| |
| |||||||
Log-Analyse und Auswertung: Malwarebytes Anti-Malware geht erst nicht, findet dann Security.Hijack - Ist da noch mehr?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
25.07.2014, 22:46
| #1 |
 |  Malwarebytes Anti-Malware geht erst nicht, findet dann Security.Hijack - Ist da noch mehr? Hallo in die Runde, Hier mein "Problem": An sich funktioniert mein System ganz zufriedenstellend, es hat keine Aussetzer, wird nicht durch Spam oder sonstiges heimgesucht oder macht sonst einen angeschlagenen Eindruck. Ich bin aber zuletzt stutzig geworden, dass mein McAfee Internet Security Suite beim Echtzeitscan nichts mehr fand, was zuvor von Zeit zu Zeit immer mal der Fall war. Die Software ist aber der Ansicht, korrekt zu funktionieren. Das habe ich mit einem Trainerfile getestet, das ich mal für ein Spiel gezogen hatte und das als Trojaner stets quasi sofort gekillt worden war - diesmal blieb es wo es war, für mich ein klarer Hinweis auf eine eingeschränkte Funktionalität von McAfee. Um an der Stelle nachzuforschen, wollte ich Malwarebytes Anti-Malware starten - doch das startete einfach nicht, auch nicht mit dem Umweg über Chamaeleon. Mit dem MBAM Cleaner und erneuter Installation ging MBAM dann schließlich doch, und fand prompt vier Bedrohungen, die ich alle quarantänierte: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 25.07.2014 Scan Time: 21:18:24 Logfile: mbamlog140725.txt Administrator: Yes Version: 2.00.2.1012 Malware Database: v2014.07.25.06 Rootkit Database: v2014.07.17.01 License: Trial Malware Protection: Enabled Malicious Website Protection: Enabled Self-protection: Disabled OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: Patrick Scan Type: Threat Scan Result: Completed Objects Scanned: 308221 Time Elapsed: 9 min, 34 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 2 Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\CHROME.EXE, , [d7e3dac9daa1310508d732445ca7728e], Security.Hijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\CHROME.EXE, , [308a465ded8edd596d7242340300ee12], Registry Values: 2 Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\CHROME.EXE|Debugger, "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe", , [d7e3dac9daa1310508d732445ca7728e] Security.Hijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\CHROME.EXE|Debugger, "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe", , [308a465ded8edd596d7242340300ee12] Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 0 (No malicious items detected) Physical Sectors: 0 (No malicious items detected) (end) Schließlich stolperte ich über eure Website - und hier sind die Logs meiner Vorbereitungen (Defogger, FRST, GMER): -> siehe Anhang Der von mir der Vollständigkeit halber ausgeführte McAfee Internet Security Suite Schnellscan ergab keine Hinweise auf Viren, Spyware oder Rootkits. Das ziehe ich aber wie oben erwähnt in Zweifel. Ich hoffe, ich kann bald Gewissheit erlangen, ob mein System überhaupt ein Problem hat und falls ja, wie ich dieses aus der Welt schaffen kann. |
|
26.07.2014, 06:23
| #2 |
| /// the machine /// TB-Ausbilder    | Malwarebytes Anti-Malware geht erst nicht, findet dann Security.Hijack - Ist da noch mehr? Hi,
__________________Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen. Ich kann auf Arbeit keine Anhänge öffnen, danke.  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
26.07.2014, 07:13
| #3 | |
| | Malwarebytes Anti-Malware geht erst nicht, findet dann Security.Hijack - Ist da noch mehr? Moin,
__________________Zitat:
Hier nun die Logs: FRST FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-07-2014 01 Ran by Patrick (administrator) on SPEEDY_GO on 25-07-2014 22:20:42 Running from C:\Users\Patrick\Desktop Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.) C:\Windows\System32\mfevtps.exe (TeamViewer GmbH) D:\Programme\TeamViewer\Version9\TeamViewer_Service.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Microsoft Corporation) C:\Program Files (x86)\Windows Sidebar\sidebar.exe (CyberLink Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (CyberLink Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (Malwarebytes Corporation) D:\Programme\ Malwarebytes Anti-Malware \mbamservice.exe (Malwarebytes Corporation) D:\Programme\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) D:\Programme\ Malwarebytes Anti-Malware \mbam.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe () C:\Program Files (x86)\Opera\23.0.1522.60\opera_crashreporter.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe (Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe () C:\Users\Patrick\Desktop\Defogger.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe [349552 2010-05-27] (Egis Technology Inc.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11464296 2010-09-03] (Realtek Semiconductor) HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation) HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [337264 2010-05-27] (Egis Technology Inc.) HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201584 2010-03-11] (Egis Technology Inc.) HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920 2010-03-11] (Egis Technology Inc.) HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-02] (Symantec Corporation) HKLM-x32\...\Run: [MDS_Menu] => C:\Program Files (x86)\Acer Arcade Deluxe\MediaEspresso\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.) HKLM-x32\...\Run: [ArcadeMovieService] => C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe [419112 2010-12-01] (CyberLink Corp.) HKLM-x32\...\Run: [Hotkey Utility] => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [618600 2010-12-03] () HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.) HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard) HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5537136 2013-08-14] (Western Digital Technologies, Inc.) HKLM-x32\...\Run: [TrayServer] => D:\Programme\MAGIX\Video_deluxe_MX_Premium_Sonderedition\TrayServer_de.exe [90112 2008-08-07] (MAGIX AG) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation) HKLM\...\Policies\Explorer: [NoControlPanel] 0 HKLM\...\Policies\Explorer: [NoFolderOptions] 0 HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation) HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation) HKU\S-1-5-21-3882204627-1061545298-3667153872-1001\...\Run: [Nexus Radio] => D:\Program Files (x86)\Nexus Radio\Nexus Radio.exe [4704256 2011-12-21] (Egisca Corporation) HKU\S-1-5-21-3882204627-1061545298-3667153872-1001\...\Policies\Explorer: [DisallowRun] 1 HKU\S-1-5-21-3882204627-1061545298-3667153872-1001\...\Policies\Explorer: [NoFolderOptions] 0 HKU\S-1-5-21-3882204627-1061545298-3667153872-1001\...\Policies\Explorer: [NoControlPanel] 0 HKU\S-1-5-21-3882204627-1061545298-3667153872-1001\...\MountPoints2: {450a8f23-67dd-11e3-8710-f80f4114f534} - L:\setup.exe Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk ShortcutTarget: WISO Mein Steuer-Sparbuch heute.lnk -> D:\Program Files (x86)\WISO\Steuer 2014\mshaktuell.exe () ShellIconOverlayIdentifiers: egisPSDP -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec MyWinLocker\x64\psdprotect.dll (Egis Technology Inc.) ShellIconOverlayIdentifiers-x32: egisPSDP -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec MyWinLocker\x86\psdprotect.dll (Egis Technology Inc.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank SearchScopes: HKLM-x32 - DefaultScope value is missing. SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: SingleInstance Class -> {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc) BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.) Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 FireFox: ======== FF ProfilePath: C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\xa9y2lcc.default FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll () FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL () FF Plugin: @videolan.org/vlc,version=2.1.1 - D:\Programme\VLC Media Player\npvlc.dll (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll () FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL () FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @nullsoft.com/winampDetector;version=1 - D:\Programme\Winamp Detect\npwachk.dll (Nullsoft, Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: Amazon-Icon - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\xa9y2lcc.default\Extensions\amazon-icon@giga.de [2014-06-06] FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2013-12-15] FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-12-18] FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2013-12-15] FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 Chrome: ======= CHR HomePage: hxxp://www.google.com/ CHR StartupUrls: "hxxp://www.google.com/" CHR Extension: (Google Docs) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-02] CHR Extension: (Google Drive) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-02] CHR Extension: (YouTube) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-02] CHR Extension: (Google-Suche) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-02] CHR Extension: (SiteAdvisor) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2014-05-02] CHR Extension: (Google Wallet) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-02] CHR Extension: (Google Mail) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-02] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1840128 2011-05-24] (MAGIX AG) [File not signed] S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed] R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed] R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed] R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1037824 2009-09-20] (Hewlett-Packard Co.) [File not signed] R2 MBAMScheduler; D:\Programme\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation) R2 MBAMService; D:\Programme\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation) R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.) R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [602944 2013-08-02] (McAfee, Inc.) R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-03-18] (McAfee, Inc.) R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-04-03] (McAfee, Inc.) R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-04-03] (McAfee, Inc.) R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) S4 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-05-27] (Egis Technology Inc.) R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed] R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation) R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed] R2 TeamViewer9; D:\Programme\TeamViewer\Version9\TeamViewer_Service.exe [5024576 2014-04-25] (TeamViewer GmbH) R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [270704 2013-08-14] (Western Digital Technologies, Inc.) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70592 2014-04-03] (McAfee, Inc.) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-12-18] (Disc Soft Ltd) S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-25] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation) R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [177544 2014-04-03] (McAfee, Inc.) R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311856 2014-04-03] (McAfee, Inc.) R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [522360 2014-04-03] (McAfee, Inc.) R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [784760 2014-04-03] (McAfee, Inc.) R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [441264 2014-03-18] (McAfee, Inc.) S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [96592 2014-03-18] (McAfee, Inc.) R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [346760 2014-04-03] (McAfee, Inc.) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-07-25 22:20 - 2014-07-25 22:20 - 00022546 _____ () C:\Users\Patrick\Desktop\FRST.txt 2014-07-25 22:20 - 2014-07-25 22:20 - 00000000 ____D () C:\FRST 2014-07-25 22:19 - 2014-07-25 22:19 - 00000546 _____ () C:\Users\Patrick\Desktop\defogger_disable.log 2014-07-25 22:19 - 2014-07-25 22:19 - 00000168 _____ () C:\Users\Patrick\defogger_reenable 2014-07-25 22:11 - 2014-07-25 22:11 - 02093568 _____ (Farbar) C:\Users\Patrick\Desktop\FRST64.exe 2014-07-25 22:11 - 2014-07-25 22:11 - 00050477 _____ () C:\Users\Patrick\Desktop\Defogger.exe 2014-07-25 21:42 - 2014-07-25 21:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee 2014-07-25 21:34 - 2014-07-25 21:34 - 00000000 ____D () C:\Program Files (x86)\ESET 2014-07-25 21:33 - 2014-07-25 21:33 - 02347384 _____ (ESET) C:\Users\Patrick\Desktop\esetsmartinstaller_deu (1).exe 2014-07-25 21:22 - 2014-07-25 21:22 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Patrick\Desktop\tdsskiller (1).exe 2014-07-25 21:17 - 2014-07-25 21:57 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-07-25 21:16 - 2014-07-25 21:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-07-25 21:16 - 2014-07-25 21:16 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-07-25 21:16 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-07-25 21:16 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-07-25 21:16 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-07-25 21:02 - 2014-07-25 21:02 - 00004347 _____ () C:\Users\Patrick\Desktop\gmer.log 2014-07-25 20:45 - 2014-07-25 20:45 - 00000000 __SHD () C:\Users\Patrick\AppData\Local\EmieUserList 2014-07-25 20:45 - 2014-07-25 20:45 - 00000000 __SHD () C:\Users\Patrick\AppData\Local\EmieSiteList 2014-07-25 20:37 - 2014-07-25 20:37 - 00000000 ____D () C:\Windows\system32\appmgmt 2014-07-24 22:20 - 2014-07-24 22:20 - 00002567 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Excel Viewer.lnk 2014-07-24 22:16 - 2014-07-24 22:17 - 53634800 _____ (Microsoft Corporation) C:\Users\Patrick\Downloads\ExcelViewer.exe 2014-07-24 21:32 - 2014-07-24 21:32 - 00000000 ____D () C:\Users\Patrick\AppData\Local\Avg2014 2014-07-21 13:18 - 2014-07-21 13:18 - 00000000 ____D () C:\Windows\Sun 2014-07-21 13:17 - 2014-07-21 13:17 - 00004669 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log 2014-07-21 13:17 - 2014-07-11 03:02 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-07-21 13:17 - 2014-07-11 02:56 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2014-07-21 13:17 - 2014-07-11 02:56 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2014-07-21 13:17 - 2014-07-11 02:55 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2014-07-16 03:00 - 2014-07-16 03:00 - 00264498 _____ () C:\Windows\msxml4-KB2758694-enu.LOG 2014-07-14 13:26 - 2014-07-14 13:26 - 00000000 ____D () C:\Users\Patrick\Documents\MAGIX 2014-07-14 12:54 - 2014-07-14 13:26 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\MAGIX 2014-07-14 12:54 - 2014-07-14 12:54 - 00000000 ____D () C:\Users\Patrick\Documents\MAGIX_MusicEditor 2014-07-14 12:54 - 2014-07-14 12:54 - 00000000 ____D () C:\Users\Patrick\AppData\Local\Xara 2014-07-14 12:44 - 2014-07-14 12:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX 2014-07-14 12:44 - 2014-07-14 12:44 - 00000000 ____D () C:\Program Files (x86)\MAGIX 2014-07-14 12:43 - 2014-07-14 13:26 - 00000000 ____D () C:\ProgramData\MAGIX 2014-07-14 12:43 - 2014-01-09 04:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2014-07-14 12:43 - 2014-01-04 00:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2014-07-13 12:58 - 2014-07-13 12:58 - 00000000 ____D () C:\ProgramData\RELOADED 2014-07-13 12:48 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll 2014-07-13 12:48 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll 2014-07-13 12:48 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll 2014-07-13 12:48 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll 2014-07-13 12:48 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll 2014-07-13 12:48 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll 2014-07-13 12:48 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll 2014-07-13 12:48 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll 2014-07-13 12:48 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll 2014-07-13 12:48 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll 2014-07-13 12:48 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll 2014-07-13 12:48 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll 2014-07-13 12:48 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll 2014-07-13 12:48 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll 2014-07-13 12:48 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll 2014-07-13 12:48 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll 2014-07-13 12:31 - 2013-10-02 03:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll 2014-07-13 12:30 - 2013-10-02 04:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys 2014-07-13 12:30 - 2013-10-02 04:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe 2014-07-13 12:30 - 2013-10-02 04:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll 2014-07-13 12:30 - 2013-10-02 03:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll 2014-07-13 12:30 - 2013-10-02 03:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll 2014-07-13 12:30 - 2013-10-02 03:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll 2014-07-13 12:30 - 2013-10-02 02:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll 2014-07-13 12:30 - 2013-10-02 02:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll 2014-07-13 12:30 - 2013-10-02 02:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll 2014-07-13 12:30 - 2013-10-02 02:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe 2014-07-13 12:30 - 2013-10-02 02:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe 2014-07-13 12:30 - 2013-10-02 01:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll 2014-07-13 12:30 - 2013-10-02 01:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe 2014-07-13 12:30 - 2013-10-02 01:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll 2014-07-13 12:30 - 2013-10-02 00:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe 2014-07-13 12:30 - 2013-09-25 04:23 - 01030144 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll 2014-07-13 12:30 - 2013-09-25 03:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll 2014-07-11 12:50 - 2014-07-13 12:45 - 00000507 _____ () C:\Users\Public\Desktop\Metro Last Light.lnk 2014-07-11 12:50 - 2014-07-13 12:45 - 00000507 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metro Last Light.lnk 2014-07-10 11:46 - 2014-06-30 04:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-07-10 11:46 - 2014-06-30 04:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-07-10 11:46 - 2014-06-20 22:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-07-10 11:46 - 2014-06-20 21:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-07-10 11:46 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-07-10 11:46 - 2014-06-19 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-07-10 11:46 - 2014-06-19 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-07-10 11:46 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-07-10 11:46 - 2014-06-19 02:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-07-10 11:46 - 2014-06-19 02:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-07-10 11:46 - 2014-06-19 02:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-07-10 11:46 - 2014-06-19 02:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-07-10 11:46 - 2014-06-19 02:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-07-10 11:46 - 2014-06-19 02:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-07-10 11:46 - 2014-06-19 02:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-07-10 11:46 - 2014-06-19 02:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-07-10 11:46 - 2014-06-19 02:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-07-10 11:46 - 2014-06-19 02:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-07-10 11:46 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-07-10 11:46 - 2014-06-19 02:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-07-10 11:46 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-07-10 11:46 - 2014-06-19 01:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-07-10 11:46 - 2014-06-19 01:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-07-10 11:46 - 2014-06-19 01:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-07-10 11:46 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-07-10 11:46 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-07-10 11:46 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-07-10 11:46 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-07-10 11:46 - 2014-06-19 01:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-07-10 11:46 - 2014-06-19 01:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-07-10 11:46 - 2014-06-19 01:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-07-10 11:46 - 2014-06-19 01:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-07-10 11:46 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-07-10 11:46 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-07-10 11:46 - 2014-06-19 01:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-07-10 11:46 - 2014-06-19 01:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-07-10 11:46 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-07-10 11:46 - 2014-06-19 01:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-07-10 11:46 - 2014-06-19 01:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-07-10 11:46 - 2014-06-19 01:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-07-10 11:46 - 2014-06-19 01:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-07-10 11:46 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-07-10 11:46 - 2014-06-19 01:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-07-10 11:46 - 2014-06-19 01:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-07-10 11:46 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-07-10 11:46 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-07-10 11:46 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-07-10 11:46 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-07-10 11:46 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-07-10 11:46 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-07-10 11:46 - 2014-06-19 00:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-07-10 11:46 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-07-10 11:46 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-07-10 11:46 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-07-10 11:46 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-07-10 11:46 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-07-10 11:46 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-07-10 11:46 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-07-10 11:46 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe 2014-07-10 11:46 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe 2014-07-10 11:46 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-07-10 11:46 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2014-07-10 11:46 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll 2014-07-10 11:46 - 2014-05-30 10:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-07-10 11:46 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2014-07-10 11:46 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2014-07-10 11:46 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2014-07-10 11:46 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2014-07-10 11:46 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-07-10 11:46 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-07-10 11:46 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2014-07-10 11:46 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2014-07-10 11:46 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2014-07-10 11:46 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2014-07-10 11:46 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2014-07-10 11:46 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2014-07-10 11:46 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2014-07-10 11:46 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2014-07-10 11:45 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-07-10 11:45 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2014-07-10 11:45 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2014-07-04 12:41 - 2014-07-04 12:41 - 00001621 _____ () C:\Users\Patrick\AppData\Local\recently-used.xbel 2014-06-25 18:24 - 2014-06-25 18:24 - 00415582 _____ () C:\Users\Patrick\Downloads\d2a536_4e9f422e20c78.zip 2014-06-25 17:51 - 2014-06-25 17:51 - 00153226 _____ () C:\Users\Patrick\Downloads\d2a536_4e9f41d9bb0a4.zip 2014-06-25 17:46 - 2014-06-25 17:46 - 00151893 _____ () C:\Users\Patrick\Downloads\d2a536_4e9f41d71d4ac.zip ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-07-25 22:20 - 2014-07-25 22:20 - 00022546 _____ () C:\Users\Patrick\Desktop\FRST.txt 2014-07-25 22:20 - 2014-07-25 22:20 - 00000000 ____D () C:\FRST 2014-07-25 22:19 - 2014-07-25 22:19 - 00000546 _____ () C:\Users\Patrick\Desktop\defogger_disable.log 2014-07-25 22:19 - 2014-07-25 22:19 - 00000168 _____ () C:\Users\Patrick\defogger_reenable 2014-07-25 22:19 - 2013-12-15 19:21 - 00000000 ____D () C:\Users\Patrick 2014-07-25 22:11 - 2014-07-25 22:11 - 02093568 _____ (Farbar) C:\Users\Patrick\Desktop\FRST64.exe 2014-07-25 22:11 - 2014-07-25 22:11 - 00050477 _____ () C:\Users\Patrick\Desktop\Defogger.exe 2014-07-25 21:57 - 2014-07-25 21:17 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-07-25 21:47 - 2014-05-02 12:25 - 00004118 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-07-25 21:47 - 2014-05-02 12:25 - 00003866 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-07-25 21:47 - 2014-05-02 12:25 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-07-25 21:47 - 2014-05-02 12:25 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-07-25 21:47 - 2014-01-19 15:31 - 00003694 _____ () C:\Windows\System32\Tasks\Adobe-Online-Aktualisierungsprogramm 2014-07-25 21:47 - 2013-12-19 00:16 - 00003676 _____ () C:\Windows\System32\Tasks\HP-Online-Aktualisierungsprogramm 2014-07-25 21:42 - 2014-07-25 21:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee 2014-07-25 21:42 - 2013-12-15 21:51 - 00001848 _____ () C:\Users\Public\Desktop\McAfee Internet Security Suite.lnk 2014-07-25 21:36 - 2014-05-09 16:23 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-07-25 21:34 - 2014-07-25 21:34 - 00000000 ____D () C:\Program Files (x86)\ESET 2014-07-25 21:33 - 2014-07-25 21:33 - 02347384 _____ (ESET) C:\Users\Patrick\Desktop\esetsmartinstaller_deu (1).exe 2014-07-25 21:32 - 2013-12-15 18:21 - 01185364 _____ () C:\Windows\WindowsUpdate.log 2014-07-25 21:22 - 2014-07-25 21:22 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Patrick\Desktop\tdsskiller (1).exe 2014-07-25 21:20 - 2009-07-14 06:45 - 00018848 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-07-25 21:20 - 2009-07-14 06:45 - 00018848 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-07-25 21:18 - 2014-05-12 11:37 - 00000000 ____D () C:\Users\Patrick\AppData\Local\CrashDumps 2014-07-25 21:16 - 2014-07-25 21:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-07-25 21:16 - 2014-07-25 21:16 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-07-25 21:13 - 2013-12-16 02:38 - 00006108 _____ () C:\Windows\setupact.log 2014-07-25 21:13 - 2013-12-15 18:16 - 00211064 _____ () C:\Windows\PFRO.log 2014-07-25 21:13 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-07-25 21:05 - 2014-05-02 13:17 - 00000000 ____D () C:\AdwCleaner 2014-07-25 21:02 - 2014-07-25 21:02 - 00004347 _____ () C:\Users\Patrick\Desktop\gmer.log 2014-07-25 20:45 - 2014-07-25 20:45 - 00000000 __SHD () C:\Users\Patrick\AppData\Local\EmieUserList 2014-07-25 20:45 - 2014-07-25 20:45 - 00000000 __SHD () C:\Users\Patrick\AppData\Local\EmieSiteList 2014-07-25 20:37 - 2014-07-25 20:37 - 00000000 ____D () C:\Windows\system32\appmgmt 2014-07-24 22:20 - 2014-07-24 22:20 - 00002567 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Excel Viewer.lnk 2014-07-24 22:19 - 2013-12-20 14:35 - 00000000 ____D () C:\Program Files (x86)\MSECache 2014-07-24 22:17 - 2014-07-24 22:16 - 53634800 _____ (Microsoft Corporation) C:\Users\Patrick\Downloads\ExcelViewer.exe 2014-07-24 21:32 - 2014-07-24 21:32 - 00000000 ____D () C:\Users\Patrick\AppData\Local\Avg2014 2014-07-22 14:54 - 2014-06-13 12:21 - 00003852 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1387134862 2014-07-22 14:54 - 2013-12-15 21:14 - 00000000 ____D () C:\Program Files (x86)\Opera 2014-07-21 13:18 - 2014-07-21 13:18 - 00000000 ____D () C:\Windows\Sun 2014-07-21 13:18 - 2014-05-05 10:20 - 00000000 ____D () C:\ProgramData\Oracle 2014-07-21 13:17 - 2014-07-21 13:17 - 00004669 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log 2014-07-21 13:17 - 2014-01-28 11:59 - 00000000 ____D () C:\Program Files (x86)\Java 2014-07-18 13:50 - 2013-12-15 21:50 - 00000000 ____D () C:\Program Files (x86)\McAfee 2014-07-18 13:13 - 2013-12-20 02:46 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\vlc 2014-07-16 03:53 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-07-16 03:16 - 2009-07-14 06:45 - 00392560 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-07-16 03:00 - 2014-07-16 03:00 - 00264498 _____ () C:\Windows\msxml4-KB2758694-enu.LOG 2014-07-14 13:30 - 2013-12-16 03:13 - 00699080 _____ () C:\Windows\system32\perfh007.dat 2014-07-14 13:30 - 2013-12-16 03:13 - 00149220 _____ () C:\Windows\system32\perfc007.dat 2014-07-14 13:30 - 2009-07-14 07:13 - 01619224 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-07-14 13:29 - 2013-12-15 19:23 - 00108680 _____ () C:\Users\Patrick\AppData\Local\GDIPFONTCACHEV1.DAT 2014-07-14 13:26 - 2014-07-14 13:26 - 00000000 ____D () C:\Users\Patrick\Documents\MAGIX 2014-07-14 13:26 - 2014-07-14 12:54 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\MAGIX 2014-07-14 13:26 - 2014-07-14 12:43 - 00000000 ____D () C:\ProgramData\MAGIX 2014-07-14 12:54 - 2014-07-14 12:54 - 00000000 ____D () C:\Users\Patrick\Documents\MAGIX_MusicEditor 2014-07-14 12:54 - 2014-07-14 12:54 - 00000000 ____D () C:\Users\Patrick\AppData\Local\Xara 2014-07-14 12:54 - 2014-07-14 12:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX 2014-07-14 12:44 - 2014-07-14 12:44 - 00000000 ____D () C:\Program Files (x86)\MAGIX 2014-07-14 12:43 - 2013-12-15 21:54 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0 2014-07-14 03:18 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\spool 2014-07-14 03:17 - 2014-05-07 10:28 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-07-14 03:17 - 2009-07-14 09:45 - 00000000 ____D () C:\Program Files\Windows Journal 2014-07-14 03:17 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism 2014-07-14 03:17 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism 2014-07-13 13:10 - 2014-06-12 14:14 - 00000000 ____D () C:\Users\Patrick\Documents\4A Games 2014-07-13 13:03 - 2014-06-12 14:12 - 00000000 ____D () C:\Users\Patrick\AppData\Local\4A Games 2014-07-13 12:58 - 2014-07-13 12:58 - 00000000 ____D () C:\ProgramData\RELOADED 2014-07-13 12:47 - 2013-12-15 19:05 - 00066095 _____ () C:\Windows\DirectX.log 2014-07-13 12:45 - 2014-07-11 12:50 - 00000507 _____ () C:\Users\Public\Desktop\Metro Last Light.lnk 2014-07-13 12:45 - 2014-07-11 12:50 - 00000507 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metro Last Light.lnk 2014-07-11 03:02 - 2014-07-21 13:17 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-07-11 02:56 - 2014-07-21 13:17 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2014-07-11 02:56 - 2014-07-21 13:17 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2014-07-11 02:55 - 2014-07-21 13:17 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2014-07-10 20:35 - 2013-12-15 20:00 - 00000000 ____D () C:\Windows\system32\MRT 2014-07-10 20:34 - 2013-12-15 20:00 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-07-04 12:41 - 2014-07-04 12:41 - 00001621 _____ () C:\Users\Patrick\AppData\Local\recently-used.xbel 2014-07-04 12:41 - 2014-05-12 00:47 - 00000000 ____D () C:\Users\Patrick\AppData\Local\gtk-2.0 2014-07-04 12:32 - 2014-05-12 00:36 - 00000000 ____D () C:\Users\Patrick\.gimp-2.8 2014-06-30 04:09 - 2014-07-10 11:46 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-06-30 04:04 - 2014-07-10 11:46 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-06-25 18:24 - 2014-06-25 18:24 - 00415582 _____ () C:\Users\Patrick\Downloads\d2a536_4e9f422e20c78.zip 2014-06-25 17:51 - 2014-06-25 17:51 - 00153226 _____ () C:\Users\Patrick\Downloads\d2a536_4e9f41d9bb0a4.zip 2014-06-25 17:46 - 2014-06-25 17:46 - 00151893 _____ () C:\Users\Patrick\Downloads\d2a536_4e9f41d71d4ac.zip Some content of TEMP: ==================== C:\Users\Patrick\AppData\Local\Temp\DseShExt-x64.dll C:\Users\Patrick\AppData\Local\Temp\DseShExt-x86.dll C:\Users\Patrick\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe C:\Users\Patrick\AppData\Local\Temp\Quarantine.exe C:\Users\Patrick\AppData\Local\Temp\SDShelEx-win32.dll C:\Users\Patrick\AppData\Local\Temp\SDShelEx-x64.dll C:\Users\Patrick\AppData\Local\Temp\TUUUninstallHelper.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-07-18 13:02 ==================== End Of Log ============================ |
|
26.07.2014, 07:15
| #4 |
| | Malwarebytes Anti-Malware geht erst nicht, findet dann Security.Hijack - Ist da noch mehr? FRST Addition 1/2 Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-07-2014 01
Ran by Patrick at 2014-07-25 22:21:12
Running from C:\Users\Patrick\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AS: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
1400 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
1400_Help (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
1400Trb (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
Acer Arcade Deluxe (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 5.1.8507 - CyberLink Corp.)
Acer Arcade Deluxe (x32 Version: 5.1.8507 - CyberLink Corp.) Hidden
Acer Arcade Movie (x32 Version: 9.0.7201 - CyberLink Corp.) Hidden
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3015 - Acer Incorporated)
Acer GameZone Console (HKLM-x32\...\{58F4D244-314F-4D26-B5EF-C28AB32E22CB}_is1) (Version: 6.1.0.9 - Oberon Media, Inc.)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.03.3003 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0825.2010 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3001 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
AIO_CDB_ProductContext (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_CDB_Software (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden
Airport Mania First Flight (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11505173}) (Version: - Oberon Media)
Amazonia (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}) (Version: - Oberon Media)
AMD Accelerated Video Transcoding (Version: 12.5.100.21219 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1084.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{5E03A267-415E-5383-FA8F-3CE4145663B9}) (Version: 8.0.903.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.71219.1540 - Advanced Micro Devices, Inc.) Hidden
ArtMoney SE v7.28 (HKLM-x32\...\ArtMoney SE_is1) (Version: 7.28 - System SoftLab)
AtmosFear 3 for S.T.A.L.K.E.R - Call Of Pripyat (HKLM-x32\...\AtmosFear 3_is1) (Version: - )
Bonjour (HKLM\...\{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}) (Version: 2.0.2.0 - Apple Inc.)
Bonjour-Druckdienste (HKLM\...\{0DA20600-6130-443B-9D4B-F30520315FA6}) (Version: 2.0.2.0 - Apple Inc.)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Cake Mania (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}) (Version: - Oberon Media)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (x32 Version: 2012.1219.1521.27485 - Ihr Firmenname) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6514.5001 - Microsoft Corporation)
Copy (x32 Version: 130.0.428.000 - Hewlett-Packard) Hidden
CPUID CPU-Z 1.64.0 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
Diablo II (HKLM-x32\...\Diablo II) (Version: - Blizzard Entertainment)
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Dream Day First Home (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}) (Version: - Oberon Media)
eBay Worldwide (HKLM-x32\...\{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}) (Version: 2.1.0901 - OEM)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)
eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.) Hidden
Farm Frenzy 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}) (Version: - Oberon Media)
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{6C5F8503-55D2-4398-858C-362B7A7AF51C}) (Version: 2.1.31.0 - MAGIX AG)
Galapago (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}) (Version: - Oberon Media)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Update Helper (x32 Version: 1.3.23.0 - SaveSense) Hidden <==== ATTENTION
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Hero Editor V1.03 (HKLM-x32\...\ST6UNST #1) (Version: - )
Heroes of Hellas (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}) (Version: - Oberon Media)
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.221 - SurfRight B.V.)
Hotkey Utility (HKLM-x32\...\Hotkey Utility) (Version: 2.05.3013 - Acer Incorporated)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (HKLM\...\{B61ED343-0B14-4241-999C-490CB1A20DA4}) (Version: 13.0 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated)
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation)
Java 7 Update 55 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417055FF}) (Version: 7.0.550 - Oracle)
Java 7 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.650 - Oracle)
Java Auto Updater (x32 Version: 2.1.65.20 - Oracle, Inc.) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
MAGIX Screenshare (HKLM-x32\...\MAGIX_{BA816CCA-0FEA-4A68-9AD0-4CF3D2DF40CC}) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Screenshare (x32 Version: 4.3.6.1987 - MAGIX AG) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\MAGIX_{36F289DE-F9E6-4AD3-AD37-90CCB61F1638}) (Version: 7.0.2.6 - MAGIX AG)
MAGIX Speed burnR (MSI) (x32 Version: 7.0.2.6 - MAGIX AG) Hidden
MAGIX Video deluxe MX Premium Sonderedition (HKLM-x32\...\MAGIX_{9ADAE3A4-87DD-4091-B5E0-24F4B6F08F3A}) (Version: 11.0.5.0 - MAGIX AG)
MAGIX Video deluxe MX Premium Sonderedition (x32 Version: 11.0.5.0 - MAGIX AG) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
McAfee Internet Security Suite (HKLM-x32\...\MSC) (Version: 12.8.958 - McAfee, Inc.)
MediaEspresso (x32 Version: 5.1.1116_32498 - CyberLink Corp.) Hidden
Merriam Websters Spell Jam (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}) (Version: - Oberon Media)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Metro 2033 (HKLM-x32\...\Steam App 43110) (Version: - 4A Games)
Metro: Last Light (c) Deep Silver version 1 (HKLM-x32\...\TWV0cm9MYXN0TGlnaHQ=_is1) (Version: 1 - )
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Excel Viewer (HKLM-x32\...\{95120000-003F-0407-0000-0000000FF1CE}) (Version: 12.0.6334.5000 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.50401.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
Mozilla Thunderbird 24.1.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.1.1 (x86 de)) (Version: 24.1.1 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 de) (HKCU\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyWinLocker (x32 Version: 3.1.212.0 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}) (Version: 3.1.212.0 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 3.1.212.0 - Egis Technology Inc.) Hidden
Nero 9 Essentials (HKLM-x32\...\{a2d4df9a-32aa-47e3-a8a4-0545568b6088}) (Version: - Nero AG)
Nero ControlCenter (x32 Version: 9.0.0.1 - Nero AG) Hidden
Nero DiscSpeed (x32 Version: 5.4.13.100 - Nero AG) Hidden
Nero DiscSpeed Help (x32 Version: 5.4.4.100 - Nero AG) Hidden
Nero DriveSpeed (x32 Version: 4.4.12.100 - Nero AG) Hidden
Nero DriveSpeed Help (x32 Version: 4.4.4.100 - Nero AG) Hidden
Nero Express Help (x32 Version: 9.4.37.100 - Nero AG) Hidden
Nero InfoTool (x32 Version: 6.4.12.100 - Nero AG) Hidden
Nero InfoTool Help (x32 Version: 6.4.4.100 - Nero AG) Hidden
Nero Installer (x32 Version: 4.4.9.0 - Nero AG) Hidden
Nero Online Upgrade (x32 Version: 1.3.0.0 - Nero AG) Hidden
Nero StartSmart (x32 Version: 9.4.37.100 - Nero AG) Hidden
Nero StartSmart Help (x32 Version: 9.4.27.100 - Nero AG) Hidden
Nero StartSmart OEM (x32 Version: 9.16.0.100 - Nero AG) Hidden
NeroExpress (x32 Version: 9.4.37.100 - Nero AG) Hidden
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Nexus Radio (HKLM-x32\...\{8763793B-4D7D-49C8-A859-5C582EC02640}) (Version: 5.6.6 - Talam Group, LLC)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
Opera Stable 18.0.1284.49 (HKLM-x32\...\Opera 18.0.1284.49) (Version: 18.0.1284.49 - Opera Software ASA)
Opera Stable 23.0.1522.60 (HKLM-x32\...\Opera 23.0.1522.60) (Version: 23.0.1522.60 - Opera Software ASA)
Poker Pop (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111355427}) (Version: - Oberon Media)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6194 - Realtek Semiconductor Corp.)
S.T.A.L.K.E.R. - Call of Pripyat [v1.6.02] (HKLM-x32\...\{406FB8A4-F539-48A9-809C-F94706F9C9F6}_is1) (Version: 1.6.02 - bitComposer Games)
S.T.A.L.K.E.R. - Clear Sky (HKLM-x32\...\S.T.A.L.K.E.R. - Clear Sky_is1) (Version: 1.0001 - Deep Silver)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Shredder (Version: 2.0.8.3 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.3 - Egis Technology Inc.) Hidden
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Spin & Win (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110300453}) (Version: - Oberon Media)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.28223 - TeamViewer)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
VLC media player 2.1.1 (HKLM\...\VLC media player) (Version: 2.1.1 - VideoLAN)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WD My Cloud (HKLM-x32\...\WD My Cloud) (Version: 1.0.2.34 - Western Digital Technologies, Inc.)
WD Quick View (HKLM-x32\...\{455EC32F-4157-438D-9E3A-40E93B09FC3C}) (Version: 2.2.0.8 - Western Digital Technologies, Inc.)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3005 - Acer Incorporated)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WISO Steuer-Sparbuch 2014 (HKLM-x32\...\{A099F4D7-0A16-4286-AFC9-4CBE8834A6E9}) (Version: 21.00.8480 - Buhl Data Service GmbH)
Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version: - )
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0032-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0032-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0033-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0033-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0035-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0035-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0036-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0036-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0037-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0037-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0038-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0038-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0039-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0039-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0040-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0040-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0041-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0041-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0042-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0042-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0043-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0043-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0014-0002-FFFF-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0042-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0042-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0042-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0043-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0043-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0043-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0044-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0044-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0044-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0045-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0045-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0045-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0046-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0046-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0046-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0047-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0047-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0047-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0048-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0048-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0048-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0049-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0049-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0049-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0050-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0050-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0050-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0051-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0051-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0051-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0052-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0052-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0052-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0053-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0053-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0053-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0054-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0054-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0054-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0055-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0055-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0055-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0056-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0056-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0056-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0057-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0057-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0057-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0058-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0058-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0058-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0059-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0059-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0059-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0060-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0060-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0060-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0061-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0061-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0061-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0062-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0062-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0062-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0063-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0063-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0063-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0064-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0064-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0064-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0065-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0065-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0065-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0015-0000-FFFF-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0044-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0044-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0044-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0046-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0046-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0046-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0047-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0047-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0047-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0048-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0048-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0048-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0049-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0049-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0049-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
|
|
26.07.2014, 07:17
| #5 |
| | Malwarebytes Anti-Malware geht erst nicht, findet dann Security.Hijack - Ist da noch mehr? FRST Addition 2/2 Code:
ATTFilter CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0050-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0050-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0050-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0051-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0051-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0051-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0052-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0052-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0052-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0053-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0053-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0053-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0054-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0054-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0054-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0055-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0055-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0055-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0056-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0056-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0056-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0057-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0057-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0057-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0058-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0058-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0058-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0059-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0059-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0059-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0060-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0060-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0060-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0061-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0061-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0061-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0062-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0062-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0062-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0063-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0063-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0063-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0064-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0064-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0064-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0065-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0065-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0065-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0066-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0066-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0066-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0067-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0067-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0067-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0068-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0068-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0068-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0069-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0069-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0069-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0070-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0070-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0070-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0071-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0071-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0071-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0072-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0072-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0072-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0073-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0073-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0073-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0074-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0074-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0074-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0075-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0075-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0075-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0016-0000-FFFF-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0018-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0018-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0018-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0019-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0019-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0019-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0020-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0020-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0020-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0022-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0022-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0022-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0023-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0023-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0023-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0024-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0024-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0024-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0026-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0026-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0026-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0027-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0027-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0027-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0028-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0028-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0028-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0029-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0029-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0029-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0030-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0030-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0030-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0031-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0031-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0031-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0032-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0032-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0032-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0033-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0033-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0033-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0034-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0034-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0034-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0035-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0035-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0035-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0036-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0036-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0036-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0037-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0037-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0037-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0038-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0038-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0038-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0039-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0039-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0039-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0040-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0040-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0040-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0041-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0041-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0041-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0042-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0042-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0042-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0043-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0043-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0043-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0044-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0044-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0044-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0045-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0045-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0045-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0046-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0046-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0046-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0047-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0047-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0047-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0048-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0048-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0048-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0049-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0049-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0049-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0050-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0050-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0050-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0051-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0051-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0051-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0052-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0052-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0052-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0053-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0053-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0053-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0054-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0054-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0054-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0055-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0055-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-0055-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{CAFEEFAC-0017-0000-FFFF-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-3882204627-1061545298-3667153872-1001_Classes\CLSID\{E19F9331-3110-11D4-991C-005004D3B3DB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
==================== Restore Points =========================
07-07-2014 12:20:15 Geplanter Prüfpunkt
10-07-2014 18:33:08 Windows Update
10-07-2014 20:51:47 Windows Update
11-07-2014 12:55:56 Windows Update
13-07-2014 10:30:21 Windows Update
13-07-2014 10:46:09 DirectX wurde installiert
14-07-2014 01:00:30 Windows Update
15-07-2014 01:00:12 Windows Update
16-07-2014 01:00:27 Windows Update
21-07-2014 11:16:44 Installed Java 7 Update 65
24-07-2014 20:19:59 Microsoft Office Excel Viewer wird installiert
25-07-2014 18:36:35 Removed simplitec simplicheck
25-07-2014 19:47:46 TuneUp Utilities 2014 wird entfernt
25-07-2014 19:48:51 TuneUp Utilities 2014 (de-DE) wird entfernt
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {316F84E8-EF99-45F1-8D08-1BFA6701AA14} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-07-11] (Oracle Corporation)
Task: {38E436DC-54F9-4E64-8806-9F7BCCC7FEBD} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-12-21] (Adobe Systems Incorporated)
Task: {4F13CFCE-FCFE-4CBF-BB49-26D2C026E621} - \SaveSenseLiveUpdateTaskMachineUA No Task File <==== ATTENTION
Task: {5A23EF16-A443-4A69-ABA0-4ACC01F8594F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-02] (Google Inc.)
Task: {69413A87-FDA7-43C0-8811-213CBCB9CC6A} - System32\Tasks\AcerArcadeDeluxe => C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe [2011-01-07] (Acer Incorporated)
Task: {92B65F72-0072-471D-A2E7-1F2F3127AE8E} - \SaveSenseLiveUpdateTaskMachineCore No Task File <==== ATTENTION
Task: {958BF93B-5FB4-4B99-8E29-D5636E3C6232} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2007-05-08] (Hewlett-Packard)
Task: {9917E456-1D84-4AD4-925C-7DB9C813847C} - System32\Tasks\Opera scheduled Autoupdate 1387134862 => C:\Program Files (x86)\Opera\launcher.exe [2014-07-18] (Opera Software)
Task: {9AB2EABC-F51F-46B4-9590-41221E5D1413} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-02] (Google Inc.)
Task: {B0B0C2BE-87F4-4A96-818E-E57618ED929D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-13] (Adobe Systems Incorporated)
Task: {C59983BA-FE41-48FE-B40F-D4BD0233AF6B} - System32\Tasks\ArcadeDeluxeAgentTS => C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [2011-01-07] (CyberLink Corp.)
Task: {D957976E-E262-4803-ACEA-34EA953D65E5} - System32\Tasks\Recovery Management\Burn Notification => C:\Program Files\Acer\Acer eRecovery Management\NotificationCenter\Notification.exe [2010-08-19] (Acer)
Task: {F3507A5A-BDC8-4CCE-83A7-374D91FBF611} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2010-12-03 08:00 - 2010-12-03 08:00 - 00618600 _____ () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
2014-07-22 14:54 - 2014-07-22 14:54 - 01401464 _____ () C:\Program Files (x86)\Opera\23.0.1522.60\opera_crashreporter.exe
2014-07-25 22:11 - 2014-07-25 22:11 - 00050477 _____ () C:\Users\Patrick\Desktop\Defogger.exe
2010-12-03 05:44 - 2010-12-03 05:44 - 00151656 _____ () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyHook.dll
2014-07-22 14:54 - 2014-07-22 14:54 - 00880248 _____ () C:\Program Files (x86)\Opera\23.0.1522.60\libglesv2.dll
2014-07-22 14:54 - 2014-07-22 14:54 - 00135800 _____ () C:\Program Files (x86)\Opera\23.0.1522.60\libegl.dll
2014-07-22 14:54 - 2014-07-22 14:54 - 00957048 _____ () C:\Program Files (x86)\Opera\23.0.1522.60\ffmpegsumo.dll
2014-06-13 17:01 - 2014-06-13 17:01 - 17024688 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll
2014-02-15 04:32 - 2014-02-15 04:32 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\aa739380ca2b2fc7366d464d2f2301ac\IsdiInterop.ni.dll
2010-11-09 06:39 - 2010-09-13 19:28 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/25/2014 09:34:14 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (07/25/2014 09:34:11 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (07/25/2014 09:34:11 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (07/25/2014 09:33:33 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (07/25/2014 09:17:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 1.0.0.532, Zeitstempel: 0x53518532
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00650074
ID des fehlerhaften Prozesses: 0xbd4
Startzeit der fehlerhaften Anwendung: 0xmbam.exe0
Pfad der fehlerhaften Anwendung: mbam.exe1
Pfad des fehlerhaften Moduls: mbam.exe2
Berichtskennung: mbam.exe3
Error: (07/25/2014 09:10:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbamservice.exe, Version: 3.0.2.0, Zeitstempel: 0x5318d363
Name des fehlerhaften Moduls: mbamservice.exe, Version: 3.0.2.0, Zeitstempel: 0x5318d363
Ausnahmecode: 0x40000015
Fehleroffset: 0x0007da8a
ID des fehlerhaften Prozesses: 0xb48
Startzeit der fehlerhaften Anwendung: 0xmbamservice.exe0
Pfad der fehlerhaften Anwendung: mbamservice.exe1
Pfad des fehlerhaften Moduls: mbamservice.exe2
Berichtskennung: mbamservice.exe3
Error: (07/25/2014 09:09:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbamscheduler.exe, Version: 3.0.2.0, Zeitstempel: 0x5339cec3
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2be1e
Ausnahmecode: 0x40000015
Fehleroffset: 0x0008d6fd
ID des fehlerhaften Prozesses: 0x6a0
Startzeit der fehlerhaften Anwendung: 0xmbamscheduler.exe0
Pfad der fehlerhaften Anwendung: mbamscheduler.exe1
Pfad des fehlerhaften Moduls: mbamscheduler.exe2
Berichtskennung: mbamscheduler.exe3
Error: (07/25/2014 08:49:56 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm OTH.scr, Version 1.0.5.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1b28
Startzeit: 01cfa8389109bda0
Endzeit: 0
Anwendungspfad: C:\Users\Patrick\Desktop\OTH.scr
Berichts-ID: 75c0db89-142c-11e4-b9f5-f80f4114f534
Error: (07/25/2014 08:45:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 1.0.0.532, Zeitstempel: 0x53518532
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2be1e
Ausnahmecode: 0x40000015
Fehleroffset: 0x0008d6fd
ID des fehlerhaften Prozesses: 0x12f8
Startzeit der fehlerhaften Anwendung: 0xmbam.exe0
Pfad der fehlerhaften Anwendung: mbam.exe1
Pfad des fehlerhaften Moduls: mbam.exe2
Berichtskennung: mbam.exe3
Error: (07/25/2014 08:41:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 1.0.0.532, Zeitstempel: 0x53518532
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2be1e
Ausnahmecode: 0x40000015
Fehleroffset: 0x0008d6fd
ID des fehlerhaften Prozesses: 0x1a38
Startzeit der fehlerhaften Anwendung: 0xmbam.exe0
Pfad der fehlerhaften Anwendung: mbam.exe1
Pfad des fehlerhaften Moduls: mbam.exe2
Berichtskennung: mbam.exe3
System errors:
=============
Error: (07/25/2014 09:10:20 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "MBAMService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/25/2014 09:09:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "MBAMScheduler" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (07/25/2014 09:09:44 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst MBAMScheduler erreicht.
Error: (07/25/2014 08:45:52 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "TeamViewer 9" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 2000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (07/25/2014 08:30:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "MBAMService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/25/2014 08:30:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "MBAMScheduler" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (07/25/2014 08:30:07 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst MBAMScheduler erreicht.
Error: (07/23/2014 08:59:56 AM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "BUMBLEBEE",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{601657A6-8607-49E1-B677-66612C6B8091}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (07/21/2014 01:46:37 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {209500FC-6B45-4693-8871-6296C4843751}
Error: (07/18/2014 03:57:15 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "LORE",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{601657A6-8607-49E1-B677-66612C6B8091}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Microsoft Office Sessions:
=========================
Error: (07/25/2014 09:34:14 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Patrick\Desktop\esetsmartinstaller_deu (1).exe
Error: (07/25/2014 09:34:11 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Patrick\Desktop\esetsmartinstaller_deu (1).exe
Error: (07/25/2014 09:34:11 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Patrick\Desktop\esetsmartinstaller_deu (1).exe
Error: (07/25/2014 09:33:33 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Patrick\Desktop\esetsmartinstaller_deu (1).exe
Error: (07/25/2014 09:17:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.53253518532unknown0.0.0.000000000c000000500650074bd401cfa83d0769e645D:\Programme\ Malwarebytes Anti-Malware \mbam.exeunknown62a8090d-1430-11e4-bf44-f80f4114f534
Error: (07/25/2014 09:10:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbamservice.exe3.0.2.05318d363mbamservice.exe3.0.2.05318d363400000150007da8ab4801cfa83bfe6f782cD:\Programme\ Malwarebytes Anti-Malware \mbamservice.exeD:\Programme\ Malwarebytes Anti-Malware \mbamservice.exe4bcc02a9-142f-11e4-b930-f80f4114f534
Error: (07/25/2014 09:09:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbamscheduler.exe3.0.2.05339cec3MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd6a001cfa83bf2f3282aD:\Programme\ Malwarebytes Anti-Malware \mbamscheduler.exeD:\Programme\ Malwarebytes Anti-Malware \MSVCR100.dll3a68673b-142f-11e4-b930-f80f4114f534
Error: (07/25/2014 08:49:56 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: OTH.scr1.0.5.01b2801cfa8389109bda00C:\Users\Patrick\Desktop\OTH.scr75c0db89-142c-11e4-b9f5-f80f4114f534
Error: (07/25/2014 08:45:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd12f801cfa83889e2bbe0D:\Programme\ Malwarebytes Anti-Malware \mbam.exeD:\Programme\ Malwarebytes Anti-Malware \MSVCR100.dllc7ef2b11-142b-11e4-b9f5-f80f4114f534
Error: (07/25/2014 08:41:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd1a3801cfa8381adcd9c6D:\Programme\ Malwarebytes Anti-Malware \mbam.exeD:\Programme\ Malwarebytes Anti-Malware \MSVCR100.dll58a3da82-142b-11e4-b9f5-f80f4114f534
==================== Memory info ===========================
Percentage of memory in use: 23%
Total physical RAM: 16366.01 MB
Available physical RAM: 12510.59 MB
Total Pagefile: 32730.2 MB
Available Pagefile: 28075.67 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:690.45 GB) (Free:182.13 GB) NTFS
Drive d: (Daten) (Fixed) (Total:690.71 GB) (Free:498.95 GB) NTFS
Drive l: (METRO_LL) (CDROM) (Total:7.61 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1397 GB) (Disk ID: 75556607)
Partition 1: (Not Active) - (Size=16 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=690 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=691 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net Rootkit scan 2014-07-25 22:29:55 Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 ST315003 rev.CC4H 1397,27GB Running: Gmer-19357.exe; Driver: C:\Users\Patrick\AppData\Local\Temp\pwdyipow.sys ---- Kernel code sections - GMER 2.1 ---- INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 528 fffff80003602000 15 bytes [5B, C8, 70, 9B, 0F, 1B, 08, ...] INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 544 fffff80003602010 84 bytes [A2, 16, E7, 11, 0F, 11, 0B, ...] ---- User code sections - GMER 2.1 ---- .text C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe[1808] C:\Windows\system32\kernel32.dll!LoadLibraryW 0000000076ce6440 5 bytes JMP 000000017177f140 .text C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe[1808] C:\Windows\system32\kernel32.dll!LoadLibraryA 0000000076ce6530 5 bytes JMP 000000017177f020 .text C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe[3540] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000770a1465 2 bytes [0A, 77] .text C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe[3540] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000770a14bb 2 bytes [0A, 77] .text ... * 2 .text D:\Programme\ Malwarebytes Anti-Malware \mbamscheduler.exe[4700] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000770a1465 2 bytes [0A, 77] .text D:\Programme\ Malwarebytes Anti-Malware \mbamscheduler.exe[4700] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000770a14bb 2 bytes [0A, 77] .text ... * 2 .text D:\Programme\ Malwarebytes Anti-Malware \mbam.exe[5588] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000770a1465 2 bytes [0A, 77] .text D:\Programme\ Malwarebytes Anti-Malware \mbam.exe[5588] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000770a14bb 2 bytes [0A, 77] .text ... * 2 .text C:\Users\Patrick\Desktop\Defogger.exe[5848] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000770a1465 2 bytes [0A, 77] .text C:\Users\Patrick\Desktop\Defogger.exe[5848] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000770a14bb 2 bytes [0A, 77] .text ... * 2 ---- Processes - GMER 2.1 ---- Library c:\windows\system32\uxtuneup.dll (*** suspicious ***) @ C:\Windows\system32\svchost.exe [564] 000007fefa750000 ---- EOF - GMER 2.1 ---- |
|
26.07.2014, 18:41
| #6 |
| /// the machine /// TB-Ausbilder | Malwarebytes Anti-Malware geht erst nicht, findet dann Security.Hijack - Ist da noch mehr? Adware & Co. deinstallieren
Solltest Du ein Programm nicht finden oder nicht deinstallieren können, mache bitte mit dem nächsten Schritt weiter: Scan mit Combofix
__________________ --> Malwarebytes Anti-Malware geht erst nicht, findet dann Security.Hijack - Ist da noch mehr? |
|
26.07.2014, 19:41
| #7 |
| | Malwarebytes Anti-Malware geht erst nicht, findet dann Security.Hijack - Ist da noch mehr? Die einzige Software, die von FRST mit ATTENTION" markiert wurde, Code:
ATTFilter Google Update Helper (x32 Version: 1.3.23.0 - SaveSense) Hidden <==== ATTENTION
Weiter im Text. Hier das Combofix-Log: Code:
ATTFilter ComboFix 14-07-25.01 - Patrick 26.07.2014 20:28:50.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.16366.12631 [GMT 2:00]
ausgeführt von:: c:\users\Patrick\Desktop\ComboFix.exe
AV: McAfee Anti-Virus und Anti-Spyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
SP: McAfee Anti-Virus und Anti-Spyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((( Dateien erstellt von 2014-06-26 bis 2014-07-26 ))))))))))))))))))))))))))))))
.
.
2014-07-26 18:36 . 2014-07-26 18:36 -------- d-----w- c:\users\hedev\AppData\Local\temp
2014-07-26 18:36 . 2014-07-26 18:36 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-07-25 20:20 . 2014-07-25 20:21 -------- d-----w- C:\FRST
2014-07-25 19:34 . 2014-07-25 19:34 -------- d-----w- c:\program files (x86)\ESET
2014-07-25 19:17 . 2014-07-26 18:09 122584 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-07-25 19:16 . 2014-07-25 19:16 -------- d-----w- c:\programdata\Malwarebytes
2014-07-25 19:16 . 2014-05-12 05:26 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-07-25 19:16 . 2014-05-12 05:26 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-07-25 19:16 . 2014-05-12 05:25 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-07-25 18:45 . 2014-07-25 18:45 -------- d-sh--w- c:\users\Patrick\AppData\Local\EmieUserList
2014-07-25 18:45 . 2014-07-25 18:45 -------- d-sh--w- c:\users\Patrick\AppData\Local\EmieSiteList
2014-07-25 18:37 . 2014-07-25 18:37 -------- d-----w- c:\windows\system32\appmgmt
2014-07-24 19:32 . 2014-07-24 19:32 -------- d-----w- c:\users\Patrick\AppData\Local\Avg2014
2014-07-21 11:18 . 2014-07-21 11:18 -------- d-----w- c:\windows\Sun
2014-07-21 11:17 . 2014-07-11 01:02 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-07-14 10:54 . 2014-07-14 10:54 -------- d-----w- c:\users\Patrick\AppData\Local\Xara
2014-07-14 10:54 . 2014-07-14 11:26 -------- d-----w- c:\users\Patrick\AppData\Roaming\MAGIX
2014-07-14 10:48 . 2014-07-14 10:48 -------- d-----w- c:\program files (x86)\Common Files\MAGIX Shared
2014-07-14 10:44 . 2014-07-14 10:44 -------- d-----w- c:\program files (x86)\MAGIX
2014-07-14 10:43 . 2014-07-14 11:26 -------- d-----w- c:\programdata\MAGIX
2014-07-14 10:43 . 2014-07-14 10:44 -------- d-----w- c:\program files (x86)\Common Files\MAGIX Services
2014-07-14 10:43 . 2014-01-09 02:22 5694464 ----a-w- c:\windows\SysWow64\mstscax.dll
2014-07-14 10:43 . 2014-01-03 22:44 6574592 ----a-w- c:\windows\system32\mstscax.dll
2014-07-13 10:58 . 2014-07-13 10:58 -------- d-----w- c:\programdata\RELOADED
2014-07-13 10:31 . 2013-10-02 04:51 3584 ----a-w- c:\windows\system32\drivers\de-DE\tsusbflt.sys.mui
2014-07-13 10:31 . 2013-10-02 01:10 44544 ----a-w- c:\windows\system32\TsUsbGDCoInstaller.dll
2014-07-10 09:46 . 2014-06-03 10:02 1719296 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2014-07-10 09:45 . 2014-06-05 14:45 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-07-10 09:45 . 2014-06-05 14:26 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-07-10 09:45 . 2014-06-05 14:25 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-07-25 21:36 . 2013-12-16 01:06 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-25 21:36 . 2013-12-16 01:06 699056 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-07-10 18:34 . 2013-12-15 18:00 96441528 ----a-w- c:\windows\system32\MRT.exe
2014-06-12 12:00 . 2014-06-12 12:00 53248 ----a-w- c:\windows\system32\PhysXLoader.dll
2014-05-08 09:32 . 2014-06-12 11:17 3178496 ----a-w- c:\windows\system32\rdpcorets.dll
2014-05-08 09:32 . 2014-06-12 11:17 16384 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
2014-05-02 10:10 . 2014-05-02 10:11 313256 ----a-w- c:\windows\system32\javaws.exe
2014-05-02 10:10 . 2014-05-02 10:11 189352 ----a-w- c:\windows\system32\javaw.exe
2014-05-02 10:10 . 2014-05-02 10:11 189352 ----a-w- c:\windows\system32\java.exe
2014-05-02 10:10 . 2014-05-02 10:11 108968 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-05-27 03:40 120176 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files (x86)\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-09-13 283160]
"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2010-05-27 337264]
"EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2010-03-11 201584]
"EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2010-03-11 407920]
"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]
"MDS_Menu"="c:\program files (x86)\Acer Arcade Deluxe\MediaEspresso\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"ArcadeMovieService"="c:\program files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe" [2010-12-01 419112]
"Hotkey Utility"="c:\program files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe" [2010-12-03 618600]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-12-19 642808]
"mcpltui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2014-04-25 537992]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"WD Quick View"="c:\program files (x86)\Western Digital\WD Quick View\WDDMStatus.exe" [2013-08-14 5537136]
"TrayServer"="d:\programme\MAGIX\Video_deluxe_MX_Premium_Sonderedition\TrayServer_de.exe" [2008-08-07 90112]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-07-11 256896]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]
WISO Mein Steuer-Sparbuch heute.lnk - d:\program files (x86)\WISO\Steuer 2014\mshaktuell.exe [2014-4-10 1428248]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
@=""
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"HP Software Update"=c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [x]
R3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys;c:\windows\SYSNATIVE\drivers\HipShieldK.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 mfencrk;McAfee Inc. mfencrk;c:\windows\system32\DRIVERS\mfencrk.sys;c:\windows\SYSNATIVE\DRIVERS\mfencrk.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R4 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec MyWinLocker\x86\MWLService.exe;c:\program files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys;c:\windows\SYSNATIVE\drivers\mfewfpk.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDVDisk.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [x]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe;c:\program files (x86)\Acer\Registration\GREGsvc.exe [x]
S2 HomeNetSvc;McAfee Home Network;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys;c:\windows\SYSNATIVE\drivers\mbamchameleon.sys [x]
S2 MBAMScheduler;MBAMScheduler;d:\programme\ Malwarebytes Anti-Malware \mbamscheduler.exe;d:\programme\ Malwarebytes Anti-Malware \mbamscheduler.exe [x]
S2 MBAMService;MBAMService;d:\programme\ Malwarebytes Anti-Malware \mbamservice.exe;d:\programme\ Malwarebytes Anti-Malware \mbamservice.exe [x]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]
S2 McAPExe;McAfee AP Service;c:\program files\McAfee\MSC\McAPExe.exe;c:\program files\McAfee\MSC\McAPExe.exe [x]
S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]
S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]
S2 mcpltsvc;McAfee Platform Services;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]
S2 mfecore;McAfee Anti-Malware Core;c:\program files\Common Files\McAfee\AMCore\mcshield.exe;c:\program files\Common Files\McAfee\AMCore\mcshield.exe [x]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [x]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe;c:\windows\SYSNATIVE\mfevtps.exe [x]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 TeamViewer9;TeamViewer 9;d:\programme\TeamViewer\Version9\TeamViewer_Service.exe;d:\programme\TeamViewer\Version9\TeamViewer_Service.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
S2 WDDriveService;WD Drive Manager;c:\program files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe;c:\program files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys;c:\windows\SYSNATIVE\drivers\cfwids.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys;c:\windows\SYSNATIVE\drivers\mfefirek.sys [x]
S3 mfencbdc;McAfee Inc. mfencbdc;c:\windows\system32\DRIVERS\mfencbdc.sys;c:\windows\SYSNATIVE\DRIVERS\mfencbdc.sys [x]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - MBAMSWISSARMY
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-07-25 21:12 1104200 ----a-w- c:\program files (x86)\Google\Chrome\Application\36.0.1985.125\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-07-26 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-16 21:36]
.
2014-07-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-05-02 10:25]
.
2014-07-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-05-02 10:25]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-05-27 03:42 137584 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x64\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"mwlDaemon"="c:\program files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe" [2010-05-27 349552]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-09-03 11464296]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = about:blank
uLocal Page = c:\windows\system32\blank.htm
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\xa9y2lcc.default\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.14"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-07-26 20:38:41
ComboFix-quarantined-files.txt 2014-07-26 18:38
.
Vor Suchlauf: 9 Verzeichnis(se), 194.725.801.984 Bytes frei
Nach Suchlauf: 14 Verzeichnis(se), 194.866.401.280 Bytes frei
.
- - End Of File - - 4DA7EEAC89B2FF5090AFE6697C9E42AD
|
|
27.07.2014, 10:09
| #8 |
| /// the machine /// TB-Ausbilder | Malwarebytes Anti-Malware geht erst nicht, findet dann Security.Hijack - Ist da noch mehr? Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
27.07.2014, 12:12
| #9 |
| | Malwarebytes Anti-Malware geht erst nicht, findet dann Security.Hijack - Ist da noch mehr? Moin Schrauber, Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 27.07.2014 Suchlauf-Zeit: 02:01:56 Logdatei: mbamlog140727.txt Administrator: Ja Version: 2.00.2.1012 Malware Datenbank: v2014.07.26.09 Rootkit Datenbank: v2014.07.17.01 Lizenz: Testversion Malware Schutz: Aktiviert Bösartiger Webseiten Schutz: Aktiviert Self-protection: Aktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Patrick Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 323045 Verstrichene Zeit: 9 Min, 27 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Heuristics: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registrierungsschlüssel: 0 (No malicious items detected) Registrierungswerte: 0 (No malicious items detected) Registrierungsdaten: 0 (No malicious items detected) Ordner: 0 (No malicious items detected) Dateien: 0 (No malicious items detected) Physische Sektoren: 0 (No malicious items detected) (end) Code:
ATTFilter # AdwCleaner v3.216 - Bericht erstellt am 27/07/2014 um 12:50:33
# Aktualisiert 17/07/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : Patrick - SPEEDY_GO
# Gestartet von : C:\Users\Patrick\Desktop\adwcleaner_3.216.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Datei Gelöscht : C:\Users\Public\Desktop\Get The Best Facebook Chat Messenger.lnk
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17207
-\\ Mozilla Firefox v30.0 (de)
[ Datei : C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\xa9y2lcc.default\prefs.js ]
-\\ Google Chrome v36.0.1985.125
[ Datei : C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [5985 octets] - [02/05/2014 13:17:48]
AdwCleaner[R1].txt - [3004 octets] - [25/07/2014 21:03:49]
AdwCleaner[R2].txt - [1269 octets] - [27/07/2014 12:45:54]
AdwCleaner[S0].txt - [5896 octets] - [02/05/2014 13:18:32]
AdwCleaner[S1].txt - [3009 octets] - [25/07/2014 21:05:28]
AdwCleaner[S2].txt - [1190 octets] - [27/07/2014 12:50:33]
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1250 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Professional x64
Ran by Patrick on 27.07.2014 at 12:57:50,41
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Program Files (x86)\free video converter"
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 27.07.2014 at 13:07:55,75
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-07-2014 01 Ran by Patrick (administrator) on SPEEDY_GO on 27-07-2014 13:09:28 Running from C:\Users\Patrick\Desktop Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Malwarebytes Corporation) D:\Programme\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) D:\Programme\ Malwarebytes Anti-Malware \mbamservice.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.) C:\Windows\System32\mfevtps.exe (Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (TeamViewer GmbH) D:\Programme\TeamViewer\Version9\TeamViewer_Service.exe (Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (Malwarebytes Corporation) D:\Programme\ Malwarebytes Anti-Malware \mbam.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Microsoft Corporation) C:\Program Files (x86)\Windows Sidebar\sidebar.exe () D:\Program Files (x86)\WISO\Steuer 2014\mshaktuell.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe (Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (Hewlett-Packard Development Co. L.P.) C:\Program Files (x86)\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe (Disc Soft Ltd) D:\Program Files (x86)\DAEMON Tools Lite\DTShellHlp.exe (Microsoft Corporation) C:\Windows\splwow64.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe () C:\Program Files (x86)\Opera\23.0.1522.60\opera_crashreporter.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe [349552 2010-05-27] (Egis Technology Inc.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11464296 2010-09-03] (Realtek Semiconductor) HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation) HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [337264 2010-05-27] (Egis Technology Inc.) HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201584 2010-03-11] (Egis Technology Inc.) HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920 2010-03-11] (Egis Technology Inc.) HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-02] (Symantec Corporation) HKLM-x32\...\Run: [MDS_Menu] => C:\Program Files (x86)\Acer Arcade Deluxe\MediaEspresso\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.) HKLM-x32\...\Run: [ArcadeMovieService] => C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe [419112 2010-12-01] (CyberLink Corp.) HKLM-x32\...\Run: [Hotkey Utility] => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [618600 2010-12-03] () HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.) HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard) HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5537136 2013-08-14] (Western Digital Technologies, Inc.) HKLM-x32\...\Run: [TrayServer] => D:\Programme\MAGIX\Video_deluxe_MX_Premium_Sonderedition\TrayServer_de.exe [90112 2008-08-07] (MAGIX AG) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk ShortcutTarget: WISO Mein Steuer-Sparbuch heute.lnk -> D:\Program Files (x86)\WISO\Steuer 2014\mshaktuell.exe () ShellIconOverlayIdentifiers: egisPSDP -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec MyWinLocker\x64\psdprotect.dll (Egis Technology Inc.) ShellIconOverlayIdentifiers-x32: egisPSDP -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec MyWinLocker\x86\psdprotect.dll (Egis Technology Inc.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM-x32 - DefaultScope value is missing. SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.) Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 FireFox: ======== FF ProfilePath: C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\xa9y2lcc.default FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll () FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL () FF Plugin: @videolan.org/vlc,version=2.1.1 - D:\Programme\VLC Media Player\npvlc.dll (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll () FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL () FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @nullsoft.com/winampDetector;version=1 - D:\Programme\Winamp Detect\npwachk.dll (Nullsoft, Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: Amazon-Icon - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\xa9y2lcc.default\Extensions\amazon-icon@giga.de [2014-06-06] FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2013-12-15] FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-12-18] FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2013-12-15] FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 Chrome: ======= CHR HomePage: hxxp://www.google.com/ CHR StartupUrls: "hxxp://www.google.com/" CHR Extension: (Google Docs) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-02] CHR Extension: (Google Drive) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-02] CHR Extension: (YouTube) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-02] CHR Extension: (Google-Suche) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-02] CHR Extension: (SiteAdvisor) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2014-05-02] CHR Extension: (Google Wallet) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-02] CHR Extension: (Google Mail) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-02] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1840128 2011-05-24] (MAGIX AG) [File not signed] S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed] R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed] R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed] R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1037824 2009-09-20] (Hewlett-Packard Co.) [File not signed] R2 MBAMScheduler; D:\Programme\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation) R2 MBAMService; D:\Programme\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation) R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.) R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [602944 2013-08-02] (McAfee, Inc.) R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-03-18] (McAfee, Inc.) R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-04-03] (McAfee, Inc.) R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-04-03] (McAfee, Inc.) R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) S4 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-05-27] (Egis Technology Inc.) R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed] R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation) R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed] R2 TeamViewer9; D:\Programme\TeamViewer\Version9\TeamViewer_Service.exe [5024576 2014-04-25] (TeamViewer GmbH) R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [270704 2013-08-14] (Western Digital Technologies, Inc.) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70592 2014-04-03] (McAfee, Inc.) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-12-18] (Disc Soft Ltd) S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.) R2 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [91352 2014-05-12] (Malwarebytes Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-27] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation) R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [177544 2014-04-03] (McAfee, Inc.) R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311856 2014-04-03] (McAfee, Inc.) R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [522360 2014-04-03] (McAfee, Inc.) R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [784760 2014-04-03] (McAfee, Inc.) R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [441264 2014-03-18] (McAfee, Inc.) S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [96592 2014-03-18] (McAfee, Inc.) R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [346760 2014-04-03] (McAfee, Inc.) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-07-27 13:08 - 2014-07-27 13:09 - 16456460 _____ () C:\Users\Patrick\Desktop\avidemux_2.6.8_win64_v2.exe 2014-07-27 13:07 - 2014-07-27 13:07 - 00000707 _____ () C:\Users\Patrick\Desktop\JRT.txt 2014-07-27 12:58 - 2014-07-27 12:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee 2014-07-27 12:57 - 2014-07-27 12:57 - 00000000 ____D () C:\Windows\ERUNT 2014-07-27 12:42 - 2014-07-27 12:42 - 01016261 _____ (Thisisu) C:\Users\Patrick\Desktop\JRT.exe 2014-07-27 12:40 - 2014-07-27 12:40 - 01354223 _____ () C:\Users\Patrick\Desktop\adwcleaner_3.216.exe 2014-07-26 22:19 - 2014-07-27 02:03 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\FreeVideoConverter 2014-07-26 22:19 - 2014-07-26 22:19 - 00001149 _____ () C:\Users\Patrick\Desktop\Free Video Converter.lnk 2014-07-26 22:19 - 2014-07-26 22:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Video Converter 2014-07-26 22:08 - 2014-07-26 22:08 - 00445592 _____ (Bandoo Media Inc) C:\Users\Patrick\Desktop\Setup_31FreeVideoConverter.exe 2014-07-26 20:38 - 2014-07-26 20:38 - 00021956 _____ () C:\ComboFix.txt 2014-07-26 20:26 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe 2014-07-26 20:26 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe 2014-07-26 20:26 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2014-07-26 20:26 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2014-07-26 20:26 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2014-07-26 20:26 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe 2014-07-26 20:26 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe 2014-07-26 20:26 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe 2014-07-26 20:25 - 2014-07-26 20:38 - 00000000 ____D () C:\Qoobox 2014-07-26 20:25 - 2014-07-26 20:37 - 00000000 ____D () C:\Windows\erdnt 2014-07-26 20:22 - 2014-07-26 20:23 - 05563277 ____R (Swearware) C:\Users\Patrick\Desktop\ComboFix.exe 2014-07-26 20:16 - 2014-07-26 20:16 - 00003172 _____ () C:\Windows\System32\Tasks\{04769C88-1E2D-4212-A6A0-324194CA06B2} 2014-07-26 20:12 - 2014-07-26 20:12 - 00000728 _____ () C:\Users\Patrick\Desktop\Revo Uninstaller.lnk 2014-07-26 20:10 - 2014-07-26 20:10 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Patrick\Desktop\revosetup95.exe 2014-07-26 14:27 - 2014-07-26 14:27 - 00275464 _____ () C:\Windows\Minidump\072614-28672-01.dmp 2014-07-25 23:35 - 2014-07-25 23:35 - 00024136 _____ () C:\Users\Patrick\Desktop\logs.zip 2014-07-25 22:29 - 2014-07-25 22:29 - 00003261 _____ () C:\Users\Patrick\Desktop\gmer.log 2014-07-25 22:23 - 2014-07-25 20:52 - 00380416 _____ () C:\Users\Patrick\Desktop\Gmer-19357.exe 2014-07-25 22:21 - 2014-07-25 22:21 - 00181378 _____ () C:\Users\Patrick\Desktop\Addition.txt 2014-07-25 22:20 - 2014-07-27 13:09 - 00022083 _____ () C:\Users\Patrick\Desktop\FRST.txt 2014-07-25 22:20 - 2014-07-27 13:09 - 00000000 ____D () C:\FRST 2014-07-25 22:19 - 2014-07-25 22:19 - 00000546 _____ () C:\Users\Patrick\Desktop\defogger_disable.log 2014-07-25 22:19 - 2014-07-25 22:19 - 00000168 _____ () C:\Users\Patrick\defogger_reenable 2014-07-25 22:11 - 2014-07-25 22:11 - 02093568 _____ (Farbar) C:\Users\Patrick\Desktop\FRST64.exe 2014-07-25 22:11 - 2014-07-25 22:11 - 00050477 _____ () C:\Users\Patrick\Desktop\Defogger.exe 2014-07-25 21:34 - 2014-07-25 21:34 - 00000000 ____D () C:\Program Files (x86)\ESET 2014-07-25 21:33 - 2014-07-25 21:33 - 02347384 _____ (ESET) C:\Users\Patrick\Desktop\esetsmartinstaller_deu (1).exe 2014-07-25 21:22 - 2014-07-25 21:22 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Patrick\Desktop\tdsskiller (1).exe 2014-07-25 21:17 - 2014-07-27 12:54 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-07-25 21:16 - 2014-07-25 21:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-07-25 21:16 - 2014-07-25 21:16 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-07-25 21:16 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-07-25 21:16 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-07-25 21:16 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-07-25 21:02 - 2014-07-25 21:02 - 00004347 _____ () C:\Users\Patrick\Desktop\gmer (1).log 2014-07-25 20:45 - 2014-07-25 20:45 - 00000000 __SHD () C:\Users\Patrick\AppData\Local\EmieUserList 2014-07-25 20:45 - 2014-07-25 20:45 - 00000000 __SHD () C:\Users\Patrick\AppData\Local\EmieSiteList 2014-07-25 20:37 - 2014-07-25 20:37 - 00000000 ____D () C:\Windows\system32\appmgmt 2014-07-24 22:20 - 2014-07-24 22:20 - 00002567 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Excel Viewer.lnk 2014-07-24 22:16 - 2014-07-24 22:17 - 53634800 _____ (Microsoft Corporation) C:\Users\Patrick\Downloads\ExcelViewer.exe 2014-07-24 21:32 - 2014-07-24 21:32 - 00000000 ____D () C:\Users\Patrick\AppData\Local\Avg2014 2014-07-21 13:18 - 2014-07-21 13:18 - 00000000 ____D () C:\Windows\Sun 2014-07-21 13:17 - 2014-07-21 13:17 - 00004669 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log 2014-07-21 13:17 - 2014-07-11 03:02 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-07-21 13:17 - 2014-07-11 02:56 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2014-07-21 13:17 - 2014-07-11 02:56 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2014-07-21 13:17 - 2014-07-11 02:55 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2014-07-16 03:00 - 2014-07-16 03:00 - 00264498 _____ () C:\Windows\msxml4-KB2758694-enu.LOG 2014-07-14 13:26 - 2014-07-14 13:26 - 00000000 ____D () C:\Users\Patrick\Documents\MAGIX 2014-07-14 12:54 - 2014-07-14 13:26 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\MAGIX 2014-07-14 12:54 - 2014-07-14 12:54 - 00000000 ____D () C:\Users\Patrick\Documents\MAGIX_MusicEditor 2014-07-14 12:54 - 2014-07-14 12:54 - 00000000 ____D () C:\Users\Patrick\AppData\Local\Xara 2014-07-14 12:44 - 2014-07-14 12:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX 2014-07-14 12:44 - 2014-07-14 12:44 - 00000000 ____D () C:\Program Files (x86)\MAGIX 2014-07-14 12:43 - 2014-07-14 13:26 - 00000000 ____D () C:\ProgramData\MAGIX 2014-07-14 12:43 - 2014-01-09 04:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2014-07-14 12:43 - 2014-01-04 00:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2014-07-13 12:58 - 2014-07-13 12:58 - 00000000 ____D () C:\ProgramData\RELOADED 2014-07-13 12:48 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll 2014-07-13 12:48 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll 2014-07-13 12:48 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll 2014-07-13 12:48 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll 2014-07-13 12:48 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll 2014-07-13 12:48 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll 2014-07-13 12:48 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll 2014-07-13 12:48 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll 2014-07-13 12:48 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll 2014-07-13 12:48 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll 2014-07-13 12:48 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll 2014-07-13 12:48 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll 2014-07-13 12:48 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll 2014-07-13 12:48 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll 2014-07-13 12:48 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll 2014-07-13 12:48 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll 2014-07-13 12:31 - 2013-10-02 03:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll 2014-07-13 12:30 - 2013-10-02 04:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys 2014-07-13 12:30 - 2013-10-02 04:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe 2014-07-13 12:30 - 2013-10-02 04:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll 2014-07-13 12:30 - 2013-10-02 03:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll 2014-07-13 12:30 - 2013-10-02 03:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll 2014-07-13 12:30 - 2013-10-02 03:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll 2014-07-13 12:30 - 2013-10-02 02:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll 2014-07-13 12:30 - 2013-10-02 02:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll 2014-07-13 12:30 - 2013-10-02 02:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll 2014-07-13 12:30 - 2013-10-02 02:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe 2014-07-13 12:30 - 2013-10-02 02:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe 2014-07-13 12:30 - 2013-10-02 01:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll 2014-07-13 12:30 - 2013-10-02 01:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe 2014-07-13 12:30 - 2013-10-02 01:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll 2014-07-13 12:30 - 2013-10-02 00:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe 2014-07-13 12:30 - 2013-09-25 04:23 - 01030144 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll 2014-07-13 12:30 - 2013-09-25 03:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll 2014-07-11 12:50 - 2014-07-13 12:45 - 00000507 _____ () C:\Users\Public\Desktop\Metro Last Light.lnk 2014-07-11 12:50 - 2014-07-13 12:45 - 00000507 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metro Last Light.lnk 2014-07-10 11:46 - 2014-06-30 04:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-07-10 11:46 - 2014-06-30 04:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-07-10 11:46 - 2014-06-20 22:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-07-10 11:46 - 2014-06-20 21:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-07-10 11:46 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-07-10 11:46 - 2014-06-19 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-07-10 11:46 - 2014-06-19 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-07-10 11:46 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-07-10 11:46 - 2014-06-19 02:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-07-10 11:46 - 2014-06-19 02:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-07-10 11:46 - 2014-06-19 02:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-07-10 11:46 - 2014-06-19 02:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-07-10 11:46 - 2014-06-19 02:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-07-10 11:46 - 2014-06-19 02:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-07-10 11:46 - 2014-06-19 02:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-07-10 11:46 - 2014-06-19 02:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-07-10 11:46 - 2014-06-19 02:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-07-10 11:46 - 2014-06-19 02:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-07-10 11:46 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-07-10 11:46 - 2014-06-19 02:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-07-10 11:46 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-07-10 11:46 - 2014-06-19 01:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-07-10 11:46 - 2014-06-19 01:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-07-10 11:46 - 2014-06-19 01:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-07-10 11:46 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-07-10 11:46 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-07-10 11:46 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-07-10 11:46 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-07-10 11:46 - 2014-06-19 01:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-07-10 11:46 - 2014-06-19 01:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-07-10 11:46 - 2014-06-19 01:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-07-10 11:46 - 2014-06-19 01:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-07-10 11:46 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-07-10 11:46 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-07-10 11:46 - 2014-06-19 01:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-07-10 11:46 - 2014-06-19 01:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-07-10 11:46 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-07-10 11:46 - 2014-06-19 01:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-07-10 11:46 - 2014-06-19 01:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-07-10 11:46 - 2014-06-19 01:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-07-10 11:46 - 2014-06-19 01:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-07-10 11:46 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-07-10 11:46 - 2014-06-19 01:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-07-10 11:46 - 2014-06-19 01:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-07-10 11:46 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-07-10 11:46 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-07-10 11:46 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-07-10 11:46 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-07-10 11:46 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-07-10 11:46 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-07-10 11:46 - 2014-06-19 00:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-07-10 11:46 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-07-10 11:46 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-07-10 11:46 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-07-10 11:46 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-07-10 11:46 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-07-10 11:46 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-07-10 11:46 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-07-10 11:46 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe 2014-07-10 11:46 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe 2014-07-10 11:46 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-07-10 11:46 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2014-07-10 11:46 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll 2014-07-10 11:46 - 2014-05-30 10:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-07-10 11:46 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2014-07-10 11:46 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2014-07-10 11:46 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2014-07-10 11:46 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2014-07-10 11:46 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-07-10 11:46 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-07-10 11:46 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2014-07-10 11:46 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2014-07-10 11:46 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2014-07-10 11:46 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2014-07-10 11:46 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2014-07-10 11:46 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2014-07-10 11:46 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2014-07-10 11:46 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2014-07-10 11:45 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-07-10 11:45 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2014-07-10 11:45 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2014-07-04 12:41 - 2014-07-04 12:41 - 00001621 _____ () C:\Users\Patrick\AppData\Local\recently-used.xbel ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-07-27 13:09 - 2014-07-27 13:08 - 16456460 _____ () C:\Users\Patrick\Desktop\avidemux_2.6.8_win64_v2.exe 2014-07-27 13:09 - 2014-07-25 22:20 - 00022083 _____ () C:\Users\Patrick\Desktop\FRST.txt 2014-07-27 13:09 - 2014-07-25 22:20 - 00000000 ____D () C:\FRST 2014-07-27 13:07 - 2014-07-27 13:07 - 00000707 _____ () C:\Users\Patrick\Desktop\JRT.txt 2014-07-27 12:59 - 2009-07-14 06:45 - 00018848 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-07-27 12:59 - 2009-07-14 06:45 - 00018848 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-07-27 12:58 - 2014-07-27 12:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee 2014-07-27 12:58 - 2013-12-15 21:51 - 00001848 _____ () C:\Users\Public\Desktop\McAfee Internet Security Suite.lnk 2014-07-27 12:57 - 2014-07-27 12:57 - 00000000 ____D () C:\Windows\ERUNT 2014-07-27 12:54 - 2014-07-25 21:17 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-07-27 12:54 - 2014-05-02 12:25 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-07-27 12:51 - 2013-12-16 02:38 - 00007127 _____ () C:\Windows\setupact.log 2014-07-27 12:51 - 2013-12-15 18:16 - 00214048 _____ () C:\Windows\PFRO.log 2014-07-27 12:51 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-07-27 12:50 - 2014-05-02 13:17 - 00000000 ____D () C:\AdwCleaner 2014-07-27 12:50 - 2013-12-15 18:21 - 01231122 _____ () C:\Windows\WindowsUpdate.log 2014-07-27 12:42 - 2014-07-27 12:42 - 01016261 _____ (Thisisu) C:\Users\Patrick\Desktop\JRT.exe 2014-07-27 12:40 - 2014-07-27 12:40 - 01354223 _____ () C:\Users\Patrick\Desktop\adwcleaner_3.216.exe 2014-07-27 12:36 - 2014-05-09 16:23 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-07-27 12:33 - 2014-05-02 12:25 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-07-27 02:03 - 2014-07-26 22:19 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\FreeVideoConverter 2014-07-27 02:00 - 2013-12-20 02:46 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\vlc 2014-07-26 22:19 - 2014-07-26 22:19 - 00001149 _____ () C:\Users\Patrick\Desktop\Free Video Converter.lnk 2014-07-26 22:19 - 2014-07-26 22:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Video Converter 2014-07-26 22:19 - 2009-07-14 04:34 - 00000596 _____ () C:\Windows\win.ini 2014-07-26 22:08 - 2014-07-26 22:08 - 00445592 _____ (Bandoo Media Inc) C:\Users\Patrick\Desktop\Setup_31FreeVideoConverter.exe 2014-07-26 21:52 - 2013-12-16 03:13 - 00699080 _____ () C:\Windows\system32\perfh007.dat 2014-07-26 21:52 - 2013-12-16 03:13 - 00149220 _____ () C:\Windows\system32\perfc007.dat 2014-07-26 21:52 - 2009-07-14 07:13 - 01619224 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-07-26 20:38 - 2014-07-26 20:38 - 00021956 _____ () C:\ComboFix.txt 2014-07-26 20:38 - 2014-07-26 20:25 - 00000000 ____D () C:\Qoobox 2014-07-26 20:37 - 2014-07-26 20:25 - 00000000 ____D () C:\Windows\erdnt 2014-07-26 20:36 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini 2014-07-26 20:23 - 2014-07-26 20:22 - 05563277 ____R (Swearware) C:\Users\Patrick\Desktop\ComboFix.exe 2014-07-26 20:21 - 2013-12-20 01:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo II Hero Editor 2014-07-26 20:18 - 2013-12-18 13:36 - 00000000 ____D () C:\Program Files (x86)\Yahoo! 2014-07-26 20:16 - 2014-07-26 20:16 - 00003172 _____ () C:\Windows\System32\Tasks\{04769C88-1E2D-4212-A6A0-324194CA06B2} 2014-07-26 20:12 - 2014-07-26 20:12 - 00000728 _____ () C:\Users\Patrick\Desktop\Revo Uninstaller.lnk 2014-07-26 20:10 - 2014-07-26 20:10 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Patrick\Desktop\revosetup95.exe 2014-07-26 14:27 - 2014-07-26 14:27 - 00275464 _____ () C:\Windows\Minidump\072614-28672-01.dmp 2014-07-26 14:27 - 2014-06-10 21:06 - 1243866252 _____ () C:\Windows\MEMORY.DMP 2014-07-26 14:27 - 2014-06-10 21:06 - 00000000 ____D () C:\Windows\Minidump 2014-07-25 23:36 - 2014-05-09 16:23 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-07-25 23:36 - 2013-12-16 03:06 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-07-25 23:36 - 2013-12-16 03:06 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-07-25 23:35 - 2014-07-25 23:35 - 00024136 _____ () C:\Users\Patrick\Desktop\logs.zip 2014-07-25 23:33 - 2013-12-23 19:21 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2014-07-25 23:33 - 2013-12-23 19:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2014-07-25 22:29 - 2014-07-25 22:29 - 00003261 _____ () C:\Users\Patrick\Desktop\gmer.log 2014-07-25 22:21 - 2014-07-25 22:21 - 00181378 _____ () C:\Users\Patrick\Desktop\Addition.txt 2014-07-25 22:19 - 2014-07-25 22:19 - 00000546 _____ () C:\Users\Patrick\Desktop\defogger_disable.log 2014-07-25 22:19 - 2014-07-25 22:19 - 00000168 _____ () C:\Users\Patrick\defogger_reenable 2014-07-25 22:19 - 2013-12-15 19:21 - 00000000 ____D () C:\Users\Patrick 2014-07-25 22:11 - 2014-07-25 22:11 - 02093568 _____ (Farbar) C:\Users\Patrick\Desktop\FRST64.exe 2014-07-25 22:11 - 2014-07-25 22:11 - 00050477 _____ () C:\Users\Patrick\Desktop\Defogger.exe 2014-07-25 21:47 - 2014-05-02 12:25 - 00004118 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-07-25 21:47 - 2014-05-02 12:25 - 00003866 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-07-25 21:47 - 2014-01-19 15:31 - 00003694 _____ () C:\Windows\System32\Tasks\Adobe-Online-Aktualisierungsprogramm 2014-07-25 21:47 - 2013-12-19 00:16 - 00003676 _____ () C:\Windows\System32\Tasks\HP-Online-Aktualisierungsprogramm 2014-07-25 21:34 - 2014-07-25 21:34 - 00000000 ____D () C:\Program Files (x86)\ESET 2014-07-25 21:33 - 2014-07-25 21:33 - 02347384 _____ (ESET) C:\Users\Patrick\Desktop\esetsmartinstaller_deu (1).exe 2014-07-25 21:22 - 2014-07-25 21:22 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Patrick\Desktop\tdsskiller (1).exe 2014-07-25 21:18 - 2014-05-12 11:37 - 00000000 ____D () C:\Users\Patrick\AppData\Local\CrashDumps 2014-07-25 21:16 - 2014-07-25 21:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-07-25 21:16 - 2014-07-25 21:16 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-07-25 21:02 - 2014-07-25 21:02 - 00004347 _____ () C:\Users\Patrick\Desktop\gmer (1).log 2014-07-25 20:52 - 2014-07-25 22:23 - 00380416 _____ () C:\Users\Patrick\Desktop\Gmer-19357.exe 2014-07-25 20:45 - 2014-07-25 20:45 - 00000000 __SHD () C:\Users\Patrick\AppData\Local\EmieUserList 2014-07-25 20:45 - 2014-07-25 20:45 - 00000000 __SHD () C:\Users\Patrick\AppData\Local\EmieSiteList 2014-07-25 20:37 - 2014-07-25 20:37 - 00000000 ____D () C:\Windows\system32\appmgmt 2014-07-25 20:29 - 2013-12-15 21:50 - 00000000 ____D () C:\Program Files (x86)\McAfee 2014-07-24 22:20 - 2014-07-24 22:20 - 00002567 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Excel Viewer.lnk 2014-07-24 22:19 - 2013-12-20 14:35 - 00000000 ____D () C:\Program Files (x86)\MSECache 2014-07-24 22:17 - 2014-07-24 22:16 - 53634800 _____ (Microsoft Corporation) C:\Users\Patrick\Downloads\ExcelViewer.exe 2014-07-24 21:32 - 2014-07-24 21:32 - 00000000 ____D () C:\Users\Patrick\AppData\Local\Avg2014 2014-07-22 14:54 - 2014-06-13 12:21 - 00003852 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1387134862 2014-07-22 14:54 - 2013-12-15 21:14 - 00000000 ____D () C:\Program Files (x86)\Opera 2014-07-21 13:18 - 2014-07-21 13:18 - 00000000 ____D () C:\Windows\Sun 2014-07-21 13:18 - 2014-05-05 10:20 - 00000000 ____D () C:\ProgramData\Oracle 2014-07-21 13:17 - 2014-07-21 13:17 - 00004669 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log 2014-07-21 13:17 - 2014-01-28 11:59 - 00000000 ____D () C:\Program Files (x86)\Java 2014-07-16 03:53 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-07-16 03:16 - 2009-07-14 06:45 - 00392560 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-07-16 03:00 - 2014-07-16 03:00 - 00264498 _____ () C:\Windows\msxml4-KB2758694-enu.LOG 2014-07-14 13:29 - 2013-12-15 19:23 - 00108680 _____ () C:\Users\Patrick\AppData\Local\GDIPFONTCACHEV1.DAT 2014-07-14 13:26 - 2014-07-14 13:26 - 00000000 ____D () C:\Users\Patrick\Documents\MAGIX 2014-07-14 13:26 - 2014-07-14 12:54 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\MAGIX 2014-07-14 13:26 - 2014-07-14 12:43 - 00000000 ____D () C:\ProgramData\MAGIX 2014-07-14 12:54 - 2014-07-14 12:54 - 00000000 ____D () C:\Users\Patrick\Documents\MAGIX_MusicEditor 2014-07-14 12:54 - 2014-07-14 12:54 - 00000000 ____D () C:\Users\Patrick\AppData\Local\Xara 2014-07-14 12:54 - 2014-07-14 12:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX 2014-07-14 12:44 - 2014-07-14 12:44 - 00000000 ____D () C:\Program Files (x86)\MAGIX 2014-07-14 12:43 - 2013-12-15 21:54 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0 2014-07-14 03:18 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\spool 2014-07-14 03:17 - 2014-05-07 10:28 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-07-14 03:17 - 2009-07-14 09:45 - 00000000 ____D () C:\Program Files\Windows Journal 2014-07-14 03:17 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism 2014-07-14 03:17 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism 2014-07-13 13:10 - 2014-06-12 14:14 - 00000000 ____D () C:\Users\Patrick\Documents\4A Games 2014-07-13 13:03 - 2014-06-12 14:12 - 00000000 ____D () C:\Users\Patrick\AppData\Local\4A Games 2014-07-13 12:58 - 2014-07-13 12:58 - 00000000 ____D () C:\ProgramData\RELOADED 2014-07-13 12:47 - 2013-12-15 19:05 - 00066095 _____ () C:\Windows\DirectX.log 2014-07-13 12:45 - 2014-07-11 12:50 - 00000507 _____ () C:\Users\Public\Desktop\Metro Last Light.lnk 2014-07-13 12:45 - 2014-07-11 12:50 - 00000507 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metro Last Light.lnk 2014-07-11 03:02 - 2014-07-21 13:17 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-07-11 02:56 - 2014-07-21 13:17 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2014-07-11 02:56 - 2014-07-21 13:17 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2014-07-11 02:55 - 2014-07-21 13:17 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2014-07-10 20:35 - 2013-12-15 20:00 - 00000000 ____D () C:\Windows\system32\MRT 2014-07-10 20:34 - 2013-12-15 20:00 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-07-04 12:41 - 2014-07-04 12:41 - 00001621 _____ () C:\Users\Patrick\AppData\Local\recently-used.xbel 2014-07-04 12:41 - 2014-05-12 00:47 - 00000000 ____D () C:\Users\Patrick\AppData\Local\gtk-2.0 2014-07-04 12:32 - 2014-05-12 00:36 - 00000000 ____D () C:\Users\Patrick\.gimp-2.8 2014-06-30 04:09 - 2014-07-10 11:46 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-06-30 04:04 - 2014-07-10 11:46 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll Some content of TEMP: ==================== C:\Users\Patrick\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-07-18 13:02 ==================== End Of Log ============================ |
|
27.07.2014, 14:09
| #10 |
| /// the machine /// TB-Ausbilder | Malwarebytes Anti-Malware geht erst nicht, findet dann Security.Hijack - Ist da noch mehr?ESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
28.07.2014, 17:42
| #11 |
| | Malwarebytes Anti-Malware geht erst nicht, findet dann Security.Hijack - Ist da noch mehr? Eset lief ziemlich lange (gefühlt 18 Stunden), hier das Log: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=46bf4094da185a47b378200a4053bd63
# engine=19352
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-07-25 08:10:59
# local_time=2014-07-25 10:10:59 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 66 85 19168203 157948909 0 0
# scanned=35192
# found=16
# cleaned=0
# scan_time=1963
sh=5273994A8CF50EF89AFCF3B67D9EB7A079A3B69F ft=1 fh=9303b344bca1e78e vn="Variante von Win32/WinloadSDA.D evtl. unerwünschte Anwendung" ac=I fn="C:\$Recycle.Bin\S-1-5-21-3882204627-1061545298-3667153872-1001\$RWWO2US.exe"
sh=CCD90EE6E9B1ADFF9657E8F2C126BC6CB5C2EB24 ft=1 fh=91473923cd86549e vn="Variante von Win32/SProtector.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptProCrash.dll.vir"
sh=08FF41709DB8A9CCE36FD2996CC4FD2649FE1BFD ft=1 fh=8f3c051ef20a108b vn="Variante von Win64/SProtector.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptProCrash_x64.dll.vir"
sh=C5828B700B9EF61FA1534D5D18482BF12F591CBF ft=1 fh=0404da55e35b3671 vn="Variante von Win32/AdWare.SpeedingUpMyPC.D Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptProLauncher.exe.vir"
sh=DDD2974F59F7DBB2C99557C05FB33787C7B27748 ft=1 fh=b62022df389e395a vn="Variante von Win32/Adware.SpeedingUpMyPC.C Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptProSmartScan.exe.vir"
sh=AAEA2D2C15813161F9E114E6E1708CE545D5C8CA ft=1 fh=0022d452663e533e vn="Variante von Win32/DealPly.M evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaveSense\SaveSenseUpdateVer.exe.vir"
sh=FABF99D84DAE1B16B0BDBA7003ACA991AE40DB47 ft=1 fh=2aca0aed277d57d6 vn="Win32/SaveSense.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe.vir"
sh=10903598F769E2AC5F1E2372E90F6722A3A860B7 ft=1 fh=89560075533c3d40 vn="Win32/SaveSense.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\npGoogleUpdate3.dll.vir"
sh=88482528CE4F67A1004B50BA93282CEACCEDE534 ft=1 fh=e40b702402e604d5 vn="Win32/SaveSense.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\psmachine.dll.vir"
sh=FABF99D84DAE1B16B0BDBA7003ACA991AE40DB47 ft=1 fh=2aca0aed277d57d6 vn="Win32/SaveSense.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\SaveSenseLive.exe.vir"
sh=70D49B9ABA391E6976DAB5C4BEA63733459B3F1C ft=1 fh=0b76a05977e7722a vn="Win32/SaveSense.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\SaveSenseLiveBroker.exe.vir"
sh=FABF99D84DAE1B16B0BDBA7003ACA991AE40DB47 ft=1 fh=2aca0aed277d57d6 vn="Win32/SaveSense.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\SaveSenseLiveHandler.exe.vir"
sh=F09B9B9B1D16D1539D23CC6ACDE0DC7BC983DF59 ft=1 fh=2dbadf99ca2df2d7 vn="Win32/SaveSense.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\SaveSenseLiveOnDemand.exe.vir"
sh=8563F21B965879AE572840082BB2E9E5990F8A45 ft=1 fh=0aef99ed940fde6b vn="Variante von Win32/DealPly.R evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Patrick\AppData\Roaming\OpenCandy\8572FC2A50CC4DEEB8700199290B1341\sas.exe.vir"
sh=7B722A85CE6450E5D2B061C6D55BD6C7C82B3838 ft=1 fh=4b4dd648bb3da366 vn="Variante von Win32/DealPly.R evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Patrick\AppData\Roaming\OpenCandy\8572FC2A50CC4DEEB8700199290B1341\SaveSense_p1v2.exe.vir"
sh=AAEA2D2C15813161F9E114E6E1708CE545D5C8CA ft=1 fh=0022d452663e533e vn="Variante von Win32/DealPly.M evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Patrick\AppData\Roaming\SaveSense\UpdateProc\UpdateTask.exe.vir"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=46bf4094da185a47b378200a4053bd63
# engine=19370
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-07-28 07:17:56
# local_time=2014-07-28 09:17:56 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 66 85 19381020 158161726 0 0
# scanned=385317
# found=81
# cleaned=0
# scan_time=50414
sh=CCD90EE6E9B1ADFF9657E8F2C126BC6CB5C2EB24 ft=1 fh=91473923cd86549e vn="Variante von Win32/SProtector.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptProCrash.dll.vir"
sh=08FF41709DB8A9CCE36FD2996CC4FD2649FE1BFD ft=1 fh=8f3c051ef20a108b vn="Variante von Win64/SProtector.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptProCrash_x64.dll.vir"
sh=C5828B700B9EF61FA1534D5D18482BF12F591CBF ft=1 fh=0404da55e35b3671 vn="Variante von Win32/AdWare.SpeedingUpMyPC.D Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptProLauncher.exe.vir"
sh=DDD2974F59F7DBB2C99557C05FB33787C7B27748 ft=1 fh=b62022df389e395a vn="Variante von Win32/Adware.SpeedingUpMyPC.C Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptProSmartScan.exe.vir"
sh=AAEA2D2C15813161F9E114E6E1708CE545D5C8CA ft=1 fh=0022d452663e533e vn="Variante von Win32/DealPly.M evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaveSense\SaveSenseUpdateVer.exe.vir"
sh=FABF99D84DAE1B16B0BDBA7003ACA991AE40DB47 ft=1 fh=2aca0aed277d57d6 vn="Win32/SaveSense.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe.vir"
sh=10903598F769E2AC5F1E2372E90F6722A3A860B7 ft=1 fh=89560075533c3d40 vn="Win32/SaveSense.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\npGoogleUpdate3.dll.vir"
sh=88482528CE4F67A1004B50BA93282CEACCEDE534 ft=1 fh=e40b702402e604d5 vn="Win32/SaveSense.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\psmachine.dll.vir"
sh=FABF99D84DAE1B16B0BDBA7003ACA991AE40DB47 ft=1 fh=2aca0aed277d57d6 vn="Win32/SaveSense.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\SaveSenseLive.exe.vir"
sh=70D49B9ABA391E6976DAB5C4BEA63733459B3F1C ft=1 fh=0b76a05977e7722a vn="Win32/SaveSense.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\SaveSenseLiveBroker.exe.vir"
sh=FABF99D84DAE1B16B0BDBA7003ACA991AE40DB47 ft=1 fh=2aca0aed277d57d6 vn="Win32/SaveSense.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\SaveSenseLiveHandler.exe.vir"
sh=F09B9B9B1D16D1539D23CC6ACDE0DC7BC983DF59 ft=1 fh=2dbadf99ca2df2d7 vn="Win32/SaveSense.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\SaveSenseLiveOnDemand.exe.vir"
sh=8563F21B965879AE572840082BB2E9E5990F8A45 ft=1 fh=0aef99ed940fde6b vn="Variante von Win32/DealPly.R evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Patrick\AppData\Roaming\OpenCandy\8572FC2A50CC4DEEB8700199290B1341\sas.exe.vir"
sh=7B722A85CE6450E5D2B061C6D55BD6C7C82B3838 ft=1 fh=4b4dd648bb3da366 vn="Variante von Win32/DealPly.R evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Patrick\AppData\Roaming\OpenCandy\8572FC2A50CC4DEEB8700199290B1341\SaveSense_p1v2.exe.vir"
sh=AAEA2D2C15813161F9E114E6E1708CE545D5C8CA ft=1 fh=0022d452663e533e vn="Variante von Win32/DealPly.M evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Patrick\AppData\Roaming\SaveSense\UpdateProc\UpdateTask.exe.vir"
sh=D01F9F59BF6CA6E3FE60231CC8808C1A4FEA4530 ft=1 fh=e23161741f42185f vn="Win32/Toolbar.SearchSuite evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Patrick\Desktop\Setup_31FreeVideoConverter.exe"
sh=08A0459CAF9820F6E4FC020095791995CFC989AB ft=0 fh=0000000000000000 vn="Variante von Generik.BOICCES Trojaner" ac=I fn="C:\Users\Patrick\Desktop\Testdisk\testdisk-6.14\Rettung\$RECYCLE.BIN\S-1-5-21-3605044430-831468403-406832244-1002\$R4LZWRC\unzip\Alte Zip\Tool\afcad140.zip"
sh=B84EDE50FED81BD01F6F9698E71C949E2E60A092 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Patrick\Desktop\Testdisk\testdisk-6.14\Rettung\BUMBLEBEE\Backup Set 2011-03-20 190006\Backup Files 2011-04-03 190014\Backup files 1.zip"
sh=27E34FBD61DDCD28B0465E292FD78B33E409EA8E ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Patrick\Desktop\Testdisk\testdisk-6.14\Rettung\BUMBLEBEE\Backup Set 2011-04-10 190006\Backup Files 2011-04-10 190006\Backup files 1.zip"
sh=5CFD5DDE4E9E0130126E727013C508BC7A530438 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Patrick\Desktop\Testdisk\testdisk-6.14\Rettung\BUMBLEBEE\Backup Set 2011-05-22 190012\Backup Files 2011-05-22 190012\Backup files 1.zip"
sh=6BDC2371555F49F704EB42AF922EB81F69A205A9 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Patrick\Desktop\Testdisk\testdisk-6.14\Rettung\BUMBLEBEE\Backup Set 2011-07-24 203318\Backup Files 2011-07-24 203318\Backup files 1.zip"
sh=B8A4A757D397D9E89F15578ABA437C835A1203A0 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Patrick\Desktop\Testdisk\testdisk-6.14\Rettung\BUMBLEBEE\Backup Set 2012-02-06 191309\Backup Files 2012-02-06 191309\Backup files 1.zip"
sh=8F46135D3CB759FA3197A09BF9E8F20D532D31AE ft=0 fh=0000000000000000 vn="Variante von Win32/Speedchecker.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Patrick\Desktop\Testdisk\testdisk-6.14\Rettung\BUMBLEBEE\Backup Set 2012-02-06 191309\Backup Files 2012-02-06 191309\Backup files 2.zip"
sh=FA1B4FCDF3F02748AFC48484AE43E5BEF9CCE0A2 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Patrick\Desktop\Testdisk\testdisk-6.14\Rettung\BUMBLEBEE\Backup Set 2013-08-13 005231\Backup Files 2013-08-13 005231\Backup files 1.zip"
sh=5239FC50ED6151D6116FA1F5BBF237E9EFBED8DD ft=0 fh=0000000000000000 vn="Variante von Win32/Speedchecker.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Patrick\Desktop\Testdisk\testdisk-6.14\Rettung\BUMBLEBEE\Backup Set 2013-08-13 005231\Backup Files 2013-08-13 005231\Backup files 2.zip"
sh=F8139660C9EE0FCC5F88E897FEBE33984EA37DC8 ft=0 fh=0000000000000000 vn="Android/Exploit.Lotoor.AT Trojaner" ac=I fn="C:\Users\Patrick\Desktop\Testdisk\testdisk-6.14\Rettung\BUMBLEBEE\Backup Set 2013-08-13 005231\Backup Files 2013-09-25 181155\Backup files 1.zip"
sh=84C220E2E71D543DD06509783D08A9100C1EB8F2 ft=0 fh=0000000000000000 vn="Android/Exploit.Lotoor.AT Trojaner" ac=I fn="C:\Users\Patrick\Desktop\Testdisk\testdisk-6.14\Rettung\BUMBLEBEE\Backup Set 2013-08-13 005231\Backup Files 2013-09-25 181155\Backup files 3.zip"
sh=1A036F5546C0207C6823C8EBCB07C58E11163630 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Widgi.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Patrick\Desktop\Testdisk\testdisk-6.14\Rettung\BUMBLEBEE\Backup Set 2013-08-13 005231\Backup Files 2013-10-20 195247\Backup files 2.zip"
sh=3258F2625073191633D314A63DAA2E3ECE2C1DE6 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.SearchSuite.L evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Patrick\Desktop\Testdisk\testdisk-6.14\Rettung\BUMBLEBEE\Backup Set 2013-08-13 005231\Backup Files 2013-11-10 202239\Backup files 1.zip"
sh=876F488054FCBFFC6343F84B1FCEB5DBF243A068 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\Patrick\Desktop\Testdisk\testdisk-6.14\Rettung\SPEEDYGONZALEZ\Backup Set 2013-04-28 190003\Backup Files 2013-05-05 190004\Backup files 1.zip"
sh=2C809EC3A751BEE6F61F887928AC2B7FC2697DDF ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\Patrick\Desktop\Testdisk\testdisk-6.14\Rettung\SPEEDYGONZALEZ\Backup Set 2013-05-19 191546\Backup Files 2013-05-19 191546\Backup files 2.zip"
sh=A3C399395FE7CECD373021F14544E203BAECF7B6 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\Patrick\Desktop\Testdisk\testdisk-6.14\Rettung\SPEEDYGONZALEZ\Backup Set 2013-05-19 191546\Backup Files 2013-05-19 191546\Backup files 5.zip"
sh=3A3F1F1F48B4B3E6639484CDFAEA5343B51B3A32 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Babylon.I evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Patrick\Desktop\Testdisk\testdisk-6.14\Rettung\SPEEDYGONZALEZ\Backup Set 2013-05-19 191546\Backup Files 2013-05-26 190008\Backup files 1.zip"
sh=B78579220B6FB58921FCFD17C66AC48F6EE7C6BF ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Babylon.I evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Patrick\Desktop\Testdisk\testdisk-6.14\Rettung\SPEEDYGONZALEZ\Backup Set 2013-05-19 191546\Backup Files 2013-06-02 190001\Backup files 1.zip"
sh=87F85F9513A45E91B156D11BF5CC9B333DFDECDB ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\Patrick\Desktop\Testdisk\testdisk-6.14\Rettung\SPEEDYGONZALEZ\Backup Set 2013-05-19 191546\Backup Files 2013-06-10 030331\Backup files 1.zip"
sh=4D42A30C81200CFAD49E9B60C6BF2406F8925D88 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Babylon.I evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Patrick\Desktop\Testdisk\testdisk-6.14\Rettung\SPEEDYGONZALEZ\Backup Set 2013-06-23 190004\Backup Files 2013-06-23 190004\Backup files 2.zip"
sh=60186CAB03D5F64D4D05DC05269F7B5DD8B06AB9 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\Patrick\Desktop\Testdisk\testdisk-6.14\Rettung\SPEEDYGONZALEZ\Backup Set 2013-06-23 190004\Backup Files 2013-06-23 190004\Backup files 5.zip"
sh=C80739034164FF93BE07CC0409877C04B878D979 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Babylon.I evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Patrick\Desktop\Testdisk\testdisk-6.14\Rettung\SPEEDYGONZALEZ\Backup Set 2013-06-23 190004\Backup Files 2013-07-07 190006\Backup files 1.zip"
sh=5A83EC4862E6BFFF5616BD104F23BD3C18FCD95A ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Babylon.I evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Patrick\Desktop\Testdisk\testdisk-6.14\Rettung\SPEEDYGONZALEZ\Backup Set 2013-06-23 190004\Backup Files 2013-07-14 224257\Backup files 1.zip"
sh=9E25C31733DECA8E30A89AD78B290E66595EF735 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Babylon.I evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Patrick\Desktop\Testdisk\testdisk-6.14\Rettung\SPEEDYGONZALEZ\Backup Set 2013-06-23 190004\Backup Files 2013-07-21 212712\Backup files 1.zip"
sh=10187E15D92B73635523D901A3A4D32C52A688DF ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Babylon.I evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Patrick\Desktop\Testdisk\testdisk-6.14\Rettung\SPEEDYGONZALEZ\Backup Set 2013-07-29 234447\Backup Files 2013-07-29 234447\Backup files 2.zip"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="Variante von Win32/Toolbar.Babylon.I evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Patrick\Desktop\Testdisk\testdisk-6.14\Rettung\SPEEDYGONZALEZ\Backup Set 2013-07-29 234447\Backup Files 2013-09-17 183937\Backup files 1.zip"
sh=7A3728E7405F69131C8EF6DC3CDD742935D2F9ED ft=0 fh=0000000000000000 vn="Variante von Win32/DealPly.R evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Patrick\Desktop\Testdisk\testdisk-6.14\Rettung\SPEEDY_GO\Backup Set 2013-12-16 013818\Backup Files 2013-12-23 173519\Backup files 1.zip"
sh=91F8DD6B7C15D385FFBF7243F3EB1CFECA4D07DF ft=0 fh=0000000000000000 vn="Variante von Win32/DealPly.R evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Patrick\Desktop\Testdisk\testdisk-6.14\Rettung\SPEEDY_GO\Backup Set 2014-01-12 190000\Backup Files 2014-01-12 190000\Backup files 1.zip"
sh=B92CEFCB1BEBAC04CEB57C202AD1248F95A5D4F9 ft=0 fh=0000000000000000 vn="Variante von Win32/DealPly.R evtl. unerwünschte Anwendung" ac=I fn="K:\SPEEDY_GO\Backup Set 2014-02-17 105246\Backup Files 2014-02-17 105246\Backup files 1.zip"
sh=7967678757DD61AB5665E2CF546A14D9CE6AA70D ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="K:\SPEEDY_GO\Backup Set 2014-02-17 105246\Backup Files 2014-02-17 105246\Backup files 1217.zip"
sh=0353AFA8DC0E92CC153A5118FC7E7C4669C261B5 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="K:\SPEEDY_GO\Backup Set 2014-02-17 105246\Backup Files 2014-02-17 105246\Backup files 1218.zip"
sh=585CA7A87F46059174647C576AD37ABA8DFB8671 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="K:\SPEEDY_GO\Backup Set 2014-02-17 105246\Backup Files 2014-02-17 105246\Backup files 1229.zip"
sh=BF4CEDE7B6457F9ACA603E980F36AC0E8058C12D ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="K:\SPEEDY_GO\Backup Set 2014-02-17 105246\Backup Files 2014-02-17 105246\Backup files 1289.zip"
sh=AF3D46D6BE4E7C8D7250465D3F323897C0E98D7D ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="K:\SPEEDY_GO\Backup Set 2014-02-17 105246\Backup Files 2014-02-17 105246\Backup files 1348.zip"
sh=0860FFF2758C0AB9A885618E002E11913879B8AE ft=0 fh=0000000000000000 vn="Variante von Win32/Speedchecker.A evtl. unerwünschte Anwendung" ac=I fn="K:\SPEEDY_GO\Backup Set 2014-02-17 105246\Backup Files 2014-02-17 105246\Backup files 1359.zip"
sh=FC2D4D4E5983F4E0F56D9CDC29C633EEE7791665 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="K:\SPEEDY_GO\Backup Set 2014-02-17 105246\Backup Files 2014-02-17 105246\Backup files 1417.zip"
sh=2CAE16142F3D99E8DD59070069CEF48B3C232758 ft=0 fh=0000000000000000 vn="Variante von Win32/Speedchecker.A evtl. unerwünschte Anwendung" ac=I fn="K:\SPEEDY_GO\Backup Set 2014-02-17 105246\Backup Files 2014-02-17 105246\Backup files 1428.zip"
sh=7F2B827AD4B4ED47C41524F1C280001D0052DE26 ft=0 fh=0000000000000000 vn="Android/Exploit.Lotoor.AT Trojaner" ac=I fn="K:\SPEEDY_GO\Backup Set 2014-02-17 105246\Backup Files 2014-02-17 105246\Backup files 1467.zip"
sh=C4AE80C0C8BCFADB49551E193A9B8A350C13AFBE ft=0 fh=0000000000000000 vn="Android/Exploit.Lotoor.AT Trojaner" ac=I fn="K:\SPEEDY_GO\Backup Set 2014-02-17 105246\Backup Files 2014-02-17 105246\Backup files 1469.zip"
sh=544A91FDFF18ADDF3149418C04DE11443509F7C2 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Widgi.B evtl. unerwünschte Anwendung" ac=I fn="K:\SPEEDY_GO\Backup Set 2014-02-17 105246\Backup Files 2014-02-17 105246\Backup files 1487.zip"
sh=16CB7512DF8444FF7877178E94B15B8D68453132 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.SearchSuite.L evtl. unerwünschte Anwendung" ac=I fn="K:\SPEEDY_GO\Backup Set 2014-02-17 105246\Backup Files 2014-02-17 105246\Backup files 1490.zip"
sh=0C29C2239BB2E42520D1C1283D9EFAE675314549 ft=0 fh=0000000000000000 vn="Variante von Generik.BOICCES Trojaner" ac=I fn="K:\SPEEDY_GO\Backup Set 2014-02-17 105246\Backup Files 2014-02-17 105246\Backup files 758.zip"
sh=50908E26DCB99C1A8A4C67EABD23F84FAA3D68EF ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Babylon.I evtl. unerwünschte Anwendung" ac=I fn="K:\SPEEDY_GO\Backup Set 2014-02-17 105246\Backup Files 2014-02-23 221955\Backup files 107.zip"
sh=6BB724608AB901F7ED0CF225CB6C3550EAEE529C ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Babylon.I evtl. unerwünschte Anwendung" ac=I fn="K:\SPEEDY_GO\Backup Set 2014-02-17 105246\Backup Files 2014-02-23 221955\Backup files 108.zip"
sh=C1CFC02CCD8E5CBA612FFD6C105B3DC69F26CD70 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Babylon.I evtl. unerwünschte Anwendung" ac=I fn="K:\SPEEDY_GO\Backup Set 2014-02-17 105246\Backup Files 2014-02-23 221955\Backup files 109.zip"
sh=6AA797ACBCCE80109F323BDD4652255EE9E40AA7 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Babylon.I evtl. unerwünschte Anwendung" ac=I fn="K:\SPEEDY_GO\Backup Set 2014-02-17 105246\Backup Files 2014-02-23 221955\Backup files 115.zip"
sh=4EED9986493E320F3D0EC15E49D8E23A5AB3FEE9 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="K:\SPEEDY_GO\Backup Set 2014-02-17 105246\Backup Files 2014-02-23 221955\Backup files 138.zip"
sh=513F5C32BF4EC604A84D002B85DBD735A36BD804 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Babylon.I evtl. unerwünschte Anwendung" ac=I fn="K:\SPEEDY_GO\Backup Set 2014-02-17 105246\Backup Files 2014-02-23 221955\Backup files 140.zip"
sh=23A1EF2D64EDCC8CC3028CCC75C3F1CD458279E4 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Babylon.I evtl. unerwünschte Anwendung" ac=I fn="K:\SPEEDY_GO\Backup Set 2014-02-17 105246\Backup Files 2014-02-23 221955\Backup files 141.zip"
sh=6189C3BF051ABB31A052D90EA30BC4751320024C ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Babylon.I evtl. unerwünschte Anwendung" ac=I fn="K:\SPEEDY_GO\Backup Set 2014-02-17 105246\Backup Files 2014-02-23 221955\Backup files 143.zip"
sh=2641050639C295102767F718DD537398FC9916AB ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Babylon.I evtl. unerwünschte Anwendung" ac=I fn="K:\SPEEDY_GO\Backup Set 2014-02-17 105246\Backup Files 2014-02-23 221955\Backup files 144.zip"
sh=CE669F74378A868BA022C204EB27D51F0BF1B041 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Babylon.I evtl. unerwünschte Anwendung" ac=I fn="K:\SPEEDY_GO\Backup Set 2014-02-17 105246\Backup Files 2014-02-23 221955\Backup files 146.zip"
sh=26BFFFCF938F9C2062FED7A254F022181D248A87 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Babylon.I evtl. unerwünschte Anwendung" ac=I fn="K:\SPEEDY_GO\Backup Set 2014-02-17 105246\Backup Files 2014-02-23 221955\Backup files 165.zip"
sh=6241DA7F5A3D5AB8BA9858F13A5E27EE0F6DE18D ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="K:\SPEEDY_GO\Backup Set 2014-02-17 105246\Backup Files 2014-02-23 221955\Backup files 17.zip"
sh=F8F36B738CFDA2DD531C45627CEAEF6ECCCD83F3 ft=0 fh=0000000000000000 vn="Variante von Win32/DealPly.R evtl. unerwünschte Anwendung" ac=I fn="K:\SPEEDY_GO\Backup Set 2014-02-17 105246\Backup Files 2014-02-23 221955\Backup files 176.zip"
sh=FF5C41B76891EBDBEACC96A0094257A16812531A ft=0 fh=0000000000000000 vn="Variante von Win32/DealPly.R evtl. unerwünschte Anwendung" ac=I fn="K:\SPEEDY_GO\Backup Set 2014-02-17 105246\Backup Files 2014-02-23 221955\Backup files 181.zip"
sh=00857E69F7C4AA23B08626FB427A63077AC356E1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="K:\SPEEDY_GO\Backup Set 2014-02-17 105246\Backup Files 2014-02-23 221955\Backup files 27.zip"
sh=4E8BE8F2FBFE6F597853B66A03B2A2900351278E ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="K:\SPEEDY_GO\Backup Set 2014-02-17 105246\Backup Files 2014-02-23 221955\Backup files 52.zip"
sh=298F39C608B8A90B96F1459CA48BFED501F6FF0A ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Babylon.I evtl. unerwünschte Anwendung" ac=I fn="K:\SPEEDY_GO\Backup Set 2014-02-17 105246\Backup Files 2014-02-23 221955\Backup files 56.zip"
sh=399D48B4A8A0874F8B58633992128B3A904C1372 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Babylon.I evtl. unerwünschte Anwendung" ac=I fn="K:\SPEEDY_GO\Backup Set 2014-02-17 105246\Backup Files 2014-02-23 221955\Backup files 60.zip"
sh=487699AF833EDD89137CCE55F6AA49C2790B7B4A ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="K:\SPEEDY_GO\Backup Set 2014-02-17 105246\Backup Files 2014-02-23 221955\Backup files 64.zip"
sh=5D64D262119324BF9FEB3CC18AD0367BF6FC3D07 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Babylon.I evtl. unerwünschte Anwendung" ac=I fn="K:\SPEEDY_GO\Backup Set 2014-02-17 105246\Backup Files 2014-02-23 221955\Backup files 71.zip"
sh=E9A16C5EE5D750DDE2363C5DA1DC31319ECE68F2 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="K:\SPEEDY_GO\Backup Set 2014-02-17 105246\Backup Files 2014-02-23 221955\Backup files 95.zip"
sh=5EA4FA1A23F8B3F060A5FD747E36229D2ACA446A ft=0 fh=0000000000000000 vn="Variante von Win32/WinloadSDA.D evtl. unerwünschte Anwendung" ac=I fn="K:\SPEEDY_GO\Backup Set 2014-02-17 105246\Backup Files 2014-06-10 205531\Backup files 2.zip"
sh=0883375B7198EB1CC8F4B930B9207370A872FE53 ft=0 fh=0000000000000000 vn="Win32/Toolbar.SearchSuite evtl. unerwünschte Anwendung" ac=I fn="K:\SPEEDY_GO\Backup Set 2014-02-17 105246\Backup Files 2014-07-27 191323\Backup files 2.zip"
Hier das Security Checkup Log: Code:
ATTFilter Results of screen317's Security Check version 0.99.85 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` McAfee Anti-Virus und Anti-Spyware WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` Java 7 Update 65 Java version out of Date! Adobe Flash Player 14.0.0.145 Adobe Reader XI Mozilla Firefox (30.0) Mozilla Thunderbird (24.1.1) Google Chrome 35.0.1916.153 Google Chrome 36.0.1985.125 ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbam.exe Malwarebytes Anti-Malware mbamscheduler.exe Symantec Norton Online Backup NOBuAgent.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: ````````````````````End of Log`````````````````````` FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-07-2014 01 Ran by Patrick (administrator) on SPEEDY_GO on 28-07-2014 18:39:48 Running from C:\Users\Patrick\Desktop Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Malwarebytes Corporation) D:\Programme\ Malwarebytes Anti-Malware \mbamscheduler.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.) C:\Windows\System32\mfevtps.exe (Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (TeamViewer GmbH) D:\Programme\TeamViewer\Version9\TeamViewer_Service.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe (Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (Microsoft Corporation) C:\Program Files (x86)\Windows Sidebar\sidebar.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe () D:\Program Files (x86)\WISO\Steuer 2014\mshaktuell.exe (CyberLink Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe (Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe (CyberLink Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Hewlett-Packard Development Co. L.P.) C:\Program Files (x86)\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe (Disc Soft Ltd) D:\Program Files (x86)\DAEMON Tools Lite\DTShellHlp.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\splwow64.exe (MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe () C:\Program Files (x86)\Opera\23.0.1522.60\opera_crashreporter.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe (Opera Software) C:\Program Files (x86)\Opera\23.0.1522.60\opera.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\taskmgr.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe [349552 2010-05-27] (Egis Technology Inc.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11464296 2010-09-03] (Realtek Semiconductor) HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation) HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [337264 2010-05-27] (Egis Technology Inc.) HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201584 2010-03-11] (Egis Technology Inc.) HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920 2010-03-11] (Egis Technology Inc.) HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-02] (Symantec Corporation) HKLM-x32\...\Run: [MDS_Menu] => C:\Program Files (x86)\Acer Arcade Deluxe\MediaEspresso\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.) HKLM-x32\...\Run: [ArcadeMovieService] => C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe [419112 2010-12-01] (CyberLink Corp.) HKLM-x32\...\Run: [Hotkey Utility] => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [618600 2010-12-03] () HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.) HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard) HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5537136 2013-08-14] (Western Digital Technologies, Inc.) HKLM-x32\...\Run: [TrayServer] => D:\Programme\MAGIX\Video_deluxe_MX_Premium_Sonderedition\TrayServer_de.exe [90112 2008-08-07] (MAGIX AG) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk ShortcutTarget: WISO Mein Steuer-Sparbuch heute.lnk -> D:\Program Files (x86)\WISO\Steuer 2014\mshaktuell.exe () ShellIconOverlayIdentifiers: egisPSDP -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec MyWinLocker\x64\psdprotect.dll (Egis Technology Inc.) ShellIconOverlayIdentifiers-x32: egisPSDP -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec MyWinLocker\x86\psdprotect.dll (Egis Technology Inc.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM-x32 - DefaultScope value is missing. SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.) Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 FireFox: ======== FF ProfilePath: C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\xa9y2lcc.default FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll () FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL () FF Plugin: @videolan.org/vlc,version=2.1.1 - D:\Programme\VLC Media Player\npvlc.dll (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll () FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL () FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @nullsoft.com/winampDetector;version=1 - D:\Programme\Winamp Detect\npwachk.dll (Nullsoft, Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: Amazon-Icon - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\xa9y2lcc.default\Extensions\amazon-icon@giga.de [2014-06-06] FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2013-12-15] FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-12-18] FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2013-12-15] FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 Chrome: ======= CHR HomePage: hxxp://www.google.com/ CHR StartupUrls: "hxxp://www.google.com/" CHR Extension: (Google Docs) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-02] CHR Extension: (Google Drive) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-02] CHR Extension: (YouTube) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-02] CHR Extension: (Google-Suche) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-02] CHR Extension: (SiteAdvisor) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2014-05-02] CHR Extension: (Google Wallet) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-02] CHR Extension: (Google Mail) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-02] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1840128 2011-05-24] (MAGIX AG) [File not signed] S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed] R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed] R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed] R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1037824 2009-09-20] (Hewlett-Packard Co.) [File not signed] R2 MBAMScheduler; D:\Programme\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation) S2 MBAMService; D:\Programme\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation) R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.) R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [602944 2013-08-02] (McAfee, Inc.) R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-03-18] (McAfee, Inc.) R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-04-03] (McAfee, Inc.) R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-04-03] (McAfee, Inc.) R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) S4 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-05-27] (Egis Technology Inc.) R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed] R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation) R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed] R2 TeamViewer9; D:\Programme\TeamViewer\Version9\TeamViewer_Service.exe [5024576 2014-04-25] (TeamViewer GmbH) R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [270704 2013-08-14] (Western Digital Technologies, Inc.) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70592 2014-04-03] (McAfee, Inc.) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-12-18] (Disc Soft Ltd) S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.) R2 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [91352 2014-05-12] (Malwarebytes Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation) S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-28] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation) R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [177544 2014-04-03] (McAfee, Inc.) R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311856 2014-04-03] (McAfee, Inc.) R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [522360 2014-04-03] (McAfee, Inc.) R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [784760 2014-04-03] (McAfee, Inc.) R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [441264 2014-03-18] (McAfee, Inc.) S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [96592 2014-03-18] (McAfee, Inc.) R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [346760 2014-04-03] (McAfee, Inc.) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-07-28 18:38 - 2014-07-28 18:39 - 00022307 _____ () C:\Users\Patrick\Desktop\FRST.txt 2014-07-28 18:38 - 2014-07-25 22:11 - 02093568 _____ (Farbar) C:\Users\Patrick\Desktop\FRST64.exe 2014-07-28 18:36 - 2014-07-28 18:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee 2014-07-28 18:21 - 2014-07-28 18:22 - 00001078 _____ () C:\Users\Patrick\Desktop\checkup.txt 2014-07-28 09:47 - 2014-07-28 09:47 - 00854390 _____ () C:\Users\Patrick\Desktop\SecurityCheck.exe 2014-07-28 01:55 - 2014-07-12 12:31 - 2836504208 _____ () C:\Users\Patrick\Downloads\Zwiebeljack räumt auf.mkv 2014-07-27 19:15 - 2014-07-25 21:33 - 02347384 _____ (ESET) C:\Users\Patrick\Desktop\esetsmartinstaller_deu (1).exe 2014-07-27 13:14 - 2014-07-28 18:20 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\avidemux 2014-07-27 13:14 - 2014-07-27 13:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avidemux (64bits) 2014-07-27 13:08 - 2014-07-27 13:09 - 16456460 _____ () C:\Users\Patrick\Desktop\avidemux_2.6.8_win64_v2.exe 2014-07-27 13:07 - 2014-07-27 13:07 - 00000707 _____ () C:\Users\Patrick\Desktop\JRT.txt 2014-07-27 12:57 - 2014-07-27 12:57 - 00000000 ____D () C:\Windows\ERUNT 2014-07-26 22:19 - 2014-07-27 02:03 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\FreeVideoConverter 2014-07-26 22:19 - 2014-07-26 22:19 - 00001149 _____ () C:\Users\Patrick\Desktop\Free Video Converter.lnk 2014-07-26 22:19 - 2014-07-26 22:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Video Converter 2014-07-26 22:08 - 2014-07-26 22:08 - 00445592 _____ (Bandoo Media Inc) C:\Users\Patrick\Desktop\Setup_31FreeVideoConverter.exe 2014-07-26 20:38 - 2014-07-26 20:38 - 00021956 _____ () C:\ComboFix.txt 2014-07-26 20:26 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe 2014-07-26 20:26 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe 2014-07-26 20:26 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2014-07-26 20:26 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2014-07-26 20:26 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2014-07-26 20:26 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe 2014-07-26 20:26 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe 2014-07-26 20:26 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe 2014-07-26 20:25 - 2014-07-26 20:38 - 00000000 ____D () C:\Qoobox 2014-07-26 20:25 - 2014-07-26 20:37 - 00000000 ____D () C:\Windows\erdnt 2014-07-26 20:16 - 2014-07-26 20:16 - 00003172 _____ () C:\Windows\System32\Tasks\{04769C88-1E2D-4212-A6A0-324194CA06B2} 2014-07-26 20:12 - 2014-07-26 20:12 - 00000728 _____ () C:\Users\Patrick\Desktop\Revo Uninstaller.lnk 2014-07-26 14:27 - 2014-07-26 14:27 - 00275464 _____ () C:\Windows\Minidump\072614-28672-01.dmp 2014-07-25 23:35 - 2014-07-25 23:35 - 00024136 _____ () C:\Users\Patrick\Desktop\logs.zip 2014-07-25 22:29 - 2014-07-25 22:29 - 00003261 _____ () C:\Users\Patrick\Desktop\gmer.log 2014-07-25 22:21 - 2014-07-25 22:21 - 00181378 _____ () C:\Users\Patrick\Desktop\Addition_old.txt 2014-07-25 22:20 - 2014-07-28 18:39 - 00000000 ____D () C:\FRST 2014-07-25 22:20 - 2014-07-27 13:09 - 00055028 _____ () C:\Users\Patrick\Desktop\FRST_2.txt 2014-07-25 22:19 - 2014-07-27 13:24 - 00000476 _____ () C:\Users\Patrick\Desktop\defogger_disable.log 2014-07-25 22:19 - 2014-07-25 22:19 - 00000168 _____ () C:\Users\Patrick\defogger_reenable 2014-07-25 22:11 - 2014-07-25 22:11 - 00050477 _____ () C:\Users\Patrick\Desktop\Defogger.exe 2014-07-25 21:34 - 2014-07-25 21:34 - 00000000 ____D () C:\Program Files (x86)\ESET 2014-07-25 21:17 - 2014-07-28 18:20 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-07-25 21:16 - 2014-07-25 21:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-07-25 21:16 - 2014-07-25 21:16 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-07-25 21:16 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-07-25 21:16 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-07-25 21:16 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-07-25 21:02 - 2014-07-25 21:02 - 00004347 _____ () C:\Users\Patrick\Desktop\gmer (1).log 2014-07-25 20:45 - 2014-07-25 20:45 - 00000000 __SHD () C:\Users\Patrick\AppData\Local\EmieUserList 2014-07-25 20:45 - 2014-07-25 20:45 - 00000000 __SHD () C:\Users\Patrick\AppData\Local\EmieSiteList 2014-07-25 20:37 - 2014-07-25 20:37 - 00000000 ____D () C:\Windows\system32\appmgmt 2014-07-24 22:20 - 2014-07-24 22:20 - 00002567 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Excel Viewer.lnk 2014-07-24 22:16 - 2014-07-24 22:17 - 53634800 _____ (Microsoft Corporation) C:\Users\Patrick\Downloads\ExcelViewer.exe 2014-07-24 21:32 - 2014-07-24 21:32 - 00000000 ____D () C:\Users\Patrick\AppData\Local\Avg2014 2014-07-21 13:18 - 2014-07-21 13:18 - 00000000 ____D () C:\Windows\Sun 2014-07-21 13:17 - 2014-07-21 13:17 - 00004669 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log 2014-07-21 13:17 - 2014-07-11 03:02 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-07-21 13:17 - 2014-07-11 02:56 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2014-07-21 13:17 - 2014-07-11 02:56 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2014-07-21 13:17 - 2014-07-11 02:55 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2014-07-16 03:00 - 2014-07-16 03:00 - 00264498 _____ () C:\Windows\msxml4-KB2758694-enu.LOG 2014-07-14 13:26 - 2014-07-14 13:26 - 00000000 ____D () C:\Users\Patrick\Documents\MAGIX 2014-07-14 12:54 - 2014-07-14 13:26 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\MAGIX 2014-07-14 12:54 - 2014-07-14 12:54 - 00000000 ____D () C:\Users\Patrick\Documents\MAGIX_MusicEditor 2014-07-14 12:54 - 2014-07-14 12:54 - 00000000 ____D () C:\Users\Patrick\AppData\Local\Xara 2014-07-14 12:44 - 2014-07-14 12:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX 2014-07-14 12:44 - 2014-07-14 12:44 - 00000000 ____D () C:\Program Files (x86)\MAGIX 2014-07-14 12:43 - 2014-07-14 13:26 - 00000000 ____D () C:\ProgramData\MAGIX 2014-07-14 12:43 - 2014-01-09 04:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2014-07-14 12:43 - 2014-01-04 00:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2014-07-13 12:58 - 2014-07-13 12:58 - 00000000 ____D () C:\ProgramData\RELOADED 2014-07-13 12:48 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll 2014-07-13 12:48 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll 2014-07-13 12:48 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll 2014-07-13 12:48 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll 2014-07-13 12:48 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll 2014-07-13 12:48 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll 2014-07-13 12:48 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll 2014-07-13 12:48 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll 2014-07-13 12:48 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll 2014-07-13 12:48 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll 2014-07-13 12:48 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll 2014-07-13 12:48 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll 2014-07-13 12:48 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll 2014-07-13 12:48 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll 2014-07-13 12:48 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll 2014-07-13 12:48 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll 2014-07-13 12:31 - 2013-10-02 03:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll 2014-07-13 12:30 - 2013-10-02 04:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys 2014-07-13 12:30 - 2013-10-02 04:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe 2014-07-13 12:30 - 2013-10-02 04:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll 2014-07-13 12:30 - 2013-10-02 03:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll 2014-07-13 12:30 - 2013-10-02 03:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll 2014-07-13 12:30 - 2013-10-02 03:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll 2014-07-13 12:30 - 2013-10-02 02:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll 2014-07-13 12:30 - 2013-10-02 02:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll 2014-07-13 12:30 - 2013-10-02 02:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll 2014-07-13 12:30 - 2013-10-02 02:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe 2014-07-13 12:30 - 2013-10-02 02:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe 2014-07-13 12:30 - 2013-10-02 01:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll 2014-07-13 12:30 - 2013-10-02 01:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe 2014-07-13 12:30 - 2013-10-02 01:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll 2014-07-13 12:30 - 2013-10-02 00:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe 2014-07-13 12:30 - 2013-09-25 04:23 - 01030144 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll 2014-07-13 12:30 - 2013-09-25 03:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll 2014-07-11 12:50 - 2014-07-13 12:45 - 00000507 _____ () C:\Users\Public\Desktop\Metro Last Light.lnk 2014-07-11 12:50 - 2014-07-13 12:45 - 00000507 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metro Last Light.lnk 2014-07-10 11:46 - 2014-06-30 04:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-07-10 11:46 - 2014-06-30 04:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-07-10 11:46 - 2014-06-20 22:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-07-10 11:46 - 2014-06-20 21:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-07-10 11:46 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-07-10 11:46 - 2014-06-19 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-07-10 11:46 - 2014-06-19 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-07-10 11:46 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-07-10 11:46 - 2014-06-19 02:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-07-10 11:46 - 2014-06-19 02:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-07-10 11:46 - 2014-06-19 02:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-07-10 11:46 - 2014-06-19 02:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-07-10 11:46 - 2014-06-19 02:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-07-10 11:46 - 2014-06-19 02:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-07-10 11:46 - 2014-06-19 02:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-07-10 11:46 - 2014-06-19 02:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-07-10 11:46 - 2014-06-19 02:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-07-10 11:46 - 2014-06-19 02:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-07-10 11:46 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-07-10 11:46 - 2014-06-19 02:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-07-10 11:46 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-07-10 11:46 - 2014-06-19 01:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-07-10 11:46 - 2014-06-19 01:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-07-10 11:46 - 2014-06-19 01:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-07-10 11:46 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-07-10 11:46 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-07-10 11:46 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-07-10 11:46 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-07-10 11:46 - 2014-06-19 01:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-07-10 11:46 - 2014-06-19 01:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-07-10 11:46 - 2014-06-19 01:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-07-10 11:46 - 2014-06-19 01:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-07-10 11:46 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-07-10 11:46 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-07-10 11:46 - 2014-06-19 01:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-07-10 11:46 - 2014-06-19 01:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-07-10 11:46 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-07-10 11:46 - 2014-06-19 01:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-07-10 11:46 - 2014-06-19 01:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-07-10 11:46 - 2014-06-19 01:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-07-10 11:46 - 2014-06-19 01:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-07-10 11:46 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-07-10 11:46 - 2014-06-19 01:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-07-10 11:46 - 2014-06-19 01:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-07-10 11:46 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-07-10 11:46 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-07-10 11:46 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-07-10 11:46 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-07-10 11:46 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-07-10 11:46 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-07-10 11:46 - 2014-06-19 00:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-07-10 11:46 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-07-10 11:46 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-07-10 11:46 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-07-10 11:46 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-07-10 11:46 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-07-10 11:46 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-07-10 11:46 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-07-10 11:46 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe 2014-07-10 11:46 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe 2014-07-10 11:46 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-07-10 11:46 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2014-07-10 11:46 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll 2014-07-10 11:46 - 2014-05-30 10:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-07-10 11:46 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2014-07-10 11:46 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2014-07-10 11:46 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2014-07-10 11:46 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2014-07-10 11:46 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-07-10 11:46 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-07-10 11:46 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2014-07-10 11:46 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2014-07-10 11:46 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2014-07-10 11:46 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2014-07-10 11:46 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2014-07-10 11:46 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2014-07-10 11:46 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2014-07-10 11:46 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2014-07-10 11:45 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-07-10 11:45 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2014-07-10 11:45 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2014-07-04 12:41 - 2014-07-04 12:41 - 00001621 _____ () C:\Users\Patrick\AppData\Local\recently-used.xbel ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-07-28 18:40 - 2014-07-28 18:38 - 00022307 _____ () C:\Users\Patrick\Desktop\FRST.txt 2014-07-28 18:39 - 2014-07-25 22:20 - 00000000 ____D () C:\FRST 2014-07-28 18:36 - 2014-07-28 18:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee 2014-07-28 18:36 - 2014-05-09 16:23 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-07-28 18:36 - 2013-12-15 21:51 - 00001848 _____ () C:\Users\Public\Desktop\McAfee Internet Security Suite.lnk 2014-07-28 18:31 - 2014-05-02 12:25 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-07-28 18:30 - 2013-12-16 02:38 - 00007239 _____ () C:\Windows\setupact.log 2014-07-28 18:30 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-07-28 18:27 - 2013-12-15 18:21 - 01271368 _____ () C:\Windows\WindowsUpdate.log 2014-07-28 18:22 - 2014-07-28 18:21 - 00001078 _____ () C:\Users\Patrick\Desktop\checkup.txt 2014-07-28 18:20 - 2014-07-27 13:14 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\avidemux 2014-07-28 18:20 - 2014-07-25 21:17 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-07-28 18:20 - 2014-05-02 12:25 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-07-28 09:47 - 2014-07-28 09:47 - 00854390 _____ () C:\Users\Patrick\Desktop\SecurityCheck.exe 2014-07-28 01:54 - 2013-12-20 02:46 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\vlc 2014-07-27 13:24 - 2014-07-25 22:19 - 00000476 _____ () C:\Users\Patrick\Desktop\defogger_disable.log 2014-07-27 13:14 - 2014-07-27 13:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avidemux (64bits) 2014-07-27 13:09 - 2014-07-27 13:08 - 16456460 _____ () C:\Users\Patrick\Desktop\avidemux_2.6.8_win64_v2.exe 2014-07-27 13:09 - 2014-07-25 22:20 - 00055028 _____ () C:\Users\Patrick\Desktop\FRST_2.txt 2014-07-27 13:07 - 2014-07-27 13:07 - 00000707 _____ () C:\Users\Patrick\Desktop\JRT.txt 2014-07-27 12:59 - 2009-07-14 06:45 - 00018848 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-07-27 12:59 - 2009-07-14 06:45 - 00018848 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-07-27 12:57 - 2014-07-27 12:57 - 00000000 ____D () C:\Windows\ERUNT 2014-07-27 12:51 - 2013-12-15 18:16 - 00214048 _____ () C:\Windows\PFRO.log 2014-07-27 12:50 - 2014-05-02 13:17 - 00000000 ____D () C:\AdwCleaner 2014-07-27 02:03 - 2014-07-26 22:19 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\FreeVideoConverter 2014-07-26 22:19 - 2014-07-26 22:19 - 00001149 _____ () C:\Users\Patrick\Desktop\Free Video Converter.lnk 2014-07-26 22:19 - 2014-07-26 22:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Video Converter 2014-07-26 22:19 - 2009-07-14 04:34 - 00000596 _____ () C:\Windows\win.ini 2014-07-26 22:08 - 2014-07-26 22:08 - 00445592 _____ (Bandoo Media Inc) C:\Users\Patrick\Desktop\Setup_31FreeVideoConverter.exe 2014-07-26 21:52 - 2013-12-16 03:13 - 00699080 _____ () C:\Windows\system32\perfh007.dat 2014-07-26 21:52 - 2013-12-16 03:13 - 00149220 _____ () C:\Windows\system32\perfc007.dat 2014-07-26 21:52 - 2009-07-14 07:13 - 01619224 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-07-26 20:38 - 2014-07-26 20:38 - 00021956 _____ () C:\ComboFix.txt 2014-07-26 20:38 - 2014-07-26 20:25 - 00000000 ____D () C:\Qoobox 2014-07-26 20:37 - 2014-07-26 20:25 - 00000000 ____D () C:\Windows\erdnt 2014-07-26 20:36 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini 2014-07-26 20:21 - 2013-12-20 01:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo II Hero Editor 2014-07-26 20:18 - 2013-12-18 13:36 - 00000000 ____D () C:\Program Files (x86)\Yahoo! 2014-07-26 20:16 - 2014-07-26 20:16 - 00003172 _____ () C:\Windows\System32\Tasks\{04769C88-1E2D-4212-A6A0-324194CA06B2} 2014-07-26 20:12 - 2014-07-26 20:12 - 00000728 _____ () C:\Users\Patrick\Desktop\Revo Uninstaller.lnk 2014-07-26 14:27 - 2014-07-26 14:27 - 00275464 _____ () C:\Windows\Minidump\072614-28672-01.dmp 2014-07-26 14:27 - 2014-06-10 21:06 - 1243866252 _____ () C:\Windows\MEMORY.DMP 2014-07-26 14:27 - 2014-06-10 21:06 - 00000000 ____D () C:\Windows\Minidump 2014-07-25 23:36 - 2014-05-09 16:23 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-07-25 23:36 - 2013-12-16 03:06 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-07-25 23:36 - 2013-12-16 03:06 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-07-25 23:35 - 2014-07-25 23:35 - 00024136 _____ () C:\Users\Patrick\Desktop\logs.zip 2014-07-25 23:33 - 2013-12-23 19:21 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2014-07-25 23:33 - 2013-12-23 19:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2014-07-25 22:29 - 2014-07-25 22:29 - 00003261 _____ () C:\Users\Patrick\Desktop\gmer.log 2014-07-25 22:21 - 2014-07-25 22:21 - 00181378 _____ () C:\Users\Patrick\Desktop\Addition_old.txt 2014-07-25 22:19 - 2014-07-25 22:19 - 00000168 _____ () C:\Users\Patrick\defogger_reenable 2014-07-25 22:19 - 2013-12-15 19:21 - 00000000 ____D () C:\Users\Patrick 2014-07-25 22:11 - 2014-07-28 18:38 - 02093568 _____ (Farbar) C:\Users\Patrick\Desktop\FRST64.exe 2014-07-25 22:11 - 2014-07-25 22:11 - 00050477 _____ () C:\Users\Patrick\Desktop\Defogger.exe 2014-07-25 21:47 - 2014-05-02 12:25 - 00004118 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-07-25 21:47 - 2014-05-02 12:25 - 00003866 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-07-25 21:47 - 2014-01-19 15:31 - 00003694 _____ () C:\Windows\System32\Tasks\Adobe-Online-Aktualisierungsprogramm 2014-07-25 21:47 - 2013-12-19 00:16 - 00003676 _____ () C:\Windows\System32\Tasks\HP-Online-Aktualisierungsprogramm 2014-07-25 21:34 - 2014-07-25 21:34 - 00000000 ____D () C:\Program Files (x86)\ESET 2014-07-25 21:33 - 2014-07-27 19:15 - 02347384 _____ (ESET) C:\Users\Patrick\Desktop\esetsmartinstaller_deu (1).exe 2014-07-25 21:18 - 2014-05-12 11:37 - 00000000 ____D () C:\Users\Patrick\AppData\Local\CrashDumps 2014-07-25 21:16 - 2014-07-25 21:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-07-25 21:16 - 2014-07-25 21:16 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-07-25 21:02 - 2014-07-25 21:02 - 00004347 _____ () C:\Users\Patrick\Desktop\gmer (1).log 2014-07-25 20:45 - 2014-07-25 20:45 - 00000000 __SHD () C:\Users\Patrick\AppData\Local\EmieUserList 2014-07-25 20:45 - 2014-07-25 20:45 - 00000000 __SHD () C:\Users\Patrick\AppData\Local\EmieSiteList 2014-07-25 20:37 - 2014-07-25 20:37 - 00000000 ____D () C:\Windows\system32\appmgmt 2014-07-25 20:29 - 2013-12-15 21:50 - 00000000 ____D () C:\Program Files (x86)\McAfee 2014-07-24 22:20 - 2014-07-24 22:20 - 00002567 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Excel Viewer.lnk 2014-07-24 22:19 - 2013-12-20 14:35 - 00000000 ____D () C:\Program Files (x86)\MSECache 2014-07-24 22:17 - 2014-07-24 22:16 - 53634800 _____ (Microsoft Corporation) C:\Users\Patrick\Downloads\ExcelViewer.exe 2014-07-24 21:32 - 2014-07-24 21:32 - 00000000 ____D () C:\Users\Patrick\AppData\Local\Avg2014 2014-07-22 14:54 - 2014-06-13 12:21 - 00003852 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1387134862 2014-07-22 14:54 - 2013-12-15 21:14 - 00000000 ____D () C:\Program Files (x86)\Opera 2014-07-21 13:18 - 2014-07-21 13:18 - 00000000 ____D () C:\Windows\Sun 2014-07-21 13:18 - 2014-05-05 10:20 - 00000000 ____D () C:\ProgramData\Oracle 2014-07-21 13:17 - 2014-07-21 13:17 - 00004669 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log 2014-07-21 13:17 - 2014-01-28 11:59 - 00000000 ____D () C:\Program Files (x86)\Java 2014-07-16 03:53 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-07-16 03:16 - 2009-07-14 06:45 - 00392560 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-07-16 03:00 - 2014-07-16 03:00 - 00264498 _____ () C:\Windows\msxml4-KB2758694-enu.LOG 2014-07-14 13:29 - 2013-12-15 19:23 - 00108680 _____ () C:\Users\Patrick\AppData\Local\GDIPFONTCACHEV1.DAT 2014-07-14 13:26 - 2014-07-14 13:26 - 00000000 ____D () C:\Users\Patrick\Documents\MAGIX 2014-07-14 13:26 - 2014-07-14 12:54 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\MAGIX 2014-07-14 13:26 - 2014-07-14 12:43 - 00000000 ____D () C:\ProgramData\MAGIX 2014-07-14 12:54 - 2014-07-14 12:54 - 00000000 ____D () C:\Users\Patrick\Documents\MAGIX_MusicEditor 2014-07-14 12:54 - 2014-07-14 12:54 - 00000000 ____D () C:\Users\Patrick\AppData\Local\Xara 2014-07-14 12:54 - 2014-07-14 12:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX 2014-07-14 12:44 - 2014-07-14 12:44 - 00000000 ____D () C:\Program Files (x86)\MAGIX 2014-07-14 12:43 - 2013-12-15 21:54 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0 2014-07-14 03:18 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\spool 2014-07-14 03:17 - 2014-05-07 10:28 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-07-14 03:17 - 2009-07-14 09:45 - 00000000 ____D () C:\Program Files\Windows Journal 2014-07-14 03:17 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism 2014-07-14 03:17 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism 2014-07-13 13:10 - 2014-06-12 14:14 - 00000000 ____D () C:\Users\Patrick\Documents\4A Games 2014-07-13 13:03 - 2014-06-12 14:12 - 00000000 ____D () C:\Users\Patrick\AppData\Local\4A Games 2014-07-13 12:58 - 2014-07-13 12:58 - 00000000 ____D () C:\ProgramData\RELOADED 2014-07-13 12:47 - 2013-12-15 19:05 - 00066095 _____ () C:\Windows\DirectX.log 2014-07-13 12:45 - 2014-07-11 12:50 - 00000507 _____ () C:\Users\Public\Desktop\Metro Last Light.lnk 2014-07-13 12:45 - 2014-07-11 12:50 - 00000507 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metro Last Light.lnk 2014-07-12 12:31 - 2014-07-28 01:55 - 2836504208 _____ () C:\Users\Patrick\Downloads\Zwiebeljack räumt auf.mkv 2014-07-11 03:02 - 2014-07-21 13:17 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-07-11 02:56 - 2014-07-21 13:17 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2014-07-11 02:56 - 2014-07-21 13:17 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2014-07-11 02:55 - 2014-07-21 13:17 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2014-07-10 20:35 - 2013-12-15 20:00 - 00000000 ____D () C:\Windows\system32\MRT 2014-07-10 20:34 - 2013-12-15 20:00 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-07-04 12:41 - 2014-07-04 12:41 - 00001621 _____ () C:\Users\Patrick\AppData\Local\recently-used.xbel 2014-07-04 12:41 - 2014-05-12 00:47 - 00000000 ____D () C:\Users\Patrick\AppData\Local\gtk-2.0 2014-07-04 12:32 - 2014-05-12 00:36 - 00000000 ____D () C:\Users\Patrick\.gimp-2.8 2014-06-30 04:09 - 2014-07-10 11:46 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-06-30 04:04 - 2014-07-10 11:46 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll Some content of TEMP: ==================== C:\Users\Patrick\AppData\Local\Temp\-wuvu-iq.dll C:\Users\Patrick\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-07-18 13:02 ==================== End Of Log ============================ Ob ich noch Probleme habe? Mir scheint erst jetzt, dass ich überhaupt richtige Probleme habe ... |
|
29.07.2014, 09:13
| #12 | |
| /// the machine /// TB-Ausbilder | Malwarebytes Anti-Malware geht erst nicht, findet dann Security.Hijack - Ist da noch mehr?Zitat:
Java updaten, Laufwerk K formatieren, Ordner Testdisk auf dem Desktop löschen.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
29.07.2014, 12:00
| #13 | |
| | Malwarebytes Anti-Malware geht erst nicht, findet dann Security.Hijack - Ist da noch mehr?Zitat:
Ansonsten K: formatieren, check. Mach ich sobald ich die Platte mal wieder leermachen kann. Testdisk soll weg? Mir hat das seinerzeit die wichtigsten Daten von meiner externen gerettet, als die nen FAT-Fehler hatte. Ist das ne Sicherheitslücke oder wieso empfiehlst du mir das? Ansonsten bis hierhin jedenfalls schon mal danke für deine Anleitung! |
|
29.07.2014, 16:03
| #14 | |
| /// the machine /// TB-Ausbilder | Malwarebytes Anti-Malware geht erst nicht, findet dann Security.Hijack - Ist da noch mehr?Zitat:
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
29.07.2014, 20:37
| #15 |
| | Malwarebytes Anti-Malware geht erst nicht, findet dann Security.Hijack - Ist da noch mehr? Moin, Hab das nochmal gecheckt. Alle Nennungen von "Testdisk" im Eset-Log betreffen den Unterordner "Rettung", also die Daten aus der besagten Datenrettung. Meinst du, ich könnte/sollte ESET nochmal drüberlaufen lassen, nachdem ich die betroffenen Unterordner jetzt komplett gekillt habe? Mir scheint nämlich, dass das wie die anderen Nennungen nur einige in Backup-Zip-Files versteckte Malwares betraf, die dann mit Testdisk eben von der beschädigten externen HD "mitgerettet" wurden. Sollte sich was im Programmordner selbst verstecken, fliegt Testdisk definitiv raus. Und noch etwas ist mir nicht klar: Java 7 Update 65 ist laut Hersteller die aktuelle Version. Wie soll ich das dann patchen? |
|
| Themen zu Malwarebytes Anti-Malware geht erst nicht, findet dann Security.Hijack - Ist da noch mehr? |
| android/exploit.lotoor.at, security.hijack, win32/adware.speedingupmypc.c, win32/adware.speedingupmypc.d, win32/dealply.m, win32/dealply.r, win32/savesense.a, win32/speedchecker.a, win32/sprotector.e, win32/toolbar.babylon.i, win32/toolbar.conduit.b, win32/toolbar.searchsuite, win32/toolbar.searchsuite.l, win32/toolbar.widgi.b, win32/winloadsda.d, win64/sprotector.b |
Revo Uninstaller herunter.
dann auf 
und dann auf 
.
Linear-Darstellung
