| |
| |||||||
Log-Analyse und Auswertung: Auf USB Stick nur noch Verknüpfungen (Dateien sind versteckt)Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
04.02.2014, 21:39
| #1 |
 |  Auf USB Stick nur noch Verknüpfungen (Dateien sind versteckt) Hallo, ich habe ein Problem mit meinem USb Stick. Ich habe ihn an den Laptop meiner Mitbewohnerinnen angeschlossen, nachdem sie mir erzählte, dass bei ihr nur noch Verknüpfungen auf dem USB-Stick angezeigt werden. Wir wollten ausprobieren, ob es am Stick oder am Pc liegt. Leider hab ich mich dadurch auch mit dem Virus (?) infiziert. Ich habe bereits entdeckt, dass die Dateien, die auf dem Stick sind, nicht gelöscht sind, sondern nur versteckt, sie werden also durch entsprechende Befehle zwar wieder sichtbar, die Verknüpfungen sind aber nach wie vor da. Werden sie gelöscht, dauert es ein paar Sekunden und sie werden wieder erstellt. Mein Virenprogramm (Avast) findet keinen Virus auf dem Pc oder auf dem Stick. Ich habe alle Schritte des Threads "Für alle Hilfesuchenden" durchgemacht und lade die hier mit hoch. Ich hoffe, dass das Problem gelöst werden kann, ich kann leider auch nicht beurteilen, ob die Fehler "nur" auf dem Stick sind oder ob dadurch auch der PC befallen wird. Kenne mich da nicht wirklich gut aus.. Ich wäre sehr dankbar, wenn mir jemand helfen könnte das Problem zu lösen, vielen Dank schon mal, liebe Grüße, Lisa Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 18:18 on 04/02/2014 (Lisa)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-02-2014
Ran by Lisa (administrator) on LISA-PC on 04-02-2014 18:19:52
Running from C:\Users\Lisa\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
() C:\ProgramData\InternetUpdater\InternetUpdaterService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Windows\PLFSetI.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_152.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_152.exe
(1&1 Mail & Media GmbH) C:\Program Files (x86)\1und1Softwareaktualisierung\cdsupdclient.exe
(Microsoft Corporation) C:\Windows\System32\wscript.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE
() C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\OFFICEVIRT.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [9913376 2009-12-29] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1890088 2009-12-10] (Synaptics Incorporated)
HKLM\...\Run: [PLFSetI] - C:\Windows\PLFSetI.exe [206208 2010-01-13] ()
HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [861216 2010-04-23] (Acer Incorporated)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [908368 2010-04-08] (Dritek System Inc.)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-04-13] (Intel Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-17] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\Alwil Software\Avast5\AvastUI.exe [3568312 2013-12-05] (AVAST Software)
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2013-03-20] (Microsoft Corporation)
HKU\S-1-5-21-139026441-2476403991-3850679298-1000\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe /default
HKU\S-1-5-21-139026441-2476403991-3850679298-1001\...\Run: [flashmemory] - C:\Users\Lisa\AppData\Local\Temp\flashmemory.vbe [86339121 2013-12-29] () <===== ATTENTION
HKU\S-1-5-21-139026441-2476403991-3850679298-1001\...\MountPoints2: {1f04dbde-aecc-11e0-9f21-705ab6fe453c} - E:\steambackup2.EXE
HKU\S-1-5-21-139026441-2476403991-3850679298-1001\...\MountPoints2: {3918e119-9e65-11e0-bf4e-70f1a1c486f1} - E:\LaunchU3.exe -a
Startup: C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\flashmemory.vbe ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://pub.dyndns.tv/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5741g&r=27360910n225l0424z165t4642q570
SearchScopes: HKLM-x32 - DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKCU - DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE397DE397
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3317209&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP7521D0C3-8B85-4021-8AA3-7FD596B54820&q={searchTerms}&SSPV=
SearchScopes: HKCU - {02E995A5-719F-43B1-90C6-7B83B30CDBB0} URL = hxxp://search.gmx.com/web?q={searchTerms}&origin=tb_splugin_ie
SearchScopes: HKCU - {0A09EE80-F5DB-4D03-B8BF-D9EAF80380E7} URL = hxxp://go.web.de/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKCU - {4C76F966-6071-4A72-9994-F93775FB3978} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=827316&p={searchTerms}
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE397DE397
SearchScopes: HKCU - {92C74114-FA86-4CFE-8D6E-D92D2D25609B} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKCU - {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = hxxp://www.daemon-search.com/search?q={searchTerms}
SearchScopes: HKCU - {B4068D08-2FE3-41F5-8A89-87453C743901} URL = hxxp://go.gmx.net/tb/ie_searchplugin/?su={searchTerms}
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll No File
Toolbar: HKLM - DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll No File
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll No File
Toolbar: HKCU - No Name - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - No File
Toolbar: HKCU - No Name - {C424171E-592A-415A-9EB1-DFD6D95D3530} - No File
DPF: HKLM-x32 {FF3BA0DA-79B5-4110-8FAC-C402D85AAEDA} hxxp://pub.dyndns.tv/view.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\nmreiupj.default
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.summer-breeze.de/
FF Keyword.URL: hxxp://vshare.toolbarhome.com/search.aspx?srch=ku&q=
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.21.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nexon.net/NxGame - C:\ProgramData\NexonUS\NGM\npNxGameUS.dll No File
FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameeu.dll No File
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Lisa\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF SearchPlugin: C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\nmreiupj.default\searchplugins\web-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Forecastfox - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\nmreiupj.default\Extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3} [2012-10-09]
FF Extension: FastestFox - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\nmreiupj.default\Extensions\smarterwiki@wikiatic.com.xpi [2011-12-05]
FF Extension: IE View - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\nmreiupj.default\Extensions\{6e84150a-d526-41f1-a480-a67d3fed910d}.xpi [2011-12-11]
FF Extension: Adblock Plus - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\nmreiupj.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-12-03]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-20]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-03-22]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011-06-20]
Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR HKLM-x32\...\Chrome\Extension: [dhkplhfnhceodhffomolpfigojocbpcb] - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonChrome.crx []
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [68096 2011-01-11] ()
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-17] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-12] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1011768 2013-12-17] (Avira Operations GmbH & Co. KG)
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [50344 2013-12-05] (AVAST Software)
R2 InternetUpdater; C:\ProgramData\InternetUpdater\InternetUpdaterService.exe [40448 2013-12-06] ()
S3 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-04-17] (Egis Technology Inc.)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4330168 2011-05-11] (INCA Internet Co., Ltd.)
S4 Dpsagchccp3.0; No ImagePath
==================== Drivers (Whitelisted) ====================
R2 aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [38984 2013-12-05] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [84328 2013-12-05] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-12-05] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-12-05] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1032416 2013-12-05] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [409832 2013-12-05] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65264 2013-12-05] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [205320 2013-12-05] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2010-11-01] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-07] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [254528 2011-07-23] (DT Soft Ltd)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2010-11-01] ()
S3 NPPTNT2; C:\Windows\SysWOW64\npptNT2.sys [4682 2005-01-04] (INCA Internet Co., Ltd.)
R3 SjtWinIo; C:\Windows\System32\DRIVERS\SjtWinIo.sys [9216 2012-03-26] (SpeedJet Technology INC.)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] ()
R2 {B154377D-700F-42cc-9474-23858FBDF4BD}; C:\Program Files (x86)\CyberLink\PowerDVD9\000.fcl [146928 2010-04-28] (CyberLink Corp.)
S3 dump_wmimmc; \??\C:\Program Files\gPotato.eu\FlyFF\GameGuard\dump_wmimmc.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-04 18:19 - 2014-02-04 18:21 - 00021255 _____ () C:\Users\Lisa\Downloads\FRST.txt
2014-02-04 18:19 - 2014-02-04 18:19 - 00000000 ____D () C:\FRST
2014-02-04 18:18 - 2014-02-04 18:19 - 02080256 _____ (Farbar) C:\Users\Lisa\Downloads\FRST64.exe
2014-02-04 18:18 - 2014-02-04 18:18 - 00000470 _____ () C:\Users\Lisa\Downloads\defogger_disable.log
2014-02-04 18:18 - 2014-02-04 18:18 - 00000000 _____ () C:\Users\Lisa\defogger_reenable
2014-02-04 18:17 - 2014-02-04 18:17 - 00050477 _____ () C:\Users\Lisa\Downloads\Defogger.exe
2014-02-04 17:48 - 2014-02-04 17:48 - 00025891 _____ () C:\Users\Lisa\Documents\dfdfd.odt
2014-02-04 17:47 - 2014-02-04 17:48 - 00022150 _____ () C:\Users\Lisa\Documents\dfdfdf.odt
2014-02-04 17:13 - 2014-02-04 17:21 - 00000000 ____D () C:\Users\Lisa\Desktop\USB
2014-02-03 12:12 - 2014-02-03 12:12 - 14561543 _____ () C:\Users\Lisa\Downloads\Korrigiert.zip
2014-01-29 13:45 - 2014-01-29 13:45 - 00028545 _____ () C:\Users\Lisa\Downloads\Pagination-1.3.8.zip
2014-01-20 22:05 - 2014-01-22 15:42 - 00000000 ____D () C:\Users\Lisa\Desktop\LliD
2014-01-16 11:56 - 2014-01-16 11:57 - 00895504 _____ () C:\Windows\Minidump\011614-18111-01.dmp
2014-01-16 11:56 - 2014-01-16 11:56 - 602410519 _____ () C:\Windows\MEMORY.DMP
2014-01-15 11:53 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 11:53 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 11:53 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 11:53 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 11:53 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 11:53 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 11:53 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 11:53 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-11 12:12 - 2014-01-12 21:56 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Awesomium
2014-01-09 00:52 - 2014-01-09 00:52 - 00000000 ____D () C:\Users\Lisa\Documents\Elder Scrolls Online
2014-01-09 00:52 - 2014-01-09 00:52 - 00000000 ____D () C:\ProgramData\Elder Scrolls Online
2014-01-08 12:32 - 2014-01-08 12:38 - 00000000 ____D () C:\Program Files (x86)\Zenimax Online
2014-01-08 12:27 - 2014-01-08 12:28 - 55903624 _____ ( ) C:\Users\Lisa\Downloads\Install_ESO_Beta.exe
==================== One Month Modified Files and Folders =======
2014-02-04 18:21 - 2014-02-04 18:19 - 00021255 _____ () C:\Users\Lisa\Downloads\FRST.txt
2014-02-04 18:19 - 2014-02-04 18:19 - 00000000 ____D () C:\FRST
2014-02-04 18:19 - 2014-02-04 18:18 - 02080256 _____ (Farbar) C:\Users\Lisa\Downloads\FRST64.exe
2014-02-04 18:18 - 2014-02-04 18:18 - 00000470 _____ () C:\Users\Lisa\Downloads\defogger_disable.log
2014-02-04 18:18 - 2014-02-04 18:18 - 00000000 _____ () C:\Users\Lisa\defogger_reenable
2014-02-04 18:18 - 2013-11-06 14:17 - 00000000 ____D () C:\Users\Lisa\Desktop\BA
2014-02-04 18:18 - 2010-09-18 15:21 - 00000000 ____D () C:\Users\Lisa
2014-02-04 18:17 - 2014-02-04 18:17 - 00050477 _____ () C:\Users\Lisa\Downloads\Defogger.exe
2014-02-04 17:49 - 2010-06-23 01:41 - 01303927 _____ () C:\Windows\WindowsUpdate.log
2014-02-04 17:48 - 2014-02-04 17:48 - 00025891 _____ () C:\Users\Lisa\Documents\dfdfd.odt
2014-02-04 17:48 - 2014-02-04 17:47 - 00022150 _____ () C:\Users\Lisa\Documents\dfdfdf.odt
2014-02-04 17:21 - 2014-02-04 17:13 - 00000000 ____D () C:\Users\Lisa\Desktop\USB
2014-02-04 15:51 - 2010-06-23 11:33 - 00716620 _____ () C:\Windows\system32\perfh007.dat
2014-02-04 15:51 - 2010-06-23 11:33 - 00156088 _____ () C:\Windows\system32\perfc007.dat
2014-02-04 15:51 - 2009-07-14 06:13 - 01664276 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-04 15:49 - 2010-09-18 15:23 - 00000000 ___RD () C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-04 10:59 - 2009-07-14 05:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-04 10:59 - 2009-07-14 05:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-04 10:51 - 2012-11-09 01:31 - 00004184 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-02-04 10:50 - 2013-12-30 17:33 - 00002614 _____ () C:\Windows\setupact.log
2014-02-04 10:50 - 2010-06-23 01:45 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-02-04 10:50 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-03 19:09 - 2010-10-05 12:20 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-02-03 12:12 - 2014-02-03 12:12 - 14561543 _____ () C:\Users\Lisa\Downloads\Korrigiert.zip
2014-02-03 01:16 - 2010-10-17 16:37 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\SoftGrid Client
2014-02-01 17:27 - 2010-10-04 20:16 - 00000000 ____D () C:\ProgramData\Xfire
2014-01-29 13:45 - 2014-01-29 13:45 - 00028545 _____ () C:\Users\Lisa\Downloads\Pagination-1.3.8.zip
2014-01-29 12:27 - 2010-10-09 13:07 - 00000000 ____D () C:\Users\Lisa\Desktop\Lisa
2014-01-24 16:32 - 2014-01-03 14:38 - 00000000 ____D () C:\Users\Lisa\Desktop\Neuseeland
2014-01-23 21:41 - 2010-10-04 20:16 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Xfire
2014-01-22 15:42 - 2014-01-20 22:05 - 00000000 ____D () C:\Users\Lisa\Desktop\LliD
2014-01-19 09:25 - 2014-01-04 12:44 - 00002494 _____ () C:\Windows\PFRO.log
2014-01-18 16:57 - 2010-11-01 21:45 - 00000000 ____D () C:\Users\Lisa\Desktop\Games
2014-01-18 16:54 - 2010-05-06 12:24 - 00000000 ____D () C:\Program Files (x86)\Acer GameZone
2014-01-16 12:00 - 2009-07-14 06:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-01-16 12:00 - 2009-07-14 05:45 - 04844304 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-01-16 11:57 - 2014-01-16 11:56 - 00895504 _____ () C:\Windows\Minidump\011614-18111-01.dmp
2014-01-16 11:56 - 2014-01-16 11:56 - 602410519 _____ () C:\Windows\MEMORY.DMP
2014-01-16 11:56 - 2012-11-06 11:34 - 00000000 ____D () C:\Windows\Minidump
2014-01-16 03:01 - 2013-08-18 21:05 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-16 03:01 - 2010-10-10 18:09 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-12 21:56 - 2014-01-11 12:12 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Awesomium
2014-01-09 00:52 - 2014-01-09 00:52 - 00000000 ____D () C:\Users\Lisa\Documents\Elder Scrolls Online
2014-01-09 00:52 - 2014-01-09 00:52 - 00000000 ____D () C:\ProgramData\Elder Scrolls Online
2014-01-08 12:38 - 2014-01-08 12:32 - 00000000 ____D () C:\Program Files (x86)\Zenimax Online
2014-01-08 12:28 - 2014-01-08 12:27 - 55903624 _____ ( ) C:\Users\Lisa\Downloads\Install_ESO_Beta.exe
2014-01-07 16:03 - 2010-10-04 20:08 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Skype
2014-01-06 15:03 - 2010-10-04 19:57 - 00000000 ____D () C:\Users\Lisa\Desktop\Musik
Files to move or delete:
====================
C:\Users\Lisa\AppData\Local\Temp\flashmemory.vbe
C:\ProgramData\dsgsdgdsgdsgw.pad
Some content of TEMP:
====================
C:\Users\Lisa\AppData\Local\Temp\avgnt.exe
C:\Users\Lisa\AppData\Local\Temp\nsa7950.exe
C:\Users\Lisa\AppData\Local\Temp\nsf75C5.exe
C:\Users\Lisa\AppData\Local\Temp\nsl8044.exe
C:\Users\Lisa\AppData\Local\Temp\nsq4E1B.exe
C:\Users\Lisa\AppData\Local\Temp\nsv4959.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-01-29 14:12
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-02-2014
Ran by Lisa at 2014-02-04 18:22:21
Running from C:\Users\Lisa\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
Acer Backup Manager (x32 Version: 2.0.0.60 - NewTech Infosystems)
Acer Crystal Eye Webcam (x32 Version: 5.2.11.2 - Suyin Optronics Corp)
Acer ePower Management (x32 Version: 5.00.3004 - Acer Incorporated)
Acer eRecovery Management (x32 Version: 4.05.3011 - Acer Incorporated)
Acer GameZone Console (x32 Version: 6.1.0.2 - Oberon Media, Inc.)
Acer Updater (x32 Version: 1.02.3001 - Acer Incorporated)
Acrobat.com (x32 Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.1.0.4880 - Adobe Systems Incorporated) Hidden
Adobe Community Help (x32 Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Community Help (x32 Version: 3.4.980 - Adobe Systems Incorporated.) Hidden
Adobe Content Viewer (x32 Version: 1.4.0 - Adobe Systems Incorporated)
Adobe Content Viewer (x32 Version: 1.4.0 - Adobe Systems Incorporated) Hidden
Adobe Download Assistant (x32 Version: 1.0.6 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.0.6 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 10 ActiveX (x32 Version: 10.0.45.2 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.152 - Adobe Systems Incorporated)
Adobe Photoshop CS (x32 Version: CS - Adobe Systems, Inc.)
Adobe Reader XI (11.0.02) - Deutsch (x32 Version: 11.0.02 - Adobe Systems Incorporated)
Age of Empires III - The WarChiefs (x32 Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III - The WarChiefs (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Apple Application Support (x32 Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
Audacity 1.2.6 (x32 Version: - )
avast! Free Antivirus (x32 Version: 9.0.2008 - Avast Software)
Avira Free Antivirus (x32 Version: 14.0.2.286 - Avira)
Backup Manager Basic (x32 Version: 2.0.0.60 - NewTech Infosystems) Hidden
Bonjour (Version: 3.0.0.10 - Apple Inc.)
Broadcom Gigabit NetLink Controller (Version: 12.52.04 - Broadcom Corporation)
CCleaner (Version: 4.09 - Piriform)
CDBurnerXP (x32 Version: 4.5.1.4003 - CDBurnerXP)
Counter-Strike: Condition Zero (x32 Version: - Valve)
CyberLink PowerDVD 9 (x32 Version: 9.0.2829.50 - CyberLink Corp.)
CyberLink PowerDVD 9 (x32 Version: 9.0.2829.50 - CyberLink Corp.) Hidden
DAEMON Tools Lite (x32 Version: 4.40.2.0131 - DT Soft Ltd)
DivX-Setup (x32 Version: 2.6.1.8 - DivX, LLC)
Dropbox (HKCU Version: 1.2.48 - Dropbox, Inc.)
Far Cry 2 (x32 Version: 1.03.00 - Ubisoft)
Free YouTube to MP3 Converter version 3.11.33.1005 (x32 Version: 3.11.33.1005 - DVDVideoSoft Ltd.)
Google Earth (x32 Version: 5.2.1.1588 - Google)
Half-Life 2 (x32 Version: - Valve)
Hamachi 1.0.3.0 (x32 Version: - )
Identity Card (x32 Version: 1.00.3003 - Acer Incorporated)
Intel(R) Management Engine Components (x32 Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (x32 Version: 9.6.2.1001 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (x32 Version: 01.01.01.1007 - Intel Corporation)
Internet Updater (x32 Version: 2.6.52 - Parallel Lines Development, LLC) <==== ATTENTION
iTunes (Version: 11.1.3.8 - Apple Inc.)
Java 7 Update 21 (64-bit) (Version: 7.0.210 - Oracle)
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Launch Manager (x32 Version: 4.0.8 - Acer Inc.)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.0.19.0 - Microsoft Corporation)
Microsoft Office 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Klick-und-Los 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (x32 Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft PowerPoint Viewer (x32 Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
MyWinLocker (x32 Version: 3.1.210.0 - Egis Technology Inc.) Hidden
MyWinLocker Suite (x32 Version: 3.1.210.0 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 3.1.210.0 - Egis Technology Inc.) Hidden
Nexon Game Manager (x32 Version: - )
Norton Online Backup (x32 Version: 1.2.0.36 - Symantec)
NTI Backup Now 5 (x32 Version: 5.1.2.628 - NewTech Infosystems)
NTI Backup Now Standard (x32 Version: 5.1.2.628 - NewTech Infosystems) Hidden
NTI Media Maker 8 (x32 Version: 8.0.12.6630 - NewTech Infosystems)
NTI Media Maker 8 (x32 Version: 8.0.12.6630 - NewTech Infosystems) Hidden
NVIDIA 3D Vision Treiber 327.02 (Version: 327.02 - NVIDIA Corporation)
NVIDIA Drivers (Version: 1.10.59.37 - NVIDIA Corporation)
NVIDIA Grafiktreiber 327.02 (Version: 327.02 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.0213 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2702 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 327.02 (Version: 327.02 - NVIDIA Corporation) Hidden
NVIDIA Update 1.14.17 (Version: 1.14.17 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.14.17 - NVIDIA Corporation) Hidden
NVIDIA Updatus (x32 Version: 1.0.3 - NVIDIA Corporation) Hidden
OpenOffice.org 3.0 (x32 Version: 3.0.9379 - OpenOffice.org)
Pando Media Booster (x32 Version: 2.3.6.0 - Pando Networks Inc.)
Pizza Syndicate deinstallieren (x32 Version: - )
Portal (x32 Version: - Valve)
Power Packet5.0 _x86Setup (x32 Version: 1.0.6 - Intellon)
QuickTime (x32 Version: 7.73.80.64 - Apple Inc.)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6015 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (x32 Version: 6.1.7600.30118 - Realtek Semiconductor Corp.)
Rise and Fall (x32 Version: 1.00.0000 - Midway Games)
S.T.A.L.K.E.R. - Shadow of Chernobyl (x32 Version: 1.0000 - THQ)
Shredder (Version: 2.0.8.3 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.3 - Egis Technology Inc.) Hidden
Skype Click to Call (x32 Version: 5.6.8442 - Skype Technologies S.A.)
Skype™ 6.1 (x32 Version: 6.1.129 - Skype Technologies S.A.)
Steam (x32 Version: 1.0.0.0 - Valve)
Synaptics Pointing Device Driver (Version: 14.0.19.0 - Synaptics Incorporated)
TeamSpeak 3 Client (x32 Version: - TeamSpeak Systems GmbH)
The Elder Scrolls Online Beta (x32 Version: 0.3.4 - )
The Elder Scrolls V: Skyrim (x32 Version: - Bethesda Game Studios)
Überwachungstool für die Intel® Turbo-Boost-Technik (Version: 1.0.186.6 - Intel)
Uninstall 1.0.0.1 (x32 Version: - )
Unity Web Player (HKCU Version: - Unity Technologies ApS)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 1.1.11 (x32 Version: 1.1.11 - VideoLAN)
WEB.DE Softwareaktualisierung (x32 Version: 2.0.1.9 - 1&1 Mail & Media GmbH)
Winamp (x32 Version: 5.581 - Nullsoft, Inc)
Winamp Detector Plug-in (HKCU Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live Anmelde-Assistent (x32 Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Call (x32 Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8081.709 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 14.0.8091.0730 - Microsoft Corporation) Hidden
Windows Live Sync (x32 Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (x32 Version: 14.0.8014.1029 - Microsoft Corporation)
WinRAR (x32 Version: - )
Xfire (remove only) (x32 Version: - )
==================== Restore Points =========================
16-01-2014 02:00:15 Windows Update
21-01-2014 09:02:30 Windows Update
24-01-2014 09:36:02 Windows Update
28-01-2014 11:34:18 Windows Update
01-02-2014 15:20:18 Windows Update
==================== Hosts content: ==========================
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {0BFE4847-9F11-4515-9DCD-1E2675CAAD2B} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)
Task: {1F583C23-23A7-4C81-880E-901428061B10} - System32\Tasks\avast! Emergency Update => C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe [2013-12-05] (AVAST Software)
Task: {226EB9C9-93BA-4E3C-AF17-A2116E713796} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {7C892896-F60B-45AE-9137-EA60EF9CDEDD} - System32\Tasks\{9707A513-D39A-4A65-B6F4-A48E65730D9C} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-01-08] (Skype Technologies S.A.)
Task: {90B07063-0292-4213-BDFD-409AAD10A857} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd)
Task: {A9C9DFAF-0DDF-4542-AD53-F27C6F8AA4CA} - System32\Tasks\Registration 1und1 Task => C:\Program Files (x86)\1und1Softwareaktualisierung\cdsupdclient.exe [2011-07-28] (1&1 Mail & Media GmbH)
Task: {E8EB6E89-7C1C-4973-813C-526AF4F9A677} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
==================== Loaded Modules (whitelisted) =============
2010-09-20 19:18 - 2010-03-15 10:28 - 00052224 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2014-02-04 10:51 - 2014-02-04 09:16 - 02168320 _____ () C:\Program Files\Alwil Software\Avast5\defs\14020400\algo.dll
2013-08-08 15:54 - 2013-08-05 16:54 - 00394824 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2011-09-27 07:23 - 2011-09-27 07:23 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2011-09-27 07:22 - 2011-09-27 07:22 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2010-03-09 01:18 - 2010-03-09 01:18 - 00465576 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
2010-03-09 01:13 - 2010-03-09 01:13 - 01081600 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ACE.dll
2010-05-06 13:01 - 2009-05-20 07:02 - 00072200 _____ () C:\Program Files (x86)\Launch Manager\CdDirIo.dll
2013-12-05 15:22 - 2013-12-05 15:22 - 19336120 _____ () C:\Program Files\Alwil Software\Avast5\libcef.dll
2013-08-25 11:55 - 2013-08-25 11:55 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\eff228aa396c1d45248a54b44d7ce5a0\IsdiInterop.ni.dll
2010-06-23 01:53 - 2010-04-13 08:52 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2013-12-20 15:16 - 2013-12-20 15:16 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-11-21 11:12 - 2013-11-21 11:12 - 16237448 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\Temp:0B9176C0
AlternateDataStreams: C:\ProgramData\Temp:4D066AD2
AlternateDataStreams: C:\ProgramData\Temp:5D7E5A8F
AlternateDataStreams: C:\ProgramData\Temp:798A3728
AlternateDataStreams: C:\ProgramData\Temp:93DE1838
AlternateDataStreams: C:\ProgramData\Temp:93EB7685
AlternateDataStreams: C:\ProgramData\Temp:AB689DEA
AlternateDataStreams: C:\ProgramData\Temp:ABE89FFE
AlternateDataStreams: C:\ProgramData\Temp:E1F04E8D
AlternateDataStreams: C:\ProgramData\Temp:E2B84483
AlternateDataStreams: C:\ProgramData\Temp:E36F5B57
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (02/03/2014 07:09:59 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall
Error: (02/02/2014 09:10:36 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall
Error: (02/02/2014 07:00:02 PM) (Source: Windows Backup) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "F:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"
Error: (02/02/2014 02:19:14 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall
Error: (02/02/2014 02:08:26 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall
Error: (02/01/2014 09:11:57 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall
Error: (02/01/2014 06:39:43 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (02/01/2014 06:33:30 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Mehrere requestedPrivileges-Elemente sind nicht im Manifest zulässig.
Error: (02/01/2014 05:17:01 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall
Error: (01/30/2014 09:09:19 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
System errors:
=============
Error: (02/04/2014 06:23:31 PM) (Source: DCOM) (User: )
Description: localxzxzxzxzxzxzxzo
Error: (02/04/2014 06:23:16 PM) (Source: DCOM) (User: )
Description: localxzxzxzxzxzxzxzo
Error: (02/04/2014 06:22:58 PM) (Source: DCOM) (User: )
Description: localxzxzxzxzxzxzxzo
Error: (02/04/2014 06:22:41 PM) (Source: DCOM) (User: )
Description: localxzxzxzxzxzxzxzo
Error: (02/04/2014 06:22:24 PM) (Source: DCOM) (User: )
Description: localxzxzxzxzxzxzxzo
Error: (02/04/2014 06:22:08 PM) (Source: DCOM) (User: )
Description: localxzxzxzxzxzxzxzo
Error: (02/04/2014 06:21:52 PM) (Source: DCOM) (User: )
Description: localxzxzxzxzxzxzxzo
Error: (02/04/2014 06:21:35 PM) (Source: DCOM) (User: )
Description: localxzxzxzxzxzxzxzo
Error: (02/04/2014 06:21:17 PM) (Source: DCOM) (User: )
Description: localxzxzxzxzxzxzxzo
Error: (02/04/2014 06:21:01 PM) (Source: DCOM) (User: )
Description: localxzxzxzxzxzxzxzo
Microsoft Office Sessions:
=========================
Error: (02/03/2014 07:09:59 PM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall
Error: (02/02/2014 09:10:36 PM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall
Error: (02/02/2014 07:00:02 PM) (Source: Windows Backup)(User: )
Description: F:\Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)
Error: (02/02/2014 02:19:14 PM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall
Error: (02/02/2014 02:08:26 PM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall
Error: (02/01/2014 09:11:57 PM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall
Error: (02/01/2014 06:39:43 PM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"c:\program files (x86)\windows live\photo gallery\MovieMaker.Exec:\program files (x86)\windows live\photo gallery\WLMFDS.DLL8
Error: (02/01/2014 06:33:30 PM) (Source: SideBySide)(User: )
Description: C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exeC:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe2
Error: (02/01/2014 05:17:01 PM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall
Error: (01/30/2014 09:09:19 PM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"c:\program files (x86)\windows live\photo gallery\MovieMaker.Exec:\program files (x86)\windows live\photo gallery\WLMFDS.DLL8
==================== Memory info ===========================
Percentage of memory in use: 68%
Total physical RAM: 3958.71 MB
Available physical RAM: 1263.8 MB
Total Pagefile: 7915.6 MB
Available Pagefile: 4461.24 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:452.66 GB) (Free:139.39 GB) NTFS
Drive f: (USB DISK) (Removable) (Total:14.91 GB) (Free:10.13 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 42DB3AF9)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=453 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 15 GB) (Disk ID: C3072E18)
Partition 1: (Not Active) - (Size=15 GB) - (Type=0C)
==================== End Of Log ============================
Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-02-04 20:00:18
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 Hitachi_ rev.PB4O 465,76GB
Running: Gmer-19357.exe; Driver: C:\Users\Lisa\AppData\Local\Temp\kwldapow.sys
---- Kernel code sections - GMER 2.1 ----
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 528 fffff800033a4000 16 bytes [8B, E3, 41, 5F, 41, 5E, 41, ...]
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 545 fffff800033a4011 35 bytes {LEA ECX, [RSP+0x70]; CALL 0x3d64f}
---- User code sections - GMER 2.1 ----
.text C:\Windows\system32\wininit.exe[632] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d3eecd 1 byte [62]
.text C:\Windows\system32\services.exe[696] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d3eecd 1 byte [62]
.text C:\Windows\system32\svchost.exe[820] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d3eecd 1 byte [62]
.text C:\Windows\system32\winlogon.exe[920] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d3eecd 1 byte [62]
.text C:\Windows\system32\nvvsvc.exe[940] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d3eecd 1 byte [62]
.text C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe[964] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007695a2ba 1 byte [62]
.text C:\Windows\system32\svchost.exe[1016] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d3eecd 1 byte [62]
.text C:\Windows\System32\svchost.exe[444] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d3eecd 1 byte [62]
.text C:\Windows\System32\svchost.exe[560] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d3eecd 1 byte [62]
.text C:\Windows\system32\svchost.exe[836] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d3eecd 1 byte [62]
.text C:\Windows\system32\svchost.exe[1032] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d3eecd 1 byte [62]
.text C:\Windows\system32\AUDIODG.EXE[1092] C:\Windows\System32\kernel32.dll!GetBinaryTypeW + 189 0000000076d3eecd 1 byte [62]
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1332] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d3eecd 1 byte [62]
.text C:\Windows\system32\nvvsvc.exe[1340] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d3eecd 1 byte [62]
.text C:\Windows\system32\svchost.exe[1372] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d3eecd 1 byte [62]
.text C:\Windows\System32\spoolsv.exe[1812] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d3eecd 1 byte [62]
.text C:\Windows\system32\svchost.exe[1080] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d3eecd 1 byte [62]
.text C:\Windows\system32\taskhost.exe[1540] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d3eecd 1 byte [62]
.text C:\Windows\system32\Dwm.exe[1224] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d3eecd 1 byte [62]
.text C:\Windows\Explorer.EXE[1124] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d3eecd 1 byte [62]
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[2144] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007695a2ba 1 byte [62]
.text C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[2204] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007695a2ba 1 byte [62]
.text C:\Program Files\Bonjour\mDNSResponder.exe[2260] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d3eecd 1 byte [62]
.text C:\Program Files (x86)\Launch Manager\dsiwmis.exe[2296] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007695a2ba 1 byte [62]
.text C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe[2320] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d3eecd 1 byte [62]
.text C:\ProgramData\InternetUpdater\InternetUpdaterService.exe[2356] C:\Windows\syswow64\KERNEL32.dll!GetBinaryTypeW + 112 000000007695a2ba 1 byte [62]
.text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[2404] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d3eecd 1 byte [62]
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2412] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d3eecd 1 byte [62]
.text C:\Windows\PLFSetI.exe[2420] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007695a2ba 1 byte [62]
.text C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe[2436] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d3eecd 1 byte [62]
.text C:\Windows\System32\wscript.exe[2444] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d3eecd 1 byte [62]
.text C:\Program Files (x86)\Launch Manager\LManager.exe[2672] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007695a2ba 1 byte [62]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[2680] C:\Windows\syswow64\KERNEL32.dll!GetBinaryTypeW + 112 000000007695a2ba 1 byte [62]
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2688] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007695a2ba 1 byte [62]
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2688] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076361465 2 bytes [36, 76]
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe[2688] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000763614bb 2 bytes [36, 76]
.text ... * 2
.text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[2704] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007695a2ba 1 byte [62]
.text C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe[2752] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d3eecd 1 byte [62]
.text C:\Program Files (x86)\Launch Manager\LMworker.exe[2792] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007695a2ba 1 byte [62]
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[2936] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d3eecd 1 byte [62]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[2280] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007695a2ba 1 byte [62]
.text C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe[2064] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007695a2ba 1 byte [62]
.text C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe[2064] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076361465 2 bytes [36, 76]
.text C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe[2064] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000763614bb 2 bytes [36, 76]
.text ... * 2
.text C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe[1472] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007695a2ba 1 byte [62]
.text C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe[3320] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007695a2ba 1 byte [62]
.text C:\Windows\system32\svchost.exe[3416] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d3eecd 1 byte [62]
.text C:\Program Files\Acer\Acer Updater\UpdaterService.exe[3476] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007695a2ba 1 byte [62]
.text C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe[3524] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007695a2ba 1 byte [62]
.text C:\Windows\system32\wbem\unsecapp.exe[3924] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d3eecd 1 byte [62]
.text C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[3944] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007695a2ba 1 byte [62]
.text C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[3944] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076361465 2 bytes [36, 76]
.text C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[3944] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000763614bb 2 bytes [36, 76]
.text ... * 2
.text C:\Windows\system32\wbem\wmiprvse.exe[3980] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d3eecd 1 byte [62]
.text C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe[808] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d3eecd 1 byte [62]
.text C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe[4196] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d3eecd 1 byte [62]
.text C:\Windows\system32\svchost.exe[4968] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d3eecd 1 byte [62]
.text C:\Windows\system32\SearchIndexer.exe[3640] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d3eecd 1 byte [62]
.text C:\Windows\system32\SearchProtocolHost.exe[4892] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076d3eecd 1 byte [62]
.text C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[3196] C:\Windows\syswow64\KERNEL32.dll!GetBinaryTypeW + 112 000000007695a2ba 1 byte [62]
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[3728] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007695a2ba 1 byte [62]
.text C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe[3824] C:\Windows\system32\KERNEL32.dll!GetBinaryTypeW + 189 0000000076d3eecd 1 byte [62]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[4584] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007695a2ba 1 byte [62]
.text C:\Users\Lisa\Downloads\Gmer-19357.exe[6112] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007695a2ba 1 byte [62]
---- Processes - GMER 2.1 ----
Library C:\Users\Lisa\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll (*** suspicious ***) @ C:\Windows\Explorer.EXE [1124] (Dropbox Shell Extension/Dropbox, Inc.)(2011-02-18 05:12:20) 0000000010000000
Process C:\ProgramData\InternetUpdater\InternetUpdaterService.exe (*** suspicious ***) @ C:\ProgramData\InternetUpdater\InternetUpdaterService.exe [2356](2013-12-06 01:30:04) 0000000000310000
---- Services - GMER 2.1 ----
Service C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (*** hidden *** ) [AUTO] avast! Antivirus <-- ROOTKIT !!!
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\aswFsBlk@Type 2
Reg HKLM\SYSTEM\CurrentControlSet\services\aswFsBlk@Start 2
Reg HKLM\SYSTEM\CurrentControlSet\services\aswFsBlk@ErrorControl 1
Reg HKLM\SYSTEM\CurrentControlSet\services\aswFsBlk@DisplayName aswFsBlk
Reg HKLM\SYSTEM\CurrentControlSet\services\aswFsBlk@Group FSFilter Activity Monitor
Reg HKLM\SYSTEM\CurrentControlSet\services\aswFsBlk@DependOnService FltMgr?
Reg HKLM\SYSTEM\CurrentControlSet\services\aswFsBlk@Description Avast! Mini-filter Driver
Reg HKLM\SYSTEM\CurrentControlSet\services\aswFsBlk@Tag 3
Reg HKLM\SYSTEM\CurrentControlSet\services\aswFsBlk@ImagePath \??\C:\Windows\system32\drivers\aswFsBlk.sys
Reg HKLM\SYSTEM\CurrentControlSet\services\aswFsBlk\Instances
Reg HKLM\SYSTEM\CurrentControlSet\services\aswFsBlk\Instances@DefaultInstance aswFsBlk Instance
Reg HKLM\SYSTEM\CurrentControlSet\services\aswFsBlk\Instances\aswFsBlk Instance
Reg HKLM\SYSTEM\CurrentControlSet\services\aswFsBlk\Instances\aswFsBlk Instance@Altitude 388400
Reg HKLM\SYSTEM\CurrentControlSet\services\aswFsBlk\Instances\aswFsBlk Instance@Flags 0
Reg HKLM\SYSTEM\CurrentControlSet\services\aswFsBlk
Reg HKLM\SYSTEM\CurrentControlSet\services\aswMonFlt@Type 2
Reg HKLM\SYSTEM\CurrentControlSet\services\aswMonFlt@Start 2
Reg HKLM\SYSTEM\CurrentControlSet\services\aswMonFlt@ErrorControl 1
Reg HKLM\SYSTEM\CurrentControlSet\services\aswMonFlt@ImagePath \??\C:\Windows\system32\drivers\aswMonFlt.sys
Reg HKLM\SYSTEM\CurrentControlSet\services\aswMonFlt@DisplayName aswMonFlt
Reg HKLM\SYSTEM\CurrentControlSet\services\aswMonFlt@Group FSFilter Anti-Virus
Reg HKLM\SYSTEM\CurrentControlSet\services\aswMonFlt@DependOnService FltMgr?
Reg HKLM\SYSTEM\CurrentControlSet\services\aswMonFlt@Description avast! mini-filter driver (aswMonFlt)
Reg HKLM\SYSTEM\CurrentControlSet\services\aswMonFlt\Instances
Reg HKLM\SYSTEM\CurrentControlSet\services\aswMonFlt\Instances@DefaultInstance aswMonFlt Instance
Reg HKLM\SYSTEM\CurrentControlSet\services\aswMonFlt\Instances\aswMonFlt Instance
Reg HKLM\SYSTEM\CurrentControlSet\services\aswMonFlt\Instances\aswMonFlt Instance@Altitude 320700
Reg HKLM\SYSTEM\CurrentControlSet\services\aswMonFlt\Instances\aswMonFlt Instance@Flags 0
Reg HKLM\SYSTEM\CurrentControlSet\services\aswMonFlt
Reg HKLM\SYSTEM\CurrentControlSet\services\aswRdr@Type 1
Reg HKLM\SYSTEM\CurrentControlSet\services\aswRdr@Start 1
Reg HKLM\SYSTEM\CurrentControlSet\services\aswRdr@ErrorControl 1
Reg HKLM\SYSTEM\CurrentControlSet\services\aswRdr@DisplayName aswRdr
Reg HKLM\SYSTEM\CurrentControlSet\services\aswRdr@Group PNP_TDI
Reg HKLM\SYSTEM\CurrentControlSet\services\aswRdr@DependOnService tcpip?
Reg HKLM\SYSTEM\CurrentControlSet\services\aswRdr@Description avast! WFP Redirect driver
Reg HKLM\SYSTEM\CurrentControlSet\services\aswRdr@ImagePath \??\C:\Windows\system32\drivers\aswRdr2.sys
Reg HKLM\SYSTEM\CurrentControlSet\services\aswRdr\Parameters
Reg HKLM\SYSTEM\CurrentControlSet\services\aswRdr\Parameters@MSIgnoreLSPDefault
Reg HKLM\SYSTEM\CurrentControlSet\services\aswRdr\Parameters@WSIgnoreLSPDefault nl_lsp.dll,imon.dll,xfire_lsp.dll,mslsp.dll,mssplsp.dll,cwhook.dll,spi.dll,bmnet.dll,winsflt.dll
Reg HKLM\SYSTEM\CurrentControlSet\services\aswRdr
Reg HKLM\SYSTEM\CurrentControlSet\services\aswRvrt@Type 1
Reg HKLM\SYSTEM\CurrentControlSet\services\aswRvrt@Start 0
Reg HKLM\SYSTEM\CurrentControlSet\services\aswRvrt@ErrorControl 1
Reg HKLM\SYSTEM\CurrentControlSet\services\aswRvrt@DisplayName avast! Revert
Reg HKLM\SYSTEM\CurrentControlSet\services\aswRvrt@Description avast! Revert
Reg HKLM\SYSTEM\CurrentControlSet\services\aswRvrt\Parameters
Reg HKLM\SYSTEM\CurrentControlSet\services\aswRvrt\Parameters@BootCounter 75
Reg HKLM\SYSTEM\CurrentControlSet\services\aswRvrt\Parameters@TickCounter 2136034
Reg HKLM\SYSTEM\CurrentControlSet\services\aswRvrt\Parameters@SystemRoot \Device\Harddisk0\Partition3\Windows
Reg HKLM\SYSTEM\CurrentControlSet\services\aswRvrt\Parameters@ImproperShutdown 1
Reg HKLM\SYSTEM\CurrentControlSet\services\aswRvrt\Parameters\1387275442
Reg HKLM\SYSTEM\CurrentControlSet\services\aswRvrt\Parameters\1387275442@ Commited
Reg HKLM\SYSTEM\CurrentControlSet\services\aswRvrt\Parameters\1387275442@BootTimeout 0
Reg HKLM\SYSTEM\CurrentControlSet\services\aswRvrt\Parameters\1387275442@TickTimeout 0
Reg HKLM\SYSTEM\CurrentControlSet\services\aswRvrt\Parameters\1387275442@CreationTime 0x04 0x51 0x98 0x37 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\aswRvrt\Parameters\1387275442@SetupOperations MoveFile("\??\c:\program files\alwil software\avast5\setup\instup.dll.1387275442","\??\c:\program files\alwil software\avast5\setup\instup.dll",TRUE)?MoveFile("\??\c:\program files\alwil software\avast5\setup\instup.dll.sum.1387275442","\??\c:\program files\alwil software\avast5\setup\instup.dll.sum",TRUE)?
Reg HKLM\SYSTEM\CurrentControlSet\services\aswRvrt\Parameters\1387275442@StartBootCounter 14
Reg HKLM\SYSTEM\CurrentControlSet\services\aswRvrt\Parameters\1387275442@StartTickCounter 424761
Reg HKLM\SYSTEM\CurrentControlSet\services\aswRvrt
Reg HKLM\SYSTEM\CurrentControlSet\services\aswSnx@Type 2
Reg HKLM\SYSTEM\CurrentControlSet\services\aswSnx@Start 1
Reg HKLM\SYSTEM\CurrentControlSet\services\aswSnx@ErrorControl 1
Reg HKLM\SYSTEM\CurrentControlSet\services\aswSnx@DisplayName aswSnx
Reg HKLM\SYSTEM\CurrentControlSet\services\aswSnx@Group FSFilter Virtualization
Reg HKLM\SYSTEM\CurrentControlSet\services\aswSnx@DependOnService FltMgr?
Reg HKLM\SYSTEM\CurrentControlSet\services\aswSnx@Description avast! virtualization driver (aswSnx)
Reg HKLM\SYSTEM\CurrentControlSet\services\aswSnx@Tag 2
Reg HKLM\SYSTEM\CurrentControlSet\services\aswSnx@ImagePath \??\C:\Windows\system32\drivers\aswSnx.sys
Reg HKLM\SYSTEM\CurrentControlSet\services\aswSnx\Instances
Reg HKLM\SYSTEM\CurrentControlSet\services\aswSnx\Instances@DefaultInstance aswSnx Instance
Reg HKLM\SYSTEM\CurrentControlSet\services\aswSnx\Instances\aswSnx Instance
Reg HKLM\SYSTEM\CurrentControlSet\services\aswSnx\Instances\aswSnx Instance@Altitude 137600
Reg HKLM\SYSTEM\CurrentControlSet\services\aswSnx\Instances\aswSnx Instance@Flags 0
Reg HKLM\SYSTEM\CurrentControlSet\services\aswSnx\Parameters
Reg HKLM\SYSTEM\CurrentControlSet\services\aswSnx\Parameters@ProgramFolder \??\C:\Program Files\Alwil Software\Avast5
Reg HKLM\SYSTEM\CurrentControlSet\services\aswSnx\Parameters@DataFolder \??\C:\ProgramData\Alwil Software\Avast5
Reg HKLM\SYSTEM\CurrentControlSet\services\aswSnx
Reg HKLM\SYSTEM\CurrentControlSet\services\aswSP@Type 1
Reg HKLM\SYSTEM\CurrentControlSet\services\aswSP@Start 1
Reg HKLM\SYSTEM\CurrentControlSet\services\aswSP@ErrorControl 1
Reg HKLM\SYSTEM\CurrentControlSet\services\aswSP@DisplayName aswSP
Reg HKLM\SYSTEM\CurrentControlSet\services\aswSP@Description avast! Self Protection
Reg HKLM\SYSTEM\CurrentControlSet\services\aswSP@ImagePath \??\C:\Windows\system32\drivers\aswSP.sys
Reg HKLM\SYSTEM\CurrentControlSet\services\aswSP\Parameters
Reg HKLM\SYSTEM\CurrentControlSet\services\aswSP\Parameters@ProgramFolder \??\C:\Program Files\Alwil Software\Avast5
Reg HKLM\SYSTEM\CurrentControlSet\services\aswSP\Parameters@DataFolder \??\C:\ProgramData\Alwil Software\Avast5
Reg HKLM\SYSTEM\CurrentControlSet\services\aswSP\Parameters@BehavShield 0
Reg HKLM\SYSTEM\CurrentControlSet\services\aswSP\Parameters@ProgramFilesFolder \??\C:\Program Files
Reg HKLM\SYSTEM\CurrentControlSet\services\aswSP\Parameters@GadgetFolder \??\C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget
Reg HKLM\SYSTEM\CurrentControlSet\services\aswSP
Reg HKLM\SYSTEM\CurrentControlSet\services\aswTdi@Type 1
Reg HKLM\SYSTEM\CurrentControlSet\services\aswTdi@Start 1
Reg HKLM\SYSTEM\CurrentControlSet\services\aswTdi@ErrorControl 1
Reg HKLM\SYSTEM\CurrentControlSet\services\aswTdi@DisplayName aswTdi
Reg HKLM\SYSTEM\CurrentControlSet\services\aswTdi@Group PNP_TDI
Reg HKLM\SYSTEM\CurrentControlSet\services\aswTdi@DependOnService tcpip?
Reg HKLM\SYSTEM\CurrentControlSet\services\aswTdi@Description aswTdi
Reg HKLM\SYSTEM\CurrentControlSet\services\aswTdi@Tag 10
Reg HKLM\SYSTEM\CurrentControlSet\services\aswTdi@ImagePath \??\C:\Windows\system32\drivers\aswTdi.sys
Reg HKLM\SYSTEM\CurrentControlSet\services\aswTdi
Reg HKLM\SYSTEM\CurrentControlSet\services\aswVmm@Type 1
Reg HKLM\SYSTEM\CurrentControlSet\services\aswVmm@Start 0
Reg HKLM\SYSTEM\CurrentControlSet\services\aswVmm@ErrorControl 1
Reg HKLM\SYSTEM\CurrentControlSet\services\aswVmm@DisplayName avast! VM Monitor
Reg HKLM\SYSTEM\CurrentControlSet\services\aswVmm@Description avast! VM Monitor
Reg HKLM\SYSTEM\CurrentControlSet\services\aswVmm\Parameters
Reg HKLM\SYSTEM\CurrentControlSet\services\aswVmm
Reg HKLM\SYSTEM\CurrentControlSet\services\avast! Antivirus@Type 288
Reg HKLM\SYSTEM\CurrentControlSet\services\avast! Antivirus@Start 2
Reg HKLM\SYSTEM\CurrentControlSet\services\avast! Antivirus@ErrorControl 1
Reg HKLM\SYSTEM\CurrentControlSet\services\avast! Antivirus@ImagePath "C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
Reg HKLM\SYSTEM\CurrentControlSet\services\avast! Antivirus@DisplayName avast! Antivirus
Reg HKLM\SYSTEM\CurrentControlSet\services\avast! Antivirus@Group ShellSvcGroup
Reg HKLM\SYSTEM\CurrentControlSet\services\avast! Antivirus@DependOnService aswMonFlt?RpcSS?
Reg HKLM\SYSTEM\CurrentControlSet\services\avast! Antivirus@WOW64 1
Reg HKLM\SYSTEM\CurrentControlSet\services\avast! Antivirus@ObjectName LocalSystem
Reg HKLM\SYSTEM\CurrentControlSet\services\avast! Antivirus@Description Verwaltet und implementiert die avast! Antivirus Dienste auf diesem Computer. Dies beinhaltet den Echtzeit-Schutz, den Virus Container sowie die Zeitplan.
Reg HKLM\SYSTEM\CurrentControlSet\services\avast! Antivirus@ServiceSidType 1
Reg HKLM\SYSTEM\CurrentControlSet\services\avast! Antivirus\Parameters
Reg HKLM\SYSTEM\CurrentControlSet\services\avast! Antivirus
Reg HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{F4F7FF8B-6D40-4981-93F0-01ECD8DF5705}@LeaseObtainedTime 1391539108
Reg HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{F4F7FF8B-6D40-4981-93F0-01ECD8DF5705}@T1 1391539235
Reg HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{F4F7FF8B-6D40-4981-93F0-01ECD8DF5705}@T2 1391539331
Reg HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{F4F7FF8B-6D40-4981-93F0-01ECD8DF5705}@LeaseTerminatesTime 1391539363
Reg HKLM\SYSTEM\ControlSet002\services\aswFsBlk@Type 2
Reg HKLM\SYSTEM\ControlSet002\services\aswFsBlk@Start 2
Reg HKLM\SYSTEM\ControlSet002\services\aswFsBlk@ErrorControl 1
Reg HKLM\SYSTEM\ControlSet002\services\aswFsBlk@DisplayName aswFsBlk
Reg HKLM\SYSTEM\ControlSet002\services\aswFsBlk@Group FSFilter Activity Monitor
Reg HKLM\SYSTEM\ControlSet002\services\aswFsBlk@DependOnService FltMgr?
Reg HKLM\SYSTEM\ControlSet002\services\aswFsBlk@Description Avast! Mini-filter Driver
Reg HKLM\SYSTEM\ControlSet002\services\aswFsBlk@Tag 3
Reg HKLM\SYSTEM\ControlSet002\services\aswFsBlk@ImagePath \??\C:\Windows\system32\drivers\aswFsBlk.sys
Reg HKLM\SYSTEM\ControlSet002\services\aswFsBlk\Instances (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\aswFsBlk\Instances@DefaultInstance aswFsBlk Instance
Reg HKLM\SYSTEM\ControlSet002\services\aswFsBlk\Instances\aswFsBlk Instance (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\aswFsBlk\Instances\aswFsBlk Instance@Altitude 388400
Reg HKLM\SYSTEM\ControlSet002\services\aswFsBlk\Instances\aswFsBlk Instance@Flags 0
Reg HKLM\SYSTEM\ControlSet002\services\aswMonFlt@Type 2
Reg HKLM\SYSTEM\ControlSet002\services\aswMonFlt@Start 2
Reg HKLM\SYSTEM\ControlSet002\services\aswMonFlt@ErrorControl 1
Reg HKLM\SYSTEM\ControlSet002\services\aswMonFlt@ImagePath \??\C:\Windows\system32\drivers\aswMonFlt.sys
Reg HKLM\SYSTEM\ControlSet002\services\aswMonFlt@DisplayName aswMonFlt
Reg HKLM\SYSTEM\ControlSet002\services\aswMonFlt@Group FSFilter Anti-Virus
Reg HKLM\SYSTEM\ControlSet002\services\aswMonFlt@DependOnService FltMgr?
Reg HKLM\SYSTEM\ControlSet002\services\aswMonFlt@Description avast! mini-filter driver (aswMonFlt)
Reg HKLM\SYSTEM\ControlSet002\services\aswMonFlt\Instances (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\aswMonFlt\Instances@DefaultInstance aswMonFlt Instance
Reg HKLM\SYSTEM\ControlSet002\services\aswMonFlt\Instances\aswMonFlt Instance (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\aswMonFlt\Instances\aswMonFlt Instance@Altitude 320700
Reg HKLM\SYSTEM\ControlSet002\services\aswMonFlt\Instances\aswMonFlt Instance@Flags 0
Reg HKLM\SYSTEM\ControlSet002\services\aswRdr@Type 1
Reg HKLM\SYSTEM\ControlSet002\services\aswRdr@Start 1
Reg HKLM\SYSTEM\ControlSet002\services\aswRdr@ErrorControl 1
Reg HKLM\SYSTEM\ControlSet002\services\aswRdr@DisplayName aswRdr
Reg HKLM\SYSTEM\ControlSet002\services\aswRdr@Group PNP_TDI
Reg HKLM\SYSTEM\ControlSet002\services\aswRdr@DependOnService tcpip?
Reg HKLM\SYSTEM\ControlSet002\services\aswRdr@Description avast! WFP Redirect driver
Reg HKLM\SYSTEM\ControlSet002\services\aswRdr@ImagePath \??\C:\Windows\system32\drivers\aswRdr2.sys
Reg HKLM\SYSTEM\ControlSet002\services\aswRdr\Parameters (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\aswRdr\Parameters@MSIgnoreLSPDefault
Reg HKLM\SYSTEM\ControlSet002\services\aswRdr\Parameters@WSIgnoreLSPDefault nl_lsp.dll,imon.dll,xfire_lsp.dll,mslsp.dll,mssplsp.dll,cwhook.dll,spi.dll,bmnet.dll,winsflt.dll
Reg HKLM\SYSTEM\ControlSet002\services\aswRvrt@Type 1
Reg HKLM\SYSTEM\ControlSet002\services\aswRvrt@Start 0
Reg HKLM\SYSTEM\ControlSet002\services\aswRvrt@ErrorControl 1
Reg HKLM\SYSTEM\ControlSet002\services\aswRvrt@DisplayName avast! Revert
Reg HKLM\SYSTEM\ControlSet002\services\aswRvrt@Description avast! Revert
Reg HKLM\SYSTEM\ControlSet002\services\aswRvrt\Parameters (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\aswRvrt\Parameters@BootCounter 75
Reg HKLM\SYSTEM\ControlSet002\services\aswRvrt\Parameters@TickCounter 2136034
Reg HKLM\SYSTEM\ControlSet002\services\aswRvrt\Parameters@SystemRoot \Device\Harddisk0\Partition3\Windows
Reg HKLM\SYSTEM\ControlSet002\services\aswRvrt\Parameters@ImproperShutdown 1
Reg HKLM\SYSTEM\ControlSet002\services\aswRvrt\Parameters\1387275442 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\aswRvrt\Parameters\1387275442@ Commited
Reg HKLM\SYSTEM\ControlSet002\services\aswRvrt\Parameters\1387275442@BootTimeout 0
Reg HKLM\SYSTEM\ControlSet002\services\aswRvrt\Parameters\1387275442@TickTimeout 0
Reg HKLM\SYSTEM\ControlSet002\services\aswRvrt\Parameters\1387275442@CreationTime 0x04 0x51 0x98 0x37 ...
Reg HKLM\SYSTEM\ControlSet002\services\aswRvrt\Parameters\1387275442@SetupOperations MoveFile("\??\c:\program files\alwil software\avast5\setup\instup.dll.1387275442","\??\c:\program files\alwil software\avast5\setup\instup.dll",TRUE)?MoveFile("\??\c:\program files\alwil software\avast5\setup\instup.dll.sum.1387275442","\??\c:\program files\alwil software\avast5\setup\instup.dll.sum",TRUE)?
Reg HKLM\SYSTEM\ControlSet002\services\aswRvrt\Parameters\1387275442@StartBootCounter 14
Reg HKLM\SYSTEM\ControlSet002\services\aswRvrt\Parameters\1387275442@StartTickCounter 424761
Reg HKLM\SYSTEM\ControlSet002\services\aswSnx@Type 2
Reg HKLM\SYSTEM\ControlSet002\services\aswSnx@Start 1
Reg HKLM\SYSTEM\ControlSet002\services\aswSnx@ErrorControl 1
Reg HKLM\SYSTEM\ControlSet002\services\aswSnx@DisplayName aswSnx
Reg HKLM\SYSTEM\ControlSet002\services\aswSnx@Group FSFilter Virtualization
Reg HKLM\SYSTEM\ControlSet002\services\aswSnx@DependOnService FltMgr?
Reg HKLM\SYSTEM\ControlSet002\services\aswSnx@Description avast! virtualization driver (aswSnx)
Reg HKLM\SYSTEM\ControlSet002\services\aswSnx@Tag 2
Reg HKLM\SYSTEM\ControlSet002\services\aswSnx@ImagePath \??\C:\Windows\system32\drivers\aswSnx.sys
Reg HKLM\SYSTEM\ControlSet002\services\aswSnx\Instances (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\aswSnx\Instances@DefaultInstance aswSnx Instance
Reg HKLM\SYSTEM\ControlSet002\services\aswSnx\Instances\aswSnx Instance (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\aswSnx\Instances\aswSnx Instance@Altitude 137600
Reg HKLM\SYSTEM\ControlSet002\services\aswSnx\Instances\aswSnx Instance@Flags 0
Reg HKLM\SYSTEM\ControlSet002\services\aswSnx\Parameters (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\aswSnx\Parameters@ProgramFolder \??\C:\Program Files\Alwil Software\Avast5
Reg HKLM\SYSTEM\ControlSet002\services\aswSnx\Parameters@DataFolder \??\C:\ProgramData\Alwil Software\Avast5
Reg HKLM\SYSTEM\ControlSet002\services\aswSP@Type 1
Reg HKLM\SYSTEM\ControlSet002\services\aswSP@Start 1
Reg HKLM\SYSTEM\ControlSet002\services\aswSP@ErrorControl 1
Reg HKLM\SYSTEM\ControlSet002\services\aswSP@DisplayName aswSP
Reg HKLM\SYSTEM\ControlSet002\services\aswSP@Description avast! Self Protection
Reg HKLM\SYSTEM\ControlSet002\services\aswSP@ImagePath \??\C:\Windows\system32\drivers\aswSP.sys
Reg HKLM\SYSTEM\ControlSet002\services\aswSP\Parameters (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\aswSP\Parameters@ProgramFolder \??\C:\Program Files\Alwil Software\Avast5
Reg HKLM\SYSTEM\ControlSet002\services\aswSP\Parameters@DataFolder \??\C:\ProgramData\Alwil Software\Avast5
Reg HKLM\SYSTEM\ControlSet002\services\aswSP\Parameters@BehavShield 0
Reg HKLM\SYSTEM\ControlSet002\services\aswSP\Parameters@ProgramFilesFolder \??\C:\Program Files
Reg HKLM\SYSTEM\ControlSet002\services\aswSP\Parameters@GadgetFolder \??\C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget
Reg HKLM\SYSTEM\ControlSet002\services\aswTdi@Type 1
Reg HKLM\SYSTEM\ControlSet002\services\aswTdi@Start 1
Reg HKLM\SYSTEM\ControlSet002\services\aswTdi@ErrorControl 1
Reg HKLM\SYSTEM\ControlSet002\services\aswTdi@DisplayName aswTdi
Reg HKLM\SYSTEM\ControlSet002\services\aswTdi@Group PNP_TDI
Reg HKLM\SYSTEM\ControlSet002\services\aswTdi@DependOnService tcpip?
Reg HKLM\SYSTEM\ControlSet002\services\aswTdi@Description aswTdi
Reg HKLM\SYSTEM\ControlSet002\services\aswTdi@Tag 10
Reg HKLM\SYSTEM\ControlSet002\services\aswTdi@ImagePath \??\C:\Windows\system32\drivers\aswTdi.sys
Reg HKLM\SYSTEM\ControlSet002\services\aswVmm@Type 1
Reg HKLM\SYSTEM\ControlSet002\services\aswVmm@Start 0
Reg HKLM\SYSTEM\ControlSet002\services\aswVmm@ErrorControl 1
Reg HKLM\SYSTEM\ControlSet002\services\aswVmm@DisplayName avast! VM Monitor
Reg HKLM\SYSTEM\ControlSet002\services\aswVmm@Description avast! VM Monitor
Reg HKLM\SYSTEM\ControlSet002\services\aswVmm\Parameters (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\avast! Antivirus@Type 288
Reg HKLM\SYSTEM\ControlSet002\services\avast! Antivirus@Start 2
Reg HKLM\SYSTEM\ControlSet002\services\avast! Antivirus@ErrorControl 1
Reg HKLM\SYSTEM\ControlSet002\services\avast! Antivirus@ImagePath "C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
Reg HKLM\SYSTEM\ControlSet002\services\avast! Antivirus@DisplayName avast! Antivirus
Reg HKLM\SYSTEM\ControlSet002\services\avast! Antivirus@Group ShellSvcGroup
Reg HKLM\SYSTEM\ControlSet002\services\avast! Antivirus@DependOnService aswMonFlt?RpcSS?
Reg HKLM\SYSTEM\ControlSet002\services\avast! Antivirus@WOW64 1
Reg HKLM\SYSTEM\ControlSet002\services\avast! Antivirus@ObjectName LocalSystem
Reg HKLM\SYSTEM\ControlSet002\services\avast! Antivirus@Description Verwaltet und implementiert die avast! Antivirus Dienste auf diesem Computer. Dies beinhaltet den Echtzeit-Schutz, den Virus Container sowie die Zeitplan.
Reg HKLM\SYSTEM\ControlSet002\services\avast! Antivirus@ServiceSidType 1
Reg HKLM\SYSTEM\ControlSet002\services\avast! Antivirus\Parameters (not active ControlSet)
---- EOF - GMER 2.1 ----
|
|
04.02.2014, 21:52
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Auf USB Stick nur noch Verknüpfungen (Dateien sind versteckt) Hallo und
__________________ Bitte ein Log mit CF machen: Scan mit Combofix
__________________ |
|
05.02.2014, 17:02
| #3 |
| | Auf USB Stick nur noch Verknüpfungen (Dateien sind versteckt) Wow, das ging aber schnell, vielen Dank!
__________________Hab das Programm durchlaufen lassen. Hier die Logfiles Code:
ATTFilter ComboFix 14-02-05.02 - Lisa 05.02.2014 16:20:22.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.3959.2009 [GMT 1:00]
ausgeführt von:: c:\users\Lisa\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\dsgsdgdsgdsgw.pad
c:\windows\IsUn0407.exe
c:\windows\wininit.ini
.
.
((((((((((((((((((((((( Dateien erstellt von 2014-01-05 bis 2014-02-05 ))))))))))))))))))))))))))))))
.
.
2074-05-07 16:38 . 2006-11-21 18:48 203576 ------w- c:\program files (x86)\Microsoft Games\Age of Empires III\autopatcher2.exe
2014-02-05 15:30 . 2014-02-05 15:30 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2014-02-05 15:30 . 2014-02-05 15:30 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-02-04 17:19 . 2014-02-04 17:23 -------- d-----w- C:\FRST
2014-02-04 14:49 . 2013-12-29 16:09 86339121 --sha-w- c:\users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\flashmemory.vbe
2014-02-04 09:58 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{17B11A48-580E-4044-86FF-E99E63B94947}\mpengine.dll
2014-01-15 10:53 . 2013-11-27 01:41 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2014-01-15 10:53 . 2013-11-27 01:41 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2014-01-15 10:53 . 2013-11-27 01:41 53248 ----a-w- c:\windows\system32\drivers\usbehci.sys
2014-01-15 10:53 . 2013-11-27 01:41 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2014-01-15 10:53 . 2013-11-27 01:41 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2014-01-15 10:53 . 2013-11-27 01:41 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2014-01-15 10:53 . 2013-11-27 01:41 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
2014-01-15 10:53 . 2013-11-26 10:32 3156480 ----a-w- c:\windows\system32\win32k.sys
2014-01-11 11:12 . 2014-01-12 20:56 -------- d-----w- c:\users\Lisa\AppData\Roaming\Awesomium
2014-01-08 23:52 . 2014-01-08 23:52 -------- d-----w- c:\programdata\Elder Scrolls Online
2014-01-08 11:32 . 2014-01-08 11:38 -------- d-----w- c:\program files (x86)\Zenimax Online
2014-01-08 11:31 . 2014-01-08 11:31 -------- d-----w- c:\users\Lisa\AppData\Local\Programs
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-16 02:01 . 2010-10-10 17:09 86054176 ----a-w- c:\windows\system32\MRT.exe
2013-12-18 05:13 . 2010-09-19 12:56 270496 ------w- c:\windows\system32\MpSigStub.exe
2013-12-17 10:22 . 2013-08-08 14:57 84720 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2013-12-17 10:22 . 2013-08-08 14:54 131576 ----a-w- c:\windows\system32\drivers\avipbb.sys
2013-12-17 10:22 . 2013-08-08 14:54 108440 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2013-12-05 14:22 . 2013-04-11 12:58 205320 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-12-05 14:22 . 2013-04-11 12:58 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-12-05 14:22 . 2011-06-20 11:42 1032416 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-12-05 14:22 . 2011-01-18 19:06 334648 ----a-w- c:\windows\system32\aswBoot.exe
2013-12-05 14:22 . 2010-10-12 09:53 409832 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-12-05 14:22 . 2010-10-12 09:53 38984 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-12-05 14:22 . 2010-10-12 09:53 65264 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-12-05 14:22 . 2010-10-12 09:53 84328 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-12-05 14:22 . 2012-04-24 16:49 92544 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-12-05 14:22 . 2010-10-12 09:53 43152 ----a-w- c:\windows\avastSS.scr
2013-11-27 01:21 . 2013-11-27 01:21 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-11-27 01:21 . 2013-11-27 01:21 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-11-27 01:21 . 2013-11-27 01:21 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-11-27 01:21 . 2013-11-27 01:21 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2013-11-27 01:21 . 2013-11-27 01:21 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-11-27 01:21 . 2013-11-27 01:21 34816 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2013-11-27 01:21 . 2013-11-27 01:21 337408 ----a-w- c:\windows\SysWow64\html.iec
2013-11-27 01:21 . 2013-11-27 01:21 235008 ----a-w- c:\windows\system32\elshyph.dll
2013-11-27 01:21 . 2013-11-27 01:21 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2013-11-27 01:21 . 2013-11-27 01:21 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2013-11-27 01:21 . 2013-11-27 01:21 61952 ----a-w- c:\windows\SysWow64\iesetup.dll
2013-11-27 01:21 . 2013-11-27 01:21 51200 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2013-11-27 01:21 . 2013-11-27 01:21 454656 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-11-27 01:21 . 2013-11-27 01:21 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-11-27 01:21 . 2013-11-27 01:21 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-11-27 01:21 . 2013-11-27 01:21 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-11-27 01:21 . 2013-11-27 01:21 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2013-11-27 01:21 . 2013-11-27 01:21 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2013-11-27 01:21 . 2013-11-27 01:21 112128 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-11-27 01:21 . 2013-11-27 01:21 1051136 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-11-27 01:21 . 2013-11-27 01:21 942592 ----a-w- c:\windows\system32\jsIntl.dll
2013-11-27 01:21 . 2013-11-27 01:21 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2013-11-27 01:21 . 2013-11-27 01:21 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-11-27 01:21 . 2013-11-27 01:21 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-11-27 01:21 . 2013-11-27 01:21 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-11-27 01:21 . 2013-11-27 01:21 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-11-27 01:21 . 2013-11-27 01:21 247808 ----a-w- c:\windows\system32\msls31.dll
2013-11-27 01:21 . 2013-11-27 01:21 195584 ----a-w- c:\windows\system32\msrating.dll
2013-11-27 01:21 . 2013-11-27 01:21 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2013-11-27 01:21 . 2013-11-27 01:21 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-11-27 01:21 . 2013-11-27 01:21 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-11-27 01:21 . 2013-11-27 01:21 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-11-27 01:21 . 2013-11-27 01:21 81408 ----a-w- c:\windows\system32\icardie.dll
2013-11-27 01:21 . 2013-11-27 01:21 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-11-27 01:21 . 2013-11-27 01:21 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2013-11-27 01:21 . 2013-11-27 01:21 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-11-27 01:21 . 2013-11-27 01:21 453120 ----a-w- c:\windows\system32\dxtmsft.dll
2013-11-27 01:21 . 2013-11-27 01:21 413696 ----a-w- c:\windows\system32\html.iec
2013-11-27 01:21 . 2013-11-27 01:21 40448 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2013-11-27 01:21 . 2013-11-27 01:21 296960 ----a-w- c:\windows\system32\dxtrans.dll
2013-11-27 01:21 . 2013-11-27 01:21 105984 ----a-w- c:\windows\system32\iesysprep.dll
2013-11-27 01:21 . 2013-11-27 01:21 84992 ----a-w- c:\windows\system32\mshtmled.dll
2013-11-27 01:21 . 2013-11-27 01:21 83968 ----a-w- c:\windows\system32\MshtmlDac.dll
2013-11-27 01:21 . 2013-11-27 01:21 774144 ----a-w- c:\windows\system32\jscript.dll
2013-11-27 01:21 . 2013-11-27 01:21 626176 ----a-w- c:\windows\system32\msfeeds.dll
2013-11-27 01:21 . 2013-11-27 01:21 62464 ----a-w- c:\windows\system32\pngfilt.dll
2013-11-27 01:21 . 2013-11-27 01:21 548352 ----a-w- c:\windows\system32\vbscript.dll
2013-11-27 01:21 . 2013-11-27 01:21 48128 ----a-w- c:\windows\system32\imgutil.dll
2013-11-27 01:21 . 2013-11-27 01:21 30208 ----a-w- c:\windows\system32\licmgr10.dll
2013-11-27 01:21 . 2013-11-27 01:21 263376 ----a-w- c:\windows\system32\iedkcs32.dll
2013-11-27 01:21 . 2013-11-27 01:21 243200 ----a-w- c:\windows\system32\webcheck.dll
2013-11-27 01:21 . 2013-11-27 01:21 235520 ----a-w- c:\windows\system32\url.dll
2013-11-27 01:21 . 2013-11-27 01:21 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-11-27 01:21 . 2013-11-27 01:21 147968 ----a-w- c:\windows\system32\occache.dll
2013-11-27 01:21 . 2013-11-27 01:21 143872 ----a-w- c:\windows\system32\wextract.exe
2013-11-27 01:21 . 2013-11-27 01:21 13824 ----a-w- c:\windows\system32\mshta.exe
2013-11-27 01:21 . 2013-11-27 01:21 135680 ----a-w- c:\windows\system32\iepeers.dll
2013-11-27 01:21 . 2013-11-27 01:21 1228800 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-11-27 01:21 . 2013-11-27 01:21 101376 ----a-w- c:\windows\system32\inseng.dll
2013-11-27 01:19 . 2013-11-27 01:19 362496 ----a-w- c:\windows\system32\wow64win.dll
2013-11-27 01:19 . 2013-11-27 01:19 243712 ----a-w- c:\windows\system32\wow64.dll
2013-11-27 01:19 . 2013-11-27 01:19 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2013-11-27 01:19 . 2013-11-27 01:19 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2013-11-27 01:19 . 2013-11-27 01:19 878080 ----a-w- c:\windows\system32\advapi32.dll
2013-11-27 01:19 . 2013-11-27 01:19 859648 ----a-w- c:\windows\system32\tdh.dll
2013-11-27 01:19 . 2013-11-27 01:19 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-11-27 01:19 . 2013-11-27 01:19 640512 ----a-w- c:\windows\SysWow64\advapi32.dll
2013-11-27 01:19 . 2013-11-27 01:19 619520 ----a-w- c:\windows\SysWow64\tdh.dll
2013-11-27 01:19 . 2013-11-27 01:19 5549504 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-11-27 01:19 . 2013-11-27 01:19 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-11-27 01:19 . 2013-11-27 01:19 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-11-27 01:19 . 2013-11-27 01:19 3969472 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-11-27 01:19 . 2013-11-27 01:19 3914176 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-11-27 01:19 . 2013-11-27 01:19 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-11-27 01:19 . 2013-11-27 01:19 2048 ----a-w- c:\windows\SysWow64\user.exe
2013-11-27 01:19 . 2013-11-27 01:19 1732032 ----a-w- c:\windows\system32\ntdll.dll
2013-11-27 01:19 . 2013-11-27 01:19 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-11-27 01:19 . 2013-11-27 01:19 1292192 ----a-w- c:\windows\SysWow64\ntdll.dll
2013-11-27 01:19 . 2013-11-27 01:19 327168 ----a-w- c:\windows\system32\mswsock.dll
2013-11-27 01:19 . 2013-11-27 01:19 231424 ----a-w- c:\windows\SysWow64\mswsock.dll
2013-11-27 01:19 . 2013-11-27 01:19 1903552 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-11-27 01:19 . 2013-11-27 01:19 1887232 ----a-w- c:\windows\system32\d3d11.dll
2013-11-27 01:19 . 2013-11-27 01:19 1505280 ----a-w- c:\windows\SysWow64\d3d11.dll
2013-11-26 11:54 . 2013-12-11 20:17 23183360 ----a-w- c:\windows\system32\mshtml.dll
2013-11-26 10:19 . 2013-12-11 20:17 2724864 ----a-w- c:\windows\system32\mshtml.tlb
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Lisa\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Lisa\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Lisa\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-04-17 05:55 120176 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x86\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-04-08 908368]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-04-13 284696]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-18 946352]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-12-17 684600]
"AvastUI.exe"="c:\program files\Alwil Software\Avast5\AvastUI.exe" [2013-12-05 3568312]
.
c:\users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
flashmemory.vbe [2013-12-29 86339121]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2011-1-11 113664]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 InternetUpdater;Internet Updater;c:\programdata\InternetUpdater\InternetUpdaterService.exe;c:\programdata\InternetUpdater\InternetUpdaterService.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 dump_wmimmc;dump_wmimmc;c:\program files\gPotato.eu\FlyFF\GameGuard\dump_wmimmc.sys;c:\program files\gPotato.eu\FlyFF\GameGuard\dump_wmimmc.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec MyWinLocker\x86\MWLService.exe;c:\program files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des;c:\windows\SYSNATIVE\GameMon.des [x]
R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TurboBoost;TurboBoost;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R4 AntiVirWebService;Avira Browser-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [x]
R4 Dpsagchccp3.0;Dpsagchccp3.0; [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDVDisk.sys [x]
S2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2010/06/23 02:56];c:\program files (x86)\CyberLink\PowerDVD9\000.fcl;c:\program files (x86)\CyberLink\PowerDVD9\000.fcl [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys;c:\windows\SYSNATIVE\drivers\aswFsBlk.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [x]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
S3 SjtWinIo;SJT I/O Driver;c:\windows\system32\DRIVERS\SjtWinIo.sys;c:\windows\SYSNATIVE\DRIVERS\SjtWinIo.sys [x]
.
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-12-05 14:22 326944 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Lisa\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Lisa\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Lisa\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Lisa\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-04-17 05:58 137584 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x64\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-12-29 9913376]
"PLFSetI"="c:\windows\PLFSetI.exe" [2010-01-13 206208]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-04-23 861216]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://pub.dyndns.tv/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Free YouTube to MP3 Converter - c:\users\Lisa\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
LSP: c:\program files (x86)\Avira\AntiVir Desktop\avsda.dll
DPF: {FF3BA0DA-79B5-4110-8FAC-C402D85AAEDA} - hxxp://pub.dyndns.tv/view.cab
FF - ProfilePath - c:\users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\nmreiupj.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.summer-breeze.de/
FF - prefs.js: keyword.URL - hxxp://vshare.toolbarhome.com/search.aspx?srch=ku&q=
FF - prefs.js: network.proxy.type - 0
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Uninstall_is1 - c:\program files (x86)\Common Files\DVDVideoSoft\unins000.exe
AddRemove-{289AC7E0-0AEE-4a7b-913C-709D9803D23E} - c:\programdata\NexonEU\NGM\NGM.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{B154377D-700F-42cc-9474-23858FBDF4BD}]
"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD9\000.fcl"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:23,61,02,cb,47,74,d1,5c,fa,ef,65,b9,bb,4f,49,40,59,fd,d4,c9,d3,12,c2,
7c,e9,53,2f,26,5e,22,3a,aa,93,6a,9b,9d,65,c9,4c,08,c7,cd,64,46,60,6b,17,4c,\
"??"=hex:8c,3f,f0,6c,80,1e,64,1c,89,f6,44,8b,52,97,aa,b6
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001\Software\SecuROM\License information*]
"datasecu"=hex:cf,aa,0b,ca,8b,66,65,2f,83,37,c8,18,5d,ed,99,ce,7a,8b,0a,45,db,
ba,b7,5f,03,20,b9,ad,6b,d5,1b,70,89,47,ef,55,e5,26,3d,e3,b8,4b,d0,0f,05,c6,\
"rkeysecu"=hex:82,c3,15,4f,bb,1d,3b,7f,84,f5,53,93,76,d6,d1,ff
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.0_03"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.0_04"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.0_05"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_01"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_01"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_02"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_02"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_03"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_03"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_04"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_04"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_05"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_05"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_06"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_06"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_07"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_07"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_08"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_08"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_09"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_09"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_10"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_10"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_11"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_11"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_12"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_12"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_13"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_13"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_14"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_14"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_15"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_15"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_16"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_16"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_17"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_17"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_18"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_18"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_19"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_19"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_20"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_20"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_21"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_21"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_01"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_01"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_02"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_02"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_03"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_03"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_04"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_04"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_01"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_01"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_02"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_02"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_03"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_03"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_04"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_04"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_05"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_05"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_06"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_06"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_07"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_07"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_01"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_01"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_02"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_02"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_03"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_03"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_04"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_04"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_05"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_05"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_06"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_06"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_07"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_07"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_08"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_08"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_09"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_09"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_10"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_10"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_11"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_11"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_12"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_12"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_13"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_13"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_14"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_14"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_15"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_15"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_16"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_16"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_17"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_17"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_18"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_18"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_19"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_19"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_20"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_20"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_21"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_21"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_22"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_22"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_23"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_23"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_24"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_24"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_25"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_25"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_26"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_26"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_27"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_27"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_28"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_28"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_29"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_29"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_30"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_30"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_31"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_31"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0032-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_32"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0032-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_32"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0033-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_33"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0033-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_33"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_34"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_34"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0035-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_35"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0035-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_35"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0036-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_36"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0036-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_36"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0037-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_37"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0037-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_37"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0038-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_38"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0038-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_38"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0039-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_39"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0039-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_39"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0040-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_40"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0040-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_40"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0041-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_41"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0041-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_41"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0042-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_42"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0042-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_42"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0043-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_43"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0043-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_43"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0014-0002-FFFF-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_01"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_01"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_01"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_02"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_02"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_02"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_03"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_03"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_03"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_04"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_04"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_04"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_05"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_05"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_05"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_06"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_06"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_06"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_07"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_07"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_07"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_08"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_08"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_08"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_09"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_09"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_09"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_10"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_10"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_10"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_11"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_11"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_11"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_12"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_12"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_12"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_13"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_13"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_13"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_14"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_14"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_14"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_15"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_15"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_15"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_16"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_16"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_16"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_17"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_17"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_17"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_18"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_18"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_18"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_19"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_19"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_19"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_20"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_20"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_20"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_21"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_21"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_21"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_22"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_22"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_22"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_23"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_23"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_23"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_24"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_24"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_24"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_25"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_25"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_25"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_26"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_26"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_26"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_27"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_27"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_27"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_28"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_28"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_28"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_29"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_29"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_29"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_30"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_30"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_30"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_31"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_31"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_31"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_32"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_32"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_32"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_33"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_33"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_33"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_34"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_34"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_34"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_35"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_35"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_35"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_36"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_36"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_36"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_37"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_37"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_37"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_38"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_38"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_38"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_39"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_39"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_39"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_40"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_40"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_40"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_41"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_41"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_41"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0042-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_42"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0042-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_42"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0042-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_42"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0043-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_43"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0043-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_43"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0043-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_43"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0044-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_44"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0044-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_44"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0044-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_44"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0045-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_45"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0045-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_45"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0045-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_45"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0015-0000-FFFF-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_01"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_01"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_01"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_02"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_02"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_02"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_03"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_03"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_03"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_04"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_04"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_04"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_05"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_05"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_05"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_06"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_06"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_06"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_07"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_07"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_07"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_08"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_08"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_08"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_09"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_09"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_09"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_10"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_10"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_10"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_11"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_11"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_11"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_12"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_12"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_12"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_13"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_13"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_13"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_14"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_14"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_14"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_15"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_15"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_15"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_16"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_16"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_16"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_17"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_17"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_17"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_18"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_18"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_18"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_19"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_19"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_19"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_20"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_20"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_20"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_21"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_21"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_21"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_22"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_22"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_22"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_23"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_23"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_23"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_24"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_24"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_24"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_25"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_25"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_25"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_26"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_26"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_26"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_27"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_27"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_27"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_28"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_28"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_28"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_29"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_29"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_29"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_30"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_30"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_30"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_31"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_31"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_31"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_32"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_32"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_32"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_33"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_33"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_33"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_34"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_34"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_34"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_35"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_35"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_35"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_36"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_36"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_36"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_37"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_37"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_37"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_38"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_38"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_38"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_39"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_39"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_39"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_40"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_40"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_40"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_41"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_41"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_41"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_42"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_42"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_42"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_43"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_43"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_43"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0044-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_44"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0044-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_44"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0044-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_44"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_45"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_45"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_45"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0016-0000-FFFF-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_01"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_01"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_01"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_02"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_02"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_02"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_03"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_03"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_03"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_04"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_04"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_04"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_05"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_05"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_05"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_06"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_06"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_06"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_07"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_07"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_07"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_08"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_08"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_08"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_09"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_09"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_09"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_10"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_10"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_10"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_11"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_11"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_11"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_12"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_12"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_12"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_13"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_13"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_13"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_14"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_14"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_14"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_15"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_15"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_15"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_16"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_16"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_16"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_17"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_17"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_17"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0018-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_18"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0018-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_18"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0018-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_18"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0019-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_19"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0019-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_19"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0019-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_19"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0020-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_20"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0020-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_20"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0020-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_20"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_21"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_21"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_21"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{CAFEEFAC-0017-0000-FFFF-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0"
.
[HKEY_USERS\S-1-5-21-139026441-2476403991-3850679298-1001_Classes\CLSID\{E19F9331-3110-11D4-991C-005004D3B3DB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.0_02"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10e.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10e.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-02-05 16:46:09
ComboFix-quarantined-files.txt 2014-02-05 15:46
.
Vor Suchlauf: 10 Verzeichnis(se), 155.740.049.408 Bytes frei
Nach Suchlauf: 15 Verzeichnis(se), 156.739.522.560 Bytes frei
.
- - End Of File - - 858F15AE380E3C852058A7D22EFAF793
|
|
06.02.2014, 02:17
| #4 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Auf USB Stick nur noch Verknüpfungen (Dateien sind versteckt)Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
06.02.2014, 14:37
| #5 |
| | Auf USB Stick nur noch Verknüpfungen (Dateien sind versteckt) Nach dem Motto: Doppelt hält besser?  Habe da ehrlich gesagt nie drüber nachgedacht. Ist das schlimm? Ich habe jetzt seit dem Scan mit Combofix und nach dem Neustart des Laptops heute morgen das Problem, dass das Internet nicht mehr geht. Hängt das zusammen? Das Internet meiner Mitbewohnerin funktioniert noch ganz normal, das ist eben erst seit dem letzten Scan und dem ersten Hochfahren danach wieder. Wir haben kein Wlan, sondern über so ein Kabel. Was ist denn das für ein Virus? Ist es überhaupt einer und, wenn ja, was macht er denn, außer diesen Verknüpfungen? |
|
06.02.2014, 15:16
| #6 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Auf USB Stick nur noch Verknüpfungen (Dateien sind versteckt)Zitat:
 Lesestoff:Warum wir Avira nicht mehr empfehlen Avira liefert seit einiger Zeit mit der Standardinstallation die Ask Toolbar mit aus. Diese Toolbar ist Voraussetzung dafür, dass der Webguard zuverlässig funktioniert. Die Ask Toolbar ist dafür bekannt, dass sie das Surfverhalten des Benutzers ausspioniert, um damit in letzter Konsequenz Geld zu verdienen. Daher wird diese Toolbar von uns als "schädlich" eingestuft. Mehr Informationen. Eine Sicherheitsfirma, die dem Benutzer praktisch ungefragt schädliche Software "unterjubelt", scheidet für uns daher aus. Wir empfehlen daher allen Nutzern von Avira aufgrund dieser Geschäftspraktik, der teilweise äußerst schlechten Erkennungsrate und der überaus nervtötenden Werbung Avira zu deinstallieren und auf ein alternatives Produkt auszuweichen. Solltest du dich zu einem Wechsel entscheiden, empfehlen wir dir nach der Deinstallation mit dem Avira-Cleaner alle Reste zu entfernen.
__________________ --> Auf USB Stick nur noch Verknüpfungen (Dateien sind versteckt) |
|
06.02.2014, 19:21
| #7 |
| | Auf USB Stick nur noch Verknüpfungen (Dateien sind versteckt) Avira entfernt! |
|
07.02.2014, 00:28
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Auf USB Stick nur noch Verknüpfungen (Dateien sind versteckt) Malwarebytes Anti-Rootkit (MBAR) Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________ Logfiles bitte immer in CODE-Tags posten |
|
12.02.2014, 06:31
| #9 |
| | Auf USB Stick nur noch Verknüpfungen (Dateien sind versteckt) Hier der Log. Nichts gefunden... Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.07.0.1009
www.malwarebytes.org
Database version: v2014.02.06.06
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Lisa :: LISA-PC [administrator]
06.02.2014 16:46:11
mbar-log-2014-02-06 (16-46-11).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 293112
Time elapsed: 2 hour(s), 58 minute(s), 57 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
|
|
12.02.2014, 12:22
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Auf USB Stick nur noch Verknüpfungen (Dateien sind versteckt) Adware/Junkware/Toolbars entfernen 1. Schritt: adwCleaner Downloade Dir bitte  AdwCleaner auf deinen Desktop.
2. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
3. Schritt: Frisches Log mit FRST Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ Logfiles bitte immer in CODE-Tags posten |
|
24.02.2014, 21:32
| #11 |
| | Auf USB Stick nur noch Verknüpfungen (Dateien sind versteckt) Hi, sry, dass es so lange geadauert hat, war paar Tage nicht im Lande Jetzt sind aber alle Scans wieder gemacht. Gibts denn schon Hinweise darauf, was das Problem sein könnte? Code:
ATTFilter # AdwCleaner v3.019 - Bericht erstellt am 24/02/2014 um 21:07:09
# Aktualisiert 17/02/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Lisa - LISA-PC
# Gestartet von : C:\Users\Lisa\Downloads\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\boost_interprocess
Ordner Gelöscht : C:\ProgramData\Partner
Ordner Gelöscht : C:\Program Files (x86)\Babylon
Ordner Gelöscht : C:\Program Files (x86)\DAEMON Tools Toolbar
Ordner Gelöscht : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Ordner Gelöscht : C:\Program Files (x86)\Common Files\Spigot
Ordner Gelöscht : C:\Program Files\Babylon
Ordner Gelöscht : C:\Users\Lisa\AppData\Local\PackageAware
Ordner Gelöscht : C:\Users\Lisa\AppData\LocalLow\boost_interprocess
Ordner Gelöscht : C:\Users\Lisa\AppData\Roaming\dvdvideosoftiehelpers
Datei Gelöscht : C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\nmreiupj.default\searchplugins\web-search.xml
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\BabylonHelper.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeShellExt.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BabylonTC_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BabylonTC_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_free-youtube-to-mp3-converter_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_free-youtube-to-mp3-converter_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{C424171E-592A-415A-9EB1-DFD6D95D3530}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\dt soft\daemon tools toolbar
Schlüssel Gelöscht : HKCU\Software\IM
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\StartSearch
Schlüssel Gelöscht : HKCU\Software\vShare.tv
Schlüssel Gelöscht : HKLM\Software\Uniblue
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.16518
-\\ Mozilla Firefox v26.0 (de)
[ Datei : C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\nmreiupj.default\prefs.js ]
Zeile gelöscht : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
Zeile gelöscht : user_pref("extensions.dynconff.cache.search.conduit.com.content", "<package expire=\"3600\" message=\"Empty\"></package>");
Zeile gelöscht : user_pref("extensions.dynconff.cache.search.conduit.com.expires", "1388773242648");
Zeile gelöscht : user_pref("extensions.enabledItems", "{AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198,smarterwiki@wikiatic.com:4.7.3,{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}:2.0.19,vshare@toolbar:1.0.0,{6e84150a-d526[...]
Zeile gelöscht : user_pref("extensions.vshare@toolbar.update.enabled", false);
Zeile gelöscht : user_pref("keyword.URL", "hxxp://vshare.toolbarhome.com/search.aspx?srch=ku&q=");
Zeile gelöscht : user_pref("vshare.install.date", "1297987200000");
Zeile gelöscht : user_pref("vshare.install.dumpFileCount", 0);
Zeile gelöscht : user_pref("vshare.install.dumpFileDisabled", false);
Zeile gelöscht : user_pref("vshare.install.finished", "1.0.0");
Zeile gelöscht : user_pref("vshare.install.guid", "{3e0ba6a7-abef-47b9-8462-f1fcefdd260f}");
Zeile gelöscht : user_pref("vshare.install.isHidden", true);
Zeile gelöscht : user_pref("vshare.install.istoolbarhp", true);
Zeile gelöscht : user_pref("vshare.install.istoolbarsearch", true);
Zeile gelöscht : user_pref("vshare.install.laststatreq", "1322784000000");
Zeile gelöscht : user_pref("vshare.install.newtab", true);
Zeile gelöscht : user_pref("vshare.install.overlayVersion", 1);
Zeile gelöscht : user_pref("vshare.install.userHPSettings", "hxxp://www.fcn.de/home/");
Zeile gelöscht : user_pref("vshare.install.userSPSettings", "Google");
-\\ Google Chrome v
[ Datei : C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [8471 octets] - [24/02/2014 20:35:51]
AdwCleaner[S0].txt - [7837 octets] - [24/02/2014 21:07:09]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7897 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 7 Home Premium x64
Ran by Lisa on 24.02.2014 at 21:15:03,91
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
~~~ Files
~~~ Folders
~~~ FireFox
Emptied folder: C:\Users\Lisa\AppData\Roaming\mozilla\firefox\profiles\nmreiupj.default\minidumps [274 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 24.02.2014 at 21:21:55,72
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-02-2014
Ran by Lisa (administrator) on LISA-PC on 24-02-2014 21:29:08
Running from C:\Users\Lisa\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
() C:\ProgramData\InternetUpdater\InternetUpdaterService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
() C:\Windows\PLFSetI.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [9913376 2009-12-29] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1890088 2009-12-10] (Synaptics Incorporated)
HKLM\...\Run: [PLFSetI] - C:\Windows\PLFSetI.exe [206208 2010-01-13] ()
HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [861216 2010-04-23] (Acer Incorporated)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [908368 2010-04-08] (Dritek System Inc.)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-04-13] (Intel Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\Alwil Software\Avast5\AvastUI.exe [3568312 2013-12-05] (AVAST Software)
HKLM-x32\...\RunOnce: [20131224] - C:\Program Files\Alwil Software\Avast5\setup\emupdate\410d6df3-31b4-4756-9fad-ca343d7b5257.exe /check [181136 2014-02-24] (AVAST Software)
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2013-03-20] (Microsoft Corporation)
HKU\S-1-5-21-139026441-2476403991-3850679298-1000\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe /default
HKU\S-1-5-21-139026441-2476403991-3850679298-1001\...\MountPoints2: {1f04dbde-aecc-11e0-9f21-705ab6fe453c} - E:\steambackup2.EXE
HKU\S-1-5-21-139026441-2476403991-3850679298-1001\...\MountPoints2: {3918e119-9e65-11e0-bf4e-70f1a1c486f1} - E:\LaunchU3.exe -a
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://pub.dyndns.tv/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5741g&r=27360910n225l0424z165t4642q570
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKCU - {02E995A5-719F-43B1-90C6-7B83B30CDBB0} URL = hxxp://search.gmx.com/web?q={searchTerms}&origin=tb_splugin_ie
SearchScopes: HKCU - {0A09EE80-F5DB-4D03-B8BF-D9EAF80380E7} URL = hxxp://go.web.de/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKCU - {4C76F966-6071-4A72-9994-F93775FB3978} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=827316&p={searchTerms}
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE397DE397
SearchScopes: HKCU - {92C74114-FA86-4CFE-8D6E-D92D2D25609B} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKCU - {B4068D08-2FE3-41F5-8A89-87453C743901} URL = hxxp://go.gmx.net/tb/ie_searchplugin/?su={searchTerms}
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll No File
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: HKLM-x32 {FF3BA0DA-79B5-4110-8FAC-C402D85AAEDA} hxxp://pub.dyndns.tv/view.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\nmreiupj.default
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.summer-breeze.de/
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.21.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nexon.net/NxGame - C:\ProgramData\NexonUS\NGM\npNxGameUS.dll No File
FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameeu.dll No File
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Lisa\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Forecastfox - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\nmreiupj.default\Extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3} [2012-10-09]
FF Extension: FastestFox - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\nmreiupj.default\Extensions\smarterwiki@wikiatic.com.xpi [2011-12-05]
FF Extension: IE View - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\nmreiupj.default\Extensions\{6e84150a-d526-41f1-a480-a67d3fed910d}.xpi [2011-12-11]
FF Extension: Adblock Plus - C:\Users\Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\nmreiupj.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-12-03]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-20]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-03-22]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011-06-20]
Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [68096 2011-01-11] ()
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [50344 2013-12-05] (AVAST Software)
R2 InternetUpdater; C:\ProgramData\InternetUpdater\InternetUpdaterService.exe [40448 2013-12-06] ()
S3 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-04-17] (Egis Technology Inc.)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4330168 2011-05-11] (INCA Internet Co., Ltd.)
S2 AntiVirSchedulerService; "C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe" [X]
S2 AntiVirService; "C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe" [X]
S4 AntiVirWebService; "C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE" [X]
S4 Dpsagchccp3.0; No ImagePath
==================== Drivers (Whitelisted) ====================
R2 aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [38984 2013-12-05] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [84328 2013-12-05] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-12-05] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-12-05] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1032416 2013-12-05] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [409832 2013-12-05] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65264 2013-12-05] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [205320 2013-12-05] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2010-11-01] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-07] (Avira Operations GmbH & Co. KG)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2010-11-01] ()
S3 NPPTNT2; C:\Windows\SysWOW64\npptNT2.sys [4682 2005-01-04] (INCA Internet Co., Ltd.)
R3 SjtWinIo; C:\Windows\System32\DRIVERS\SjtWinIo.sys [9216 2012-03-26] (SpeedJet Technology INC.)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] ()
R2 {B154377D-700F-42cc-9474-23858FBDF4BD}; C:\Program Files (x86)\CyberLink\PowerDVD9\000.fcl [146928 2010-04-28] (CyberLink Corp.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 dump_wmimmc; \??\C:\Program Files\gPotato.eu\FlyFF\GameGuard\dump_wmimmc.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-24 21:24 - 2014-02-24 21:29 - 00017984 _____ () C:\Users\Lisa\Downloads\FRST.txt
2014-02-24 21:24 - 2014-02-24 21:24 - 00000000 ____D () C:\Users\Lisa\Downloads\FRST-OlderVersion
2014-02-24 21:21 - 2014-02-24 21:21 - 00000832 _____ () C:\Users\Lisa\Desktop\JRT.txt
2014-02-24 21:15 - 2014-02-24 21:15 - 00000000 ____D () C:\Windows\ERUNT
2014-02-24 21:13 - 2014-02-24 21:13 - 01037734 _____ (Thisisu) C:\Users\Lisa\Downloads\JRT.exe
2014-02-24 20:35 - 2014-02-24 21:07 - 00000000 ____D () C:\AdwCleaner
2014-02-24 20:35 - 2014-02-24 20:35 - 01241834 _____ () C:\Users\Lisa\Downloads\adwcleaner.exe
2014-02-16 22:50 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-16 22:50 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-16 22:50 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-16 22:50 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-16 22:50 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-16 22:50 - 2014-02-06 11:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-16 22:50 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-16 22:50 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-16 22:50 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-16 22:50 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-16 22:50 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-16 22:50 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-16 22:50 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-16 22:50 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-16 22:50 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-16 22:50 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-16 22:50 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-16 22:50 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-16 22:50 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-16 22:50 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-16 22:49 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-16 22:49 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-16 22:49 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-16 22:49 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-16 22:49 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-16 22:49 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-16 22:49 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-16 22:49 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-16 22:49 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-16 22:49 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-16 22:49 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-16 22:49 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-16 22:49 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-16 22:49 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-16 22:49 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-16 22:49 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-16 22:49 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-16 22:49 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-16 22:49 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-16 22:49 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-16 22:49 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-16 15:44 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-16 15:44 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-16 15:44 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-16 15:44 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-16 15:44 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-16 15:44 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-16 15:44 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-16 15:44 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-10 14:53 - 2014-02-10 14:55 - 30335650 _____ () C:\Users\Lisa\Downloads\Ausflug in die Fränkische.zip
2014-02-06 16:46 - 2014-02-06 19:51 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-02-06 16:46 - 2014-02-06 16:46 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-02-06 16:46 - 2014-02-06 16:46 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-06 16:45 - 2014-02-06 19:51 - 00000000 ____D () C:\Users\Lisa\Desktop\mbar
2014-02-06 16:45 - 2014-02-06 16:45 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-02-06 16:42 - 2014-02-06 16:42 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Lisa\Downloads\mbar-1.07.0.1009.exe
2014-02-06 16:06 - 2014-02-06 16:06 - 00227096 _____ () C:\Users\Lisa\Downloads\avira_registry_cleaner_de.exe
2014-02-05 16:46 - 2014-02-05 16:46 - 00110584 _____ () C:\ComboFix.txt
2014-02-05 16:13 - 2014-02-06 14:47 - 00000000 ___SD () C:\ComboFix
2014-02-05 16:13 - 2014-02-06 14:47 - 00000000 ____D () C:\Windows\erdnt
2014-02-05 16:13 - 2014-02-05 16:46 - 00000000 ____D () C:\Qoobox
2014-02-05 16:13 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-02-05 16:13 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-02-05 16:13 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-02-05 16:13 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-02-05 16:13 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-02-05 16:13 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-02-05 16:13 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-02-05 16:13 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-02-05 16:11 - 2014-02-05 16:11 - 05180173 ____R (Swearware) C:\Users\Lisa\Downloads\ComboFix.exe
2014-02-04 19:19 - 2014-02-04 19:19 - 00283744 _____ () C:\Windows\Minidump\020414-21325-01.dmp
2014-02-04 18:48 - 2014-02-04 18:48 - 00288904 _____ () C:\Windows\Minidump\020414-29452-01.dmp
2014-02-04 18:24 - 2014-02-04 18:24 - 00380416 _____ () C:\Users\Lisa\Downloads\Gmer-19357.exe
2014-02-04 18:19 - 2014-02-24 21:29 - 00000000 ____D () C:\FRST
2014-02-04 18:18 - 2014-02-24 21:24 - 02156032 _____ (Farbar) C:\Users\Lisa\Downloads\FRST64.exe
2014-02-04 18:18 - 2014-02-04 18:18 - 00000000 _____ () C:\Users\Lisa\defogger_reenable
2014-02-04 18:17 - 2014-02-04 18:17 - 00050477 _____ () C:\Users\Lisa\Downloads\Defogger.exe
2014-02-04 17:48 - 2014-02-04 17:48 - 00025891 _____ () C:\Users\Lisa\Documents\dfdfd.odt
2014-02-04 17:47 - 2014-02-04 17:48 - 00022150 _____ () C:\Users\Lisa\Documents\dfdfdf.odt
2014-02-03 12:12 - 2014-02-03 12:12 - 14561543 _____ () C:\Users\Lisa\Downloads\Korrigiert.zip
2014-01-29 13:45 - 2014-01-29 13:45 - 00028545 _____ () C:\Users\Lisa\Downloads\Pagination-1.3.8.zip
==================== One Month Modified Files and Folders =======
2014-02-24 21:29 - 2014-02-24 21:24 - 00017984 _____ () C:\Users\Lisa\Downloads\FRST.txt
2014-02-24 21:29 - 2014-02-04 18:19 - 00000000 ____D () C:\FRST
2014-02-24 21:24 - 2014-02-24 21:24 - 00000000 ____D () C:\Users\Lisa\Downloads\FRST-OlderVersion
2014-02-24 21:24 - 2014-02-04 18:18 - 02156032 _____ (Farbar) C:\Users\Lisa\Downloads\FRST64.exe
2014-02-24 21:24 - 2010-09-18 15:23 - 00000000 ___RD () C:\Users\Lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-24 21:21 - 2014-02-24 21:21 - 00000832 _____ () C:\Users\Lisa\Desktop\JRT.txt
2014-02-24 21:16 - 2009-07-14 05:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-24 21:16 - 2009-07-14 05:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-24 21:15 - 2014-02-24 21:15 - 00000000 ____D () C:\Windows\ERUNT
2014-02-24 21:13 - 2014-02-24 21:13 - 01037734 _____ (Thisisu) C:\Users\Lisa\Downloads\JRT.exe
2014-02-24 21:13 - 2010-06-23 01:41 - 01175393 _____ () C:\Windows\WindowsUpdate.log
2014-02-24 21:08 - 2013-12-30 17:33 - 00003902 _____ () C:\Windows\setupact.log
2014-02-24 21:08 - 2010-06-23 01:45 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-02-24 21:08 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-24 21:07 - 2014-02-24 20:35 - 00000000 ____D () C:\AdwCleaner
2014-02-24 20:35 - 2014-02-24 20:35 - 01241834 _____ () C:\Users\Lisa\Downloads\adwcleaner.exe
2014-02-24 20:11 - 2010-10-04 20:16 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Xfire
2014-02-24 20:00 - 2010-10-05 12:20 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-02-21 11:56 - 2009-07-14 06:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-19 12:09 - 2012-11-09 01:31 - 00004184 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-02-16 23:06 - 2010-10-17 16:36 - 01642170 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-16 23:06 - 2010-06-23 11:33 - 00716620 _____ () C:\Windows\system32\perfh007.dat
2014-02-16 23:06 - 2010-06-23 11:33 - 00156088 _____ () C:\Windows\system32\perfc007.dat
2014-02-16 23:06 - 2009-07-14 06:13 - 01642170 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-16 23:01 - 2013-08-18 21:05 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-16 22:58 - 2010-10-10 18:09 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-16 22:41 - 2010-10-04 20:08 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Skype
2014-02-10 14:55 - 2014-02-10 14:53 - 30335650 _____ () C:\Users\Lisa\Downloads\Ausflug in die Fränkische.zip
2014-02-10 13:10 - 2014-01-11 12:12 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Awesomium
2014-02-09 17:32 - 2014-01-08 12:32 - 00000000 ____D () C:\Program Files (x86)\Zenimax Online
2014-02-06 19:51 - 2014-02-06 16:46 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-02-06 19:51 - 2014-02-06 16:45 - 00000000 ____D () C:\Users\Lisa\Desktop\mbar
2014-02-06 16:56 - 2011-01-31 11:35 - 00000000 ____D () C:\Users\Lisa\Desktop\Uni
2014-02-06 16:46 - 2014-02-06 16:46 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-02-06 16:46 - 2014-02-06 16:46 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-06 16:45 - 2014-02-06 16:45 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-02-06 16:45 - 2010-10-09 13:07 - 00000000 ____D () C:\Users\Lisa\Desktop\Lisa
2014-02-06 16:42 - 2014-02-06 16:42 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Lisa\Downloads\mbar-1.07.0.1009.exe
2014-02-06 16:06 - 2014-02-06 16:06 - 00227096 _____ () C:\Users\Lisa\Downloads\avira_registry_cleaner_de.exe
2014-02-06 15:55 - 2010-09-18 15:21 - 00000000 ____D () C:\Users\Lisa
2014-02-06 15:53 - 2013-12-20 15:16 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-06 15:53 - 2013-08-08 15:53 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-02-06 15:53 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-02-06 14:47 - 2014-02-05 16:13 - 00000000 ___SD () C:\ComboFix
2014-02-06 14:47 - 2014-02-05 16:13 - 00000000 ____D () C:\Windows\erdnt
2014-02-06 14:47 - 2010-10-04 20:03 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\Winamp
2014-02-06 14:47 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-02-06 14:47 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-02-06 13:16 - 2014-02-16 22:49 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 12:30 - 2014-02-16 22:50 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 12:30 - 2014-02-16 22:50 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 12:12 - 2014-02-16 22:49 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 12:07 - 2014-02-16 22:50 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 12:06 - 2014-02-16 22:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 11:57 - 2014-02-16 22:50 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 11:56 - 2014-02-16 22:50 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 11:52 - 2014-02-16 22:50 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 11:49 - 2014-02-16 22:50 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 11:48 - 2014-02-16 22:49 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 11:48 - 2014-02-16 22:49 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 11:38 - 2014-02-16 22:49 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-06 11:32 - 2014-02-16 22:50 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 11:20 - 2014-02-16 22:50 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-06 11:17 - 2014-02-16 22:50 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 11:11 - 2014-02-16 22:49 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 11:01 - 2014-02-16 22:50 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-06 11:00 - 2014-02-16 22:49 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-16 22:50 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 10:57 - 2014-02-16 22:49 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-06 10:52 - 2014-02-16 22:50 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-06 10:52 - 2014-02-16 22:50 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-06 10:50 - 2014-02-16 22:49 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 10:49 - 2014-02-16 22:50 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-06 10:47 - 2014-02-16 22:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-06 10:46 - 2014-02-16 22:49 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-06 10:25 - 2014-02-16 22:50 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-06 10:25 - 2014-02-16 22:49 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-06 10:24 - 2014-02-16 22:49 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 10:22 - 2014-02-16 22:49 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 10:13 - 2014-02-16 22:50 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-06 10:09 - 2014-02-16 22:49 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-06 10:03 - 2014-02-16 22:49 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-06 09:55 - 2014-02-16 22:49 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 09:41 - 2014-02-16 22:49 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-06 09:40 - 2014-02-16 22:49 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-06 09:36 - 2014-02-16 22:49 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-06 09:34 - 2014-02-16 22:49 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-05 16:46 - 2014-02-05 16:46 - 00110584 _____ () C:\ComboFix.txt
2014-02-05 16:46 - 2014-02-05 16:13 - 00000000 ____D () C:\Qoobox
2014-02-05 16:11 - 2014-02-05 16:11 - 05180173 ____R (Swearware) C:\Users\Lisa\Downloads\ComboFix.exe
2014-02-04 21:09 - 2013-11-06 14:17 - 00000000 ____D () C:\Users\Lisa\Desktop\BA
2014-02-04 19:19 - 2014-02-04 19:19 - 00283744 _____ () C:\Windows\Minidump\020414-21325-01.dmp
2014-02-04 19:19 - 2014-01-16 11:56 - 534568087 _____ () C:\Windows\MEMORY.DMP
2014-02-04 19:19 - 2014-01-04 12:44 - 00003328 _____ () C:\Windows\PFRO.log
2014-02-04 19:19 - 2012-11-06 11:34 - 00000000 ____D () C:\Windows\Minidump
2014-02-04 18:48 - 2014-02-04 18:48 - 00288904 _____ () C:\Windows\Minidump\020414-29452-01.dmp
2014-02-04 18:24 - 2014-02-04 18:24 - 00380416 _____ () C:\Users\Lisa\Downloads\Gmer-19357.exe
2014-02-04 18:18 - 2014-02-04 18:18 - 00000000 _____ () C:\Users\Lisa\defogger_reenable
2014-02-04 18:17 - 2014-02-04 18:17 - 00050477 _____ () C:\Users\Lisa\Downloads\Defogger.exe
2014-02-04 17:48 - 2014-02-04 17:48 - 00025891 _____ () C:\Users\Lisa\Documents\dfdfd.odt
2014-02-04 17:48 - 2014-02-04 17:47 - 00022150 _____ () C:\Users\Lisa\Documents\dfdfdf.odt
2014-02-03 12:12 - 2014-02-03 12:12 - 14561543 _____ () C:\Users\Lisa\Downloads\Korrigiert.zip
2014-02-03 01:16 - 2010-10-17 16:37 - 00000000 ____D () C:\Users\Lisa\AppData\Roaming\SoftGrid Client
2014-02-01 17:27 - 2010-10-04 20:16 - 00000000 ____D () C:\ProgramData\Xfire
2014-01-29 13:45 - 2014-01-29 13:45 - 00028545 _____ () C:\Users\Lisa\Downloads\Pagination-1.3.8.zip
Some content of TEMP:
====================
C:\Users\Lisa\AppData\Local\Temp\avgnt.exe
C:\Users\Lisa\AppData\Local\Temp\nsa7950.exe
C:\Users\Lisa\AppData\Local\Temp\nsf75C5.exe
C:\Users\Lisa\AppData\Local\Temp\nsl8044.exe
C:\Users\Lisa\AppData\Local\Temp\nsq4E1B.exe
C:\Users\Lisa\AppData\Local\Temp\nsv4959.exe
C:\Users\Lisa\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-02-18 11:14
==================== End Of Log ============================
--- --- --- Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-02-2014
Ran by Lisa at 2014-02-24 21:30:24
Running from C:\Users\Lisa\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
Acer Backup Manager (HKLM-x32\...\InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.60 - NewTech Infosystems)
Acer Crystal Eye Webcam (HKLM-x32\...\{7760D94E-B1B5-40A0-9AA0-ABF942108755}) (Version: 5.2.11.2 - Suyin Optronics Corp)
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 5.00.3004 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3011 - Acer Incorporated)
Acer GameZone Console (HKLM-x32\...\{ABEE079E-648E-488B-8301-0C3DB48C1BCE}_is1) (Version: 6.1.0.2 - Oberon Media, Inc.)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3001 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.1.0.4880 - Adobe Systems Incorporated) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Community Help (x32 Version: 3.4.980 - Adobe Systems Incorporated.) Hidden
Adobe Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 1.4.0 - Adobe Systems Incorporated)
Adobe Content Viewer (x32 Version: 1.4.0 - Adobe Systems Incorporated) Hidden
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.0.6 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.0.6 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.45.2 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.9.900.152 - Adobe Systems Incorporated)
Adobe Photoshop CS (HKLM-x32\...\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}) (Version: CS - Adobe Systems, Inc.)
Adobe Reader XI (11.0.02) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.02 - Adobe Systems Incorporated)
Age of Empires III - The WarChiefs (HKLM-x32\...\InstallShield_{1C08A24C-B168-407E-A826-68FAF5F20710}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III - The WarChiefs (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III (HKLM-x32\...\InstallShield_{A8CF5C37-8EC5-4C33-BB4A-87F468B77D45}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 1.2.6 (HKLM-x32\...\Audacity_is1) (Version: - )
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2008 - Avast Software)
Backup Manager Basic (x32 Version: 2.0.0.60 - NewTech Infosystems) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom Gigabit NetLink Controller (HKLM\...\{A84DB02B-9C2B-4272-9D2D-A80E00A56513}) (Version: 12.52.04 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 4.09 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.1.4003 - CDBurnerXP)
Counter-Strike: Condition Zero (HKLM-x32\...\Steam App 80) (Version: - Valve)
CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.2829.50 - CyberLink Corp.)
CyberLink PowerDVD 9 (x32 Version: 9.0.2829.50 - CyberLink Corp.) Hidden
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.8 - DivX, LLC)
Dropbox (HKCU\...\Dropbox) (Version: 1.2.48 - Dropbox, Inc.)
Far Cry 2 (HKLM-x32\...\{F2835483-37F2-4123-B4FE-0E77D58447F2}) (Version: 1.03.00 - Ubisoft)
Free YouTube to MP3 Converter version 3.11.33.1005 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.11.33.1005 - DVDVideoSoft Ltd.)
Google Earth (HKLM-x32\...\{4286E640-B5FB-11DF-AC4B-005056C00008}) (Version: 5.2.1.1588 - Google)
Half-Life 2 (HKLM-x32\...\Steam App 220) (Version: - Valve)
Hamachi 1.0.3.0 (HKLM-x32\...\Hamachi) (Version: - )
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.2.1001 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.01.01.1007 - Intel Corporation)
Internet Updater (HKLM-x32\...\InternetUpdater) (Version: 2.6.52 - Parallel Lines Development, LLC) <==== ATTENTION
iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)
Java 7 Update 21 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417021FF}) (Version: 7.0.210 - Oracle)
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 4.0.8 - Acer Inc.)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{2E660A2A-A55F-43CD-9F73-CAD7382EEB78}) (Version: 3.0.19.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Mozilla Firefox 26.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 26.0 (x86 de)) (Version: 26.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 26.0 - Mozilla)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyWinLocker (x32 Version: 3.1.210.0 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}) (Version: 3.1.210.0 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 3.1.210.0 - Egis Technology Inc.) Hidden
Nexon Game Manager (HKLM-x32\...\{289AC7E0-0AEE-4a7b-913C-709D9803D23E}) (Version: - )
Norton Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 1.2.0.36 - Symantec)
NTI Backup Now 5 (HKLM-x32\...\InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.628 - NewTech Infosystems)
NTI Backup Now Standard (x32 Version: 5.1.2.628 - NewTech Infosystems) Hidden
NTI Media Maker 8 (HKLM-x32\...\InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.12.6630 - NewTech Infosystems)
NTI Media Maker 8 (x32 Version: 8.0.12.6630 - NewTech Infosystems) Hidden
NVIDIA 3D Vision Treiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 327.02 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.59.37 - NVIDIA Corporation)
NVIDIA Grafiktreiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA PhysX (HKLM-x32\...\{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}) (Version: 9.12.0213 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2702 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 327.02 (Version: 327.02 - NVIDIA Corporation) Hidden
NVIDIA Update 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.14.17 - NVIDIA Corporation) Hidden
NVIDIA Updatus (x32 Version: 1.0.3 - NVIDIA Corporation) Hidden
OpenOffice.org 3.0 (HKLM-x32\...\{04B45310-A5FE-4425-BFCA-1A6D8920DE74}) (Version: 3.0.9379 - OpenOffice.org)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.3.6.0 - Pando Networks Inc.)
Pizza Syndicate deinstallieren (HKLM-x32\...\Pizza Syndicate) (Version: - )
Portal (HKLM-x32\...\Steam App 400) (Version: - Valve)
Power Packet5.0 _x86Setup (HKLM-x32\...\{45BB7607-083D-4759-873E-41EC0461F8E5}) (Version: 1.0.6 - Intellon)
QuickTime (HKLM-x32\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6015 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30118 - Realtek Semiconductor Corp.)
Rise and Fall (HKLM-x32\...\{D078226E-83F2-45FD-9CDE-5DA66E5ADB51}) (Version: 1.00.0000 - Midway Games)
S.T.A.L.K.E.R. - Shadow of Chernobyl (HKLM-x32\...\S.T.A.L.K.E.R. - Shadow of Chernobyl_is1) (Version: 1.0000 - THQ)
Shredder (Version: 2.0.8.3 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.3 - Egis Technology Inc.) Hidden
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.6.8442 - Skype Technologies S.A.)
Skype™ 6.1 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.1.129 - Skype Technologies S.A.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.19.0 - Synaptics Incorporated)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: - TeamSpeak Systems GmbH)
The Elder Scrolls Online Beta (HKLM-x32\...\The Elder Scrolls Online Beta_is1) (Version: 0.3.4 - )
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
Überwachungstool für die Intel® Turbo-Boost-Technik (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}) (Version: 1.0.186.6 - Intel)
Uninstall 1.0.0.1 (HKLM-x32\...\Uninstall_is1) (Version: - )
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 1.1.11 (HKLM-x32\...\VLC media player) (Version: 1.1.11 - VideoLAN)
WEB.DE Softwareaktualisierung (HKLM-x32\...\1&1 Mail & Media GmbH 1und1Softwareaktualisierung) (Version: 2.0.1.9 - 1&1 Mail & Media GmbH)
Winamp (HKLM-x32\...\Winamp) (Version: 5.581 - Nullsoft, Inc)
Winamp Detector Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Call (x32 Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8081.709 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 14.0.8091.0730 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - )
Xfire (remove only) (HKLM-x32\...\Xfire) (Version: - )
==================== Restore Points =========================
16-02-2014 21:48:27 Windows Update
21-02-2014 11:01:34 Windows Update
==================== Hosts content: ==========================
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {0BFE4847-9F11-4515-9DCD-1E2675CAAD2B} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)
Task: {1FDC58CE-4E7A-4571-846C-98B7D5CB6C96} - System32\Tasks\avast! Emergency Update => C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe [2013-12-05] (AVAST Software)
Task: {226EB9C9-93BA-4E3C-AF17-A2116E713796} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {7C892896-F60B-45AE-9137-EA60EF9CDEDD} - System32\Tasks\{9707A513-D39A-4A65-B6F4-A48E65730D9C} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-01-08] (Skype Technologies S.A.)
Task: {90B07063-0292-4213-BDFD-409AAD10A857} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd)
Task: {A9C9DFAF-0DDF-4542-AD53-F27C6F8AA4CA} - System32\Tasks\Registration 1und1 Task => C:\Program Files (x86)\1und1Softwareaktualisierung\cdsupdclient.exe [2011-07-28] (1&1 Mail & Media GmbH)
Task: {E8EB6E89-7C1C-4973-813C-526AF4F9A677} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
==================== Loaded Modules (whitelisted) =============
2013-12-31 14:29 - 2013-08-29 23:43 - 00097568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-12-06 02:30 - 2013-12-06 02:30 - 00040448 _____ () C:\ProgramData\InternetUpdater\InternetUpdaterService.exe
2010-06-23 01:54 - 2010-01-13 09:47 - 00206208 _____ () C:\Windows\PLFSetI.exe
2010-09-20 19:18 - 2010-03-15 10:28 - 00052224 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2014-02-24 16:06 - 2014-02-24 09:43 - 02181632 _____ () C:\Program Files\Alwil Software\Avast5\defs\14022400\algo.dll
2011-09-27 07:23 - 2011-09-27 07:23 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2011-09-27 07:22 - 2011-09-27 07:22 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2010-03-09 01:18 - 2010-03-09 01:18 - 00465576 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
2010-03-09 01:13 - 2010-03-09 01:13 - 01081600 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ACE.dll
2010-05-06 13:01 - 2009-05-20 07:02 - 00072200 _____ () C:\Program Files (x86)\Launch Manager\CdDirIo.dll
2013-12-05 15:22 - 2013-12-05 15:22 - 19336120 _____ () C:\Program Files\Alwil Software\Avast5\libcef.dll
2014-02-17 12:51 - 2014-02-17 12:51 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\29335dc88d799664dcd97362bcb687e9\IsdiInterop.ni.dll
2010-06-23 01:53 - 2010-04-13 08:52 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2013-12-20 15:16 - 2013-12-20 15:16 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\Temp:0B9176C0
AlternateDataStreams: C:\ProgramData\Temp:4D066AD2
AlternateDataStreams: C:\ProgramData\Temp:5D7E5A8F
AlternateDataStreams: C:\ProgramData\Temp:798A3728
AlternateDataStreams: C:\ProgramData\Temp:93DE1838
AlternateDataStreams: C:\ProgramData\Temp:93EB7685
AlternateDataStreams: C:\ProgramData\Temp:AB689DEA
AlternateDataStreams: C:\ProgramData\Temp:ABE89FFE
AlternateDataStreams: C:\ProgramData\Temp:E1F04E8D
AlternateDataStreams: C:\ProgramData\Temp:E2B84483
AlternateDataStreams: C:\ProgramData\Temp:E36F5B57
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
==================== Disabled items from MSCONFIG ==============
MSCONFIG\startupfolder: C:^Users^Lisa^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Lisa^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^IMVU.lnk => C:\Windows\pss\IMVU.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Lisa^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.0.lnk => C:\Windows\pss\OpenOffice.org 3.0.lnk.Startup
MSCONFIG\startupreg: ApplePhotoStreams => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BackupManagerTray => "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: EgisTecPMMUpdate => "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
MSCONFIG\startupreg: EgisUpdate => "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
MSCONFIG\startupreg: iCloudServices => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
MSCONFIG\startupreg: ICQ => "C:\Program Files (x86)\ICQ7.2\ICQ.exe" silent loginmode=4
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: KPeerNexonEU => C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe
MSCONFIG\startupreg: mwlDaemon => C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
MSCONFIG\startupreg: NortonOnlineBackupReminder => "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
MSCONFIG\startupreg: Pando Media Booster => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: SuiteTray => "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
MSCONFIG\startupreg: WinampAgent => "C:\Program Files (x86)\Winamp\winampa.exe"
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2014-02-05 16:27:01.193
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-02-05 16:27:01.103
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Percentage of memory in use: 41%
Total physical RAM: 3958.71 MB
Available physical RAM: 2319.91 MB
Total Pagefile: 7915.6 MB
Available Pagefile: 6046.33 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:452.66 GB) (Free:142.53 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 42DB3AF9)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=453 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
24.02.2014, 22:01
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Auf USB Stick nur noch Verknüpfungen (Dateien sind versteckt) Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle einen Quickscan mit Malwarebytes Anti-Malware (MBAM) Hinweis: Denk bitte vorher daran, Malwarebytes Anti-Malware über den Updatebutton zu aktualisieren! Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt: ESET Online Scanner
__________________ Logfiles bitte immer in CODE-Tags posten |
|
25.02.2014, 19:22
| #13 |
| | Auf USB Stick nur noch Verknüpfungen (Dateien sind versteckt) Über Malwarebytes nichts gefunden, aber bei dem zweiten hieß es, dass drei Bedohungen gefunden wurden.. Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internet# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=837f9e8bab644441bf9ec5f23468b369
# engine=17220
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-02-25 03:11:24
# local_time=2014-02-25 04:11:24 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776573 100 94 19113 144970934 0 0
# scanned=397
# found=0
# cleaned=0
# scan_time=126
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=837f9e8bab644441bf9ec5f23468b369
# engine=17220
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-02-25 06:17:03
# local_time=2014-02-25 07:17:03 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776573 100 94 26652 144982073 0 0
# scanned=276963
# found=3
# cleaned=0
# scan_time=11082
sh=662B9923F7C796C1766AF1488302447F9216061A ft=1 fh=fff34c570ca51c53 vn="a variant of MSIL/Adware.PullUpdate.A application" ac=I fn="C:\ProgramData\InternetUpdater\InternetUpdaterService.exe"
sh=662B9923F7C796C1766AF1488302447F9216061A ft=1 fh=fff34c570ca51c53 vn="a variant of MSIL/Adware.PullUpdate.A application" ac=I fn="C:\Users\All Users\InternetUpdater\InternetUpdaterService.exe"
sh=0BBFD6349227C52D49BB4DF57BACA5F6FE714B37 ft=1 fh=ed18c5638abe6a5c vn="MSIL/Adware.PullUpdate.A application" ac=I fn="C:\Users\Lisa\AppData\Local\Temp\nspBA13.tmp\DynamicOffer2\Setup (4).exe"
|
|
26.02.2014, 00:09
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Auf USB Stick nur noch Verknüpfungen (Dateien sind versteckt) Log von MBAM bitte immer posten
__________________ Logfiles bitte immer in CODE-Tags posten |
|
26.02.2014, 12:30
| #15 |
| | Auf USB Stick nur noch Verknüpfungen (Dateien sind versteckt) hier der log Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.07.0.1009
www.malwarebytes.org
Database version: v2014.02.25.05
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16518
Lisa :: LISA-PC [administrator]
25.02.2014 12:35:55
mbar-log-2014-02-25 (12-35-55).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 298959
Time elapsed: 58 minute(s), 44 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
|
|
| Themen zu Auf USB Stick nur noch Verknüpfungen (Dateien sind versteckt) |
| antivir, avira, bonjour, browser, converter, desktop, device driver, dvdvideosoft ltd., error, failed, firefox, flash player, home, launch, minidump, mp3, nicht öffnen, problem, problem gelöst, programm, realtek, scan, security, sekunden, server, software, svchost.exe, symantec, system, taskhost.exe, verknüpfungen auf dem usb-stick, virus, windows xp |
Linear-Darstellung
