____ () C:\ProgramData\Browser Stabilizer\BrowserStabilizer.dll
2013-12-27 14:01 - 2013-12-27 14:01 - 00181072 _____ () C:\ProgramData\Browser Stabilizer\BrowserStabilizerSvc.dll
2014-01-18 21:48 - 2005-02-08 17:23 - 00979005 _____ () C:\Program Files (x86)\ClamWin\bin\python23.dll
2014-01-18 21:48 - 2004-11-20 03:27 - 00069632 _____ () C:\Program Files (x86)\ClamWin\lib\win32api.pyd
2014-01-18 21:48 - 2004-10-11 20:21 - 00094208 _____ () C:\Program Files (x86)\ClamWin\lib\pywintypes23.dll
2014-01-18 21:48 - 2004-05-25 21:18 - 00057401 _____ () C:\Program Files (x86)\ClamWin\lib\_sre.pyd
2014-01-18 21:48 - 2004-11-20 03:27 - 00086016 _____ () C:\Program Files (x86)\ClamWin\lib\win32gui.pyd
2014-01-18 21:48 - 2004-11-20 03:27 - 00024576 _____ () C:\Program Files (x86)\ClamWin\lib\win32event.pyd
2014-01-18 21:48 - 2004-11-20 03:27 - 00036864 _____ () C:\Program Files (x86)\ClamWin\lib\win32process.pyd
2014-01-18 21:48 - 2004-05-25 21:18 - 00049212 _____ () C:\Program Files (x86)\ClamWin\lib\_socket.pyd
2014-01-18 21:48 - 2004-05-25 21:18 - 00495616 _____ () C:\Program Files (x86)\ClamWin\lib\_ssl.pyd
2014-01-18 21:48 - 2004-05-25 21:20 - 00036864 _____ () C:\Program Files (x86)\ClamWin\lib\_winreg.pyd
2014-01-18 21:48 - 2004-10-11 20:22 - 00315392 _____ () C:\Program Files (x86)\ClamWin\lib\pythoncom23.dll
2014-01-18 21:48 - 2004-11-20 03:27 - 00106496 _____ () C:\Program Files (x86)\ClamWin\lib\shell.pyd
2014-01-18 21:48 - 2004-11-20 03:27 - 00065536 _____ () C:\Program Files (x86)\ClamWin\lib\win32security.pyd
2014-01-18 21:48 - 2004-01-15 14:45 - 00061440 _____ () C:\Program Files (x86)\ClamWin\lib\_ctypes.pyd
2014-01-18 21:48 - 2004-11-20 03:27 - 00077824 _____ () C:\Program Files (x86)\ClamWin\lib\win32file.pyd
2014-01-18 21:48 - 2004-11-20 03:27 - 00024576 _____ () C:\Program Files (x86)\ClamWin\lib\win32pipe.pyd
2014-01-18 21:48 - 2003-10-01 13:40 - 02240512 _____ () C:\Program Files (x86)\ClamWin\lib\wxc.pyd
2014-01-18 21:48 - 2003-10-01 11:43 - 03239936 _____ () C:\Program Files (x86)\ClamWin\lib\wxmsw24h.dll
2014-01-18 21:48 - 2003-08-10 09:14 - 00061440 _____ () C:\Program Files (x86)\ClamWin\lib\mxDateTime.pyd
2014-01-18 21:48 - 2004-05-25 21:17 - 00622651 _____ () C:\Program Files (x86)\ClamWin\lib\_bsddb.pyd
2014-01-18 21:48 - 2004-05-25 21:19 - 00045117 _____ () C:\Program Files (x86)\ClamWin\lib\datetime.pyd
2013-12-23 12:30 - 2013-12-23 12:30 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
Name: Hamachi Network Interface
Description: Hamachi Network Interface
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn, Inc.
Service: hamachi
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Microsoft Virtual WiFi Miniport Adapter #2
Description: Microsoft-Adapter für Miniports virtueller WiFis
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (01/19/2014 07:21:43 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
Error: (01/19/2014 07:21:43 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (01/19/2014 07:21:43 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (01/19/2014 07:17:30 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/19/2014 07:17:24 PM) (Source: NvStreamSvc) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]
Error: (01/19/2014 07:17:24 PM) (Source: NvStreamSvc) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]
Error: (01/19/2014 07:17:24 PM) (Source: NvStreamSvc) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]
Error: (01/19/2014 04:45:52 PM) (Source: Application Hang) (User: )
Description: Programm hl2.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 484
Startzeit: 01cf152cab89dfa5
Endzeit: 0
Anwendungspfad: C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
Berichts-ID: 3f3fd3b7-8120-11e3-a2c8-ac728940f4a6
Error: (01/19/2014 04:00:54 PM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to compile Microsoft.SqlServer.BatchParser, Version=11.0.0.0, Culture=neutral, PublicKeyToken=89845dcd8080cc91 because of the following error: Internal CLR error. (Exception from HRESULT: 0x80131506).
Error: (01/19/2014 03:28:09 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
System errors:
=============
Error: (01/19/2014 03:17:55 PM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden aufgrund eines E/A-Fehlers auf Volume "C:" abgebrochen.
Error: (01/19/2014 02:26:46 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (01/19/2014 02:26:46 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (01/19/2014 02:11:41 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (01/19/2014 02:11:41 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (01/19/2014 00:09:31 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (01/19/2014 00:09:31 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (01/18/2014 10:20:57 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (01/18/2014 10:20:57 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (01/18/2014 10:03:04 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Modules Installer" wurde mit folgendem Fehler beendet:
%%19
Microsoft Office Sessions:
=========================
Error: (01/19/2014 07:21:43 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: WmiApRplWmiApRpl8F20300004D070000
Error: (01/19/2014 07:21:43 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000
Error: (01/19/2014 07:21:43 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000
Error: (01/19/2014 07:17:30 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/19/2014 07:17:24 PM) (Source: NvStreamSvc)(User: )
Description: NvStreamSvcNvVAD initialization failed [6]
Error: (01/19/2014 07:17:24 PM) (Source: NvStreamSvc)(User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]
Error: (01/19/2014 07:17:24 PM) (Source: NvStreamSvc)(User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]
Error: (01/19/2014 04:45:52 PM) (Source: Application Hang)(User: )
Description: hl2.exe0.0.0.048401cf152cab89dfa50C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe3f3fd3b7-8120-11e3-a2c8-ac728940f4a6
Error: (01/19/2014 04:00:54 PM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to compile Microsoft.SqlServer.BatchParser, Version=11.0.0.0, Culture=neutral, PublicKeyToken=89845dcd8080cc91 because of the following error: Internal CLR error. (Exception from HRESULT: 0x80131506).
Microsoft.SqlServer.BatchParser, Version=11.0.0.0, Culture=neutral, PublicKeyToken=89845dcd8080cc91
Error: (01/19/2014 03:28:09 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: WmiApRplWmiApRpl8F20300004D070000
==================== Memory info ===========================
Percentage of memory in use: 52%
Total physical RAM: 4008.62 MB
Available physical RAM: 1884.1 MB
Total Pagefile: 8015.42 MB
Available Pagefile: 5714.75 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
==================== Drives ================================
Drive c: (System) (Fixed) (Total:445.13 GB) (Free:370.89 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: F1E2CB29)
Partition 1: (Active) - (Size=2 GB) - (Type=27)
Partition 2: (Not Active) - (Size=464 GB) - (Type=OF Extended)
==================== End Of Log ============================
Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 19:25 on 19/01/2014 (Doerr)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-01-2014 03
Ran by ***** (administrator) on *****-NB01 on 19-01-2014 19:27:47
Running from C:\Users\*****\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\TrayManager.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Sonix) C:\Windows\vsnp2uvc.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Google Inc.) C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\PSUService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
() C:\Program Files (x86)\Tor\tor.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNetDm.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNTray.exe
(Spotify Ltd) C:\Users\*****\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(SkypEmoticons) C:\Users\*****\AppData\Roaming\SkypEmoticons\SE.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe
(alch) C:\Program Files (x86)\ClamWin\bin\ClamTray.exe
(FUJITSU LIMITED) C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
(Fujitsu Technology Solutions) C:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpWareSE4.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\wbengine.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1886504 2009-11-19] (Synaptics Incorporated)
HKLM\...\Run: [BTMTrayAgent] - C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [10228224 2010-11-03] (Intel Corporation)
HKLM\...\Run: [LoadFUJ02E3] - C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe [45680 2010-06-08] (FUJITSU LIMITED)
HKLM\...\Run: [FDM7] - C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe [164712 2009-11-26] (FUJITSU LIMITED)
HKLM\...\Run: [PSUTility] - C:\Program Files\Fujitsu\PSUtility\TrayManager.exe [199528 2010-11-13] (FUJITSU LIMITED)
HKLM\...\Run: [PfNet] - C:\Program Files\Fujitsu\Plugfree NETWORK\PfNet.exe [6311424 2010-10-07] (FUJITSU LIMITED)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11663464 2010-12-07] (Realtek Semiconductor)
HKLM\...\Run: [IntelWireless] - C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1933584 2011-01-05] (Intel(R) Corporation)
HKLM\...\Run: [snp2uvc] - C:\Windows\vsnp2uvc.exe [662016 2009-08-13] (Sonix)
HKLM\...\Run: [LoadFujitsuQuickTouch] - C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe [162416 2010-07-16] (FUJITSU LIMITED)
HKLM\...\Run: [LoadBtnHnd] - C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [21616 2010-07-09] (FUJITSU LIMITED)
HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-10] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\nvspcap64.dll [1100248 2013-12-10] (NVIDIA Corporation)
HKLM-x32\...\Run: [IndicatorUtility] - C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe [48752 2010-09-30] (FUJITSU LIMITED)
HKLM-x32\...\Run: [snp2uvc] - C:\Windows\vsnp2uvc.exe [662016 2009-08-13] (Sonix)
HKLM-x32\...\Run: [DeskUpdateNotifier] - c:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe [97560 2010-10-13] (Fujitsu Technology Solutions)
HKLM-x32\...\Run: [UCam_Menu] - C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [YouCam Mirror Tray icon] - C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe [162912 2009-07-08] (CyberLink Corp.)
HKLM-x32\...\Run: [SSBkgdUpdate] - C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [OpwareSE4] - C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpwareSE4.exe [79400 2007-02-04] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-03-24] (Hewlett-Packard)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [Google Update] - C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-11-07] (Google Inc.)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\*****\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1168896 2013-12-14] (Spotify Ltd)
HKCU\...\Run: [se] - C:\Users\*****\AppData\Roaming\SkypEmoticons\SE.exe [5827488 2013-10-24] (SkypEmoticons)
HKCU\...\Run: [HP Photosmart 5510 series (NET)] - C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe [2676584 2011-09-16] (Hewlett-Packard Co.)
HKCU\...\Run: [ClamWin] - C:\Program Files (x86)\ClamWin\bin\ClamTray.exe [86016 2013-10-18] (alch)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-12-19] (NVIDIA Corporation)
AppInit_DLLs: C:\PROGRA~3\BROWSE~1\BROWSE~2.DLL => C:\ProgramData\Browser Stabilizer\BrowserStabilizer_x64.dll [4496384 2013-12-27] ()
AppInit_DLLs-x32: ,c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [141336 2013-12-19] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\progra~3\browse~1\browse~1.dll,C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-12-19] (NVIDIA Corporation)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk
ShortcutTarget: LaunchCenter.lnk -> C:\Program Files\Fujitsu\LaunchCenter\LaunchCenter.exe (Fujitsu Technology Solutions)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk
ShortcutTarget: LaunchCenter.lnk -> C:\Program Files\Fujitsu\LaunchCenter\LaunchCenter.exe (Fujitsu Technology Solutions)
==================== Internet (Whitelisted) ====================
ProxyServer: 10.0.0.138:80
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://websearch.wisesearch.info/?pid=725&r=2013/10/24&hid=12088271798101284982&lg=EN&cc=AT&unqvl=39
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ts.fujitsu.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=FTSG&bmod=FTSG
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://websearch.wisesearch.info/?pid=725&r=2013/10/24&hid=12088271798101284982&lg=EN&cc=AT&unqvl=39
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.wisesearch.info/?l=1&q={searchTerms}&pid=725&r=2013/10/24&hid=12088271798101284982&lg=EN&cc=AT&unqvl=39
SearchScopes: HKCU - DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.wisesearch.info/?l=1&q={searchTerms}&pid=725&r=2013/10/24&hid=12088271798101284982&lg=EN&cc=AT&unqvl=39
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKCU - {AE592437-2644-4A6B-972C-8D5A23AF96C4} URL = hxxp://ecosia.org/search.php?q={searchTerms}&addon=opensearch
SearchScopes: HKCU - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.wisesearch.info/?l=1&q={searchTerms}&pid=725&r=2013/10/24&hid=12088271798101284982&lg=EN&cc=AT&unqvl=39
SearchScopes: HKCU - {BF15C0A1-A07F-470D-871A-6C8960C0ECBF} URL =
BHO: DownnSSave - {2985237C-AC09-7404-8494-0072A6C90638} - C:\ProgramData\DownnSSave\_C.x64.dll ()
BHO-x32: DownnSSave - {2985237C-AC09-7404-8494-0072A6C90638} - C:\ProgramData\DownnSSave\_C.dll ()
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{41FD9069-21D6-40EB-9555-F0F6DDCFA8FB}: [NameServer]0.0.0.0
FireFox:
========
FF ProfilePath: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\ci75rvj2.default
FF user.js: detected! => C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\ci75rvj2.default\user.js
FF DefaultSearchEngine: WebSearch
FF SearchEngineOrder.1: WebSearch
FF SearchEngineOrder.user_pref("browser.search.order.1,S", "WebSearch");: user_pref("browser.search.order.1,S", "WebSearch");
FF SelectedSearchEngine: WebSearch
FF Homepage: https://www.google.com/
FF Keyword.URL: hxxp://websearch.wisesearch.info/?pid=725&r=2013/10/24&hid=12088271798101284982&lg=EN&cc=AT&unqvl=39&l=1&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @java.com/DTPlugin,version=10.17.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.17.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\*****\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\*****\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\*****\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\*****\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\*****\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\*****\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\*****\AppData\Roaming\mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin ProgramFiles/Appdata: C:\Users\*****\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\ci75rvj2.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\ci75rvj2.default\searchplugins\BrowserProtect.xml
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\ci75rvj2.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\ci75rvj2.default\searchplugins\WebSearch.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: General Crawler - C:\Users\*****\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com [2012-04-19]
Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR Extension: (No Name) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-02]
CHR Extension: (No Name) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-02]
CHR Extension: (No Name) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-02]
CHR Extension: (0) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\elgfababjopgjalkgbfndlempbfdiecf [2013-12-06]
CHR Extension: (Google Wallet) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-02]
CHR Extension: (No Name) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-02]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Users\*****\AppData\Roaming\DVDVideoSoft\dvsYoutubeDownload.crx [2012-10-31]
CHR HKLM-x32\...\Chrome\Extension: [dednnpigldgdbpgcdpfppmlcnnbjciel] - C:\Users\*****\AppData\Roaming\Media Finder\Extensions\gencrawler_gc.crx [2012-04-19]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-03-02]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
R2 2db04d42; C:\ProgramData\Browser Stabilizer\BrowserStabilizerSvc.dll [181072 2013-12-27] ()
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-01-05] ()
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-10] (NVIDIA Corporation)
R2 PFNService; C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe [331776 2010-10-07] (FUJITSU LIMITED)
R2 PowerSavingUtilityService; C:\Program Files\Fujitsu\PSUtility\PSUService.exe [63336 2010-06-17] (FUJITSU LIMITED)
R2 tor; C:\Program Files (x86)\Tor\tor.exe [3233806 2013-08-31] ()
==================== Drivers (Whitelisted) ====================
R0 FBIOSDRV; C:\Windows\System32\Drivers\FBIOSDRV.sys [21104 2009-06-24] (FUJITSU LIMITED)
R3 FUJ02B1; C:\Windows\System32\DRIVERS\FUJ02B1.sys [7808 2006-11-01] (FUJITSU LIMITED)
R3 FUJ02E3; C:\Windows\system32\drivers\FUJ02E3.sys [7296 2006-11-01] (FUJITSU LIMITED)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)
S3 SMARTMouseFilterx64; C:\Windows\System32\DRIVERS\SMARTMouseFilterx64.sys [13168 2011-07-13] (SMART Technologies ULC)
S3 SMARTVHidMiniVistaAmd64; C:\Windows\System32\DRIVERS\SMARTVHidMiniVistaAmd64.sys [16368 2011-07-13] (SMART Technologies ULC)
S3 SMARTVTabletPCx64; C:\Windows\System32\DRIVERS\SMARTVTabletPCx64.sys [24944 2011-07-13] (SMART Technologies ULC)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1801216 2010-10-09] ()
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-19 19:27 - 2014-01-19 19:28 - 00021296 _____ C:\Users\*****\Desktop\FRST.txt
2014-01-19 19:27 - 2014-01-19 19:27 - 00000000 ____D C:\FRST
2014-01-19 19:26 - 2014-01-19 19:26 - 02076672 _____ (Farbar) C:\Users\*****\Desktop\FRST64.exe
2014-01-19 19:25 - 2014-01-19 19:25 - 00000472 _____ C:\Users\*****\Desktop\defogger_disable.log
2014-01-19 19:25 - 2014-01-19 19:25 - 00000000 _____ C:\Users\*****\defogger_reenable
2014-01-19 19:24 - 2014-01-19 19:24 - 00050477 _____ C:\Users\*****\Desktop\Defogger.exe
2014-01-19 15:39 - 2014-01-19 19:17 - 00000168 _____ C:\Windows\setupact.log
2014-01-19 15:39 - 2014-01-19 15:39 - 00000000 _____ C:\Windows\setuperr.log
2014-01-19 15:31 - 2014-01-19 15:31 - 00968392 _____ C:\Users\*****\Desktop\CR-FERNWARTUNG.exe
2014-01-19 15:24 - 2014-01-19 15:24 - 00000000 ____D C:\Users\*****\AppData\Local\NVIDIA Corporation
2014-01-19 15:23 - 2014-01-19 15:23 - 00000000 ____D C:\Windows\SysWOW64\NV
2014-01-19 15:23 - 2014-01-19 15:23 - 00000000 ____D C:\Windows\system32\NV
2014-01-19 15:21 - 2014-01-19 15:21 - 00001353 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2014-01-19 15:20 - 2013-12-10 03:15 - 00982232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-01-19 15:20 - 2013-12-10 03:14 - 01100248 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-01-19 15:19 - 2014-01-19 15:19 - 00000000 ____D C:\Users\*****\AppData\Local\NVIDIA
2014-01-19 15:19 - 2014-01-19 15:19 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2014-01-19 15:16 - 2013-12-19 21:33 - 30372640 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 22960416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 18310112 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 18222008 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 15877216 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 15230352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 12645664 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-01-19 15:16 - 2013-12-19 21:33 - 11605752 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 11554264 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 09700224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 09657464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 03132704 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 03125024 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 02947872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 02747680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433221.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433221.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 01436528 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 01242400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 00882464 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 00879392 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 00852768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 00847648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 00032544 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys
2014-01-19 15:16 - 2013-12-05 09:42 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-01-19 15:16 - 2013-12-05 09:42 - 00035104 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2014-01-19 15:16 - 2013-12-05 09:42 - 00032544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-01-19 15:15 - 2013-12-19 21:33 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-01-19 15:15 - 2013-12-19 21:33 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-01-19 15:15 - 2013-12-19 21:33 - 03071656 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-01-19 15:15 - 2013-12-19 21:33 - 02698272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-01-19 15:07 - 2014-01-19 15:13 - 266633424 _____ (NVIDIA Corporation) C:\Users\*****\Downloads\332.21-notebook-win8-win7-64bit-international-whql.exe
2014-01-19 14:36 - 2014-01-19 14:36 - 00000000 ____D C:\Program Files\CPUID
2014-01-19 14:35 - 2014-01-19 14:35 - 01466296 _____ ( ) C:\Users\*****\Downloads\cpu-z_1.68-setup-en.exe
2014-01-19 12:10 - 2014-01-19 12:17 - 00000000 ____D C:\Windows\System32\Tasks\Aufgaben der Ereignisanzeige
2014-01-18 21:48 - 2014-01-18 21:49 - 00000000 ____D C:\Users\*****\AppData\Roaming\.clamwin
2014-01-18 21:48 - 2014-01-18 21:48 - 00000000 ____D C:\Program Files (x86)\ClamWin
2014-01-18 21:44 - 2014-01-18 21:47 - 84496144 _____ (alch ) C:\Users\*****\Downloads\clamwin-0.98-setup.exe
2014-01-18 19:14 - 2014-01-18 19:14 - 00000000 ____D C:\Program Files (x86)\Fuuni2Savue
2014-01-18 01:27 - 2014-01-18 01:27 - 00000000 ____D C:\Users\*****\AppData\Roaming\NVIDIA
2014-01-18 01:26 - 2014-01-18 01:26 - 00000000 ____D C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-01-17 21:41 - 2014-01-17 21:41 - 00000000 ____D C:\Users\*****\Documents\BFBC2
2014-01-15 18:20 - 2013-11-27 02:42 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 18:20 - 2013-11-27 02:42 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 18:20 - 2013-11-27 02:42 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 18:20 - 2013-11-27 02:42 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 18:20 - 2013-11-27 02:42 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 18:20 - 2013-11-27 02:42 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 18:20 - 2013-11-27 02:42 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 18:20 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 18:20 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-09 18:54 - 2014-01-09 18:54 - 01133552 _____ C:\Users\*****\Downloads\SteamSetup.exe
2014-01-06 21:51 - 2014-01-06 21:51 - 00001094 _____ C:\Users\*****\Downloads\Aufgabe8.zip
2014-01-06 21:51 - 2014-01-06 21:51 - 00001094 _____ C:\Users\*****\Downloads\Aufgabe8 (2).zip
2014-01-06 21:51 - 2014-01-06 21:51 - 00001094 _____ C:\Users\*****\Downloads\Aufgabe8 (1).zip
2014-01-06 21:46 - 2014-01-06 21:46 - 00001094 _____ C:\Users\*****\Downloads\Quelle2.zip
2014-01-05 23:04 - 2014-01-05 23:04 - 00004730 _____ C:\Users\*****\Documents\cc_20140105_230142.reg
2013-12-30 11:03 - 2014-01-18 19:18 - 00000000 ____D C:\ProgramData\Fuuni2Savue
2013-12-30 11:03 - 2014-01-18 19:14 - 00000000 ____D C:\ProgramData\e48e524463011d6f
2013-12-30 11:03 - 2013-12-30 11:03 - 00000000 ____D C:\ProgramData\DownnSSave
2013-12-30 11:03 - 2013-12-30 11:03 - 00000000 ____D C:\ProgramData\agcniifgcajngehbpgemhajfiohohdoc
2013-12-27 14:01 - 2013-12-27 14:01 - 00000000 ____D C:\ProgramData\Browser Stabilizer
2013-12-23 12:30 - 2013-12-23 12:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-23 12:02 - 2014-01-19 16:39 - 00000000 ____D C:\Program Files (x86)\Steam
2013-12-22 11:52 - 2013-12-22 11:52 - 00000000 ____D C:\Users\*****\Downloads\save
2013-12-22 11:50 - 2013-12-22 11:52 - 72106372 _____ ( ) C:\Users\*****\Downloads\iwbtgbeta_fs_.exe
==================== One Month Modified Files and Folders =======
2014-01-19 19:28 - 2014-01-19 19:27 - 00021296 _____ C:\Users\*****\Desktop\FRST.txt
2014-01-19 19:27 - 2014-01-19 19:27 - 00000000 ____D C:\FRST
2014-01-19 19:27 - 2011-10-27 12:01 - 01451243 _____ C:\Windows\WindowsUpdate.log
2014-01-19 19:26 - 2014-01-19 19:26 - 02076672 _____ (Farbar) C:\Users\*****\Desktop\FRST64.exe
2014-01-19 19:25 - 2014-01-19 19:25 - 00000472 _____ C:\Users\*****\Desktop\defogger_disable.log
2014-01-19 19:25 - 2014-01-19 19:25 - 00000000 _____ C:\Users\*****\defogger_reenable
2014-01-19 19:25 - 2011-11-07 20:18 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2109869091-239777414-2284813190-1001UA.job
2014-01-19 19:25 - 2011-10-27 12:04 - 00000000 ____D C:\Users\*****
2014-01-19 19:24 - 2014-01-19 19:24 - 00050477 _____ C:\Users\*****\Desktop\Defogger.exe
2014-01-19 19:24 - 2009-07-14 05:45 - 00020944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-19 19:24 - 2009-07-14 05:45 - 00020944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-19 19:23 - 2013-09-21 13:34 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-19 19:21 - 2011-04-11 18:26 - 04917602 _____ C:\Windows\system32\perfh007.dat
2014-01-19 19:21 - 2011-04-11 18:26 - 01533836 _____ C:\Windows\system32\perfc007.dat
2014-01-19 19:21 - 2009-07-14 06:13 - 00006520 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-19 19:17 - 2014-01-19 15:39 - 00000168 _____ C:\Windows\setupact.log
2014-01-19 19:17 - 2011-11-25 19:49 - 00001104 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-19 19:16 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-19 16:44 - 2011-11-25 19:49 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-19 16:39 - 2013-12-23 12:02 - 00000000 ____D C:\Program Files (x86)\Steam
2014-01-19 16:01 - 2013-11-09 17:35 - 00000256 _____ C:\Windows\Tasks\HP Photo Creations Messager.job
2014-01-19 15:39 - 2014-01-19 15:39 - 00000000 _____ C:\Windows\setuperr.log
2014-01-19 15:31 - 2014-01-19 15:31 - 00968392 _____ C:\Users\*****\Desktop\CR-FERNWARTUNG.exe
2014-01-19 15:25 - 2011-11-07 20:18 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2109869091-239777414-2284813190-1001Core.job
2014-01-19 15:24 - 2014-01-19 15:24 - 00000000 ____D C:\Users\*****\AppData\Local\NVIDIA Corporation
2014-01-19 15:24 - 2011-10-27 20:50 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2014-01-19 15:23 - 2014-01-19 15:23 - 00000000 ____D C:\Windows\SysWOW64\NV
2014-01-19 15:23 - 2014-01-19 15:23 - 00000000 ____D C:\Windows\system32\NV
2014-01-19 15:23 - 2011-10-27 20:51 - 00000000 ____D C:\ProgramData\NVIDIA
2014-01-19 15:23 - 2011-10-27 12:05 - 00113232 _____ C:\Users\*****\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-19 15:22 - 2009-07-14 05:45 - 00444208 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-19 15:21 - 2014-01-19 15:21 - 00001353 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2014-01-19 15:20 - 2011-10-27 20:50 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2014-01-19 15:20 - 2011-10-27 20:50 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2014-01-19 15:19 - 2014-01-19 15:19 - 00000000 ____D C:\Users\*****\AppData\Local\NVIDIA
2014-01-19 15:19 - 2014-01-19 15:19 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2014-01-19 15:13 - 2014-01-19 15:07 - 266633424 _____ (NVIDIA Corporation) C:\Users\*****\Downloads\332.21-notebook-win8-win7-64bit-international-whql.exe
2014-01-19 15:02 - 2012-01-24 15:09 - 00000000 ____D C:\ProgramData\Microsoft Help
2014-01-19 15:01 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2014-01-19 15:00 - 2010-11-21 08:16 - 00000000 ____D C:\Windows\ShellNew
2014-01-19 14:56 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\System
2014-01-19 14:56 - 2009-07-14 03:34 - 00000387 _____ C:\Windows\win.ini
2014-01-19 14:39 - 2013-11-04 13:36 - 00000000 ____D C:\Users\*****\Desktop\Felix
2014-01-19 14:36 - 2014-01-19 14:36 - 00000000 ____D C:\Program Files\CPUID
2014-01-19 14:35 - 2014-01-19 14:35 - 01466296 _____ ( ) C:\Users\*****\Downloads\cpu-z_1.68-setup-en.exe
2014-01-19 14:14 - 2011-10-27 16:32 - 00000000 ____D C:\Users\*****\AppData\Local\CrashDumps
2014-01-19 12:17 - 2014-01-19 12:10 - 00000000 ____D C:\Windows\System32\Tasks\Aufgaben der Ereignisanzeige
2014-01-18 21:49 - 2014-01-18 21:48 - 00000000 ____D C:\Users\*****\AppData\Roaming\.clamwin
2014-01-18 21:48 - 2014-01-18 21:48 - 00000000 ____D C:\Program Files (x86)\ClamWin
2014-01-18 21:47 - 2014-01-18 21:44 - 84496144 _____ (alch ) C:\Users\*****\Downloads\clamwin-0.98-setup.exe
2014-01-18 19:18 - 2013-12-30 11:03 - 00000000 ____D C:\ProgramData\Fuuni2Savue
2014-01-18 19:14 - 2014-01-18 19:14 - 00000000 ____D C:\Program Files (x86)\Fuuni2Savue
2014-01-18 19:14 - 2013-12-30 11:03 - 00000000 ____D C:\ProgramData\e48e524463011d6f
2014-01-18 13:02 - 2013-09-21 13:34 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-01-18 13:02 - 2012-04-19 16:20 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-18 13:02 - 2011-11-09 10:30 - 00000000 ____D C:\Users\*****\AppData\Local\Adobe
2014-01-18 13:02 - 2011-10-27 16:32 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-18 01:27 - 2014-01-18 01:27 - 00000000 ____D C:\Users\*****\AppData\Roaming\NVIDIA
2014-01-18 01:26 - 2014-01-18 01:26 - 00000000 ____D C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-01-17 21:41 - 2014-01-17 21:41 - 00000000 ____D C:\Users\*****\Documents\BFBC2
2014-01-15 20:47 - 2013-08-15 10:03 - 00000000 ____D C:\Windows\system32\MRT
2014-01-15 20:44 - 2011-10-27 13:11 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-13 20:52 - 2013-10-25 20:21 - 00000000 ____D C:\Users\*****\Documents\Visual Studio 2012
2014-01-12 19:41 - 2011-11-05 12:48 - 00000000 ____D C:\Mama
2014-01-11 10:41 - 2011-10-27 17:05 - 00000000 ____D C:\Users\*****\AppData\Roaming\Skype
2014-01-09 19:15 - 2012-09-07 20:46 - 00000000 ____D C:\Users\*****\AppData\Roaming\Spotify
2014-01-09 18:55 - 2012-09-07 20:48 - 00000000 ____D C:\Users\*****\AppData\Local\Spotify
2014-01-09 18:54 - 2014-01-09 18:54 - 01133552 _____ C:\Users\*****\Downloads\SteamSetup.exe
2014-01-09 18:43 - 2011-12-04 10:45 - 00000000 ____D C:\Users\*****\Desktop\Neue Musik
2014-01-06 21:51 - 2014-01-06 21:51 - 00001094 _____ C:\Users\*****\Downloads\Aufgabe8.zip
2014-01-06 21:51 - 2014-01-06 21:51 - 00001094 _____ C:\Users\*****\Downloads\Aufgabe8 (2).zip
2014-01-06 21:51 - 2014-01-06 21:51 - 00001094 _____ C:\Users\*****\Downloads\Aufgabe8 (1).zip
2014-01-06 21:46 - 2014-01-06 21:46 - 00001094 _____ C:\Users\*****\Downloads\Quelle2.zip
2014-01-05 23:04 - 2014-01-05 23:04 - 00004730 _____ C:\Users\*****\Documents\cc_20140105_230142.reg
2013-12-30 11:03 - 2013-12-30 11:03 - 00000000 ____D C:\ProgramData\DownnSSave
2013-12-30 11:03 - 2013-12-30 11:03 - 00000000 ____D C:\ProgramData\agcniifgcajngehbpgemhajfiohohdoc
2013-12-27 14:01 - 2013-12-27 14:01 - 00000000 ____D C:\ProgramData\Browser Stabilizer
2013-12-27 14:01 - 2013-10-24 14:03 - 00000000 ____D C:\Program Files (x86)\Ss-Helper
2013-12-27 13:10 - 2011-10-27 12:09 - 00000000 ____D C:\Windows\System32\Tasks\Fujitsu
2013-12-25 18:15 - 2009-07-14 06:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-12-23 15:14 - 2012-05-31 16:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-23 12:31 - 2013-12-23 12:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-22 11:52 - 2013-12-22 11:52 - 00000000 ____D C:\Users\*****\Downloads\save
2013-12-22 11:52 - 2013-12-22 11:50 - 72106372 _____ ( ) C:\Users\*****\Downloads\iwbtgbeta_fs_.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-01-13 10:11
==================== End Of Log ============================
--- --- --- |
|
19.01.2014, 21:50
| #4 |
| | Windows 7: Laptop wurde sehr langsamCode:
ATTFilter GMER 2.1.19322 - hxxp://www.gmer.net
Rootkit scan 2014-01-19 19:44:29
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 Hitachi_ rev.JECO 465,76GB
Running: gmer.exe; Driver: C:\Users\*****\AppData\Local\Temp\kwriypob.sys
---- Kernel code sections - GMER 2.1 ----
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 528 fffff800031fb000 45 bytes [00, 00, 00, 00, 00, 00, 00, ...]
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 575 fffff800031fb02f 16 bytes [00, 00, 00, 00, 00, 00, 00, ...]
---- User code sections - GMER 2.1 ----
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1340] C:\Windows\system32\kernel32.dll!RegSetValueExW 000000007704af40 7 bytes JMP 000000016fff0260
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1340] C:\Windows\system32\kernel32.dll!RegQueryValueExW 0000000077054a60 5 bytes JMP 000000016fff01b8
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1340] C:\Windows\system32\kernel32.dll!RegDeleteValueW 0000000077072990 5 bytes JMP 000000016fff01f0
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1340] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW 000000007707efe0 5 bytes JMP 000000016fff0148
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1340] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx 00000000770a99b0 7 bytes JMP 000000016fff00d8
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1340] C:\Windows\system32\kernel32.dll!K32GetModuleInformation 00000000770b94d0 5 bytes JMP 000000016fff0180
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1340] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW 00000000770b9640 5 bytes JMP 000000016fff0110
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1340] C:\Windows\system32\kernel32.dll!RegSetValueExA 00000000770da500 7 bytes JMP 000000016fff0228
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1340] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefd232db0 5 bytes JMP 000007fffd220180
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1340] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefd2337d0 7 bytes JMP 000007fffd2200d8
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1340] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefd238ef0 6 bytes JMP 000007fffd220148
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1340] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefd24af60 5 bytes JMP 000007fffd220110
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1340] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefd4489e0 8 bytes JMP 000007fffd2201f0
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1340] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefd44be40 8 bytes JMP 000007fffd2201b8
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1340] C:\Windows\system32\ole32.dll!CoCreateInstance 000007feff387490 11 bytes JMP 000007fffd220228
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1340] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007feff39bf00 7 bytes JMP 000007fffd220260
.text C:\Windows\system32\Dwm.exe[1848] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefd232db0 5 bytes JMP 000007fffd220180
.text C:\Windows\system32\Dwm.exe[1848] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefd2337d0 7 bytes JMP 000007fffd2200d8
.text C:\Windows\system32\Dwm.exe[1848] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefd238ef0 6 bytes JMP 000007fffd220148
.text C:\Windows\system32\Dwm.exe[1848] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefd24af60 5 bytes JMP 000007fffd220110
.text C:\Windows\system32\Dwm.exe[1848] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefd4489e0 8 bytes JMP 000007fffd2201f0
.text C:\Windows\system32\Dwm.exe[1848] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefd44be40 8 bytes JMP 000007fffd2201b8
.text C:\Windows\system32\Dwm.exe[1848] C:\Windows\system32\dxgi.dll!CreateDXGIFactory 000007fef7f1dc88 5 bytes JMP 000007fff7ef00d8
.text C:\Windows\system32\Dwm.exe[1848] C:\Windows\system32\dxgi.dll!CreateDXGIFactory1 000007fef7f1de10 5 bytes JMP 000007fff7ef0110
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2496] C:\Windows\system32\kernel32.dll!RegSetValueExW 000000007704af40 7 bytes JMP 000000016fff0260
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2496] C:\Windows\system32\kernel32.dll!RegQueryValueExW 0000000077054a60 5 bytes JMP 000000016fff01b8
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2496] C:\Windows\system32\kernel32.dll!RegDeleteValueW 0000000077072990 5 bytes JMP 000000016fff01f0
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2496] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW 000000007707efe0 5 bytes JMP 000000016fff0148
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2496] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx 00000000770a99b0 7 bytes JMP 000000016fff00d8
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2496] C:\Windows\system32\kernel32.dll!K32GetModuleInformation 00000000770b94d0 5 bytes JMP 000000016fff0180
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2496] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW 00000000770b9640 5 bytes JMP 000000016fff0110
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2496] C:\Windows\system32\kernel32.dll!RegSetValueExA 00000000770da500 7 bytes JMP 000000016fff0228
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2496] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefd232db0 5 bytes JMP 000007fffd220180
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2496] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefd2337d0 7 bytes JMP 000007fffd2200d8
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2496] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefd238ef0 6 bytes JMP 000007fffd220148
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2496] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefd24af60 5 bytes JMP 000007fffd220110
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2496] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefd4489e0 8 bytes JMP 000007fffd2201f0
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2496] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefd44be40 8 bytes JMP 000007fffd2201b8
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2496] C:\Windows\system32\ole32.dll!CoCreateInstance 000007feff387490 11 bytes JMP 000007fffd220228
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2496] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007feff39bf00 7 bytes JMP 000007fffd220260
.text C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe[2516] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefd232db0 5 bytes JMP 000007fffd220180
.text C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe[2516] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefd2337d0 7 bytes JMP 000007fffd2200d8
.text C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe[2516] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefd238ef0 6 bytes JMP 000007fffd220148
.text C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe[2516] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefd24af60 5 bytes JMP 000007fffd220110
.text C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe[2516] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefd4489e0 8 bytes JMP 000007fffd2201f0
.text C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe[2516] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefd44be40 8 bytes JMP 000007fffd2201b8
.text C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe[2532] C:\Windows\system32\kernel32.dll!RegSetValueExW 000000007704af40 7 bytes JMP 000000016fff0260
.text C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe[2532] C:\Windows\system32\kernel32.dll!RegQueryValueExW 0000000077054a60 5 bytes JMP 000000016fff01b8
.text C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe[2532] C:\Windows\system32\kernel32.dll!RegDeleteValueW 0000000077072990 5 bytes JMP 000000016fff01f0
.text C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe[2532] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW 000000007707efe0 5 bytes JMP 000000016fff0148
.text C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe[2532] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx 00000000770a99b0 7 bytes JMP 000000016fff00d8
.text C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe[2532] C:\Windows\system32\kernel32.dll!K32GetModuleInformation 00000000770b94d0 5 bytes JMP 000000016fff0180
.text C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe[2532] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW 00000000770b9640 5 bytes JMP 000000016fff0110
.text C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe[2532] C:\Windows\system32\kernel32.dll!RegSetValueExA 00000000770da500 7 bytes JMP 000000016fff0228
.text C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe[2532] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefd232db0 5 bytes JMP 000007fffd220180
.text C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe[2532] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefd2337d0 7 bytes JMP 000007fffd2200d8
.text C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe[2532] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefd238ef0 6 bytes JMP 000007fffd220148
.text C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe[2532] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefd24af60 5 bytes JMP 000007fffd220110
.text C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe[2532] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefd4489e0 8 bytes JMP 000007fffd2201f0
.text C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe[2532] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefd44be40 8 bytes JMP 000007fffd2201b8
.text C:\Program Files\Fujitsu\PSUtility\TrayManager.exe[2540] C:\Windows\system32\kernel32.dll!RegSetValueExW 000000007704af40 7 bytes JMP 000000016fff0260
.text C:\Program Files\Fujitsu\PSUtility\TrayManager.exe[2540] C:\Windows\system32\kernel32.dll!RegQueryValueExW 0000000077054a60 5 bytes JMP 000000016fff01b8
.text C:\Program Files\Fujitsu\PSUtility\TrayManager.exe[2540] C:\Windows\system32\kernel32.dll!RegDeleteValueW 0000000077072990 5 bytes JMP 000000016fff01f0
.text C:\Program Files\Fujitsu\PSUtility\TrayManager.exe[2540] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW 000000007707efe0 5 bytes JMP 000000016fff0148
.text C:\Program Files\Fujitsu\PSUtility\TrayManager.exe[2540] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx 00000000770a99b0 7 bytes JMP 000000016fff00d8
.text C:\Program Files\Fujitsu\PSUtility\TrayManager.exe[2540] C:\Windows\system32\kernel32.dll!K32GetModuleInformation 00000000770b94d0 5 bytes JMP 000000016fff0180
.text C:\Program Files\Fujitsu\PSUtility\TrayManager.exe[2540] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW 00000000770b9640 5 bytes JMP 000000016fff0110
.text C:\Program Files\Fujitsu\PSUtility\TrayManager.exe[2540] C:\Windows\system32\kernel32.dll!RegSetValueExA 00000000770da500 7 bytes JMP 000000016fff0228
.text C:\Program Files\Fujitsu\PSUtility\TrayManager.exe[2540] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefd232db0 5 bytes JMP 000007fffd220180
.text C:\Program Files\Fujitsu\PSUtility\TrayManager.exe[2540] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefd2337d0 7 bytes JMP 000007fffd2200d8
.text C:\Program Files\Fujitsu\PSUtility\TrayManager.exe[2540] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefd238ef0 6 bytes JMP 000007fffd220148
.text C:\Program Files\Fujitsu\PSUtility\TrayManager.exe[2540] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefd24af60 5 bytes JMP 000007fffd220110
.text C:\Program Files\Fujitsu\PSUtility\TrayManager.exe[2540] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefd4489e0 8 bytes JMP 000007fffd2201f0
.text C:\Program Files\Fujitsu\PSUtility\TrayManager.exe[2540] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefd44be40 8 bytes JMP 000007fffd2201b8
.text C:\Program Files\Fujitsu\PSUtility\TrayManager.exe[2540] C:\Windows\system32\ole32.dll!CoCreateInstance 000007feff387490 11 bytes JMP 000007fffd220228
.text C:\Program Files\Fujitsu\PSUtility\TrayManager.exe[2540] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007feff39bf00 7 bytes JMP 000007fffd220260
.text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[2652] C:\Windows\system32\kernel32.dll!RegSetValueExW 000000007704af40 7 bytes JMP 000000016fff0260
.text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[2652] C:\Windows\system32\kernel32.dll!RegQueryValueExW 0000000077054a60 5 bytes JMP 000000016fff01b8
.text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[2652] C:\Windows\system32\kernel32.dll!RegDeleteValueW 0000000077072990 5 bytes JMP 000000016fff01f0
.text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[2652] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW 000000007707efe0 5 bytes JMP 000000016fff0148
.text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[2652] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx 00000000770a99b0 7 bytes JMP 000000016fff00d8
.text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[2652] C:\Windows\system32\kernel32.dll!K32GetModuleInformation 00000000770b94d0 5 bytes JMP 000000016fff0180
.text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[2652] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW 00000000770b9640 5 bytes JMP 000000016fff0110
.text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[2652] C:\Windows\system32\kernel32.dll!RegSetValueExA 00000000770da500 7 bytes JMP 000000016fff0228
.text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[2652] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefd232db0 5 bytes JMP 000007fffd220180
.text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[2652] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefd2337d0 7 bytes JMP 000007fffd2200d8
.text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[2652] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefd238ef0 6 bytes JMP 000007fffd220148
.text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[2652] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefd24af60 5 bytes JMP 000007fffd220110
.text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[2652] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefd4489e0 8 bytes JMP 000007fffd2201f0
.text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[2652] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefd44be40 8 bytes JMP 000007fffd2201b8
.text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[2652] C:\Windows\system32\ole32.dll!CoCreateInstance 000007feff387490 11 bytes JMP 000007fffd220228
.text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[2652] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007feff39bf00 7 bytes JMP 000007fffd220260
.text C:\Windows\System32\igfxpers.exe[2680] C:\Windows\system32\kernel32.dll!RegSetValueExW 000000007704af40 7 bytes JMP 000000016fff0260
.text C:\Windows\System32\igfxpers.exe[2680] C:\Windows\system32\kernel32.dll!RegQueryValueExW 0000000077054a60 5 bytes JMP 000000016fff01b8
.text C:\Windows\System32\igfxpers.exe[2680] C:\Windows\system32\kernel32.dll!RegDeleteValueW 0000000077072990 5 bytes JMP 000000016fff01f0
.text C:\Windows\System32\igfxpers.exe[2680] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW 000000007707efe0 5 bytes JMP 000000016fff0148
.text C:\Windows\System32\igfxpers.exe[2680] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx 00000000770a99b0 7 bytes JMP 000000016fff00d8
.text C:\Windows\System32\igfxpers.exe[2680] C:\Windows\system32\kernel32.dll!K32GetModuleInformation 00000000770b94d0 5 bytes JMP 000000016fff0180
.text C:\Windows\System32\igfxpers.exe[2680] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW 00000000770b9640 5 bytes JMP 000000016fff0110
.text C:\Windows\System32\igfxpers.exe[2680] C:\Windows\system32\kernel32.dll!RegSetValueExA 00000000770da500 7 bytes JMP 000000016fff0228
.text C:\Windows\System32\igfxpers.exe[2680] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefd232db0 5 bytes JMP 000007fffd220180
.text C:\Windows\System32\igfxpers.exe[2680] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefd2337d0 7 bytes JMP 000007fffd2200d8
.text C:\Windows\System32\igfxpers.exe[2680] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefd238ef0 6 bytes JMP 000007fffd220148
.text C:\Windows\System32\igfxpers.exe[2680] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefd24af60 5 bytes JMP 000007fffd220110
.text C:\Windows\System32\igfxpers.exe[2680] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefd4489e0 8 bytes JMP 000007fffd2201f0
.text C:\Windows\System32\igfxpers.exe[2680] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefd44be40 8 bytes JMP 000007fffd2201b8
.text C:\Windows\System32\igfxpers.exe[2680] C:\Windows\system32\ole32.dll!CoCreateInstance 000007feff387490 11 bytes JMP 000007fffd220228
.text C:\Windows\System32\igfxpers.exe[2680] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007feff39bf00 7 bytes JMP 000007fffd220260
.text C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[2708] C:\Windows\system32\kernel32.dll!RegSetValueExW 000000007704af40 7 bytes JMP 000000016fff0260
.text C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[2708] C:\Windows\system32\kernel32.dll!RegQueryValueExW 0000000077054a60 5 bytes JMP 000000016fff01b8
.text C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[2708] C:\Windows\system32\kernel32.dll!RegDeleteValueW 0000000077072990 5 bytes JMP 000000016fff01f0
.text C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[2708] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW 000000007707efe0 5 bytes JMP 000000016fff0148
.text C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[2708] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx 00000000770a99b0 7 bytes JMP 000000016fff00d8
.text C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[2708] C:\Windows\system32\kernel32.dll!K32GetModuleInformation 00000000770b94d0 5 bytes JMP 000000016fff0180
.text C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[2708] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW 00000000770b9640 5 bytes JMP 000000016fff0110
.text C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[2708] C:\Windows\system32\kernel32.dll!RegSetValueExA 00000000770da500 7 bytes JMP 000000016fff0228
.text C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[2708] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefd232db0 5 bytes JMP 000007fffd220180
.text C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[2708] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefd2337d0 7 bytes JMP 000007fffd2200d8
.text C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[2708] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefd238ef0 6 bytes JMP 000007fffd220148
.text C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[2708] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefd24af60 5 bytes JMP 000007fffd220110
.text C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[2708] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefd4489e0 8 bytes JMP 000007fffd2201f0
.text C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[2708] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefd44be40 8 bytes JMP 000007fffd2201b8
.text C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[2708] C:\Windows\system32\ole32.dll!CoCreateInstance 000007feff387490 11 bytes JMP 000007fffd220228
.text C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[2708] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007feff39bf00 7 bytes JMP 000007fffd220260
.text C:\Windows\vsnp2uvc.exe[2732] C:\Windows\syswow64\kernel32.dll!RegQueryValueExW 00000000755f1eee 7 bytes JMP 00000001718d1695
.text C:\Windows\vsnp2uvc.exe[2732] C:\Windows\syswow64\kernel32.dll!RegSetValueExW 00000000755f5b85 7 bytes JMP 00000001718d11a9
.text C:\Windows\vsnp2uvc.exe[2732] C:\Windows\syswow64\kernel32.dll!RegSetValueExA 00000000756013e1 7 bytes JMP 00000001718d128a
.text C:\Windows\vsnp2uvc.exe[2732] C:\Windows\syswow64\kernel32.dll!RegDeleteValueW 000000007560ea0d 7 bytes JMP 00000001718d1244
.text C:\Windows\vsnp2uvc.exe[2732] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW 000000007561b1d3 5 bytes JMP 00000001718d15aa
.text C:\Windows\vsnp2uvc.exe[2732] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx 00000000756988b4 7 bytes JMP 00000001718d1339
.text C:\Windows\vsnp2uvc.exe[2732] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation 0000000075698939 5 bytes JMP 00000001718d16d6
.text C:\Windows\vsnp2uvc.exe[2732] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW 0000000075698c8f 5 bytes JMP 00000001718d170d
.text C:\Windows\vsnp2uvc.exe[2732] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW 0000000074ed1d1b 5 bytes JMP 00000001718d11c2
.text C:\Windows\vsnp2uvc.exe[2732] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW 0000000074ed1dc9 5 bytes JMP 00000001718d1014
.text C:\Windows\vsnp2uvc.exe[2732] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000074ed2aa4 5 bytes JMP 00000001718d1555
.text C:\Windows\vsnp2uvc.exe[2732] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary 0000000074ed2d0a 5 bytes JMP 00000001718d1271
.text C:\Windows\vsnp2uvc.exe[2732] C:\Windows\syswow64\USER32.dll!CreateWindowExW 0000000076ae8a29 5 bytes JMP 00000001718d1726
.text C:\Windows\vsnp2uvc.exe[2732] C:\Windows\syswow64\USER32.dll!EnumDisplayDevicesA 0000000076af4572 5 bytes JMP 00000001718d10a0
.text C:\Windows\vsnp2uvc.exe[2732] C:\Windows\syswow64\USER32.dll!EnumDisplayDevicesW 0000000076b0e567 5 bytes JMP 00000001718d1415
.text C:\Windows\vsnp2uvc.exe[2732] C:\Windows\syswow64\USER32.dll!DisplayConfigGetDeviceInfo 0000000076b47a5c 5 bytes JMP 00000001718d15d2
.text C:\Windows\vsnp2uvc.exe[2732] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList 000000007501e96b 5 bytes JMP 00000001718d15c3
.text C:\Windows\vsnp2uvc.exe[2732] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo 000000007501eba5 5 bytes JMP 00000001718d1186
.text C:\Windows\vsnp2uvc.exe[2732] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket 0000000075b05ea5 5 bytes JMP 00000001718d15fa
.text C:\Windows\vsnp2uvc.exe[2732] C:\Windows\syswow64\ole32.dll!CoCreateInstance 0000000075b39d0b 5 bytes JMP 00000001718d121c
.text C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe[2792] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefd232db0 5 bytes JMP 000007fffd220180
.text C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe[2792] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefd2337d0 7 bytes JMP 000007fffd2200d8
.text C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe[2792] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefd238ef0 6 bytes JMP 000007fffd220148
.text C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe[2792] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefd24af60 5 bytes JMP 000007fffd220110
.text C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe[2792] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefd4489e0 8 bytes JMP 000007fffd2201f0
.text C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe[2792] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefd44be40 8 bytes JMP 000007fffd2201b8
.text C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe[2804] C:\Windows\system32\kernel32.dll!RegSetValueExW 000000007704af40 7 bytes JMP 000000016fff0260
.text C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe[2804] C:\Windows\system32\kernel32.dll!RegQueryValueExW 0000000077054a60 5 bytes JMP 000000016fff01b8
.text C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe[2804] C:\Windows\system32\kernel32.dll!RegDeleteValueW 0000000077072990 5 bytes JMP 000000016fff01f0
.text C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe[2804] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW 000000007707efe0 5 bytes JMP 000000016fff0148
.text C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe[2804] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx 00000000770a99b0 7 bytes JMP 000000016fff00d8
.text C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe[2804] C:\Windows\system32\kernel32.dll!K32GetModuleInformation 00000000770b94d0 5 bytes JMP 000000016fff0180
.text C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe[2804] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW 00000000770b9640 5 bytes JMP 000000016fff0110
.text C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe[2804] C:\Windows\system32\kernel32.dll!RegSetValueExA 00000000770da500 7 bytes JMP 000000016fff0228
.text C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe[2804] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefd232db0 5 bytes JMP 000007fffd220180
.text C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe[2804] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefd2337d0 7 bytes JMP 000007fffd2200d8
.text C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe[2804] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefd238ef0 6 bytes JMP 000007fffd220148
.text C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe[2804] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefd24af60 5 bytes JMP 000007fffd220110
.text C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe[2804] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefd4489e0 8 bytes JMP 000007fffd2201f0
.text C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe[2804] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefd44be40 8 bytes JMP 000007fffd2201b8
.text C:\Program Files\Microsoft Security Client\msseces.exe[2816] C:\Windows\system32\kernel32.dll!RegSetValueExW 000000007704af40 7 bytes JMP 000000016fff0260
.text C:\Program Files\Microsoft Security Client\msseces.exe[2816] C:\Windows\system32\kernel32.dll!RegQueryValueExW 0000000077054a60 5 bytes JMP 000000016fff01b8
.text C:\Program Files\Microsoft Security Client\msseces.exe[2816] C:\Windows\system32\kernel32.dll!RegDeleteValueW 0000000077072990 5 bytes JMP 000000016fff01f0
.text C:\Program Files\Microsoft Security Client\msseces.exe[2816] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW 000000007707efe0 5 bytes JMP 000000016fff0148
.text C:\Program Files\Microsoft Security Client\msseces.exe[2816] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx 00000000770a99b0 7 bytes JMP 000000016fff00d8
.text C:\Program Files\Microsoft Security Client\msseces.exe[2816] C:\Windows\system32\kernel32.dll!K32GetModuleInformation 00000000770b94d0 5 bytes JMP 000000016fff0180
.text C:\Program Files\Microsoft Security Client\msseces.exe[2816] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW 00000000770b9640 5 bytes JMP 000000016fff0110
.text C:\Program Files\Microsoft Security Client\msseces.exe[2816] C:\Windows\system32\kernel32.dll!RegSetValueExA 00000000770da500 7 bytes JMP 000000016fff0228
.text C:\Program Files\Microsoft Security Client\msseces.exe[2816] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefd232db0 5 bytes JMP 000007fffd0a0180
.text C:\Program Files\Microsoft Security Client\msseces.exe[2816] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefd2337d0 7 bytes JMP 000007fffd0a00d8
.text C:\Program Files\Microsoft Security Client\msseces.exe[2816] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefd238ef0 6 bytes JMP 000007fffd0a0148
.text C:\Program Files\Microsoft Security Client\msseces.exe[2816] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefd24af60 5 bytes JMP 000007fffd0a0110
.text C:\Program Files\Microsoft Security Client\msseces.exe[2816] C:\Windows\system32\ole32.dll!CoCreateInstance 000007feff387490 11 bytes JMP 000007fffd0a0228
.text C:\Program Files\Microsoft Security Client\msseces.exe[2816] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007feff39bf00 7 bytes JMP 000007fffd0a0260
.text C:\Program Files\Microsoft Security Client\msseces.exe[2816] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefd4489e0 8 bytes JMP 000007fffd0a01f0
.text C:\Program Files\Microsoft Security Client\msseces.exe[2816] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefd44be40 8 bytes JMP 000007fffd0a01b8
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2856] C:\Windows\syswow64\kernel32.dll!RegQueryValueExW 00000000755f1eee 7 bytes JMP 00000001718d1695
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2856] C:\Windows\syswow64\kernel32.dll!RegSetValueExW 00000000755f5b85 7 bytes JMP 00000001718d11a9
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2856] C:\Windows\syswow64\kernel32.dll!RegSetValueExA 00000000756013e1 7 bytes JMP 00000001718d128a
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2856] C:\Windows\syswow64\kernel32.dll!RegDeleteValueW 000000007560ea0d 7 bytes JMP 00000001718d1244
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2856] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW 000000007561b1d3 5 bytes JMP 00000001718d15aa
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2856] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx 00000000756988b4 7 bytes JMP 00000001718d1339
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2856] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation 0000000075698939 5 bytes JMP 00000001718d16d6
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2856] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW 0000000075698c8f 5 bytes JMP 00000001718d170d
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2856] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW 0000000074ed1d1b 5 bytes JMP 00000001718d11c2
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2856] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW 0000000074ed1dc9 5 bytes JMP 00000001718d1014
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2856] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000074ed2aa4 5 bytes JMP 00000001718d1555
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2856] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary 0000000074ed2d0a 5 bytes JMP 00000001718d1271
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2856] C:\Windows\syswow64\USER32.dll!CreateWindowExW 0000000076ae8a29 5 bytes JMP 00000001718d1726
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2856] C:\Windows\syswow64\USER32.dll!EnumDisplayDevicesA 0000000076af4572 5 bytes JMP 00000001718d10a0
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2856] C:\Windows\syswow64\USER32.dll!EnumDisplayDevicesW 0000000076b0e567 5 bytes JMP 00000001718d1415
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2856] C:\Windows\syswow64\USER32.dll!DisplayConfigGetDeviceInfo 0000000076b47a5c 5 bytes JMP 00000001718d15d2
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2856] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList 000000007501e96b 5 bytes JMP 00000001718d15c3
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2856] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo 000000007501eba5 5 bytes JMP 00000001718d1186
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2856] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket 0000000075b05ea5 5 bytes JMP 00000001718d15fa
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2856] C:\Windows\syswow64\ole32.dll!CoCreateInstance 0000000075b39d0b 5 bytes JMP 00000001718d121c
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2856] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000752d1465 2 bytes [2D, 75]
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2856] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000752d14bb 2 bytes [2D, 75]
.text ... * 2
.text C:\Program Files\Windows Sidebar\sidebar.exe[2972] C:\Windows\system32\kernel32.dll!RegSetValueExW 000000007704af40 7 bytes JMP 000000016fff0260
.text C:\Program Files\Windows Sidebar\sidebar.exe[2972] C:\Windows\system32\kernel32.dll!RegQueryValueExW 0000000077054a60 5 bytes JMP 000000016fff01b8
.text C:\Program Files\Windows Sidebar\sidebar.exe[2972] C:\Windows\system32\kernel32.dll!RegDeleteValueW 0000000077072990 5 bytes JMP 000000016fff01f0
.text C:\Program Files\Windows Sidebar\sidebar.exe[2972] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW 000000007707efe0 5 bytes JMP 000000016fff0148
.text C:\Program Files\Windows Sidebar\sidebar.exe[2972] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx 00000000770a99b0 7 bytes JMP 000000016fff00d8
.text C:\Program Files\Windows Sidebar\sidebar.exe[2972] C:\Windows\system32\kernel32.dll!K32GetModuleInformation 00000000770b94d0 5 bytes JMP 000000016fff0180
.text C:\Program Files\Windows Sidebar\sidebar.exe[2972] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW 00000000770b9640 5 bytes JMP 000000016fff0110
.text C:\Program Files\Windows Sidebar\sidebar.exe[2972] C:\Windows\system32\kernel32.dll!RegSetValueExA 00000000770da500 7 bytes JMP 000000016fff0228
.text C:\Program Files\Windows Sidebar\sidebar.exe[2972] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefd232db0 5 bytes JMP 000007fffd0a0180
.text C:\Program Files\Windows Sidebar\sidebar.exe[2972] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefd2337d0 7 bytes JMP 000007fffd0a00d8
.text C:\Program Files\Windows Sidebar\sidebar.exe[2972] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefd238ef0 6 bytes JMP 000007fffd0a0148
.text C:\Program Files\Windows Sidebar\sidebar.exe[2972] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefd24af60 5 bytes JMP 000007fffd0a0110
.text C:\Program Files\Windows Sidebar\sidebar.exe[2972] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefd4489e0 8 bytes JMP 000007fffd0a01f0
.text C:\Program Files\Windows Sidebar\sidebar.exe[2972] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefd44be40 8 bytes JMP 000007fffd0a01b8
.text C:\Program Files\Windows Sidebar\sidebar.exe[2972] C:\Windows\system32\ole32.dll!CoCreateInstance 000007feff387490 11 bytes JMP 000007fffd0a0228
.text C:\Program Files\Windows Sidebar\sidebar.exe[2972] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007feff39bf00 7 bytes JMP 000007fffd0a0260
.text C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe[3032] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000752d1465 2 bytes [2D, 75]
.text C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe[3032] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000752d14bb 2 bytes [2D, 75]
.text ... * 2
.text C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe[3696] C:\Windows\system32\kernel32.dll!RegSetValueExW 000000007704af40 7 bytes JMP 000000016fff0260
.text C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe[3696] C:\Windows\system32\kernel32.dll!RegQueryValueExW 0000000077054a60 5 bytes JMP 000000016fff01b8
.text C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe[3696] C:\Windows\system32\kernel32.dll!RegDeleteValueW 0000000077072990 5 bytes JMP 000000016fff01f0
.text C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe[3696] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW 000000007707efe0 5 bytes JMP 000000016fff0148
.text C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe[3696] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx 00000000770a99b0 7 bytes JMP 000000016fff00d8
.text C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe[3696] C:\Windows\system32\kernel32.dll!K32GetModuleInformation 00000000770b94d0 5 bytes JMP 000000016fff0180
.text C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe[3696] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW 00000000770b9640 5 bytes JMP 000000016fff0110
.text C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe[3696] C:\Windows\system32\kernel32.dll!RegSetValueExA 00000000770da500 7 bytes JMP 000000016fff0228
.text C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe[3696] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefd232db0 5 bytes JMP 000007fffd220180
.text C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe[3696] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefd2337d0 7 bytes JMP 000007fffd2200d8
.text C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe[3696] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefd238ef0 6 bytes JMP 000007fffd220148
.text C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe[3696] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefd24af60 5 bytes JMP 000007fffd220110
.text C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe[3696] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefd4489e0 8 bytes JMP 000007fffd2201f0
.text C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe[3696] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefd44be40 8 bytes JMP 000007fffd2201b8
.text C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe[3696] C:\Windows\system32\d3d9.dll!Direct3DCreate9Ex 000007feee7b2460 5 bytes JMP 000007fefd2202d0
.text C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe[3696] C:\Windows\system32\d3d9.dll!Direct3DCreate9 000007feee7e96b0 6 bytes JMP 000007fefd220298
.text C:\Windows\system32\wbem\unsecapp.exe[3076] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefd232db0 5 bytes JMP 000007fffd220180
.text C:\Windows\system32\wbem\unsecapp.exe[3076] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefd2337d0 7 bytes JMP 000007fffd2200d8
.text C:\Windows\system32\wbem\unsecapp.exe[3076] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefd238ef0 6 bytes JMP 000007fffd220148
.text C:\Windows\system32\wbem\unsecapp.exe[3076] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefd24af60 5 bytes JMP 000007fffd220110
.text C:\Windows\system32\wbem\unsecapp.exe[3076] C:\Windows\system32\ole32.dll!CoCreateInstance 000007feff387490 11 bytes JMP 000007fffd220228
.text C:\Windows\system32\wbem\unsecapp.exe[3076] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007feff39bf00 7 bytes JMP 000007fffd220260
.text C:\Windows\system32\wbem\unsecapp.exe[3076] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefd4489e0 8 bytes JMP 000007fffd2201f0
.text C:\Windows\system32\wbem\unsecapp.exe[3076] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefd44be40 8 bytes JMP 000007fffd2201b8
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3972] C:\Windows\system32\kernel32.dll!RegSetValueExW 000000007704af40 7 bytes JMP 000000016fff0260
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3972] C:\Windows\system32\kernel32.dll!RegQueryValueExW 0000000077054a60 5 bytes JMP 000000016fff01b8
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3972] C:\Windows\system32\kernel32.dll!RegDeleteValueW 0000000077072990 5 bytes JMP 000000016fff01f0
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3972] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW 000000007707efe0 5 bytes JMP 000000016fff0148
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3972] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx 00000000770a99b0 7 bytes JMP 000000016fff00d8
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3972] C:\Windows\system32\kernel32.dll!K32GetModuleInformation 00000000770b94d0 5 bytes JMP 000000016fff0180
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3972] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW 00000000770b9640 5 bytes JMP 000000016fff0110
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3972] C:\Windows\system32\kernel32.dll!RegSetValueExA 00000000770da500 7 bytes JMP 000000016fff0228
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3972] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefd232db0 5 bytes JMP 000007fffd220180
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3972] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefd2337d0 7 bytes JMP 000007fffd2200d8
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3972] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefd238ef0 6 bytes JMP 000007fffd220148
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3972] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefd24af60 5 bytes JMP 000007fffd220110
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3972] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefd4489e0 8 bytes JMP 000007fffd2201f0
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3972] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefd44be40 8 bytes JMP 000007fffd2201b8
.text C:\Program Files\Fujitsu\Plugfree NETWORK\PFNetDm.EXE[1888] C:\Windows\system32\KERNEL32.dll!RegSetValueExW 000000007704af40 7 bytes JMP 000000016fff0260
.text C:\Program Files\Fujitsu\Plugfree NETWORK\PFNetDm.EXE[1888] C:\Windows\system32\KERNEL32.dll!RegQueryValueExW 0000000077054a60 5 bytes JMP 000000016fff01b8
.text C:\Program Files\Fujitsu\Plugfree NETWORK\PFNetDm.EXE[1888] C:\Windows\system32\KERNEL32.dll!RegDeleteValueW 0000000077072990 5 bytes JMP 000000016fff01f0
.text C:\Program Files\Fujitsu\Plugfree NETWORK\PFNetDm.EXE[1888] C:\Windows\system32\KERNEL32.dll!K32GetMappedFileNameW 000000007707efe0 5 bytes JMP 000000016fff0148
.text C:\Program Files\Fujitsu\Plugfree NETWORK\PFNetDm.EXE[1888] C:\Windows\system32\KERNEL32.dll!K32EnumProcessModulesEx 00000000770a99b0 7 bytes JMP 000000016fff00d8
.text C:\Program Files\Fujitsu\Plugfree NETWORK\PFNetDm.EXE[1888] C:\Windows\system32\KERNEL32.dll!K32GetModuleInformation 00000000770b94d0 5 bytes JMP 000000016fff0180
.text C:\Program Files\Fujitsu\Plugfree NETWORK\PFNetDm.EXE[1888] C:\Windows\system32\KERNEL32.dll!K32GetModuleFileNameExW 00000000770b9640 5 bytes JMP 000000016fff0110
.text C:\Program Files\Fujitsu\Plugfree NETWORK\PFNetDm.EXE[1888] C:\Windows\system32\KERNEL32.dll!RegSetValueExA 00000000770da500 7 bytes JMP 000000016fff0228
.text C:\Program Files\Fujitsu\Plugfree NETWORK\PFNetDm.EXE[1888] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefd232db0 5 bytes JMP 000007fffd220180
.text C:\Program Files\Fujitsu\Plugfree NETWORK\PFNetDm.EXE[1888] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefd2337d0 7 bytes JMP 000007fffd2200d8
.text C:\Program Files\Fujitsu\Plugfree NETWORK\PFNetDm.EXE[1888] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefd238ef0 6 bytes JMP 000007fffd220148
.text C:\Program Files\Fujitsu\Plugfree NETWORK\PFNetDm.EXE[1888] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefd24af60 5 bytes JMP 000007fffd220110
.text C:\Program Files\Fujitsu\Plugfree NETWORK\PFNetDm.EXE[1888] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefd4489e0 8 bytes JMP 000007fffd2201f0
.text C:\Program Files\Fujitsu\Plugfree NETWORK\PFNetDm.EXE[1888] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefd44be40 8 bytes JMP 000007fffd2201b8
.text C:\Program Files\Fujitsu\Plugfree NETWORK\PFNetDm.EXE[1888] C:\Windows\system32\ole32.dll!CoCreateInstance 000007feff387490 11 bytes JMP 000007fffd220228
.text C:\Program Files\Fujitsu\Plugfree NETWORK\PFNetDm.EXE[1888] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007feff39bf00 7 bytes JMP 000007fffd220260
.text C:\Program Files\Fujitsu\Plugfree NETWORK\PFNTray.EXE[4232] C:\Windows\system32\KERNEL32.dll!RegSetValueExW 000000007704af40 7 bytes JMP 000000016fff0260
.text C:\Program Files\Fujitsu\Plugfree NETWORK\PFNTray.EXE[4232] C:\Windows\system32\KERNEL32.dll!RegQueryValueExW 0000000077054a60 5 bytes JMP 000000016fff01b8
.text C:\Program Files\Fujitsu\Plugfree NETWORK\PFNTray.EXE[4232] C:\Windows\system32\KERNEL32.dll!RegDeleteValueW 0000000077072990 5 bytes JMP 000000016fff01f0
.text C:\Program Files\Fujitsu\Plugfree NETWORK\PFNTray.EXE[4232] C:\Windows\system32\KERNEL32.dll!K32GetMappedFileNameW 000000007707efe0 5 bytes JMP 000000016fff0148
.text C:\Program Files\Fujitsu\Plugfree NETWORK\PFNTray.EXE[4232] C:\Windows\system32\KERNEL32.dll!K32EnumProcessModulesEx 00000000770a99b0 7 bytes JMP 000000016fff00d8
.text C:\Program Files\Fujitsu\Plugfree NETWORK\PFNTray.EXE[4232] C:\Windows\system32\KERNEL32.dll!K32GetModuleInformation 00000000770b94d0 5 bytes JMP 000000016fff0180
.text C:\Program Files\Fujitsu\Plugfree NETWORK\PFNTray.EXE[4232] C:\Windows\system32\KERNEL32.dll!K32GetModuleFileNameExW 00000000770b9640 5 bytes JMP 000000016fff0110
.text C:\Program Files\Fujitsu\Plugfree NETWORK\PFNTray.EXE[4232] C:\Windows\system32\KERNEL32.dll!RegSetValueExA 00000000770da500 7 bytes JMP 000000016fff0228
.text C:\Program Files\Fujitsu\Plugfree NETWORK\PFNTray.EXE[4232] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefd232db0 5 bytes JMP 000007fffd220180
.text C:\Program Files\Fujitsu\Plugfree NETWORK\PFNTray.EXE[4232] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefd2337d0 7 bytes JMP 000007fffd2200d8
.text C:\Program Files\Fujitsu\Plugfree NETWORK\PFNTray.EXE[4232] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefd238ef0 6 bytes JMP 000007fffd220148
.text C:\Program Files\Fujitsu\Plugfree NETWORK\PFNTray.EXE[4232] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefd24af60 5 bytes JMP 000007fffd220110
.text C:\Program Files\Fujitsu\Plugfree NETWORK\PFNTray.EXE[4232] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefd4489e0 8 bytes JMP 000007fffd2201f0
.text C:\Program Files\Fujitsu\Plugfree NETWORK\PFNTray.EXE[4232] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefd44be40 8 bytes JMP 000007fffd2201b8
.text C:\Program Files\Fujitsu\Plugfree NETWORK\PFNTray.EXE[4232] C:\Windows\system32\ole32.dll!CoCreateInstance 000007feff387490 11 bytes JMP 000007fffd220228
.text C:\Program Files\Fujitsu\Plugfree NETWORK\PFNTray.EXE[4232] C:\Windows\system32\ole32.dll!CoSetProxyBlanket 000007feff39bf00 7 bytes JMP 000007fffd220260
.text C:\Users\*****\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe[4240] C:\Windows\syswow64\kernel32.dll!RegQueryValueExW 00000000755f1eee 7 bytes JMP 00000001718d1695
.text C:\Users\*****\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe[4240] C:\Windows\syswow64\kernel32.dll!RegSetValueExW 00000000755f5b85 7 bytes JMP 00000001718d11a9
.text C:\Users\*****\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe[4240] C:\Windows\syswow64\kernel32.dll!RegSetValueExA 00000000756013e1 7 bytes JMP 00000001718d128a
.text C:\Users\*****\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe[4240] C:\Windows\syswow64\kernel32.dll!RegDeleteValueW 000000007560ea0d 7 bytes JMP 00000001718d1244
.text C:\Users\*****\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe[4240] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW 000000007561b1d3 5 bytes JMP 00000001718d15aa
.text C:\Users\*****\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe[4240] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx 00000000756988b4 7 bytes JMP 00000001718d1339
.text C:\Users\*****\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe[4240] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation 0000000075698939 5 bytes JMP 00000001718d16d6
.text C:\Users\*****\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe[4240] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW 0000000075698c8f 5 bytes JMP 00000001718d170d
.text C:\Users\*****\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe[4240] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW 0000000074ed1d1b 5 bytes JMP 00000001718d11c2
.text C:\Users\*****\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe[4240] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW 0000000074ed1dc9 5 bytes JMP 00000001718d1014
.text C:\Users\*****\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe[4240] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000074ed2aa4 5 bytes JMP 00000001718d1555
.text C:\Users\*****\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe[4240] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary 0000000074ed2d0a 5 bytes JMP 00000001718d1271
.text C:\Users\*****\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe[4240] C:\Windows\syswow64\USER32.dll!CreateWindowExW 0000000076ae8a29 5 bytes JMP 00000001718d1726
.text C:\Users\*****\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe[4240] C:\Windows\syswow64\USER32.dll!EnumDisplayDevicesA 0000000076af4572 5 bytes JMP 00000001718d10a0
.text C:\Users\*****\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe[4240] C:\Windows\syswow64\USER32.dll!EnumDisplayDevicesW 0000000076b0e567 5 bytes JMP 00000001718d1415
.text C:\Users\*****\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe[4240] C:\Windows\syswow64\USER32.dll!DisplayConfigGetDeviceInfo 0000000076b47a5c 5 bytes JMP 00000001718d15d2
.text C:\Users\*****\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe[4240] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList 000000007501e96b 5 bytes JMP 00000001718d15c3
.text C:\Users\*****\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe[4240] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo 000000007501eba5 5 bytes JMP 00000001718d1186
.text C:\Users\*****\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe[4240] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket 0000000075b05ea5 5 bytes JMP 00000001718d15fa
.text C:\Users\*****\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe[4240] C:\Windows\syswow64\ole32.dll!CoCreateInstance 0000000075b39d0b 5 bytes JMP 00000001718d121c
.text C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[4308] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000752d1465 2 bytes [2D, 75]
.text C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[4308] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000752d14bb 2 bytes [2D, 75]
.text ... * 2
.text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[4568] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefd232db0 5 bytes JMP 000007fffd220180
.text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[4568] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefd2337d0 7 bytes JMP 000007fffd2200d8
.text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[4568] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefd238ef0 6 bytes JMP 000007fffd220148
.text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[4568] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefd24af60 5 bytes JMP 000007fffd220110
.text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[4568] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefd4489e0 8 bytes JMP 000007fffd2201f0
.text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[4568] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefd44be40 8 bytes JMP 000007fffd2201b8
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[3916] C:\Windows\syswow64\kernel32.dll!RegQueryValueExW 00000000755f1eee 7 bytes JMP 00000001718d1695
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[3916] C:\Windows\syswow64\kernel32.dll!RegSetValueExW 00000000755f5b85 7 bytes JMP 00000001718d11a9
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[3916] C:\Windows\syswow64\kernel32.dll!RegSetValueExA 00000000756013e1 7 bytes JMP 00000001718d128a
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[3916] C:\Windows\syswow64\kernel32.dll!RegDeleteValueW 000000007560ea0d 7 bytes JMP 00000001718d1244
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[3916] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW 000000007561b1d3 5 bytes JMP 00000001718d15aa
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[3916] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx 00000000756988b4 7 bytes JMP 00000001718d1339
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[3916] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation 0000000075698939 5 bytes JMP 00000001718d16d6
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[3916] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW 0000000075698c8f 5 bytes JMP 00000001718d170d
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[3916] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW 0000000074ed1d1b 5 bytes JMP 00000001718d11c2
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[3916] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW 0000000074ed1dc9 5 bytes JMP 00000001718d1014
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[3916] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000074ed2aa4 5 bytes JMP 00000001718d1555
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[3916] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary 0000000074ed2d0a 5 bytes JMP 00000001718d1271
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[3916] C:\Windows\syswow64\USER32.dll!CreateWindowExW 0000000076ae8a29 5 bytes JMP 00000001718d1726
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[3916] C:\Windows\syswow64\USER32.dll!EnumDisplayDevicesA 0000000076af4572 5 bytes JMP 00000001718d10a0
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[3916] C:\Windows\syswow64\USER32.dll!EnumDisplayDevicesW 0000000076b0e567 5 bytes JMP 00000001718d1415
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[3916] C:\Windows\syswow64\USER32.dll!DisplayConfigGetDeviceInfo 0000000076b47a5c 5 bytes JMP 00000001718d15d2
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[3916] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList 000000007501e96b 5 bytes JMP 00000001718d15c3
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[3916] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo 000000007501eba5 5 bytes JMP 00000001718d1186
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[3916] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket 0000000075b05ea5 5 bytes JMP 00000001718d15fa
.text C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[3916] C:\Windows\syswow64\ole32.dll!CoCreateInstance 0000000075b39d0b 5 bytes JMP 00000001718d121c
.text C:\Users\*****\AppData\Roaming\SkypEmoticons\SE.exe[3912] C:\Windows\syswow64\kernel32.dll!RegQueryValueExW 00000000755f1eee 7 bytes JMP 00000001718d1695
.text C:\Users\*****\AppData\Roaming\SkypEmoticons\SE.exe[3912] C:\Windows\syswow64\kernel32.dll!RegSetValueExW 00000000755f5b85 7 bytes JMP 00000001718d11a9
.text C:\Users\*****\AppData\Roaming\SkypEmoticons\SE.exe[3912] C:\Windows\syswow64\kernel32.dll!RegSetValueExA 00000000756013e1 7 bytes JMP 00000001718d128a
.text C:\Users\*****\AppData\Roaming\SkypEmoticons\SE.exe[3912] C:\Windows\syswow64\kernel32.dll!RegDeleteValueW 000000007560ea0d 7 bytes JMP 00000001718d1244
.text C:\Users\*****\AppData\Roaming\SkypEmoticons\SE.exe[3912] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW 000000007561b1d3 5 bytes JMP 00000001718d15aa
.text C:\Users\*****\AppData\Roaming\SkypEmoticons\SE.exe[3912] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx 00000000756988b4 7 bytes JMP 00000001718d1339
.text C:\Users\*****\AppData\Roaming\SkypEmoticons\SE.exe[3912] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation 0000000075698939 5 bytes JMP 00000001718d16d6
.text C:\Users\*****\AppData\Roaming\SkypEmoticons\SE.exe[3912] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW 0000000075698c8f 5 bytes JMP 00000001718d170d
.text C:\Users\*****\AppData\Roaming\SkypEmoticons\SE.exe[3912] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW 0000000074ed1d1b 5 bytes JMP 00000001718d11c2
.text C:\Users\*****\AppData\Roaming\SkypEmoticons\SE.exe[3912] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW 0000000074ed1dc9 5 bytes JMP 00000001718d1014
.text C:\Users\*****\AppData\Roaming\SkypEmoticons\SE.exe[3912] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000074ed2aa4 5 bytes JMP 00000001718d1555
.text C:\Users\*****\AppData\Roaming\SkypEmoticons\SE.exe[3912] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary 0000000074ed2d0a 5 bytes JMP 00000001718d1271
.text C:\Users\*****\AppData\Roaming\SkypEmoticons\SE.exe[3912] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList 000000007501e96b 5 bytes JMP 00000001718d15c3
.text C:\Users\*****\AppData\Roaming\SkypEmoticons\SE.exe[3912] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo 000000007501eba5 5 bytes JMP 00000001718d1186
.text C:\Users\*****\AppData\Roaming\SkypEmoticons\SE.exe[3912] C:\Windows\syswow64\USER32.dll!CreateWindowExW 0000000076ae8a29 5 bytes JMP 00000001718d1726
.text C:\Users\*****\AppData\Roaming\SkypEmoticons\SE.exe[3912] C:\Windows\syswow64\USER32.dll!EnumDisplayDevicesA 0000000076af4572 5 bytes JMP 00000001718d10a0
.text C:\Users\*****\AppData\Roaming\SkypEmoticons\SE.exe[3912] C:\Windows\syswow64\USER32.dll!EnumDisplayDevicesW 0000000076b0e567 5 bytes JMP 00000001718d1415
.text C:\Users\*****\AppData\Roaming\SkypEmoticons\SE.exe[3912] C:\Windows\syswow64\USER32.dll!DisplayConfigGetDeviceInfo 0000000076b47a5c 5 bytes JMP 00000001718d15d2
.text C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe[3968] C:\Windows\system32\kernel32.dll!RegSetValueExW 000000007704af40 7 bytes JMP 000000016fff0260
.text C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe[3968] C:\Windows\system32\kernel32.dll!RegQueryValueExW 0000000077054a60 5 bytes JMP 000000016fff01b8
.text C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe[3968] C:\Windows\system32\kernel32.dll!RegDeleteValueW 0000000077072990 5 bytes JMP 000000016fff01f0
.text C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe[3968] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW 000000007707efe0 5 bytes JMP 000000016fff0148
.text C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe[3968] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx 00000000770a99b0 7 bytes JMP 000000016fff00d8
.text C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe[3968] C:\Windows\system32\kernel32.dll!K32GetModuleInformation 00000000770b94d0 5 bytes JMP 000000016fff0180
.text C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe[3968] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW 00000000770b9640 5 bytes JMP 000000016fff0110
.text C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe[3968] C:\Windows\system32\kernel32.dll!RegSetValueExA 00000000770da500 7 bytes JMP 000000016fff0228
.text C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe[3968] C:\Windows\system32\KERNELBASE.dll!FreeLibrary 000007fefd232db0 5 bytes JMP 000007fffd0a0180
.text C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe[3968] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW 000007fefd2337d0 7 bytes JMP 000007fffd0a00d8
.text C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe[3968] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW 000007fefd238ef0 6 bytes JMP 000007fffd0a0148
.text C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe[3968] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW 000007fefd24af60 5 bytes JMP 000007fffd0a0110
.text C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe[3968] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo 000007fefd4489e0 8 bytes JMP 000007fffd0a01f0
.text C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe[3968] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList 000007fefd44be40 8 bytes JMP 000007fffd0a01b8
.text C:\Program Files (x86)\ClamWin\bin\ClamTray.exe[4604] C:\Windows\syswow64\kernel32.dll!RegQueryValueExW 00000000755f1eee 7 bytes JMP 00000001718d1695
.text C:\Program Files (x86)\ClamWin\bin\ClamTray.exe[4604] C:\Windows\syswow64\kernel32.dll!RegSetValueExW 00000000755f5b85 7 bytes JMP 00000001718d11a9
.text C:\Program Files (x86)\ClamWin\bin\ClamTray.exe[4604] C:\Windows\syswow64\kernel32.dll!RegSetValueExA 00000000756013e1 7 bytes JMP 00000001718d128a
.text C:\Program Files (x86)\ClamWin\bin\ClamTray.exe[4604] C:\Windows\syswow64\kernel32.dll!RegDeleteValueW 000000007560ea0d 7 bytes JMP 00000001718d1244
.text C:\Program Files (x86)\ClamWin\bin\ClamTray.exe[4604] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW 000000007561b1d3 5 bytes JMP 00000001718d15aa
.text C:\Program Files (x86)\ClamWin\bin\ClamTray.exe[4604] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx 00000000756988b4 7 bytes JMP 00000001718d1339
.text C:\Program Files (x86)\ClamWin\bin\ClamTray.exe[4604] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation 0000000075698939 5 bytes JMP 00000001718d16d6
.text C:\Program Files (x86)\ClamWin\bin\ClamTray.exe[4604] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW 0000000075698c8f 5 bytes JMP 00000001718d170d
.text C:\Program Files (x86)\ClamWin\bin\ClamTray.exe[4604] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW 0000000074ed1d1b 5 bytes JMP 00000001718d11c2
.text C:\Program Files (x86)\ClamWin\bin\ClamTray.exe[4604] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW 0000000074ed1dc9 5 bytes JMP 00000001718d1014
.text C:\Program Files (x86)\ClamWin\bin\ClamTray.exe[4604] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000074ed2aa4 5 bytes JMP 00000001718d1555
.text C:\Program Files (x86)\ClamWin\bin\ClamTray.exe[4604] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary 0000000074ed2d0a 5 bytes JMP 00000001718d1271
.text C:\Program Files (x86)\ClamWin\bin\ClamTray.exe[4604] C:\Windows\syswow64\USER32.dll!CreateWindowExW 0000000076ae8a29 5 bytes JMP 00000001718d1726
.text C:\Program Files (x86)\ClamWin\bin\ClamTray.exe[4604] C:\Windows\syswow64\USER32.dll!EnumDisplayDevicesA 0000000076af4572 5 bytes JMP 00000001718d10a0
.text C:\Program Files (x86)\ClamWin\bin\ClamTray.exe[4604] C:\Windows\syswow64\USER32.dll!EnumDisplayDevicesW 0000000076b0e567 5 bytes JMP 00000001718d1415
.text C:\Program Files (x86)\ClamWin\bin\ClamTray.exe[4604] C:\Windows\syswow64\USER32.dll!DisplayConfigGetDeviceInfo 0000000076b47a5c 5 bytes JMP 00000001718d15d2
.text C:\Program Files (x86)\ClamWin\bin\ClamTray.exe[4604] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList 000000007501e96b 5 bytes JMP 00000001718d15c3
.text C:\Program Files (x86)\ClamWin\bin\ClamTray.exe[4604] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo 000000007501eba5 5 bytes JMP 00000001718d1186
.text C:\Program Files (x86)\ClamWin\bin\ClamTray.exe[4604] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket 0000000075b05ea5 5 bytes JMP 00000001718d15fa
.text C:\Program Files (x86)\ClamWin\bin\ClamTray.exe[4604] C:\Windows\syswow64\ole32.dll!CoCreateInstance 0000000075b39d0b 5 bytes JMP 00000001718d121c
.text C:\Program Files (x86)\ClamWin\bin\ClamTray.exe[4604] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 69 00000000752d1465 2 bytes [2D, 75]
.text C:\Program Files (x86)\ClamWin\bin\ClamTray.exe[4604] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 155 00000000752d14bb 2 bytes [2D, 75]
.text ... * 2
.text C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe[4556] C:\Windows\syswow64\kernel32.dll!RegQueryValueExW 00000000755f1eee 7 bytes JMP 00000001718d1695
.text C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe[4556] C:\Windows\syswow64\kernel32.dll!RegSetValueExW 00000000755f5b85 7 bytes JMP 00000001718d11a9
.text C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe[4556] C:\Windows\syswow64\kernel32.dll!RegSetValueExA 00000000756013e1 7 bytes JMP 00000001718d128a
.text C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe[4556] C:\Windows\syswow64\kernel32.dll!RegDeleteValueW 000000007560ea0d 7 bytes JMP 00000001718d1244
.text C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe[4556] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW 000000007561b1d3 5 bytes JMP 00000001718d15aa
.text C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe[4556] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx 00000000756988b4 7 bytes JMP 00000001718d1339
.text C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe[4556] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation 0000000075698939 5 bytes JMP 00000001718d16d6
.text C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe[4556] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW 0000000075698c8f 5 bytes JMP 00000001718d170d
.text C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe[4556] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW 0000000074ed1d1b 5 bytes JMP 00000001718d11c2
.text C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe[4556] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW 0000000074ed1dc9 5 bytes JMP 00000001718d1014
.text C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe[4556] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000074ed2aa4 5 bytes JMP 00000001718d1555
.text C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe[4556] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary 0000000074ed2d0a 5 bytes JMP 00000001718d1271
.text C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe[4556] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList 000000007501e96b 5 bytes JMP 00000001718d15c3
.text C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe[4556] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo 000000007501eba5 5 bytes JMP 00000001718d1186
.text C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe[4556] C:\Windows\syswow64\USER32.dll!CreateWindowExW 0000000076ae8a29 5 bytes JMP 00000001718d1726
.text C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe[4556] C:\Windows\syswow64\USER32.dll!EnumDisplayDevicesA 0000000076af4572 5 bytes JMP 00000001718d10a0
.text C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe[4556] C:\Windows\syswow64\USER32.dll!EnumDisplayDevicesW 0000000076b0e567 5 bytes JMP 00000001718d1415
.text C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe[4556] C:\Windows\syswow64\USER32.dll!DisplayConfigGetDeviceInfo 0000000076b47a5c 5 bytes JMP 00000001718d15d2
.text C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe[4556] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket 0000000075b05ea5 5 bytes JMP 00000001718d15fa
.text C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe[4556] C:\Windows\syswow64\ole32.dll!CoCreateInstance 0000000075b39d0b 5 bytes JMP 00000001718d121c
.text C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe[4556] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000752d1465 2 bytes [2D, 75]
.text C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe[4556] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000752d14bb 2 bytes [2D, 75]
.text ... * 2
.text C:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe[4436] C:\Windows\syswow64\KERNEL32.dll!RegQueryValueExW 00000000755f1eee 7 bytes JMP 00000001718d1695
.text C:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe[4436] C:\Windows\syswow64\KERNEL32.dll!RegSetValueExW 00000000755f5b85 7 bytes JMP 00000001718d11a9
.text C:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe[4436] C:\Windows\syswow64\KERNEL32.dll!RegSetValueExA 00000000756013e1 7 bytes JMP 00000001718d128a
.text C:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe[4436] C:\Windows\syswow64\KERNEL32.dll!RegDeleteValueW 000000007560ea0d 7 bytes JMP 00000001718d1244
.text C:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe[4436] C:\Windows\syswow64\KERNEL32.dll!K32GetModuleFileNameExW 000000007561b1d3 5 bytes JMP 00000001718d15aa
.text C:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe[4436] C:\Windows\syswow64\KERNEL32.dll!K32EnumProcessModulesEx 00000000756988b4 7 bytes JMP 00000001718d1339
.text C:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe[4436] C:\Windows\syswow64\KERNEL32.dll!K32GetModuleInformation 0000000075698939 5 bytes JMP 00000001718d16d6
.text C:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe[4436] C:\Windows\syswow64\KERNEL32.dll!K32GetMappedFileNameW 0000000075698c8f 5 bytes JMP 00000001718d170d
.text C:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe[4436] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW 0000000074ed1d1b 5 bytes JMP 00000001718d11c2
.text C:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe[4436] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW 0000000074ed1dc9 5 bytes JMP 00000001718d1014
.text C:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe[4436] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000074ed2aa4 5 bytes JMP 00000001718d1555
.text C:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe[4436] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary 0000000074ed2d0a 5 bytes JMP 00000001718d1271
.text C:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe[4436] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList 000000007501e96b 5 bytes JMP 00000001718d15c3
.text C:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe[4436] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo 000000007501eba5 5 bytes JMP 00000001718d1186
.text C:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe[4436] C:\Windows\syswow64\USER32.dll!CreateWindowExW 0000000076ae8a29 5 bytes JMP 00000001718d1726
.text C:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe[4436] C:\Windows\syswow64\USER32.dll!EnumDisplayDevicesA 0000000076af4572 5 bytes JMP 00000001718d10a0
.text C:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe[4436] C:\Windows\syswow64\USER32.dll!EnumDisplayDevicesW 0000000076b0e567 5 bytes JMP 00000001718d1415
.text C:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe[4436] C:\Windows\syswow64\USER32.dll!DisplayConfigGetDeviceInfo 0000000076b47a5c 5 bytes JMP 00000001718d15d2
.text C:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe[4436] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket 0000000075b05ea5 5 bytes JMP 00000001718d15fa
.text C:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe[4436] C:\Windows\syswow64\ole32.dll!CoCreateInstance 0000000075b39d0b 5 bytes JMP 00000001718d121c
.text C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe[4512] C:\Windows\syswow64\kernel32.dll!RegQueryValueExW 00000000755f1eee 7 bytes JMP 00000001718d1695
.text C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe[4512] C:\Windows\syswow64\kernel32.dll!RegSetValueExW 00000000755f5b85 7 bytes JMP 00000001718d11a9
.text C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe[4512] C:\Windows\syswow64\kernel32.dll!RegSetValueExA 00000000756013e1 7 bytes JMP 00000001718d128a
.text C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe[4512] C:\Windows\syswow64\kernel32.dll!RegDeleteValueW 000000007560ea0d 7 bytes JMP 00000001718d1244
.text C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe[4512] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW 000000007561b1d3 5 bytes JMP 00000001718d15aa
.text C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe[4512] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx 00000000756988b4 7 bytes JMP 00000001718d1339
.text C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe[4512] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation 0000000075698939 5 bytes JMP 00000001718d16d6
.text C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe[4512] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW 0000000075698c8f 5 bytes JMP 00000001718d170d
.text C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe[4512] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW 0000000074ed1d1b 5 bytes JMP 00000001718d11c2
.text C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe[4512] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW 0000000074ed1dc9 5 bytes JMP 00000001718d1014
.text C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe[4512] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000074ed2aa4 5 bytes JMP 00000001718d1555
.text C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe[4512] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary 0000000074ed2d0a 5 bytes JMP 00000001718d1271
.text C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe[4512] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList 000000007501e96b 5 bytes JMP 00000001718d15c3
.text C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe[4512] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo 000000007501eba5 5 bytes JMP 00000001718d1186
.text C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe[4512] C:\Windows\syswow64\USER32.dll!CreateWindowExW 0000000076ae8a29 5 bytes JMP 00000001718d1726
.text C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe[4512] C:\Windows\syswow64\USER32.dll!EnumDisplayDevicesA 0000000076af4572 5 bytes JMP 00000001718d10a0
.text C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe[4512] C:\Windows\syswow64\USER32.dll!EnumDisplayDevicesW 0000000076b0e567 5 bytes JMP 00000001718d1415
.text C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe[4512] C:\Windows\syswow64\USER32.dll!DisplayConfigGetDeviceInfo 0000000076b47a5c 5 bytes JMP 00000001718d15d2
.text C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe[4512] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket 0000000075b05ea5 5 bytes JMP 00000001718d15fa
.text C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe[4512] C:\Windows\syswow64\ole32.dll!CoCreateInstance 0000000075b39d0b 5 bytes JMP 00000001718d121c
.text C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpWareSE4.exe[4516] C:\Windows\syswow64\kernel32.dll!RegQueryValueExW 00000000755f1eee 7 bytes JMP 00000001718d1695
.text C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpWareSE4.exe[4516] C:\Windows\syswow64\kernel32.dll!RegSetValueExW 00000000755f5b85 7 bytes JMP 00000001718d11a9
.text C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpWareSE4.exe[4516] C:\Windows\syswow64\kernel32.dll!RegSetValueExA 00000000756013e1 7 bytes JMP 00000001718d128a
.text C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpWareSE4.exe[4516] C:\Windows\syswow64\kernel32.dll!RegDeleteValueW 000000007560ea0d 7 bytes JMP 00000001718d1244
.text C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpWareSE4.exe[4516] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW 000000007561b1d3 5 bytes JMP 00000001718d15aa
.text C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpWareSE4.exe[4516] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx 00000000756988b4 7 bytes JMP 00000001718d1339
.text C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpWareSE4.exe[4516] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation 0000000075698939 5 bytes JMP 00000001718d16d6
.text C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpWareSE4.exe[4516] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW 0000000075698c8f 5 bytes JMP 00000001718d170d
.text C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpWareSE4.exe[4516] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW 0000000074ed1d1b 5 bytes JMP 00000001718d11c2
.text C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpWareSE4.exe[4516] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW 0000000074ed1dc9 5 bytes JMP 00000001718d1014
.text C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpWareSE4.exe[4516] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000074ed2aa4 5 bytes JMP 00000001718d1555
.text C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpWareSE4.exe[4516] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary 0000000074ed2d0a 5 bytes JMP 00000001718d1271
.text C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpWareSE4.exe[4516] C:\Windows\syswow64\USER32.dll!CreateWindowExW 0000000076ae8a29 5 bytes JMP 00000001718d1726
.text C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpWareSE4.exe[4516] C:\Windows\syswow64\USER32.dll!EnumDisplayDevicesA 0000000076af4572 5 bytes JMP 00000001718d10a0
.text C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpWareSE4.exe[4516] C:\Windows\syswow64\USER32.dll!EnumDisplayDevicesW 0000000076b0e567 5 bytes JMP 00000001718d1415
.text C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpWareSE4.exe[4516] C:\Windows\syswow64\USER32.dll!DisplayConfigGetDeviceInfo 0000000076b47a5c 5 bytes JMP 00000001718d15d2
.text C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpWareSE4.exe[4516] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList 000000007501e96b 5 bytes JMP 00000001718d15c3
.text C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpWareSE4.exe[4516] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo 000000007501eba5 5 bytes JMP 00000001718d1186
.text C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpWareSE4.exe[4516] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket 0000000075b05ea5 5 bytes JMP 00000001718d15fa
.text C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpWareSE4.exe[4516] C:\Windows\syswow64\ole32.dll!CoCreateInstance 0000000075b39d0b 5 bytes JMP 00000001718d121c
.text C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[4500] C:\Windows\syswow64\kernel32.dll!RegQueryValueExW 00000000755f1eee 7 bytes JMP 00000001718d1695
.text C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[4500] C:\Windows\syswow64\kernel32.dll!RegSetValueExW 00000000755f5b85 7 bytes JMP 00000001718d11a9
.text C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[4500] C:\Windows\syswow64\kernel32.dll!RegSetValueExA 00000000756013e1 7 bytes JMP 00000001718d128a
.text C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[4500] C:\Windows\syswow64\kernel32.dll!RegDeleteValueW 000000007560ea0d 7 bytes JMP 00000001718d1244
.text C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[4500] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW 000000007561b1d3 5 bytes JMP 00000001718d15aa
.text C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[4500] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx 00000000756988b4 7 bytes JMP 00000001718d1339
.text C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[4500] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation 0000000075698939 5 bytes JMP 00000001718d16d6
.text C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[4500] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW 0000000075698c8f 5 bytes JMP 00000001718d170d
.text C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[4500] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW 0000000074ed1d1b 5 bytes JMP 00000001718d11c2
.text C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[4500] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW 0000000074ed1dc9 5 bytes JMP 00000001718d1014
.text C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[4500] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000074ed2aa4 5 bytes JMP 00000001718d1555
.text C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[4500] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary 0000000074ed2d0a 5 bytes JMP 00000001718d1271
.text C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[4500] C:\Windows\syswow64\USER32.dll!CreateWindowExW 0000000076ae8a29 5 bytes JMP 00000001718d1726
.text C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[4500] C:\Windows\syswow64\USER32.dll!EnumDisplayDevicesA 0000000076af4572 5 bytes JMP 00000001718d10a0
.text C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[4500] C:\Windows\syswow64\USER32.dll!EnumDisplayDevicesW 0000000076b0e567 5 bytes JMP 00000001718d1415
.text C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[4500] C:\Windows\syswow64\USER32.dll!DisplayConfigGetDeviceInfo 0000000076b47a5c 5 bytes JMP 00000001718d15d2
.text C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[4500] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList 000000007501e96b 5 bytes JMP 00000001718d15c3
.text C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[4500] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo 000000007501eba5 5 bytes JMP 00000001718d1186
.text C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[4500] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket 0000000075b05ea5 5 bytes JMP 00000001718d15fa
.text C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[4500] C:\Windows\syswow64\ole32.dll!CoCreateInstance 0000000075b39d0b 5 bytes JMP 00000001718d121c
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[4504] C:\Windows\syswow64\kernel32.dll!RegQueryValueExW 00000000755f1eee 7 bytes JMP 00000001718d1695
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[4504] C:\Windows\syswow64\kernel32.dll!RegSetValueExW 00000000755f5b85 7 bytes JMP 00000001718d11a9
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[4504] C:\Windows\syswow64\kernel32.dll!RegSetValueExA 00000000756013e1 7 bytes JMP 00000001718d128a
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[4504] C:\Windows\syswow64\kernel32.dll!RegDeleteValueW 000000007560ea0d 7 bytes JMP 00000001718d1244
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[4504] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW 000000007561b1d3 5 bytes JMP 00000001718d15aa
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[4504] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx 00000000756988b4 7 bytes JMP 00000001718d1339
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[4504] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation 0000000075698939 5 bytes JMP 00000001718d16d6
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[4504] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW 0000000075698c8f 5 bytes JMP 00000001718d170d
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[4504] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW 0000000074ed1d1b 5 bytes JMP 00000001718d11c2
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[4504] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW 0000000074ed1dc9 5 bytes JMP 00000001718d1014
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[4504] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000074ed2aa4 5 bytes JMP 00000001718d1555
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[4504] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary 0000000074ed2d0a 5 bytes JMP 00000001718d1271
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[4504] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList 000000007501e96b 5 bytes JMP 00000001718d15c3
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[4504] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo 000000007501eba5 5 bytes JMP 00000001718d1186
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[4504] C:\Windows\syswow64\USER32.dll!CreateWindowExW 0000000076ae8a29 5 bytes JMP 00000001718d1726
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[4504] C:\Windows\syswow64\USER32.dll!EnumDisplayDevicesA 0000000076af4572 5 bytes JMP 00000001718d10a0
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[4504] C:\Windows\syswow64\USER32.dll!EnumDisplayDevicesW 0000000076b0e567 5 bytes JMP 00000001718d1415
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[4504] C:\Windows\syswow64\USER32.dll!DisplayConfigGetDeviceInfo 0000000076b47a5c 5 bytes JMP 00000001718d15d2
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[4504] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket 0000000075b05ea5 5 bytes JMP 00000001718d15fa
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[4504] C:\Windows\syswow64\ole32.dll!CoCreateInstance 0000000075b39d0b 5 bytes JMP 00000001718d121c
.text C:\Users\*****\Desktop\gmer.exe[1932] C:\Windows\syswow64\kernel32.dll!RegQueryValueExW 00000000755f1eee 7 bytes JMP 00000001718d1695
.text C:\Users\*****\Desktop\gmer.exe[1932] C:\Windows\syswow64\kernel32.dll!RegSetValueExW 00000000755f5b85 7 bytes JMP 00000001718d11a9
.text C:\Users\*****\Desktop\gmer.exe[1932] C:\Windows\syswow64\kernel32.dll!RegSetValueExA 00000000756013e1 7 bytes JMP 00000001718d128a
.text C:\Users\*****\Desktop\gmer.exe[1932] C:\Windows\syswow64\kernel32.dll!RegDeleteValueW 000000007560ea0d 7 bytes JMP 00000001718d1244
.text C:\Users\*****\Desktop\gmer.exe[1932] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW 000000007561b1d3 5 bytes JMP 00000001718d15aa
.text C:\Users\*****\Desktop\gmer.exe[1932] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx 00000000756988b4 7 bytes JMP 00000001718d1339
.text C:\Users\*****\Desktop\gmer.exe[1932] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation 0000000075698939 5 bytes JMP 00000001718d16d6
.text C:\Users\*****\Desktop\gmer.exe[1932] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW 0000000075698c8f 5 bytes JMP 00000001718d170d
.text C:\Users\*****\Desktop\gmer.exe[1932] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW 0000000074ed1d1b 5 bytes JMP 00000001718d11c2
.text C:\Users\*****\Desktop\gmer.exe[1932] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW 0000000074ed1dc9 5 bytes JMP 00000001718d1014
.text C:\Users\*****\Desktop\gmer.exe[1932] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000074ed2aa4 5 bytes JMP 00000001718d1555
.text C:\Users\*****\Desktop\gmer.exe[1932] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary 0000000074ed2d0a 5 bytes JMP 00000001718d1271
.text C:\Users\*****\Desktop\gmer.exe[1932] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList 000000007501e96b 5 bytes JMP 00000001718d15c3
.text C:\Users\*****\Desktop\gmer.exe[1932] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo 000000007501eba5 5 bytes JMP 00000001718d1186
.text C:\Users\*****\Desktop\gmer.exe[1932] C:\Windows\syswow64\USER32.dll!CreateWindowExW 0000000076ae8a29 5 bytes JMP 00000001718d1726
.text C:\Users\*****\Desktop\gmer.exe[1932] C:\Windows\syswow64\USER32.dll!EnumDisplayDevicesA 0000000076af4572 5 bytes JMP 00000001718d10a0
.text C:\Users\*****\Desktop\gmer.exe[1932] C:\Windows\syswow64\USER32.dll!EnumDisplayDevicesW 0000000076b0e567 5 bytes JMP 00000001718d1415
.text C:\Users\*****\Desktop\gmer.exe[1932] C:\Windows\syswow64\USER32.dll!DisplayConfigGetDeviceInfo 0000000076b47a5c 5 bytes JMP 00000001718d15d2
.text C:\Users\*****\Desktop\gmer.exe[1932] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket 0000000075b05ea5 5 bytes JMP 00000001718d15fa
.text C:\Users\*****\Desktop\gmer.exe[1932] C:\Windows\syswow64\ole32.dll!CoCreateInstance 0000000075b39d0b 5 bytes JMP 00000001718d121c
---- Threads - GMER 2.1 ----
Thread C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [5820:5804] 0000000075907587
Thread C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [5820:5788] 000000006df97712
Thread C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [5820:924] 0000000077492e65
Thread C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [5820:5888] 0000000077493e85
Thread C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [5820:1036] 0000000077493e85
Thread C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [5820:4388] 0000000077493e85
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\00150079fe36
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\ac728940f4a6
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\ac728940f4a6@10683f2795f3 0x70 0x61 0x7E 0x53 ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\00150079fe36 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\ac728940f4a6 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\ac728940f4a6@10683f2795f3 0x70 0x61 0x7E 0x53 ...
---- EOF - GMER 2.1 ----
|
|
19.01.2014, 22:07
| #5 |
| /// TB-Ausbilder | Windows 7: Laptop wurde sehr langsam ok. Schritt 1
Schritt 2 Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt 3 Scan mit Combofix
Schritt 4 Starte noch einmal FRST.
__________________ cheers, Leo |
|
19.01.2014, 23:44
| #6 |
| | Windows 7: Laptop wurde sehr langsam ich die Dateien deinstallieren oder kannst du mir einen Tipp geben wie? Wenn ich über Systemsteuerung reingehe bleibt sofort alles hängen, also keine chance es zu deinstallieren... LG Nach langem Warten wurde die erste Datei deinstalliert, Infos folgen... FRST Logfile: FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-01-2014 03
Ran by ***** (administrator) on *****-NB01 on 19-01-2014 23:21:12
Running from C:\Users\*****\Desktop\Felix
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\TrayManager.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\PSUService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNetDm.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe
(FUJITSU LIMITED) C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
(Fujitsu Technology Solutions) C:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpWareSE4.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPNetworkCommunicator.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1886504 2009-11-19] (Synaptics Incorporated)
HKLM\...\Run: [BTMTrayAgent] - C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [10228224 2010-11-03] (Intel Corporation)
HKLM\...\Run: [LoadFUJ02E3] - C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe [45680 2010-06-08] (FUJITSU LIMITED)
HKLM\...\Run: [FDM7] - C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe [164712 2009-11-26] (FUJITSU LIMITED)
HKLM\...\Run: [PSUTility] - C:\Program Files\Fujitsu\PSUtility\TrayManager.exe [199528 2010-11-13] (FUJITSU LIMITED)
HKLM\...\Run: [PfNet] - C:\Program Files\Fujitsu\Plugfree NETWORK\PfNet.exe [6311424 2010-10-07] (FUJITSU LIMITED)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11663464 2010-12-07] (Realtek Semiconductor)
HKLM\...\Run: [IntelWireless] - C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1933584 2011-01-05] (Intel(R) Corporation)
HKLM\...\Run: [snp2uvc] - C:\Windows\vsnp2uvc.exe [662016 2009-08-13] (Sonix)
HKLM\...\Run: [LoadFujitsuQuickTouch] - C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe [162416 2010-07-16] (FUJITSU LIMITED)
HKLM\...\Run: [LoadBtnHnd] - C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [21616 2010-07-09] (FUJITSU LIMITED)
HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-10] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\nvspcap64.dll [1100248 2013-12-10] (NVIDIA Corporation)
HKLM-x32\...\Run: [IndicatorUtility] - C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe [48752 2010-09-30] (FUJITSU LIMITED)
HKLM-x32\...\Run: [snp2uvc] - C:\Windows\vsnp2uvc.exe [662016 2009-08-13] (Sonix)
HKLM-x32\...\Run: [DeskUpdateNotifier] - c:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe [97560 2010-10-13] (Fujitsu Technology Solutions)
HKLM-x32\...\Run: [UCam_Menu] - C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [YouCam Mirror Tray icon] - C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe [162912 2009-07-08] (CyberLink Corp.)
HKLM-x32\...\Run: [SSBkgdUpdate] - C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [OpwareSE4] - C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpwareSE4.exe [79400 2007-02-04] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-03-24] (Hewlett-Packard)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\*****\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1168896 2013-12-14] (Spotify Ltd)
HKCU\...\Run: [HP Photosmart 5510 series (NET)] - C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe [2676584 2011-09-16] (Hewlett-Packard Co.)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [168616 2013-12-19] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\Windows\SysWOW64\nvinit.dll => c:\Windows\SysWOW64\nvinit.dll [141336 2013-12-19] (NVIDIA Corporation)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk
ShortcutTarget: LaunchCenter.lnk -> C:\Program Files\Fujitsu\LaunchCenter\LaunchCenter.exe (Fujitsu Technology Solutions)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk
ShortcutTarget: LaunchCenter.lnk -> C:\Program Files\Fujitsu\LaunchCenter\LaunchCenter.exe (Fujitsu Technology Solutions)
==================== Internet (Whitelisted) ====================
ProxyServer: 10.0.0.138:80
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=FTSG&bmod=FTSG
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {AE592437-2644-4A6B-972C-8D5A23AF96C4} URL = hxxp://ecosia.org/search.php?q={searchTerms}&addon=opensearch
SearchScopes: HKCU - {BF15C0A1-A07F-470D-871A-6C8960C0ECBF} URL =
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{41FD9069-21D6-40EB-9555-F0F6DDCFA8FB}: [NameServer]0.0.0.0
FireFox:
========
FF ProfilePath: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\ci75rvj2.default
FF Homepage: https://www.google.com/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @java.com/DTPlugin,version=10.17.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.17.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\*****\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\*****\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\*****\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\*****\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\*****\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\*****\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\*****\AppData\Roaming\mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin ProgramFiles/Appdata: C:\Users\*****\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR Extension: (No Name) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-02]
CHR Extension: (No Name) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-02]
CHR Extension: (No Name) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-02]
CHR Extension: (0) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\elgfababjopgjalkgbfndlempbfdiecf [2013-12-06]
CHR Extension: (Google Wallet) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-02]
CHR Extension: (No Name) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-02]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Users\*****\AppData\Roaming\DVDVideoSoft\dvsYoutubeDownload.crx [2012-10-31]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-03-02]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-01-05] ()
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-10] (NVIDIA Corporation)
R2 PFNService; C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe [331776 2010-10-07] (FUJITSU LIMITED)
R2 PowerSavingUtilityService; C:\Program Files\Fujitsu\PSUtility\PSUService.exe [63336 2010-06-17] (FUJITSU LIMITED)
S2 tor; C:\Program Files (x86)\Tor\tor.exe [3233806 2013-08-31] ()
==================== Drivers (Whitelisted) ====================
R0 FBIOSDRV; C:\Windows\System32\Drivers\FBIOSDRV.sys [21104 2009-06-24] (FUJITSU LIMITED)
R3 FUJ02B1; C:\Windows\System32\DRIVERS\FUJ02B1.sys [7808 2006-11-01] (FUJITSU LIMITED)
R3 FUJ02E3; C:\Windows\system32\drivers\FUJ02E3.sys [7296 2006-11-01] (FUJITSU LIMITED)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)
S3 SMARTMouseFilterx64; C:\Windows\System32\DRIVERS\SMARTMouseFilterx64.sys [13168 2011-07-13] (SMART Technologies ULC)
S3 SMARTVHidMiniVistaAmd64; C:\Windows\System32\DRIVERS\SMARTVHidMiniVistaAmd64.sys [16368 2011-07-13] (SMART Technologies ULC)
S3 SMARTVTabletPCx64; C:\Windows\System32\DRIVERS\SMARTVTabletPCx64.sys [24944 2011-07-13] (SMART Technologies ULC)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1801216 2010-10-09] ()
U3 catchme; \??\C:\ComboFix\catchme.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-19 23:17 - 2014-01-19 23:17 - 00107630 _____ C:\ComboFix.txt
2014-01-19 22:58 - 2014-01-19 23:17 - 00000000 ____D C:\Qoobox
2014-01-19 22:58 - 2014-01-19 23:16 - 00000000 ____D C:\Windows\erdnt
2014-01-19 22:58 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2014-01-19 22:58 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2014-01-19 22:58 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-01-19 22:58 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-01-19 22:58 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-01-19 22:58 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2014-01-19 22:58 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2014-01-19 22:58 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2014-01-19 22:55 - 2014-01-19 22:55 - 00014232 _____ C:\Users\*****\Desktop\AdwCleaner[S0].txt
2014-01-19 22:51 - 2014-01-19 22:52 - 00000000 ____D C:\AdwCleaner
2014-01-19 22:42 - 2014-01-19 22:42 - 00000000 ____D C:\Program Files (x86)\DownnSSave
2014-01-19 20:09 - 2014-01-19 20:09 - 01110476 _____ C:\Users\*****\Downloads\7z920.exe
2014-01-19 20:09 - 2014-01-19 20:09 - 00000000 ____D C:\Program Files (x86)\7-Zip
2014-01-19 19:27 - 2014-01-19 19:27 - 00000000 ____D C:\FRST
2014-01-19 19:25 - 2014-01-19 19:25 - 00000000 _____ C:\Users\*****\defogger_reenable
2014-01-19 15:39 - 2014-01-19 22:54 - 00001008 _____ C:\Windows\setupact.log
2014-01-19 15:39 - 2014-01-19 15:39 - 00000000 _____ C:\Windows\setuperr.log
2014-01-19 15:31 - 2014-01-19 15:31 - 00968392 _____ C:\Users\*****\Desktop\CR-FERNWARTUNG.exe
2014-01-19 15:24 - 2014-01-19 15:24 - 00000000 ____D C:\Users\*****\AppData\Local\NVIDIA Corporation
2014-01-19 15:23 - 2014-01-19 15:23 - 00000000 ____D C:\Windows\SysWOW64\NV
2014-01-19 15:23 - 2014-01-19 15:23 - 00000000 ____D C:\Windows\system32\NV
2014-01-19 15:21 - 2014-01-19 15:21 - 00001353 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2014-01-19 15:20 - 2013-12-10 03:15 - 00982232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-01-19 15:20 - 2013-12-10 03:14 - 01100248 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-01-19 15:19 - 2014-01-19 15:19 - 00000000 ____D C:\Users\*****\AppData\Local\NVIDIA
2014-01-19 15:19 - 2014-01-19 15:19 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2014-01-19 15:16 - 2013-12-19 21:33 - 30372640 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 22960416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 18310112 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 18222008 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 15877216 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 15230352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 12645664 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-01-19 15:16 - 2013-12-19 21:33 - 11605752 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 11554264 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 09700224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 09657464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 03132704 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 03125024 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 02947872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 02747680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433221.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433221.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 01436528 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 01242400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 00882464 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 00879392 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 00852768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 00847648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 00032544 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys
2014-01-19 15:16 - 2013-12-05 09:42 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-01-19 15:16 - 2013-12-05 09:42 - 00035104 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2014-01-19 15:16 - 2013-12-05 09:42 - 00032544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-01-19 15:15 - 2013-12-19 21:33 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-01-19 15:15 - 2013-12-19 21:33 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-01-19 15:15 - 2013-12-19 21:33 - 03071656 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-01-19 15:15 - 2013-12-19 21:33 - 02698272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-01-19 15:07 - 2014-01-19 15:13 - 266633424 _____ (NVIDIA Corporation) C:\Users\*****\Downloads\332.21-notebook-win8-win7-64bit-international-whql.exe
2014-01-19 14:36 - 2014-01-19 14:36 - 00000000 ____D C:\Program Files\CPUID
2014-01-19 14:35 - 2014-01-19 14:35 - 01466296 _____ ( ) C:\Users\*****\Downloads\cpu-z_1.68-setup-en.exe
2014-01-19 12:10 - 2014-01-19 12:17 - 00000000 ____D C:\Windows\System32\Tasks\Aufgaben der Ereignisanzeige
2014-01-18 21:44 - 2014-01-18 21:47 - 84496144 _____ (alch ) C:\Users\*****\Downloads\clamwin-0.98-setup.exe
2014-01-18 19:14 - 2014-01-18 19:14 - 00000000 ____D C:\Program Files (x86)\Fuuni2Savue
2014-01-18 01:27 - 2014-01-18 01:27 - 00000000 ____D C:\Users\*****\AppData\Roaming\NVIDIA
2014-01-18 01:26 - 2014-01-18 01:26 - 00000000 ____D C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-01-17 21:41 - 2014-01-17 21:41 - 00000000 ____D C:\Users\*****\Documents\BFBC2
2014-01-15 18:20 - 2013-11-27 02:42 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 18:20 - 2013-11-27 02:42 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 18:20 - 2013-11-27 02:42 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 18:20 - 2013-11-27 02:42 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 18:20 - 2013-11-27 02:42 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 18:20 - 2013-11-27 02:42 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 18:20 - 2013-11-27 02:42 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 18:20 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 18:20 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-09 18:54 - 2014-01-09 18:54 - 01133552 _____ C:\Users\*****\Downloads\SteamSetup.exe
2014-01-06 21:51 - 2014-01-06 21:51 - 00001094 _____ C:\Users\*****\Downloads\Aufgabe8.zip
2014-01-06 21:51 - 2014-01-06 21:51 - 00001094 _____ C:\Users\*****\Downloads\Aufgabe8 (2).zip
2014-01-06 21:51 - 2014-01-06 21:51 - 00001094 _____ C:\Users\*****\Downloads\Aufgabe8 (1).zip
2014-01-06 21:46 - 2014-01-06 21:46 - 00001094 _____ C:\Users\*****\Downloads\Quelle2.zip
2014-01-05 23:04 - 2014-01-05 23:04 - 00004730 _____ C:\Users\*****\Documents\cc_20140105_230142.reg
2013-12-30 11:03 - 2014-01-19 22:48 - 00000000 ____D C:\ProgramData\DownnSSave
2013-12-30 11:03 - 2014-01-19 22:42 - 00000000 ____D C:\ProgramData\e48e524463011d6f
2013-12-30 11:03 - 2014-01-18 19:18 - 00000000 ____D C:\ProgramData\Fuuni2Savue
2013-12-30 11:03 - 2013-12-30 11:03 - 00000000 ____D C:\ProgramData\agcniifgcajngehbpgemhajfiohohdoc
2013-12-23 12:30 - 2013-12-23 12:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-23 12:02 - 2014-01-19 16:39 - 00000000 ____D C:\Program Files (x86)\Steam
2013-12-22 11:52 - 2013-12-22 11:52 - 00000000 ____D C:\Users\*****\Downloads\save
2013-12-22 11:50 - 2013-12-22 11:52 - 72106372 _____ ( ) C:\Users\*****\Downloads\iwbtgbeta_fs_.exe
==================== One Month Modified Files and Folders =======
2014-01-19 23:21 - 2013-11-04 13:36 - 00000000 ____D C:\Users\*****\Desktop\Felix
2014-01-19 23:17 - 2014-01-19 23:17 - 00107630 _____ C:\ComboFix.txt
2014-01-19 23:17 - 2014-01-19 22:58 - 00000000 ____D C:\Qoobox
2014-01-19 23:17 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Default
2014-01-19 23:16 - 2014-01-19 22:58 - 00000000 ____D C:\Windows\erdnt
2014-01-19 23:15 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2014-01-19 23:01 - 2013-11-09 17:35 - 00000256 _____ C:\Windows\Tasks\HP Photo Creations Messager.job
2014-01-19 23:01 - 2009-07-14 05:45 - 00020944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-19 23:01 - 2009-07-14 05:45 - 00020944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-19 22:58 - 2011-04-11 18:26 - 04962518 _____ C:\Windows\system32\perfh007.dat
2014-01-19 22:58 - 2011-04-11 18:26 - 01548584 _____ C:\Windows\system32\perfc007.dat
2014-01-19 22:58 - 2009-07-14 06:13 - 00006520 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-19 22:57 - 2011-10-27 12:01 - 01495471 _____ C:\Windows\WindowsUpdate.log
2014-01-19 22:55 - 2014-01-19 22:55 - 00014232 _____ C:\Users\*****\Desktop\AdwCleaner[S0].txt
2014-01-19 22:54 - 2014-01-19 15:39 - 00001008 _____ C:\Windows\setupact.log
2014-01-19 22:53 - 2011-11-25 19:49 - 00001104 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-19 22:53 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-19 22:52 - 2014-01-19 22:51 - 00000000 ____D C:\AdwCleaner
2014-01-19 22:48 - 2013-12-30 11:03 - 00000000 ____D C:\ProgramData\DownnSSave
2014-01-19 22:43 - 2011-11-25 19:49 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-19 22:42 - 2014-01-19 22:42 - 00000000 ____D C:\Program Files (x86)\DownnSSave
2014-01-19 22:42 - 2013-12-30 11:03 - 00000000 ____D C:\ProgramData\e48e524463011d6f
2014-01-19 22:23 - 2013-09-21 13:34 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-19 20:25 - 2011-11-07 20:18 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2109869091-239777414-2284813190-1001UA.job
2014-01-19 20:09 - 2014-01-19 20:09 - 01110476 _____ C:\Users\*****\Downloads\7z920.exe
2014-01-19 20:09 - 2014-01-19 20:09 - 00000000 ____D C:\Program Files (x86)\7-Zip
2014-01-19 19:27 - 2014-01-19 19:27 - 00000000 ____D C:\FRST
2014-01-19 19:25 - 2014-01-19 19:25 - 00000000 _____ C:\Users\*****\defogger_reenable
2014-01-19 19:25 - 2011-10-27 12:04 - 00000000 ____D C:\Users\*****
2014-01-19 16:39 - 2013-12-23 12:02 - 00000000 ____D C:\Program Files (x86)\Steam
2014-01-19 15:39 - 2014-01-19 15:39 - 00000000 _____ C:\Windows\setuperr.log
2014-01-19 15:31 - 2014-01-19 15:31 - 00968392 _____ C:\Users\*****\Desktop\CR-FERNWARTUNG.exe
2014-01-19 15:25 - 2011-11-07 20:18 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2109869091-239777414-2284813190-1001Core.job
2014-01-19 15:24 - 2014-01-19 15:24 - 00000000 ____D C:\Users\*****\AppData\Local\NVIDIA Corporation
2014-01-19 15:24 - 2011-10-27 20:50 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2014-01-19 15:23 - 2014-01-19 15:23 - 00000000 ____D C:\Windows\SysWOW64\NV
2014-01-19 15:23 - 2014-01-19 15:23 - 00000000 ____D C:\Windows\system32\NV
2014-01-19 15:23 - 2011-10-27 20:51 - 00000000 ____D C:\ProgramData\NVIDIA
2014-01-19 15:23 - 2011-10-27 12:05 - 00113232 _____ C:\Users\*****\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-19 15:22 - 2009-07-14 05:45 - 00444208 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-19 15:21 - 2014-01-19 15:21 - 00001353 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2014-01-19 15:20 - 2011-10-27 20:50 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2014-01-19 15:20 - 2011-10-27 20:50 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2014-01-19 15:19 - 2014-01-19 15:19 - 00000000 ____D C:\Users\*****\AppData\Local\NVIDIA
2014-01-19 15:19 - 2014-01-19 15:19 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2014-01-19 15:13 - 2014-01-19 15:07 - 266633424 _____ (NVIDIA Corporation) C:\Users\*****\Downloads\332.21-notebook-win8-win7-64bit-international-whql.exe
2014-01-19 15:02 - 2012-01-24 15:09 - 00000000 ____D C:\ProgramData\Microsoft Help
2014-01-19 15:01 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2014-01-19 15:00 - 2010-11-21 08:16 - 00000000 ____D C:\Windows\ShellNew
2014-01-19 14:56 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\System
2014-01-19 14:56 - 2009-07-14 03:34 - 00000387 _____ C:\Windows\win.ini
2014-01-19 14:36 - 2014-01-19 14:36 - 00000000 ____D C:\Program Files\CPUID
2014-01-19 14:35 - 2014-01-19 14:35 - 01466296 _____ ( ) C:\Users\*****\Downloads\cpu-z_1.68-setup-en.exe
2014-01-19 14:14 - 2011-10-27 16:32 - 00000000 ____D C:\Users\*****\AppData\Local\CrashDumps
2014-01-19 12:17 - 2014-01-19 12:10 - 00000000 ____D C:\Windows\System32\Tasks\Aufgaben der Ereignisanzeige
2014-01-19 08:33 - 2010-11-21 04:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-01-18 21:47 - 2014-01-18 21:44 - 84496144 _____ (alch ) C:\Users\*****\Downloads\clamwin-0.98-setup.exe
2014-01-18 19:18 - 2013-12-30 11:03 - 00000000 ____D C:\ProgramData\Fuuni2Savue
2014-01-18 19:14 - 2014-01-18 19:14 - 00000000 ____D C:\Program Files (x86)\Fuuni2Savue
2014-01-18 13:02 - 2013-09-21 13:34 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-01-18 13:02 - 2012-04-19 16:20 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-18 13:02 - 2011-11-09 10:30 - 00000000 ____D C:\Users\*****\AppData\Local\Adobe
2014-01-18 13:02 - 2011-10-27 16:32 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-18 01:27 - 2014-01-18 01:27 - 00000000 ____D C:\Users\*****\AppData\Roaming\NVIDIA
2014-01-18 01:26 - 2014-01-18 01:26 - 00000000 ____D C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-01-17 21:41 - 2014-01-17 21:41 - 00000000 ____D C:\Users\*****\Documents\BFBC2
2014-01-15 20:47 - 2013-08-15 10:03 - 00000000 ____D C:\Windows\system32\MRT
2014-01-15 20:44 - 2011-10-27 13:11 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-13 20:52 - 2013-10-25 20:21 - 00000000 ____D C:\Users\*****\Documents\Visual Studio 2012
2014-01-12 19:41 - 2011-11-05 12:48 - 00000000 ____D C:\Mama
2014-01-11 10:41 - 2011-10-27 17:05 - 00000000 ____D C:\Users\*****\AppData\Roaming\Skype
2014-01-09 19:15 - 2012-09-07 20:46 - 00000000 ____D C:\Users\*****\AppData\Roaming\Spotify
2014-01-09 18:55 - 2012-09-07 20:48 - 00000000 ____D C:\Users\*****\AppData\Local\Spotify
2014-01-09 18:54 - 2014-01-09 18:54 - 01133552 _____ C:\Users\*****\Downloads\SteamSetup.exe
2014-01-09 18:43 - 2011-12-04 10:45 - 00000000 ____D C:\Users\*****\Desktop\Neue Musik
2014-01-06 21:51 - 2014-01-06 21:51 - 00001094 _____ C:\Users\*****\Downloads\Aufgabe8.zip
2014-01-06 21:51 - 2014-01-06 21:51 - 00001094 _____ C:\Users\*****\Downloads\Aufgabe8 (2).zip
2014-01-06 21:51 - 2014-01-06 21:51 - 00001094 _____ C:\Users\*****\Downloads\Aufgabe8 (1).zip
2014-01-06 21:46 - 2014-01-06 21:46 - 00001094 _____ C:\Users\*****\Downloads\Quelle2.zip
2014-01-05 23:04 - 2014-01-05 23:04 - 00004730 _____ C:\Users\*****\Documents\cc_20140105_230142.reg
2013-12-30 11:03 - 2013-12-30 11:03 - 00000000 ____D C:\ProgramData\agcniifgcajngehbpgemhajfiohohdoc
2013-12-27 14:01 - 2013-10-24 14:03 - 00000000 ____D C:\Program Files (x86)\Ss-Helper
2013-12-27 13:10 - 2011-10-27 12:09 - 00000000 ____D C:\Windows\System32\Tasks\Fujitsu
2013-12-25 18:15 - 2009-07-14 06:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-12-23 15:14 - 2012-05-31 16:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-23 12:31 - 2013-12-23 12:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-22 11:52 - 2013-12-22 11:52 - 00000000 ____D C:\Users\*****\Downloads\save
2013-12-22 11:52 - 2013-12-22 11:50 - 72106372 _____ ( ) C:\Users\*****\Downloads\iwbtgbeta_fs_.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-01-13 10:11
==================== End Of Log ============================
--- --- --- --- --- --- --- --- --- Code:
ATTFilter # AdwCleaner v3.017 - Bericht erstellt am 19/01/2014 um 22:52:44
# Aktualisiert 12/01/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : ***** - *****-NB01
# Gestartet von : C:\Users\*****\Desktop\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\apn
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\Partner
Ordner Gelöscht : C:\ProgramData\Tarma Installer
Ordner Gelöscht : C:\ProgramData\WinterSoft
Ordner Gelöscht : C:\ProgramData\DiOwinlOad keeeper
Ordner Gelöscht : C:\ProgramData\Download kkeeper
Ordner Gelöscht : C:\ProgramData\SearchNewTab
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SkypEmoticons
Ordner Gelöscht : C:\Program Files (x86)\SoftwareUpdater
Ordner Gelöscht : C:\Program Files (x86)\WebSearch
Ordner Gelöscht : C:\Users\*****\AppData\Local\PackageAware
Ordner Gelöscht : C:\Users\*****\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\*****\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\*****\AppData\Roaming\EZDownloader
Ordner Gelöscht : C:\Users\*****\AppData\Roaming\file scout
Ordner Gelöscht : C:\Users\*****\AppData\Roaming\Media Finder
Ordner Gelöscht : C:\Users\*****\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com
Ordner Gelöscht : C:\Users\*****\AppData\Roaming\OpenCandy
Ordner Gelöscht : C:\Users\*****\AppData\Roaming\SkypEmoticons
Ordner Gelöscht : C:\Users\*****\AppData\Roaming\yourfiledownloader
Datei Gelöscht : C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\ci75rvj2.default\invalidprefs.js
Datei Gelöscht : C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\ci75rvj2.default\searchplugins\Babylon.xml
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\Babylon.xml
Datei Gelöscht : C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\ci75rvj2.default\searchplugins\BrowserProtect.xml
Datei Gelöscht : C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\ci75rvj2.default\searchplugins\delta.xml
Datei Gelöscht : C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\ci75rvj2.default\searchplugins\WebSearch.xml
Datei Gelöscht : C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\ci75rvj2.default\user.js
Datei Gelöscht : C:\Windows\System32\Tasks\Software Updater Ui
Datei Gelöscht : C:\Windows\System32\Tasks\Software Updater
Datei Gelöscht : C:\Windows\System32\Tasks\YourFile Update
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\lpmkgpnbiojfaoklbkpfneikocaobfai
Schlüssel Gelöscht : HKCU\Software\Classes\iLivid.torrent
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Download with &Media Finder
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [se]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\*\shell\filescout
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\IEPlugin.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IEPlugin.IEWebHook
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IEPlugin.IEWebHook.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\MF
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\YourFile_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\YourFile_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\YourFileUpdater_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\YourFileUpdater_RASMANCS
Schlüssel Gelöscht : HKCU\Software\5255dadbe739ed40
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_minecraft_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_minecraft_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{3F39D17D-50C7-4AC4-A63A-CDF6CDBD0C61}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AE9908C1-3400-4B10-9061-C6C04D96E3D2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{71E3A30E-9444-49D9-ABDB-B4B531D0BBA3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{AE9908C1-3400-4B10-9061-C6C04D96E3D2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Schlüssel Gelöscht : HKCU\Software\BabSolution
Schlüssel Gelöscht : HKCU\Software\filescout
Schlüssel Gelöscht : HKCU\Software\ilivid
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\MediaFinder
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\AppDataLow\SProtector
Schlüssel Gelöscht : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\SP Global
Schlüssel Gelöscht : HKLM\Software\SProtector
Schlüssel Gelöscht : HKLM\Software\YourFileDownloader
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SkypEmoticons_is1
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Tarma Installer
Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - 127.0.0.1:9421;<local>
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.16428
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
-\\ Mozilla Firefox v26.0 (de)
[ Datei : C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\ci75rvj2.default\prefs.js ]
Zeile gelöscht : user_pref("aol_toolbar.default.homepage.check", false);
Zeile gelöscht : user_pref("aol_toolbar.default.search.check", false);
Zeile gelöscht : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
Zeile gelöscht : user_pref("browser.search.defaultenginename", "WebSearch");
Zeile gelöscht : user_pref("browser.search.defaultenginename,S", "WebSearch");
Zeile gelöscht : user_pref("browser.search.defaulturl", "hxxp://websearch.wisesearch.info/?pid=725&r=2013/10/24&hid=12088271798101284982&lg=EN&cc=AT&unqvl=39&l=1&q=");
Zeile gelöscht : user_pref("browser.search.order.1", "WebSearch");
Zeile gelöscht : user_pref("browser.search.order.1,S", "WebSearch");
Zeile gelöscht : user_pref("browser.search.selectedEngine", "WebSearch");
Zeile gelöscht : user_pref("browser.search.selectedEngine,S", "WebSearch");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Zeile gelöscht : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.babExt", "");
Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=113480&tt=060612_6_");
Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.hardId", "9c42c511000000000000ac728940f4a3");
Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.id", "9c42c511000000000000ac728940f4a3");
Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.instlDay", "15505");
Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.newTab", true);
Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?affID=113480&tt=060612_6_&babsrc=NT_ss&mntrId=9c42c511000000000000ac728940f4a3");
Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.tlbrId", "tb9");
Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1714:09:14");
Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
Zeile gelöscht : user_pref("extensions._2d3.scode", "(function(){if(window.self.location.hostname.indexOf(\"acebook.co\")>-1){return};var _wlst={lsKey:\"ssjsmn2ja8ddw2a\",get:function(b,a){if(3<b)return a(!1);var d=th[...]
Zeile gelöscht : user_pref("extensions.delta.admin", false);
Zeile gelöscht : user_pref("extensions.delta.aflt", "babsst");
Zeile gelöscht : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Zeile gelöscht : user_pref("extensions.delta.autoRvrt", "false");
Zeile gelöscht : user_pref("extensions.delta.dfltLng", "en");
Zeile gelöscht : user_pref("extensions.delta.excTlbr", false);
Zeile gelöscht : user_pref("extensions.delta.ffxUnstlRst", true);
Zeile gelöscht : user_pref("extensions.delta.id", "9c42c511000000000000ac728940f4a3");
Zeile gelöscht : user_pref("extensions.delta.instlDay", "15828");
Zeile gelöscht : user_pref("extensions.delta.instlRef", "sst");
Zeile gelöscht : user_pref("extensions.delta.newTab", false);
Zeile gelöscht : user_pref("extensions.delta.prdct", "delta");
Zeile gelöscht : user_pref("extensions.delta.prtnrId", "delta");
Zeile gelöscht : user_pref("extensions.delta.rvrt", "false");
Zeile gelöscht : user_pref("extensions.delta.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.delta.tlbrId", "base");
Zeile gelöscht : user_pref("extensions.delta.tlbrSrchUrl", "");
Zeile gelöscht : user_pref("extensions.delta.vrsn", "1.8.16.16");
Zeile gelöscht : user_pref("extensions.delta.vrsnTs", "1.8.16.1621:35:13");
Zeile gelöscht : user_pref("extensions.delta.vrsni", "1.8.16.16");
Zeile gelöscht : user_pref("extensions.dp5fV_.scode", "(function(){if(window.self.location.hostname.indexOf(\"acebook.co\")>-1){return};var _wlst={lsKey:\"ssjsmn2ja8ddw2a\",get:function(b,a){if(3<b)return a(!1);var d=[...]
Zeile gelöscht : user_pref("keyword.URL", "hxxp://websearch.wisesearch.info/?pid=725&r=2013/10/24&hid=12088271798101284982&lg=EN&cc=AT&unqvl=39&l=1&q=");
Zeile gelöscht : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "WebSearch");
Zeile gelöscht : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "WebSearch");
Zeile gelöscht : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://websearch.wisesearch.info/?pid=725&r=2013/10/24&hid=12088271798101284982&lg=EN&cc=AT&unqvl=39");
Zeile gelöscht : user_pref("sweetim.toolbar.previous.keyword.URL", "hxxp://websearch.wisesearch.info/?pid=725&r=2013/10/24&hid=12088271798101284982&lg=EN&cc=AT&unqvl=39&l=1&q=");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Zeile gelöscht : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
Zeile gelöscht : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
Zeile gelöscht : user_pref("sweetim.toolbar.searchguard.enable", "");
-\\ Google Chrome v31.0.1650.63
[ Datei : C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [14839 octets] - [19/01/2014 22:51:40]
AdwCleaner[S0].txt - [14066 octets] - [19/01/2014 22:52:44]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [14127 octets] ##########
|
|
19.01.2014, 23:46
| #7 |
| | Windows 7: Laptop wurde sehr langsamCode:
ATTFilter ComboFix 14-01-16.03 - ***** 19.01.2014 23:00:34.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.43.1031.18.4009.2442 [GMT 1:00]
ausgeführt von:: c:\users\*****\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
c:\windows\SysWow64\drivers\10CF_FUJITSU_FTS_LIFEBOOK AH531 GFO_PI_FUJITSU_FJNBB10_Default System BIOS_FUJ - 1_1.18_Intel(R) HD Graphics Family_NVIDIA GeForce GT 525M .MRK
c:\windows\SysWow64\frapsvid.dll
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-12-19 bis 2014-01-19 ))))))))))))))))))))))))))))))
.
.
2014-01-19 22:15 . 2014-01-19 22:15 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-01-19 21:51 . 2014-01-19 21:52 -------- d-----w- C:\AdwCleaner
2014-01-19 21:42 . 2014-01-19 21:42 -------- d-----w- c:\program files (x86)\DownnSSave
2014-01-19 19:09 . 2014-01-19 19:09 -------- d-----w- c:\program files (x86)\7-Zip
2014-01-19 18:46 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BAEF2B38-238D-47A2-9D24-94E7357136F8}\mpengine.dll
2014-01-19 18:27 . 2014-01-19 18:27 -------- d-----w- C:\FRST
2014-01-19 14:24 . 2014-01-19 14:24 -------- d-----w- c:\users\*****\AppData\Local\NVIDIA Corporation
2014-01-19 14:23 . 2014-01-19 14:23 -------- d-----w- c:\windows\SysWow64\NV
2014-01-19 14:23 . 2014-01-19 14:23 -------- d-----w- c:\windows\system32\NV
2014-01-19 14:20 . 2013-12-10 02:15 982232 ----a-w- c:\windows\SysWow64\nvspcap.dll
2014-01-19 14:20 . 2013-12-10 02:14 1100248 ----a-w- c:\windows\system32\nvspcap64.dll
2014-01-19 14:19 . 2014-01-19 14:19 -------- d-----w- c:\users\*****\AppData\Local\NVIDIA
2014-01-19 14:19 . 2014-01-19 14:19 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2014-01-19 14:15 . 2013-12-19 20:33 3071656 ----a-w- c:\windows\system32\nvapi64.dll
2014-01-19 14:15 . 2013-12-19 20:33 2698272 ----a-w- c:\windows\SysWow64\nvapi.dll
2014-01-19 14:15 . 2013-12-19 20:33 25257248 ----a-w- c:\windows\system32\nvcompiler.dll
2014-01-19 14:15 . 2013-12-19 20:33 17560352 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2014-01-19 13:36 . 2014-01-19 13:36 -------- d-----w- c:\program files\CPUID
2014-01-18 18:14 . 2014-01-18 18:14 -------- d-----w- c:\program files (x86)\Fuuni2Savue
2014-01-18 14:47 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-01-18 00:27 . 2014-01-18 00:27 -------- d-----w- c:\users\*****\AppData\Roaming\NVIDIA
2014-01-15 17:20 . 2013-11-27 01:42 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2014-01-15 17:20 . 2013-11-27 01:42 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2014-01-15 17:20 . 2013-11-27 01:42 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2014-01-15 17:20 . 2013-11-27 01:42 53248 ----a-w- c:\windows\system32\drivers\usbehci.sys
2014-01-15 17:20 . 2013-11-27 01:42 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2014-01-15 17:20 . 2013-11-27 01:42 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2014-01-15 17:20 . 2013-11-27 01:42 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
2014-01-15 17:20 . 2013-11-26 11:40 376768 ----a-w- c:\windows\system32\drivers\netio.sys
2014-01-15 17:20 . 2013-11-26 10:32 3156480 ----a-w- c:\windows\system32\win32k.sys
2013-12-30 10:03 . 2014-01-18 18:18 -------- d-----w- c:\programdata\Fuuni2Savue
2013-12-30 10:03 . 2013-12-30 10:03 -------- d-----w- c:\programdata\agcniifgcajngehbpgemhajfiohohdoc
2013-12-30 10:03 . 2014-01-19 21:48 -------- d-----w- c:\programdata\DownnSSave
2013-12-30 10:03 . 2014-01-19 21:42 -------- d-----w- c:\programdata\e48e524463011d6f
2013-12-23 11:02 . 2014-01-10 16:39 -------- d-----w- c:\program files (x86)\Common Files\Steam
2013-12-23 11:02 . 2014-01-19 15:39 -------- d-----w- c:\program files (x86)\Steam
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-19 07:33 . 2010-11-21 03:27 270496 ------w- c:\windows\system32\MpSigStub.exe
2014-01-18 12:02 . 2012-04-19 15:20 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-01-18 12:02 . 2011-10-27 15:32 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-01-15 19:44 . 2011-10-27 12:11 86054176 ----a-w- c:\windows\system32\MRT.exe
2013-12-19 20:33 . 2013-03-18 18:32 141336 ----a-w- c:\windows\SysWow64\nvinit.dll
2013-12-19 20:33 . 2011-10-27 19:50 168616 ----a-w- c:\windows\system32\nvinitx.dll
2013-12-19 18:53 . 2010-11-18 00:41 6671648 ----a-w- c:\windows\system32\nvcpl.dll
2013-12-19 18:53 . 2010-11-18 00:40 3490080 ----a-w- c:\windows\system32\nvsvc64.dll
2013-12-19 18:53 . 2010-11-18 00:41 922912 ----a-w- c:\windows\system32\nvvsvc.exe
2013-12-19 18:53 . 2010-11-18 00:41 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-12-19 18:53 . 2010-11-18 00:41 386336 ----a-w- c:\windows\system32\nvmctray.dll
2013-12-19 18:53 . 2010-11-18 00:41 67072 ----a-w- c:\windows\system32\nv3dappshextr.dll
2013-12-19 18:53 . 2010-11-18 00:41 2559776 ----a-w- c:\windows\system32\nvsvcr.dll
2013-12-19 18:53 . 2010-11-18 00:41 1065248 ----a-w- c:\windows\system32\nv3dappshext.dll
2013-12-19 05:01 . 2010-11-18 00:41 3539040 ----a-w- c:\windows\system32\nvcoproc.bin
2013-11-26 11:54 . 2013-12-12 20:36 23183360 ----a-w- c:\windows\system32\mshtml.dll
2013-11-26 10:19 . 2013-12-12 20:36 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2013-11-26 10:18 . 2013-12-12 20:36 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2013-11-26 09:48 . 2013-12-12 20:36 66048 ----a-w- c:\windows\system32\iesetup.dll
2013-11-26 09:46 . 2013-12-12 20:36 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2013-11-26 09:41 . 2013-12-12 20:36 2764288 ----a-w- c:\windows\system32\iertutil.dll
2013-11-26 09:29 . 2013-12-12 20:36 53760 ----a-w- c:\windows\system32\jsproxy.dll
2013-11-26 09:27 . 2013-12-12 20:36 33792 ----a-w- c:\windows\system32\iernonce.dll
2013-11-26 09:23 . 2013-12-12 20:36 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-11-26 09:21 . 2013-12-12 20:36 574976 ----a-w- c:\windows\system32\ieui.dll
2013-11-26 09:18 . 2013-12-12 20:36 139264 ----a-w- c:\windows\system32\ieUnatt.exe
2013-11-26 09:18 . 2013-12-12 20:36 111616 ----a-w- c:\windows\system32\ieetwcollector.exe
2013-11-26 09:16 . 2013-12-12 20:36 708608 ----a-w- c:\windows\system32\jscript9diag.dll
2013-11-26 08:57 . 2013-12-12 20:36 218624 ----a-w- c:\windows\system32\ie4uinit.exe
2013-11-26 08:35 . 2013-12-12 20:36 5769216 ----a-w- c:\windows\system32\jscript9.dll
2013-11-26 08:28 . 2013-12-12 20:36 553472 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2013-11-26 08:16 . 2013-12-12 20:36 4243968 ----a-w- c:\windows\SysWow64\jscript9.dll
2013-11-26 08:02 . 2013-12-12 20:36 1995264 ----a-w- c:\windows\system32\inetcpl.cpl
2013-11-26 07:48 . 2013-12-12 20:36 12996608 ----a-w- c:\windows\system32\ieframe.dll
2013-11-26 07:32 . 2013-12-12 20:36 1928192 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2013-11-26 07:07 . 2013-12-12 20:36 2334208 ----a-w- c:\windows\system32\wininet.dll
2013-11-26 06:40 . 2013-12-12 20:36 1395200 ----a-w- c:\windows\system32\urlmon.dll
2013-11-26 06:34 . 2013-12-12 20:36 817664 ----a-w- c:\windows\system32\ieapfltr.dll
2013-11-26 06:33 . 2013-12-12 20:36 1820160 ----a-w- c:\windows\SysWow64\wininet.dll
2013-11-23 18:26 . 2013-12-12 14:02 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-11-23 17:47 . 2013-12-12 14:02 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2013-11-13 09:33 . 2013-11-13 09:33 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-11-13 09:33 . 2013-11-13 09:33 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-11-13 09:33 . 2013-11-13 09:33 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-11-13 09:33 . 2013-11-13 09:33 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2013-11-13 09:33 . 2013-11-13 09:33 235008 ----a-w- c:\windows\system32\elshyph.dll
2013-11-13 09:33 . 2013-11-13 09:33 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2013-11-13 09:33 . 2013-11-13 09:33 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-11-13 09:33 . 2013-11-13 09:33 61952 ----a-w- c:\windows\SysWow64\iesetup.dll
2013-11-13 09:33 . 2013-11-13 09:33 454656 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-11-13 09:33 . 2013-11-13 09:33 34816 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2013-11-13 09:33 . 2013-11-13 09:33 337408 ----a-w- c:\windows\SysWow64\html.iec
2013-11-13 09:33 . 2013-11-13 09:33 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-11-13 09:33 . 2013-11-13 09:33 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-11-13 09:33 . 2013-11-13 09:33 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2013-11-13 09:33 . 2013-11-13 09:33 1051136 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-11-13 09:33 . 2013-11-13 09:33 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2013-11-13 09:33 . 2013-11-13 09:33 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-11-13 09:33 . 2013-11-13 09:33 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2013-11-13 09:33 . 2013-11-13 09:33 51200 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2013-11-13 09:33 . 2013-11-13 09:33 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-11-13 09:33 . 2013-11-13 09:33 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-11-13 09:33 . 2013-11-13 09:33 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2013-11-13 09:33 . 2013-11-13 09:33 112128 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-11-13 09:33 . 2013-11-13 09:33 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-11-13 09:33 . 2013-11-13 09:33 942592 ----a-w- c:\windows\system32\jsIntl.dll
2013-11-13 09:33 . 2013-11-13 09:33 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-11-13 09:33 . 2013-11-13 09:33 247808 ----a-w- c:\windows\system32\msls31.dll
2013-11-13 09:33 . 2013-11-13 09:33 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-11-13 09:33 . 2013-11-13 09:33 84992 ----a-w- c:\windows\system32\mshtmled.dll
2013-11-13 09:33 . 2013-11-13 09:33 81408 ----a-w- c:\windows\system32\icardie.dll
2013-11-13 09:33 . 2013-11-13 09:33 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-11-13 09:33 . 2013-11-13 09:33 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2013-11-13 09:33 . 2013-11-13 09:33 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-11-13 09:33 . 2013-11-13 09:33 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-11-13 09:33 . 2013-11-13 09:33 453120 ----a-w- c:\windows\system32\dxtmsft.dll
2013-11-13 09:33 . 2013-11-13 09:33 413696 ----a-w- c:\windows\system32\html.iec
2013-11-13 09:33 . 2013-11-13 09:33 40448 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2013-11-13 09:33 . 2013-11-13 09:33 30208 ----a-w- c:\windows\system32\licmgr10.dll
2013-11-13 09:33 . 2013-11-13 09:33 296960 ----a-w- c:\windows\system32\dxtrans.dll
2013-11-13 09:33 . 2013-11-13 09:33 263376 ----a-w- c:\windows\system32\iedkcs32.dll
2013-11-13 09:33 . 2013-11-13 09:33 243200 ----a-w- c:\windows\system32\webcheck.dll
2013-11-13 09:33 . 2013-11-13 09:33 235520 ----a-w- c:\windows\system32\url.dll
2013-11-13 09:33 . 2013-11-13 09:33 195584 ----a-w- c:\windows\system32\msrating.dll
2013-11-13 09:33 . 2013-11-13 09:33 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2013-11-13 09:33 . 2013-11-13 09:33 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-11-13 09:33 . 2013-11-13 09:33 1228800 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-11-13 09:33 . 2013-11-13 09:33 105984 ----a-w- c:\windows\system32\iesysprep.dll
2013-11-13 09:33 . 2013-11-13 09:33 101376 ----a-w- c:\windows\system32\inseng.dll
2013-11-13 09:33 . 2013-11-13 09:33 143872 ----a-w- c:\windows\system32\wextract.exe
2013-11-13 09:33 . 2013-11-13 09:33 83968 ----a-w- c:\windows\system32\MshtmlDac.dll
2013-11-13 09:33 . 2013-11-13 09:33 774144 ----a-w- c:\windows\system32\jscript.dll
2013-11-13 09:33 . 2013-11-13 09:33 626176 ----a-w- c:\windows\system32\msfeeds.dll
2013-11-13 09:33 . 2013-11-13 09:33 62464 ----a-w- c:\windows\system32\pngfilt.dll
2013-11-13 09:33 . 2013-11-13 09:33 548352 ----a-w- c:\windows\system32\vbscript.dll
2013-11-13 09:33 . 2013-11-13 09:33 48128 ----a-w- c:\windows\system32\imgutil.dll
2013-11-13 09:33 . 2013-11-13 09:33 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-11-13 09:33 . 2013-11-13 09:33 147968 ----a-w- c:\windows\system32\occache.dll
2013-11-13 09:33 . 2013-11-13 09:33 13824 ----a-w- c:\windows\system32\mshta.exe
2013-11-13 09:33 . 2013-11-13 09:33 135680 ----a-w- c:\windows\system32\iepeers.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"Spotify Web Helper"="c:\users\*****\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2013-12-14 1168896]
"HP Photosmart 5510 series (NET)"="c:\program files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe" [2011-09-16 2676584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IndicatorUtility"="c:\program files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe" [2010-09-30 48752]
"snp2uvc"="c:\windows\vsnp2uvc.exe" [2009-08-13 662016]
"DeskUpdateNotifier"="c:\fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe" [2010-10-13 97560]
"UCam_Menu"="c:\program files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"YouCam Mirror Tray icon"="c:\program files (x86)\CyberLink\YouCam\YouCamTray.exe" [2009-07-08 162912]
"SSBkgdUpdate"="c:\program files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
"OpwareSE4"="c:\program files (x86)\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2007-02-04 79400]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2011-03-24 49208]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
LaunchCenter.lnk - c:\program files\Fujitsu\LaunchCenter\LaunchCenter.exe [2011-4-12 375296]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 tor;Tor Win32 Service;c:\program files (x86)\Tor\tor.exe;c:\program files (x86)\Tor\tor.exe [x]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys;c:\windows\SYSNATIVE\Drivers\ssadadb.sys [x]
R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys;c:\windows\SYSNATIVE\drivers\intelaud.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SMARTMouseFilterx64;HID-compliant mouse;c:\windows\system32\DRIVERS\SMARTMouseFilterx64.sys;c:\windows\SYSNATIVE\DRIVERS\SMARTMouseFilterx64.sys [x]
R3 SMARTVHidMiniVistaAmd64;SMART HID Device;c:\windows\system32\DRIVERS\SMARTVHidMiniVistaAmd64.sys;c:\windows\SYSNATIVE\DRIVERS\SMARTVHidMiniVistaAmd64.sys [x]
R3 SMARTVTabletPCx64;SMART Virtual TabletPC;c:\windows\system32\DRIVERS\SMARTVTabletPCx64.sys;c:\windows\SYSNATIVE\DRIVERS\SMARTVTabletPCx64.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 FBIOSDRV;Fujitsu BIOS Driver;c:\windows\System32\Drivers\FBIOSDRV.sys;c:\windows\SYSNATIVE\Drivers\FBIOSDRV.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 PFNService;PFNService;c:\program files\Fujitsu\Plugfree NETWORK\PFNService.exe;c:\program files\Fujitsu\Plugfree NETWORK\PFNService.exe [x]
S2 PowerSavingUtilityService;PowerSavingUtilityService;c:\program files\Fujitsu\PSUtility\PSUService.exe;c:\program files\Fujitsu\PSUtility\PSUService.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
S3 FUJ02E3;Fujitsu FUJ02E3 Device Driver;c:\windows\system32\drivers\FUJ02E3.sys;c:\windows\SYSNATIVE\drivers\FUJ02E3.sys [x]
S3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys;c:\windows\SYSNATIVE\DRIVERS\iwdbus.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-12-06 18:44 1210320 ----a-w- c:\program files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-01-19 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-21 12:02]
.
2014-01-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-25 18:49]
.
2014-01-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-25 18:49]
.
2014-01-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2109869091-239777414-2284813190-1001Core.job
- c:\users\*****\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-07 19:18]
.
2014-01-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2109869091-239777414-2284813190-1001UA.job
- c:\users\*****\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-07 19:18]
.
2014-01-19 c:\windows\Tasks\HP Photo Creations Messager.job
- c:\programdata\HP Photo Creations\MessageCheck.exe [2011-02-15 10:11]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2010-11-03 10228224]
"LoadFUJ02E3"="c:\program files\Fujitsu\FUJ02E3\FUJ02E3.exe" [2010-06-08 45680]
"FDM7"="c:\program files\Fujitsu\FDM7\FdmDaemon.exe" [2009-11-26 164712]
"PSUTility"="c:\program files\Fujitsu\PSUtility\TrayManager.exe" [2010-11-13 199528]
"PfNet"="c:\program files\Fujitsu\Plugfree NETWORK\PfNet.exe" [2010-10-07 6311424]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-12-07 11663464]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-04-20 168216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-04-20 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-04-20 416024]
"IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-01-05 1933584]
"snp2uvc"="c:\windows\vsnp2uvc.exe" [2009-08-13 662016]
"LoadFujitsuQuickTouch"="c:\program files\Fujitsu\Application Panel\QuickTouch.exe" [2010-07-16 162416]
"LoadBtnHnd"="c:\program files\Fujitsu\Application Panel\BtnHnd.exe" [2010-07-09 21616]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 1266912]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2013-12-10 2279712]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2013-12-10 1100248]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
uInternet Settings,ProxyServer = 10.0.0.138:80
IE: An OneNote s&enden - c:\progra~1\MICROS~2\Office15\ONBttnIE.dll/105
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~2\Office15\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.138
TCP: Interfaces\{41FD9069-21D6-40EB-9555-F0F6DDCFA8FB}: NameServer = 0.0.0.0
FF - ProfilePath - c:\users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\ci75rvj2.default\
FF - prefs.js: browser.startup.homepage - hxxps://www.google.com/
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001\Software\Microsoft\Internet Explorer\Approved Extensions]
@DACL=(02 0000)
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,3b,1b,0c,14,cc,
01,93,b3,ea,06,b9,94,b9,17,8e,6e,f1,d8
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,3b,1b,74,c8,23,
89,3c,17,d6,0e,92,ce,12,24,74,48,2f,dd
"{32004B8A-44A9-43E7-84E9-808838809519}"=hex:51,66,7a,6c,4c,1d,3b,1b,9a,57,13,
2b,97,1f,8e,07,98,eb,c3,c8,3a,c0,d9,02
"{AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2}"=hex:51,66,7a,6c,4c,1d,3b,1b,00,ec,5e,
b4,c3,b9,a7,07,9a,48,28,91,ef,85,d6,d9
"{4D2D3B0F-69BE-477A-90F5-FDDB05357975}"=hex:51,66,7a,6c,4c,1d,3b,1b,1f,27,3e,
54,80,32,13,03,8c,f7,be,9b,07,75,35,6e
"{98889811-442D-49DD-99D7-DC866BE87DBC}"=hex:51,66,7a,6c,4c,1d,3b,1b,01,84,9b,
81,13,1f,b4,0d,85,d5,9f,c6,69,a8,31,a7
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}]
@DACL=(02 0000)
@="Java Plug-in 10.17.2"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.0_03"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.0_04"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.0_05"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_01"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_01"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_02"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_02"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_03"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_03"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_04"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_04"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_05"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_05"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_06"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_06"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_07"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_07"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_08"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_08"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_09"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_09"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_10"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_10"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_11"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_11"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_12"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_12"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_13"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_13"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_14"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_14"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_15"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_15"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_16"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_16"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_17"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_17"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_18"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_18"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_19"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_19"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_20"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_20"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_21"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_21"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_01"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_01"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_02"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_02"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_03"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_03"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_04"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_04"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_01"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_01"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_02"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_02"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_03"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_03"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_04"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_04"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_05"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_05"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_06"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_06"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_07"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_07"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_01"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_01"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_02"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_02"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_03"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_03"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_04"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_04"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_05"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_05"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_06"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_06"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_07"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_07"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_08"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_08"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_09"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_09"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_10"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_10"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_11"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_11"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_12"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_12"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_13"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_13"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_14"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_14"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_15"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_15"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_16"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_16"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_17"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_17"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_18"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_18"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_19"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_19"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_20"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_20"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_21"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_21"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_22"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_22"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_23"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_23"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_24"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_24"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_25"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_25"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_26"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_26"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_27"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_27"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_28"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_28"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_29"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_29"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_30"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_30"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_31"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_31"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0032-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_32"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0032-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_32"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0033-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_33"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0033-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_33"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_34"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_34"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0035-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_35"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0035-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_35"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0036-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_36"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0036-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_36"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0037-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_37"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0037-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_37"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0038-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_38"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0038-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_38"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0039-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_39"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0039-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_39"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0040-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_40"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0040-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_40"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0041-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_41"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0041-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_41"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0042-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_42"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0042-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_42"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0014-0002-FFFF-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_01"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_01"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_01"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_02"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_02"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_02"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_03"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_03"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_03"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_04"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_04"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_04"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_05"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_05"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_05"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_06"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_06"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_06"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_07"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_07"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_07"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_08"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_08"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_08"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_09"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_09"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_09"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_10"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_10"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_10"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_11"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_11"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_11"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_12"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_12"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_12"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_13"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_13"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_13"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_14"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_14"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_14"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_15"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_15"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_15"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_16"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_16"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_16"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_17"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_17"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_17"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_18"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_18"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_18"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_19"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_19"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_19"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_20"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_20"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_20"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_21"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_21"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_21"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_22"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_22"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_22"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_23"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_23"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_23"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_24"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_24"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_24"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_25"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_25"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_25"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_26"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_26"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_26"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_27"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_27"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_27"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_28"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_28"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_28"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_29"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_29"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_29"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_30"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_30"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_30"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_31"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_31"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_31"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_32"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_32"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_32"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_33"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_33"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_33"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_34"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_34"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_34"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_35"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_35"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_35"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_36"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_36"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_36"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_37"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_37"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_37"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_38"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_38"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_38"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_39"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_39"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_39"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_40"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_40"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_40"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_41"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_41"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_41"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0015-0000-FFFF-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_01"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_01"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_01"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_02"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_02"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_02"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_03"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_03"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_03"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_04"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_04"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_04"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_05"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_05"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_05"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_06"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_06"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_06"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_07"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_07"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_07"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_08"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_08"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_08"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_09"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_09"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_09"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_10"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_10"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_10"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_11"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_11"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_11"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_12"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_12"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_12"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_13"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_13"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_13"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_14"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_14"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_14"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_15"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_15"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_15"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_16"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_16"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_16"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_17"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_17"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_17"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_18"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_18"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_18"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_19"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_19"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_19"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_20"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_20"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_20"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_21"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_21"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_21"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_22"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_22"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_22"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_23"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_23"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_23"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_24"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_24"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_24"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_25"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_25"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_25"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_26"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_26"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_26"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_27"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_27"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_27"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_28"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_28"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_28"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_29"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_29"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_29"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_30"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_30"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_30"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_31"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_31"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_31"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_32"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_32"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_32"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_33"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_33"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_33"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_34"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_34"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_34"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_35"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_35"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_35"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_36"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_36"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_36"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_37"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_37"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_37"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_38"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_38"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_38"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_39"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_39"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_39"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_40"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_40"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_40"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_41"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_41"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_41"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_42"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_42"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_42"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_43"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_43"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_43"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0016-0000-FFFF-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_01"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_01"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_01"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_02"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_02"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_02"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_03"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_03"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_03"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_04"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_04"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_04"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_05"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_05"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_05"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_06"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_06"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_06"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_07"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_07"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_07"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_08"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_08"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_08"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_09"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_09"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_09"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_10"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_10"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_10"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_11"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_11"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_11"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_12"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_12"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_12"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_13"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_13"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_13"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_14"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_14"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_14"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_15"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_15"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_15"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_16"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_16"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_16"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_17"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_17"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_17"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-0017-0000-FFFF-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 10.17.2"
.
[HKEY_USERS\S-1-5-21-2109869091-239777414-2284813190-1001_Classes\CLSID\{E19F9331-3110-11D4-991C-005004D3B3DB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.0_02"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-01-19 23:17:35
ComboFix-quarantined-files.txt 2014-01-19 22:17
.
Vor Suchlauf: 19 Verzeichnis(se), 398.157.516.800 Bytes frei
Nach Suchlauf: 23 Verzeichnis(se), 397.858.271.232 Bytes frei
.
- - End Of File - - 4C90BCF9BEA4CA411BCDE972F3822767
|
|
20.01.2014, 00:29
| #8 |
| /// TB-Ausbilder | Windows 7: Laptop wurde sehr langsam Läuft der Rechner immer noch so schlecht? Schritt 1 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter S2 tor; C:\Program Files (x86)\Tor\tor.exe [3233806 2013-08-31] ()
C:\Program Files (x86)\Tor
2014-01-19 22:42 - 2014-01-19 22:42 - 00000000 ____D C:\Program Files (x86)\DownnSSave
2014-01-18 19:14 - 2014-01-18 19:14 - 00000000 ____D C:\Program Files (x86)\Fuuni2Savue
2013-12-30 11:03 - 2014-01-19 22:48 - 00000000 ____D C:\ProgramData\DownnSSave
2013-12-30 11:03 - 2014-01-19 22:42 - 00000000 ____D C:\ProgramData\e48e524463011d6f
2013-12-30 11:03 - 2014-01-18 19:18 - 00000000 ____D C:\ProgramData\Fuuni2Savue
2013-12-30 11:03 - 2013-12-30 11:03 - 00000000 ____D C:\ProgramData\agcniifgcajngehbpgemhajfiohohdoc
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 2 Downloade Dir bitte  Malwarebytes Anti-Malware
Schritt 3 ESET Online Scanner
Schritt 4 Starte noch einmal FRST.
Bitte poste in deiner nächsten Antwort:
__________________ cheers, Leo |
|
20.01.2014, 21:36
| #9 |
| | Windows 7: Laptop wurde sehr langsam das mit dem fixen habe ich geschafft, aber Malwarebytee Anti-Malware bleibt immer hängen :/ Kannst du mir da helfen? LG Update: Ich habe Malwarebytes ein paar mal versucht und es blieb immer hängen und der PC auch... Ich weiß nicht ob mir das Programm gerade helfen kann :/ LG |
|
20.01.2014, 22:00
| #10 |
| /// TB-Ausbilder | Windows 7: Laptop wurde sehr langsam Dann mach mal mit dem nächsten Schritte weiter.
__________________ cheers, Leo |
|
21.01.2014, 19:05
| #11 |
| | Windows 7: Laptop wurde sehr langsam Ich habe Eset OnlineScanner auch versucht... Es ist soo erniedrigend... Es war bei 93%, habe nebenbei ein paar Aufgaben für die Schule erledigt und dann Passierte das: Nach ca. 3 h warten hat es sich einfach so geschlossen -.- das macht mich langsam fertig... muss ich das jetzt nochmal machen oder hast du auch eine andere Lösung... LG |
|
22.01.2014, 21:10
| #12 |
| | Windows 7: Laptop wurde sehr langsam Ich habe sie jetzt alle noch einmal versucht, Malewarebytes habe ich kurz bevor er abgestürtzt ist noch geschafft zu pausieren und eine log datei zu machen, ESET OnlineScanner habe ich bis 68% geschafft... Mein Computer hängt sich bei den Programmen immer auf :/ ich habe auch nochmal FRST gemacht, wie es da gestanden ist, lass uns mal schauen ob die logs weiterhelfen  Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 19-01-2014 03
Ran by ***** at 2014-01-20 15:25:40 Run:1
Running from C:\Users\*****\Desktop\Felix
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
S2 tor; C:\Program Files (x86)\Tor\tor.exe [3233806 2013-08-31] ()
C:\Program Files (x86)\Tor
2014-01-19 22:42 - 2014-01-19 22:42 - 00000000 ____D C:\Program Files (x86)\DownnSSave
2014-01-18 19:14 - 2014-01-18 19:14 - 00000000 ____D C:\Program Files (x86)\Fuuni2Savue
2013-12-30 11:03 - 2014-01-19 22:48 - 00000000 ____D C:\ProgramData\DownnSSave
2013-12-30 11:03 - 2014-01-19 22:42 - 00000000 ____D C:\ProgramData\e48e524463011d6f
2013-12-30 11:03 - 2014-01-18 19:18 - 00000000 ____D C:\ProgramData\Fuuni2Savue
2013-12-30 11:03 - 2013-12-30 11:03 - 00000000 ____D C:\ProgramData\agcniifgcajngehbpgemhajfiohohdoc
*****************
tor => Service deleted successfully.
C:\Program Files (x86)\Tor => Moved successfully.
C:\Program Files (x86)\DownnSSave => Moved successfully.
C:\Program Files (x86)\Fuuni2Savue => Moved successfully.
C:\ProgramData\DownnSSave => Moved successfully.
C:\ProgramData\e48e524463011d6f => Moved successfully.
C:\ProgramData\Fuuni2Savue => Moved successfully.
C:\ProgramData\agcniifgcajngehbpgemhajfiohohdoc => Moved successfully.
The system needs a manual reboot.
==== End of Fixlog ====
Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2014.01.22.08 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 11.0.9600.16476 ***** :: *****-NB01 [Administrator] Schutz: Aktiviert 22.01.2014 18:51:15 MBAM-log-2014-01-22 (18-51-59).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 24661 Laufzeit: 18 Sekunde(n) [Abgebrochen] Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 1 HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252} (PUP.Optional.GreatSaver.A) -> Keine Aktion durchgeführt. Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 2 C:\ProgramData\InstallMate\{84D28449-3079-4E93-AC78-785B5F31A6BF}\Custom.dll (PUP.Optional.InstalleRex) -> Keine Aktion durchgeführt. C:\ProgramData\InstallMate\{AE6D961B-8554-429A-A071-CD76758EB4ED}\Custom.dll (PUP.Optional.InstalleRex) -> Keine Aktion durchgeführt. (Ende) Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=f4f8bce9c0b52c4bb4529719aa7b2c9f
# engine=16733
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-01-21 02:57:23
# local_time=2014-01-21 03:57:23 (+0100, Mitteleuropäische Zeit)
# country="Austria"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 100 94 16776557 141946093 0 0
# scanned=1680
# found=2
# cleaned=0
# scan_time=372
sh=3AEF532A0211CE7869F0EB51E940D9E0C7CAE321 ft=1 fh=c7560653d3ee2314 vn="a variant of Win32/Adware.Yontoo.B application" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll.vir"
sh=A55B58C952BBE80889BBB83843AADED6831D6670 ft=1 fh=c388bfc9f940b095 vn="Win64/Adware.MediaFinder.A application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\\AppData\Roaming\Media Finder\Extensions\IEPlugin64.dll.vir"
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=f4f8bce9c0b52c4bb4529719aa7b2c9f
# engine=16736
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-01-21 05:58:03
# local_time=2014-01-21 06:58:03 (+0100, Mitteleuropäische Zeit)
# country="Austria"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 100 94 16787397 141956933 0 0
# scanned=1423
# found=2
# cleaned=0
# scan_time=39
sh=3AEF532A0211CE7869F0EB51E940D9E0C7CAE321 ft=1 fh=c7560653d3ee2314 vn="a variant of Win32/Adware.Yontoo.B application" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll.vir"
sh=A55B58C952BBE80889BBB83843AADED6831D6670 ft=1 fh=c388bfc9f940b095 vn="Win64/Adware.MediaFinder.A application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\\AppData\Roaming\Media Finder\Extensions\IEPlugin64.dll.vir"
ESETSmartInstaller@High as downloader log:
all ok
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-01-2014 02
Ran by ***** (administrator) on *****-NB01 on 22-01-2014 21:04:16
Running from C:\Users\*****\Desktop\Felix\Ordner
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\PSUService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\TrayManager.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Sonix) C:\Windows\vsnp2uvc.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Spotify Ltd) C:\Users\*****\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe
(FUJITSU LIMITED) C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
(Fujitsu Technology Solutions) C:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpWareSE4.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNetDm.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1886504 2009-11-19] (Synaptics Incorporated)
HKLM\...\Run: [BTMTrayAgent] - C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [10228224 2010-11-03] (Intel Corporation)
HKLM\...\Run: [LoadFUJ02E3] - C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe [45680 2010-06-08] (FUJITSU LIMITED)
HKLM\...\Run: [FDM7] - C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe [164712 2009-11-26] (FUJITSU LIMITED)
HKLM\...\Run: [PSUTility] - C:\Program Files\Fujitsu\PSUtility\TrayManager.exe [199528 2010-11-13] (FUJITSU LIMITED)
HKLM\...\Run: [PfNet] - C:\Program Files\Fujitsu\Plugfree NETWORK\PfNet.exe [6311424 2010-10-07] (FUJITSU LIMITED)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11663464 2010-12-07] (Realtek Semiconductor)
HKLM\...\Run: [IntelWireless] - C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1933584 2011-01-05] (Intel(R) Corporation)
HKLM\...\Run: [snp2uvc] - C:\Windows\vsnp2uvc.exe [662016 2009-08-13] (Sonix)
HKLM\...\Run: [LoadFujitsuQuickTouch] - C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe [162416 2010-07-16] (FUJITSU LIMITED)
HKLM\...\Run: [LoadBtnHnd] - C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [21616 2010-07-09] (FUJITSU LIMITED)
HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-10] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\nvspcap64.dll [1100248 2013-12-10] (NVIDIA Corporation)
HKLM-x32\...\Run: [IndicatorUtility] - C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe [48752 2010-09-30] (FUJITSU LIMITED)
HKLM-x32\...\Run: [snp2uvc] - C:\Windows\vsnp2uvc.exe [662016 2009-08-13] (Sonix)
HKLM-x32\...\Run: [DeskUpdateNotifier] - c:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe [97560 2010-10-13] (Fujitsu Technology Solutions)
HKLM-x32\...\Run: [UCam_Menu] - C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [YouCam Mirror Tray icon] - C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe [162912 2009-07-08] (CyberLink Corp.)
HKLM-x32\...\Run: [SSBkgdUpdate] - C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [OpwareSE4] - C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpwareSE4.exe [79400 2007-02-04] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-03-24] (Hewlett-Packard)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\*****\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1168896 2013-12-14] (Spotify Ltd)
HKCU\...\Run: [HP Photosmart 5510 series (NET)] - C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe [2676584 2011-09-16] (Hewlett-Packard Co.)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [168616 2013-12-19] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\Windows\SysWOW64\nvinit.dll => c:\Windows\SysWOW64\nvinit.dll [141336 2013-12-19] (NVIDIA Corporation)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk
ShortcutTarget: LaunchCenter.lnk -> C:\Program Files\Fujitsu\LaunchCenter\LaunchCenter.exe (Fujitsu Technology Solutions)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk
ShortcutTarget: LaunchCenter.lnk -> C:\Program Files\Fujitsu\LaunchCenter\LaunchCenter.exe (Fujitsu Technology Solutions)
==================== Internet (Whitelisted) ====================
ProxyServer: 10.0.0.138:80
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=FTSG&bmod=FTSG
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {AE592437-2644-4A6B-972C-8D5A23AF96C4} URL = hxxp://ecosia.org/search.php?q={searchTerms}&addon=opensearch
SearchScopes: HKCU - {BF15C0A1-A07F-470D-871A-6C8960C0ECBF} URL =
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{41FD9069-21D6-40EB-9555-F0F6DDCFA8FB}: [NameServer]0.0.0.0
FireFox:
========
FF ProfilePath: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\ci75rvj2.default
FF Homepage: https://www.google.com/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @java.com/DTPlugin,version=10.17.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.17.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\*****\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\*****\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\*****\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\*****\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\*****\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\*****\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\*****\AppData\Roaming\mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin ProgramFiles/Appdata: C:\Users\*****\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR Extension: (Google Drive) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-02]
CHR Extension: (YouTube) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-02]
CHR Extension: (Google Search) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-02]
CHR Extension: (No Name) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\elgfababjopgjalkgbfndlempbfdiecf [2013-12-06]
CHR Extension: (Google Wallet) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-02]
CHR Extension: (No Name) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-02]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Users\*****\AppData\Roaming\DVDVideoSoft\dvsYoutubeDownload.crx [2012-10-31]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-03-02]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-01-05] ()
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-10] (NVIDIA Corporation)
R2 PFNService; C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe [331776 2010-10-07] (FUJITSU LIMITED)
R2 PowerSavingUtilityService; C:\Program Files\Fujitsu\PSUtility\PSUService.exe [63336 2010-06-17] (FUJITSU LIMITED)
==================== Drivers (Whitelisted) ====================
R0 FBIOSDRV; C:\Windows\System32\Drivers\FBIOSDRV.sys [21104 2009-06-24] (FUJITSU LIMITED)
R3 FUJ02B1; C:\Windows\System32\DRIVERS\FUJ02B1.sys [7808 2006-11-01] (FUJITSU LIMITED)
R3 FUJ02E3; C:\Windows\system32\drivers\FUJ02E3.sys [7296 2006-11-01] (FUJITSU LIMITED)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)
S3 SMARTMouseFilterx64; C:\Windows\System32\DRIVERS\SMARTMouseFilterx64.sys [13168 2011-07-13] (SMART Technologies ULC)
S3 SMARTVHidMiniVistaAmd64; C:\Windows\System32\DRIVERS\SMARTVHidMiniVistaAmd64.sys [16368 2011-07-13] (SMART Technologies ULC)
S3 SMARTVTabletPCx64; C:\Windows\System32\DRIVERS\SMARTVTabletPCx64.sys [24944 2011-07-13] (SMART Technologies ULC)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1801216 2010-10-09] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-21 15:49 - 2014-01-21 15:49 - 00000000 ____D C:\Program Files (x86)\ESET
2014-01-20 15:28 - 2014-01-20 15:28 - 00000000 ____D C:\Users\*****\AppData\Roaming\Malwarebytes
2014-01-20 15:28 - 2014-01-20 15:28 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-20 15:28 - 2014-01-20 15:28 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-20 15:28 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-20 15:26 - 2014-01-20 15:26 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\*****\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-19 23:40 - 2014-01-22 18:52 - 00001246 _____ C:\Windows\PFRO.log
2014-01-19 23:17 - 2014-01-19 23:17 - 00107630 _____ C:\ComboFix.txt
2014-01-19 22:58 - 2014-01-19 23:17 - 00000000 ____D C:\Qoobox
2014-01-19 22:58 - 2014-01-19 23:16 - 00000000 ____D C:\Windows\erdnt
2014-01-19 22:58 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2014-01-19 22:58 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2014-01-19 22:58 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-01-19 22:58 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-01-19 22:58 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-01-19 22:58 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2014-01-19 22:58 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2014-01-19 22:58 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2014-01-19 22:51 - 2014-01-19 22:52 - 00000000 ____D C:\AdwCleaner
2014-01-19 20:09 - 2014-01-19 20:09 - 01110476 _____ C:\Users\*****\Downloads\7z920.exe
2014-01-19 20:09 - 2014-01-19 20:09 - 00000000 ____D C:\Program Files (x86)\7-Zip
2014-01-19 19:27 - 2014-01-22 21:03 - 00000000 ____D C:\FRST
2014-01-19 19:25 - 2014-01-19 19:25 - 00000000 _____ C:\Users\*****\defogger_reenable
2014-01-19 15:39 - 2014-01-22 21:00 - 00003528 _____ C:\Windows\setupact.log
2014-01-19 15:39 - 2014-01-19 15:39 - 00000000 _____ C:\Windows\setuperr.log
2014-01-19 15:31 - 2014-01-19 15:31 - 00968392 _____ C:\Users\*****\Desktop\CR-FERNWARTUNG.exe
2014-01-19 15:24 - 2014-01-19 15:24 - 00000000 ____D C:\Users\*****\AppData\Local\NVIDIA Corporation
2014-01-19 15:23 - 2014-01-19 15:23 - 00000000 ____D C:\Windows\SysWOW64\NV
2014-01-19 15:23 - 2014-01-19 15:23 - 00000000 ____D C:\Windows\system32\NV
2014-01-19 15:21 - 2014-01-19 15:21 - 00001353 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2014-01-19 15:20 - 2013-12-10 03:15 - 00982232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-01-19 15:20 - 2013-12-10 03:14 - 01100248 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-01-19 15:19 - 2014-01-19 15:19 - 00000000 ____D C:\Users\*****\AppData\Local\NVIDIA
2014-01-19 15:19 - 2014-01-19 15:19 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2014-01-19 15:16 - 2013-12-19 21:33 - 30372640 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 22960416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 18310112 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 18222008 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 15877216 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 15230352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 12645664 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-01-19 15:16 - 2013-12-19 21:33 - 11605752 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 11554264 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 09700224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 09657464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 03132704 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 03125024 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 02947872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 02747680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433221.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433221.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 01436528 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 01242400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 00882464 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 00879392 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 00852768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 00847648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-01-19 15:16 - 2013-12-19 21:33 - 00032544 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys
2014-01-19 15:16 - 2013-12-05 09:42 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-01-19 15:16 - 2013-12-05 09:42 - 00035104 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2014-01-19 15:16 - 2013-12-05 09:42 - 00032544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-01-19 15:15 - 2013-12-19 21:33 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-01-19 15:15 - 2013-12-19 21:33 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-01-19 15:15 - 2013-12-19 21:33 - 03071656 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-01-19 15:15 - 2013-12-19 21:33 - 02698272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-01-19 15:07 - 2014-01-19 15:13 - 266633424 _____ (NVIDIA Corporation) C:\Users\*****\Downloads\332.21-notebook-win8-win7-64bit-international-whql.exe
2014-01-19 14:36 - 2014-01-19 14:36 - 00000000 ____D C:\Program Files\CPUID
2014-01-19 14:35 - 2014-01-19 14:35 - 01466296 _____ ( ) C:\Users\*****\Downloads\cpu-z_1.68-setup-en.exe
2014-01-19 12:10 - 2014-01-19 12:17 - 00000000 ____D C:\Windows\System32\Tasks\Aufgaben der Ereignisanzeige
2014-01-18 21:44 - 2014-01-18 21:47 - 84496144 _____ (alch ) C:\Users\*****\Downloads\clamwin-0.98-setup.exe
2014-01-18 01:27 - 2014-01-18 01:27 - 00000000 ____D C:\Users\*****\AppData\Roaming\NVIDIA
2014-01-18 01:26 - 2014-01-18 01:26 - 00000000 ____D C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-01-17 21:41 - 2014-01-17 21:41 - 00000000 ____D C:\Users\*****\Documents\BFBC2
2014-01-15 18:20 - 2013-11-27 02:42 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 18:20 - 2013-11-27 02:42 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 18:20 - 2013-11-27 02:42 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 18:20 - 2013-11-27 02:42 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 18:20 - 2013-11-27 02:42 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 18:20 - 2013-11-27 02:42 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 18:20 - 2013-11-27 02:42 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 18:20 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 18:20 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-09 18:54 - 2014-01-09 18:54 - 01133552 _____ C:\Users\*****\Downloads\SteamSetup.exe
2014-01-06 21:51 - 2014-01-06 21:51 - 00001094 _____ C:\Users\*****\Downloads\Aufgabe8.zip
2014-01-06 21:51 - 2014-01-06 21:51 - 00001094 _____ C:\Users\*****\Downloads\Aufgabe8 (2).zip
2014-01-06 21:51 - 2014-01-06 21:51 - 00001094 _____ C:\Users\*****\Downloads\Aufgabe8 (1).zip
2014-01-06 21:46 - 2014-01-06 21:46 - 00001094 _____ C:\Users\*****\Downloads\Quelle2.zip
2014-01-05 23:04 - 2014-01-05 23:04 - 00004730 _____ C:\Users\*****\Documents\cc_20140105_230142.reg
2013-12-23 12:30 - 2013-12-23 12:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-23 12:02 - 2014-01-19 16:39 - 00000000 ____D C:\Program Files (x86)\Steam
==================== One Month Modified Files and Folders =======
2014-01-22 21:04 - 2013-11-04 13:36 - 00000000 ____D C:\Users\*****\Desktop\Felix
2014-01-22 21:03 - 2014-01-19 19:27 - 00000000 ____D C:\FRST
2014-01-22 21:01 - 2013-11-09 17:35 - 00000256 _____ C:\Windows\Tasks\HP Photo Creations Messager.job
2014-01-22 21:00 - 2014-01-19 15:39 - 00003528 _____ C:\Windows\setupact.log
2014-01-22 21:00 - 2011-11-25 19:49 - 00001104 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-22 20:59 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-22 19:28 - 2013-09-21 13:34 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-22 19:28 - 2011-11-07 20:18 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2109869091-239777414-2284813190-1001UA.job
2014-01-22 19:28 - 2011-10-27 12:01 - 01670322 _____ C:\Windows\WindowsUpdate.log
2014-01-22 19:22 - 2009-07-14 05:45 - 00020944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-22 19:22 - 2009-07-14 05:45 - 00020944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-22 18:52 - 2014-01-19 23:40 - 00001246 _____ C:\Windows\PFRO.log
2014-01-22 18:51 - 2011-04-11 18:26 - 05127210 _____ C:\Windows\system32\perfh007.dat
2014-01-22 18:51 - 2011-04-11 18:26 - 01602660 _____ C:\Windows\system32\perfc007.dat
2014-01-22 18:51 - 2009-07-14 06:13 - 00006520 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-22 15:36 - 2011-11-07 20:18 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2109869091-239777414-2284813190-1001Core.job
2014-01-21 18:43 - 2011-11-25 19:49 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-21 15:49 - 2014-01-21 15:49 - 00000000 ____D C:\Program Files (x86)\ESET
2014-01-21 15:43 - 2013-10-25 20:21 - 00000000 ____D C:\Users\*****\Documents\Visual Studio 2012
2014-01-20 15:28 - 2014-01-20 15:28 - 00000000 ____D C:\Users\*****\AppData\Roaming\Malwarebytes
2014-01-20 15:28 - 2014-01-20 15:28 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-20 15:28 - 2014-01-20 15:28 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-20 15:26 - 2014-01-20 15:26 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\*****\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-19 23:17 - 2014-01-19 23:17 - 00107630 _____ C:\ComboFix.txt
2014-01-19 23:17 - 2014-01-19 22:58 - 00000000 ____D C:\Qoobox
2014-01-19 23:17 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Default
2014-01-19 23:16 - 2014-01-19 22:58 - 00000000 ____D C:\Windows\erdnt
2014-01-19 23:15 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2014-01-19 22:52 - 2014-01-19 22:51 - 00000000 ____D C:\AdwCleaner
2014-01-19 20:09 - 2014-01-19 20:09 - 01110476 _____ C:\Users\*****\Downloads\7z920.exe
2014-01-19 20:09 - 2014-01-19 20:09 - 00000000 ____D C:\Program Files (x86)\7-Zip
2014-01-19 19:25 - 2014-01-19 19:25 - 00000000 _____ C:\Users\*****\defogger_reenable
2014-01-19 19:25 - 2011-10-27 12:04 - 00000000 ____D C:\Users\*****
2014-01-19 16:39 - 2013-12-23 12:02 - 00000000 ____D C:\Program Files (x86)\Steam
2014-01-19 15:39 - 2014-01-19 15:39 - 00000000 _____ C:\Windows\setuperr.log
2014-01-19 15:31 - 2014-01-19 15:31 - 00968392 _____ C:\Users\*****\Desktop\CR-FERNWARTUNG.exe
2014-01-19 15:24 - 2014-01-19 15:24 - 00000000 ____D C:\Users\*****\AppData\Local\NVIDIA Corporation
2014-01-19 15:24 - 2011-10-27 20:50 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2014-01-19 15:23 - 2014-01-19 15:23 - 00000000 ____D C:\Windows\SysWOW64\NV
2014-01-19 15:23 - 2014-01-19 15:23 - 00000000 ____D C:\Windows\system32\NV
2014-01-19 15:23 - 2011-10-27 20:51 - 00000000 ____D C:\ProgramData\NVIDIA
2014-01-19 15:23 - 2011-10-27 12:05 - 00113232 _____ C:\Users\*****\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-19 15:22 - 2009-07-14 05:45 - 00444208 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-19 15:21 - 2014-01-19 15:21 - 00001353 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2014-01-19 15:20 - 2011-10-27 20:50 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2014-01-19 15:20 - 2011-10-27 20:50 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2014-01-19 15:19 - 2014-01-19 15:19 - 00000000 ____D C:\Users\*****\AppData\Local\NVIDIA
2014-01-19 15:19 - 2014-01-19 15:19 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2014-01-19 15:13 - 2014-01-19 15:07 - 266633424 _____ (NVIDIA Corporation) C:\Users\*****\Downloads\332.21-notebook-win8-win7-64bit-international-whql.exe
2014-01-19 15:02 - 2012-01-24 15:09 - 00000000 ____D C:\ProgramData\Microsoft Help
2014-01-19 15:01 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2014-01-19 15:00 - 2010-11-21 08:16 - 00000000 ____D C:\Windows\ShellNew
2014-01-19 14:56 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\System
2014-01-19 14:56 - 2009-07-14 03:34 - 00000387 _____ C:\Windows\win.ini
2014-01-19 14:36 - 2014-01-19 14:36 - 00000000 ____D C:\Program Files\CPUID
2014-01-19 14:35 - 2014-01-19 14:35 - 01466296 _____ ( ) C:\Users\*****\Downloads\cpu-z_1.68-setup-en.exe
2014-01-19 14:14 - 2011-10-27 16:32 - 00000000 ____D C:\Users\*****\AppData\Local\CrashDumps
2014-01-19 12:17 - 2014-01-19 12:10 - 00000000 ____D C:\Windows\System32\Tasks\Aufgaben der Ereignisanzeige
2014-01-19 08:33 - 2010-11-21 04:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-01-18 21:47 - 2014-01-18 21:44 - 84496144 _____ (alch ) C:\Users\*****\Downloads\clamwin-0.98-setup.exe
2014-01-18 13:02 - 2013-09-21 13:34 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-01-18 13:02 - 2012-04-19 16:20 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-18 13:02 - 2011-11-09 10:30 - 00000000 ____D C:\Users\*****\AppData\Local\Adobe
2014-01-18 13:02 - 2011-10-27 16:32 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-18 01:27 - 2014-01-18 01:27 - 00000000 ____D C:\Users\*****\AppData\Roaming\NVIDIA
2014-01-18 01:26 - 2014-01-18 01:26 - 00000000 ____D C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-01-17 21:41 - 2014-01-17 21:41 - 00000000 ____D C:\Users\*****\Documents\BFBC2
2014-01-15 20:47 - 2013-08-15 10:03 - 00000000 ____D C:\Windows\system32\MRT
2014-01-15 20:44 - 2011-10-27 13:11 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-12 19:41 - 2011-11-05 12:48 - 00000000 ____D C:\Mama
2014-01-11 10:41 - 2011-10-27 17:05 - 00000000 ____D C:\Users\*****\AppData\Roaming\Skype
2014-01-09 19:15 - 2012-09-07 20:46 - 00000000 ____D C:\Users\*****\AppData\Roaming\Spotify
2014-01-09 18:55 - 2012-09-07 20:48 - 00000000 ____D C:\Users\*****\AppData\Local\Spotify
2014-01-09 18:54 - 2014-01-09 18:54 - 01133552 _____ C:\Users\*****\Downloads\SteamSetup.exe
2014-01-09 18:43 - 2011-12-04 10:45 - 00000000 ____D C:\Users\*****\Desktop\Neue Musik
2014-01-06 21:51 - 2014-01-06 21:51 - 00001094 _____ C:\Users\*****\Downloads\Aufgabe8.zip
2014-01-06 21:51 - 2014-01-06 21:51 - 00001094 _____ C:\Users\*****\Downloads\Aufgabe8 (2).zip
2014-01-06 21:51 - 2014-01-06 21:51 - 00001094 _____ C:\Users\*****\Downloads\Aufgabe8 (1).zip
2014-01-06 21:46 - 2014-01-06 21:46 - 00001094 _____ C:\Users\*****\Downloads\Quelle2.zip
2014-01-05 23:04 - 2014-01-05 23:04 - 00004730 _____ C:\Users\*****\Documents\cc_20140105_230142.reg
2013-12-27 14:01 - 2013-10-24 14:03 - 00000000 ____D C:\Program Files (x86)\Ss-Helper
2013-12-27 13:10 - 2011-10-27 12:09 - 00000000 ____D C:\Windows\System32\Tasks\Fujitsu
2013-12-25 18:15 - 2009-07-14 06:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-12-23 15:14 - 2012-05-31 16:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-23 12:31 - 2013-12-23 12:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-01-13 10:11
==================== End Of Log ============================
|
|
22.01.2014, 21:13
| #13 |
| /// TB-Ausbilder | Windows 7: Laptop wurde sehr langsam Hm, schau mal, was Emsisoft meint: Lade dir bitte das Setup von Emsisoft Anti-Malware auf den Desktop herunter.
__________________ cheers, Leo |
|
22.01.2014, 21:57
| #14 |
| | Windows 7: Laptop wurde sehr langsam Der Link von Emsisoft lässt sich nicht öffnen :0 Soll ich es von der Offiziellen Seite downloaden? LG Das Programm läuft schon, aber bei den wenigen Fotos braucht der computer sehr lang  |
|
25.01.2014, 15:35
| #15 |
| /// TB-Ausbilder | Windows 7: Laptop wurde sehr langsam Ja entschuldige, mein Link war tatsächlich leer. Ist der Scan mittlerweile durch?
__________________ cheers, Leo |
|
| Themen zu Windows 7: Laptop wurde sehr langsam |
| absturz, angezeigt, anhang, bat, battlefield, compu, computer, cpu-auslastung, freunde, gemerkt, gen, hänge, hängen, keine rückmeldung, langsam, laptop, nicht mehr, party, rückmeldung, speicher, taskmanager, wieviel, windows, windows 7, öffnen |
WARNUNG an die MITLESER: 
Linear-Darstellung
