Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Über Nacht: Kein ereignisprotokoll, keine Internetverbindung, PC sehr langsam nach Anmeldung (https://www.trojaner-board.de/157020-uber-nacht-kein-ereignisprotokoll-keine-internetverbindung-pc-sehr-langsam-anmeldung.html)

sauterch 29.07.2014 21:32
Über Nacht: Kein ereignisprotokoll, keine Internetverbindung, PC sehr langsam nach Anmeldung
 
Hallo zusammen,

ich versuche nun schon seit 3 Wochen meinen Rechner zu reparieren, leider zwecklos trotz Google und diversen Foren. Deshalb probiere ich nun mal selbst ein Thema zu eröffnen in der Hoffnung, dass ich mal einen Schritt vorwärts mache.
Zum Problem: Ich hatte versehentlich meinen Rechner über Nacht laufen lassen, da ich u.a. ein Backup meines Samsung Handys durchgeführt hatte. Am nächsten Morgen bemerkte ich beim Herunterfahren des Rechners, dass er extrem lange benötigt. Fahre ich den Rechner hoch läuft alles Problemlos bis nach der Anmeldung als Admin-Benutzer. Ab hier geht alles sehr langsam (Rechner braucht sehr lange bis der Startbildschirm bzw. Desktop erscheint). Des Weiteren habe ich keine Internetverbindung mehr.
Folgende Meldung poppt u.a. auf:
Es konnte keine Verbindung mit einem Windows-Dienst hergestellt (das ist die Überschrift)
Es konnte keine Verbindung mit dem Dienst "Benachrichtigungsdienst für Systemereignisse" hergestellt werden. Daher können sich Standardnutzer nicht am System anmelden. Wenn Sie Administrator sind, finden Sie weitere Details zu diesem Fehler im systemere
Sobald ich die Maus bewege verschwindet die Meldung.
Später habe ich noch herausgefunden, dass das Ereignisprotokoll nicht aktiviert ist. Auch durch vieles und langes googeln konnte ich das Ereignisprotokoll nicht aktivieren.
Im abgesicherten Modus läuft der Rechner aber auch hier keine Internetverbindung und kein Erreignisprotokoll

Ich habe sfc scans durchgeführt -> nichts gefunden
Anti-Malware scan -> hat ca. 10 Dateien gefunden die ich bereits gelöscht habe
G-Data start-scan -> nichts gefunden (mittlerweile habe ich GData deinstalliert da ich dachte das Programm blockiert irgendetwas
Trojan-Remover scan: hat einen Trojaner gefunden (bereits gelöscht)
HijackThis scan: LogFile liegt vor falls benötigt
Win7 Reparatur mit DVD durchgeführt -> fehlgeschlagen, ohne Internet Verbindung schwierig da nicht aktuelle Version
Reparaturversuch mit Win7 Möglichkeiten (F8) -> kein erfolg
Gmer.txt log file ist leer, deshalb nicht gepostet

Ich hoffe mir kann jemand weiterhelfen. Bin um jeden Rat dankbar.

defogger_disable.txt
Code:
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 21:19 on 29/07/2014 (sauterch)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
FRST.txt
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-07-2014
Ran by sauterch (administrator) on SAUTERCH-PC on 29-07-2014 20:33:17
Running from N:\
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Safe Mode (minimal)

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [111640 2009-09-30] ()
HKLM-x32\...\runonceex: [ContentMerger] => C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\ContentMerger10.exe [19952 2009-06-26] (Sonic Solutions)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\.DEFAULT\...\Run: [GarminExpressTrayApp] => D:\Garmin\Express Tray\ExpressTray.exe [122200 2014-06-09] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-2386147833-3081857437-1213626127-1000\...\Run: [ctfmon.exe] => C:\Windows\system32\ctfmon.exe [9728 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-2386147833-3081857437-1213626127-1000\...\Run: [AVMUSBFernanschluss] => "C:\Users\sauterch\AppData\Local\Apps\2.0\N7JC67JJ.28D\EXZ09BGP.07J\frit..tion_1acae14e4778b8d2_0002 (the data entry has 41 more characters).
HKU\S-1-5-21-2386147833-3081857437-1213626127-1000\...\Policies\Explorer: [NoRecentDocsHistory] 1
HKU\S-1-5-21-2386147833-3081857437-1213626127-1000\...\Policies\Explorer: [NoRecentDocsMenu] 1

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.my-online-search.com/?babsrc=HP_ofln&mntrId=D840ED1AFF0F1A72&cat=delta&dlb=0&affID=122471
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x618CF0B50BFACD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKCU - DefaultScope {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p24_serp_ie_de_display?ie=UTF8&tagbase=bds-p24&tag=bds-p24-serp-de-ie-21&tbrId=v1_abb-channel-24_4bd9705f7ce34286b66d3eda149032da_39_1007_20130820_DE_ie_ds_&query={searchTerms}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.my-online-search.com/?q={searchTerms}&babsrc=SP_ofln&mntrId=D840ED1AFF0F1A72&cat=delta&dlb=0&affID=122471
SearchScopes: HKCU - {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p24_serp_ie_de_display?ie=UTF8&tagbase=bds-p24&tag=bds-p24-serp-de-ie-21&tbrId=v1_abb-channel-24_4bd9705f7ce34286b66d3eda149032da_39_1007_20130820_DE_ie_ds_&query={searchTerms}
SearchScopes: HKCU - {C1712D6F-212C-4935-9DA4-A11FDD428DAB} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=827316&p={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\Java\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\Java\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} https://support.dell.com/systemprofiler/SysProExe.CAB
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 05 %ProgramFiles(x86)%\FRITZ!DSL\\sarah.dll File Not found ()
Winsock: Missing Catalog5-x64 entry, broken internet access. <===== ATTENTION.
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\sauterch\AppData\Roaming\Mozilla\Firefox\Profiles\yzhn2xac.default
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - D:\PDF_XChange Viewer\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - D:\PDF_XChange Viewer\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - D:\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - D:\PDF_XChange Viewer\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - D:\Picasa\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - D:\Java\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - D:\Java\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nullsoft.com/winampDetector;version=1 - D:\Winamp Detect\npwachk.dll (Nullsoft, Inc.)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - D:\PDF_XChange Viewer\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - D:\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - D:\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: PDF Architect 2 - C:\Program Files (x86)\PDF Architect 2\np-previewer.dll (pdfforge GmbH)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - D:\PDF_XChange Viewer\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF user.js: detected! => C:\Users\sauterch\AppData\Roaming\Mozilla\Firefox\Profiles\yzhn2xac.default\user.js
FF SearchPlugin: C:\Users\sauterch\AppData\Roaming\Mozilla\Firefox\Profiles\yzhn2xac.default\searchplugins\amazon.xml
FF Extension: ProxTube - Unblock YouTube - C:\Users\sauterch\AppData\Roaming\Mozilla\Firefox\Profiles\yzhn2xac.default\Extensions\ich@maltegoetz.de [2013-12-30]
FF Extension: Garmin Communicator - C:\Users\sauterch\AppData\Roaming\Mozilla\Firefox\Profiles\yzhn2xac.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2014-05-13]
FF Extension: Add-on Compatibility Reporter - C:\Users\sauterch\AppData\Roaming\Mozilla\Firefox\Profiles\yzhn2xac.default\Extensions\compatibility@addons.mozilla.org.xpi [2011-11-10]
FF Extension: Session Manager - C:\Users\sauterch\AppData\Roaming\Mozilla\Firefox\Profiles\yzhn2xac.default\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2013-08-22]
FF Extension: Adblock Plus - C:\Users\sauterch\AppData\Roaming\Mozilla\Firefox\Profiles\yzhn2xac.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-03-28]
FF Extension: Tab Mix Plus - C:\Users\sauterch\AppData\Roaming\Mozilla\Firefox\Profiles\yzhn2xac.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2011-05-11]
FF StartMenuInternet: FIREFOX.EXE - D:\Mozilla Firefox\firefox.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

ATTENTION: => Could not perform signature verification. Cryptographic Service is not running.

S2 AAV UpdateService; D:\Steuer-Spar-Erklaerung\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
S2 CLKMSVC10_C19A2874; D:\Cyberlink PowerDVD\PowerDVD9\NavFilter\kmsvc.exe [247768 2013-04-03] (CyberLink)
S2 Garmin Core Update Service; D:\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [435032 2014-06-09] (Garmin Ltd or its subsidiaries)
S2 IGDCTRL; C:\Program Files\FRITZ!DSL\IGDCTRL.EXE [88888 2009-07-28] (AVM Berlin)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-30] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-30] (NVIDIA Corporation)
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1716264 2014-04-30] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-04-30] (pdfforge GmbH)
S2 SkypeUpdate; D:\Skype\Updater\Updater.exe [172192 2013-10-23] (Skype Technologies)
S2 TuneUp.UtilitiesSvc; D:\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [2028864 2011-12-13] (TuneUp Software)
S2 SessionLauncher; C:\Users\sauterch\AppData\Local\Temp\DX9\SessionLauncher.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 avmaudio; C:\Windows\System32\DRIVERS\avmaudio.sys [116096 2011-01-08] (AVM Berlin)
S3 avmaura; C:\Windows\System32\DRIVERS\avmaura.sys [116480 2012-12-22] (AVM Berlin)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] ()
S3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [62368 2013-01-08] (G Data Software AG)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-30] (NVIDIA Corporation)
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S1 RxFilter; C:\Windows\SysWOW64\DRIVERS\RxFilter.sys [65520 2009-06-26] (Sonic Solutions)
S3 TuneUpUtilitiesDrv; D:\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [11856 2010-11-29] (TuneUp Software)
U5 UnlockerDriver5; D:\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-29 20:30 - 2014-07-29 20:30 - 00000000 _____ () C:\Users\sauterch\Desktop\Gmer.txt
2014-07-29 20:10 - 2014-07-29 20:33 - 00000000 ___DC () C:\FRST
2014-07-29 20:08 - 2014-07-29 20:08 - 00000000 _____ () C:\Users\sauterch\defogger_reenable
2014-07-29 18:13 - 2014-07-29 18:13 - 00009034 _____ () C:\Users\sauterch\Desktop\E597QJAQ.log
2014-07-29 07:12 - 2014-07-29 07:12 - 00074720 _____ () C:\Users\sauterch\AppData\Local\GDIPFONTCACHEV1.DAT
2014-07-29 07:12 - 2014-07-29 07:12 - 00000000 ____D () C:\Users\sauterch\AppData\Local\Deployment
2014-07-25 21:30 - 2014-07-25 21:31 - 00010029 _____ () C:\Users\sauterch\Desktop\hijackthis.log
2014-07-24 22:20 - 2009-06-10 23:00 - 00000824 _____ () C:\Windows\system32\Drivers\etc\hosts.trb
2014-07-22 20:08 - 2014-07-22 20:08 - 00000000 ___DC () C:\bootmedium
2014-07-22 19:58 - 2014-07-23 17:44 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-22 19:57 - 2014-07-22 19:57 - 00000622 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-22 19:57 - 2014-07-22 19:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-22 19:57 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-22 19:57 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-22 19:57 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-07-22 19:55 - 2014-07-22 19:55 - 00388608 _____ (Trend Micro Inc.) C:\Users\sauterch\Desktop\HiJackThis204.exe
2014-07-22 19:40 - 2014-07-22 19:57 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-22 19:40 - 2014-07-22 19:40 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-07-20 13:41 - 2014-03-04 13:32 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-07-20 13:39 - 2014-03-04 16:35 - 31474976 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-07-20 13:39 - 2014-03-04 16:35 - 25255256 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-07-20 13:39 - 2014-03-04 16:35 - 23716640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-07-20 13:39 - 2014-03-04 16:35 - 18302384 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-07-20 13:39 - 2014-03-04 16:35 - 17755424 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-07-20 13:39 - 2014-03-04 16:35 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-07-20 13:39 - 2014-03-04 16:35 - 15783992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-07-20 13:39 - 2014-03-04 16:35 - 14709720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-07-20 13:39 - 2014-03-04 16:35 - 12708128 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-07-20 13:39 - 2014-03-04 16:35 - 11636176 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-07-20 13:39 - 2014-03-04 16:35 - 11589272 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-07-20 13:39 - 2014-03-04 16:35 - 09728064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-07-20 13:39 - 2014-03-04 16:35 - 09690424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-07-20 13:39 - 2014-03-04 16:35 - 03143456 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-07-20 13:39 - 2014-03-04 16:35 - 03093280 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-07-20 13:39 - 2014-03-04 16:35 - 02958792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-07-20 13:39 - 2014-03-04 16:35 - 02783008 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-07-20 13:39 - 2014-03-04 16:35 - 02715264 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-07-20 13:39 - 2014-03-04 16:35 - 02411976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-07-20 13:39 - 2014-03-04 16:35 - 00947808 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-07-20 13:39 - 2014-03-04 16:35 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-07-20 13:39 - 2014-03-04 16:35 - 00877856 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-07-20 13:39 - 2014-03-04 16:35 - 00863064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-07-20 13:39 - 2014-03-04 16:35 - 00846168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-07-20 13:39 - 2014-03-04 16:35 - 00832936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-07-20 13:39 - 2014-03-04 16:35 - 00353504 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-07-20 13:39 - 2014-03-04 16:35 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-07-20 13:39 - 2014-03-04 16:35 - 00174296 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-07-20 11:40 - 2014-05-20 04:44 - 01889112 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433788.dll
2014-07-20 11:40 - 2014-05-20 04:44 - 01541576 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433788.dll
2014-07-20 01:30 - 2014-03-04 16:35 - 00062408 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-07-20 01:30 - 2014-03-04 16:35 - 00054216 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-07-20 01:29 - 2013-11-28 15:38 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-07-20 01:29 - 2013-11-28 15:38 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-07-19 22:00 - 2014-03-04 15:06 - 06714312 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-07-19 22:00 - 2014-03-04 15:06 - 03497816 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-07-19 22:00 - 2014-03-04 15:05 - 03649185 _____ () C:\Windows\system32\nvcoproc.bin
2014-07-19 22:00 - 2014-03-04 15:05 - 02558808 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-07-19 22:00 - 2014-03-04 15:05 - 00922968 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-07-19 22:00 - 2014-03-04 15:05 - 00386336 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-07-19 22:00 - 2014-03-04 15:05 - 00064968 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-07-19 21:01 - 2014-03-04 16:35 - 01885472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433523.dll
2014-07-19 21:01 - 2014-03-04 16:35 - 01516488 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433523.dll
2014-07-19 13:24 - 2009-08-15 11:44 - 00008494 _____ () C:\Users\sauterch\Desktop\[1].xml
2014-07-19 13:02 - 2014-07-19 13:02 - 00000000 ____D () C:\Windows\8A809006C25A4A3A9DAB94659BCDB107.TMP
2014-07-19 12:57 - 2014-07-19 12:57 - 00000000 ___DC () C:\NVIDIA
2014-07-19 12:57 - 2010-06-22 00:07 - 00255592 _____ (NVIDIA Corporation) C:\Windows\system32\nvcohda6.dll
2014-07-19 12:47 - 2010-08-06 11:27 - 00314984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvdecodemft.dll
2014-07-17 20:42 - 2014-07-17 20:42 - 00000000 ____D () C:\Users\sauterch\AppData\Roaming\Apple Computer
2014-07-15 19:15 - 2014-07-24 22:47 - 00022958 _____ () C:\Windows\PFRO.log
2014-07-13 15:48 - 2014-07-25 22:06 - 00029955 _____ () C:\Windows\diagwrn.xml
2014-07-13 15:48 - 2014-07-25 22:03 - 00001890 _____ () C:\Windows\diagerr.xml
2014-07-13 11:26 - 2014-07-13 11:26 - 00000553 _____ () C:\Users\sauterch\Desktop\Start Unlocker.lnk
2014-07-12 16:36 - 2014-07-12 16:36 - 00000000 ____D () C:\Users\sauterch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2014-07-12 16:36 - 2014-07-12 16:36 - 00000000 ____D () C:\Users\sauterch\AppData\Roaming\Babylon
2014-07-12 16:36 - 2014-07-12 16:36 - 00000000 ____D () C:\ProgramData\Babylon
2014-07-12 12:10 - 2014-07-25 17:44 - 00049635 _____ () C:\Windows\avmacc.log
2014-07-11 20:08 - 2014-07-11 20:08 - 00000200 _____ () C:\Windows\Tasks\TuneUpUtilities_Task_BkGndMaintenance2011.job
2014-07-11 20:06 - 2014-07-12 14:38 - 00002512 _____ () C:\Windows\LkmdfCoInst.log
2014-07-10 22:27 - 2014-07-10 22:27 - 00016648 ____C () C:\bootsqm.dat
2014-07-08 20:45 - 2014-07-25 22:20 - 00006620 _____ () C:\Users\sauterch\Desktop\Windows Compatibility Report.htm
2014-07-07 17:25 - 2014-07-29 07:12 - 00013370 _____ () C:\Windows\setupact.log
2014-07-03 22:12 - 2014-07-03 22:12 - 00000000 ____D () C:\Users\sauterch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Control Center
2014-07-03 20:15 - 2014-07-03 20:15 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_netaapl64_01009.Wdf
2014-07-03 20:12 - 2014-07-12 05:59 - 00000000 ____D () C:\Users\sauterch\Documents\Audible
2014-07-03 20:12 - 2014-07-03 20:45 - 00000000 ____D () C:\Program Files (x86)\Audible
2014-06-29 15:36 - 2014-06-29 15:36 - 00000000 ____D () C:\Users\sauterch\AppData\Roaming\pdfforge_GmbH
2014-06-29 15:36 - 2014-06-29 15:36 - 00000000 ____D () C:\Users\sauterch\AppData\Roaming\PDF Architect 2

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-29 20:33 - 2014-07-29 20:10 - 00000000 ___DC () C:\FRST
2014-07-29 20:30 - 2014-07-29 20:30 - 00000000 _____ () C:\Users\sauterch\Desktop\Gmer.txt
2014-07-29 20:08 - 2014-07-29 20:08 - 00000000 _____ () C:\Users\sauterch\defogger_reenable
2014-07-29 20:08 - 2010-12-30 22:36 - 00000000 ____D () C:\Users\sauterch
2014-07-29 18:13 - 2014-07-29 18:13 - 00009034 _____ () C:\Users\sauterch\Desktop\E597QJAQ.log
2014-07-29 18:11 - 2011-01-03 17:48 - 00000000 ____D () C:\Users\sauterch\AppData\Roaming\vlc
2014-07-29 08:19 - 2010-12-30 22:28 - 01067859 _____ () C:\Windows\WindowsUpdate.log
2014-07-29 08:04 - 2009-07-14 06:45 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-29 08:04 - 2009-07-14 06:45 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-29 07:12 - 2014-07-29 07:12 - 00074720 _____ () C:\Users\sauterch\AppData\Local\GDIPFONTCACHEV1.DAT
2014-07-29 07:12 - 2014-07-29 07:12 - 00000000 ____D () C:\Users\sauterch\AppData\Local\Deployment
2014-07-29 07:12 - 2014-07-07 17:25 - 00013370 _____ () C:\Windows\setupact.log
2014-07-29 07:12 - 2011-01-06 12:19 - 00000000 ____D () C:\Users\sauterch\AppData\Local\Apps\2.0
2014-07-29 07:09 - 2010-12-31 12:47 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-07-25 22:20 - 2014-07-08 20:45 - 00006620 _____ () C:\Users\sauterch\Desktop\Windows Compatibility Report.htm
2014-07-25 22:06 - 2014-07-13 15:48 - 00029955 _____ () C:\Windows\diagwrn.xml
2014-07-25 22:03 - 2014-07-13 15:48 - 00001890 _____ () C:\Windows\diagerr.xml
2014-07-25 22:03 - 2014-04-07 06:57 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-25 21:31 - 2014-07-25 21:30 - 00010029 _____ () C:\Users\sauterch\Desktop\hijackthis.log
2014-07-25 17:44 - 2014-07-12 12:10 - 00049635 _____ () C:\Windows\avmacc.log
2014-07-24 22:47 - 2014-07-15 19:15 - 00022958 _____ () C:\Windows\PFRO.log
2014-07-24 22:15 - 2011-01-06 13:02 - 00000000 ____D () C:\ProgramData\Temp
2014-07-23 17:44 - 2014-07-22 19:58 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-23 17:30 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat
2014-07-22 20:28 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Branding
2014-07-22 20:08 - 2014-07-22 20:08 - 00000000 ___DC () C:\bootmedium
2014-07-22 19:57 - 2014-07-22 19:57 - 00000622 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-22 19:57 - 2014-07-22 19:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-22 19:57 - 2014-07-22 19:40 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-22 19:55 - 2014-07-22 19:55 - 00388608 _____ (Trend Micro Inc.) C:\Users\sauterch\Desktop\HiJackThis204.exe
2014-07-22 19:40 - 2014-07-22 19:40 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-07-20 13:54 - 2013-09-09 22:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-07-20 13:41 - 2013-03-09 22:47 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-07-19 22:00 - 2010-12-31 12:45 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-07-19 22:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help
2014-07-19 21:59 - 2011-12-10 18:36 - 00000000 ____D () C:\Temp
2014-07-19 13:02 - 2014-07-19 13:02 - 00000000 ____D () C:\Windows\8A809006C25A4A3A9DAB94659BCDB107.TMP
2014-07-19 12:57 - 2014-07-19 12:57 - 00000000 ___DC () C:\NVIDIA
2014-07-19 11:56 - 2010-12-31 07:23 - 00699868 _____ () C:\Windows\system32\perfh007.dat
2014-07-19 11:56 - 2010-12-31 07:23 - 00149750 _____ () C:\Windows\system32\perfc007.dat
2014-07-19 11:56 - 2009-07-14 07:13 - 01622164 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-19 11:54 - 2011-01-06 13:57 - 00000000 ____D () C:\ProgramData\InstallShield
2014-07-19 11:54 - 2011-01-06 12:58 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-07-19 11:54 - 2010-12-31 12:38 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-07-17 20:42 - 2014-07-17 20:42 - 00000000 ____D () C:\Users\sauterch\AppData\Roaming\Apple Computer
2014-07-17 20:23 - 2010-12-31 19:38 - 00000000 ____D () C:\Windows\pss
2014-07-15 21:24 - 2013-10-20 18:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Screenomania
2014-07-15 21:24 - 2013-10-20 13:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2014-07-15 19:15 - 2010-12-31 12:24 - 00000000 ____D () C:\ProgramData\G DATA
2014-07-13 11:26 - 2014-07-13 11:26 - 00000553 _____ () C:\Users\sauterch\Desktop\Start Unlocker.lnk
2014-07-12 16:36 - 2014-07-12 16:36 - 00000000 ____D () C:\Users\sauterch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2014-07-12 16:36 - 2014-07-12 16:36 - 00000000 ____D () C:\Users\sauterch\AppData\Roaming\Babylon
2014-07-12 16:36 - 2014-07-12 16:36 - 00000000 ____D () C:\ProgramData\Babylon
2014-07-12 14:38 - 2014-07-11 20:06 - 00002512 _____ () C:\Windows\LkmdfCoInst.log
2014-07-12 14:36 - 2011-01-06 21:30 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2014-07-12 05:59 - 2014-07-03 20:12 - 00000000 ____D () C:\Users\sauterch\Documents\Audible
2014-07-12 05:59 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-07-12 05:59 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-07-11 20:08 - 2014-07-11 20:08 - 00000200 _____ () C:\Windows\Tasks\TuneUpUtilities_Task_BkGndMaintenance2011.job
2014-07-10 22:27 - 2014-07-10 22:27 - 00016648 ____C () C:\bootsqm.dat
2014-07-07 21:47 - 2014-05-19 22:35 - 00001114 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-07 21:25 - 2013-10-14 19:49 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-07 18:35 - 2014-05-19 22:35 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-07 17:31 - 2011-11-02 20:35 - 01366861 _____ () C:\Windows\SysWOW64\sig.bin
2014-07-07 17:31 - 2011-11-02 20:35 - 00064099 _____ () C:\Windows\SysWOW64\nmp.map
2014-07-07 17:28 - 2011-01-03 17:46 - 00003954 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{E65FAF42-D005-4209-8259-34AE0371B7A1}
2014-07-07 17:25 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-06 17:39 - 2013-08-11 19:39 - 00000000 ____D () C:\Windows\Minidump
2014-07-03 22:12 - 2014-07-03 22:12 - 00000000 ____D () C:\Users\sauterch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Control Center
2014-07-03 22:12 - 2014-02-14 12:02 - 00001343 _____ () C:\Users\sauterch\Desktop\CopyTrans Control Center.lnk
2014-07-03 20:45 - 2014-07-03 20:12 - 00000000 ____D () C:\Program Files (x86)\Audible
2014-07-03 20:15 - 2014-07-03 20:15 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_netaapl64_01009.Wdf
2014-06-29 15:36 - 2014-06-29 15:36 - 00000000 ____D () C:\Users\sauterch\AppData\Roaming\pdfforge_GmbH
2014-06-29 15:36 - 2014-06-29 15:36 - 00000000 ____D () C:\Users\sauterch\AppData\Roaming\PDF Architect 2
2014-06-29 12:42 - 2014-05-19 22:35 - 00004110 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-29 12:42 - 2014-05-19 22:35 - 00003858 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

Files to move or delete:
====================
C:\Users\Public\AlexaNSISPlugin.1072.dll


Some content of TEMP:
====================
C:\Users\sauterch\AppData\Local\Temp\AudibleDM_iTunesSetup(1).exe
C:\Users\sauterch\AppData\Local\Temp\AudibleDM_iTunesSetup.exe
C:\Users\sauterch\AppData\Local\Temp\nvStInst.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-06-29 16:49

==================== End Of Log ============================

sauterch 29.07.2014 21:39
anbei noch meine
Additions.txt als Anhang

cosinus 29.07.2014 21:46
Hallo und :hallo:

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!



Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307

sauterch 30.07.2014 11:09
Zitat:
Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => Trojaner-Board - Viren und Trojaner entfernen - kostenlos

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!
Wie gesagt, der Virenscanner hatte nichts gefunden.
Malwarebytes Logs finde ich nicht. Bei mir schaut das ein wenig anders aus als in dem Link. Es gibt nur Protokolldaten. Dort ist aber nichts zu finden.

cosinus 30.07.2014 11:29
Zitat:
Boot Mode: Safe Mode (minimal)
Warum abgesicherter Modus, geht der normale Modus nicht mehr?

sauterch 30.07.2014 14:36
Im normalen Modus hat sich der Rechner aufgehängt. Rechner läuft sehr träge bzw langsam.
Manche Programme lassen sich teilweise gar nicht öffnen

cosinus 30.07.2014 14:44
Ok, verstehe, poste aber bitte die Addition.txt NICHT als Anhang.

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307

sauterch 30.07.2014 16:49
Code:
Ok, verstehe, poste aber bitte die Addition.txt NICHT als Anhang.
Sorry, die Datei war zu groß zum einfügen. Deshalb als Anhang

cosinus 30.07.2014 17:45
Jau, und ich hab extra das dazu geschrieben:

Zitat:
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

sauterch 30.07.2014 18:47
verdammi, hab ich gelesen. Ich habe aber auch das gelesen
Code:
3. Informationen vorbereiten
Du solltest jetzt auf deinem Desktop haben: defogger_disable.txt, FRST.txt mit Additions.txt, Gmer.txt, Andere Logfiles (evtl. hast du bereits etwas ohne uns unternommen)

Persönliche Informationen:
Sollte in den Logfiles dein vollständiger Name oder deine Emailadresse vorkommen, dann hast du jetzt die Möglichkeit diese zu ändern. Beachte dazu bitte folgendes:
Wenn du etwas an den Logfiles änderst, erschwert dies deinem Helfer unter Umständen die Arbeit. Mache dies also nur, wenn es unbedingt sein muss. Taucht nur dein Vorname oder ein Fantasiename auf, ist dies unkritisch. Taucht dein richtige Name auf, dann benutze zum Ändern die "Suchen und Ersetzen"-Funktion eines Texteditors und ersetze deinen Namen in *****.
Denke bitte daran: trojaner-board.de wird deine Logfiles nicht im Nachhinein abändern!
Ausnahme: Logfile zu gross
Dies kann passieren und wird passieren. Dann und nur dann kannst du dein Logfile anhängen oder gezippt anhängen. Anleitung dazu weiter unten.
Aber bedenke bitte: Anhänge erschweren deinem Helfer die Arbeit!
okay wie auch immer. anbei die Addition.txt Logfiles aufgeteilt in mehrere Beiträge
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-07-2014
Ran by sauterch at 2014-07-29 20:34:27
Running from N:\
Boot Mode: Safe Mode (minimal)
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
AAVUpdateManager (HKLM-x32\...\{AFA42FE1-A5C3-485F-9180-BFCF5BF1F1C3}) (Version: 18.00.0000 - Wolters Kluwer Deutschland GmbH)
Acronis*True*Image*Home 2011 (HKLM-x32\...\{04A3A6B0-8E19-49BB-82FF-65C5A55F917D}) (Version: 14.0.6942 - Acronis)
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audiograbber 1.83 SE  (HKLM-x32\...\Audiograbber) (Version: 1.83 SE  - Audiograbber)
Biet-O-Matic v2.14.8 (HKLM-x32\...\Biet-O-Matic v2.14.8) (Version: Biet-O-Matic v2.14.8 - BOM Development Team)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom NetXtreme-I Netlink Driver and Management Installer (HKLM\...\{982E1601-0DFC-4FD3-A427-AC6570697858}) (Version: 12.55.01 - Broadcom Corporation)
Canon MP Navigator 3.0 (HKLM-x32\...\MP Navigator 3.0) (Version:  - )
Canon MP510 (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP510) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 4.12 - Piriform)
Cities of Earth 3D Screensaver v. 2.1 (HKLM-x32\...\Cities of Earth 3D Screensaver_is1) (Version:  - Screenomania.com)
Clock Screen Saver (HKLM-x32\...\{C7A8AA10-B632-42F8-9F57-A16FDCE0601E}) (Version: 1.6 - ABF software)
CyberLink PowerDVD 9.5 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.5.1.6523 - CyberLink Corp.)
CyberLink PowerDVD 9.5 (x32 Version: 9.5.1.6523 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Driver Download Manager (HKCU\...\f031ef6ac137efc5) (Version: 2.1.0.0 - Dell Inc.)
Dell System Detect (HKCU\...\9204f5692a8faf3b) (Version: 5.1.0.41 - Dell)
Dell System Detect Bootstrapper (HKCU\...\8e3135b376bd523e) (Version: 5.1.0.41 - Dell)
DirectXInstallService (x32 Version: 9.0.2 - Roxio) Hidden
Dream Aquarium (HKLM-x32\...\DreamAqua) (Version:  - )
Easy Phone Sync (HKLM-x32\...\{6FD92A84-E917-4974-8977-F04F910ABC25}) (Version: 63 - Media Mushroom Limited)
Elevated Installer (x32 Version: 3.2.7.0 - Garmin Ltd or its subsidiaries) Hidden
ElsterFormular für Privatanwender (HKLM-x32\...\ElsterFormular für Privatanwender 12.1.0.6164p) (Version: 12.1.0.6164p - Landesfinanzdirektion Thüringen)
EMC 10 Content (x32 Version: 1.0.035 - Ihr Firmenname) Hidden
EMCGadgets64 (Version: 1.0.302 - Ihr Firmenname) Hidden
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Fotogalerie (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Free Fire Screensaver (HKLM-x32\...\Free Fire Screensaver) (Version:  - Laconic Software)
Free M4a to MP3 Converter 7.1 (HKLM-x32\...\Free M4a to MP3 Converter_is1) (Version:  - ManiacTools.com)
Free Mp3 Wma Converter V 2.2 (HKLM-x32\...\Free Mp3 Wma Converter_is1) (Version: 2.2.0.0 - Koyote Soft)
FRITZ!Box USB-Fernanschluss (HKCU\...\2db37667170956ee) (Version: 2.3.2.0 - AVM Berlin)
FRITZ!DSL64 (HKLM\...\{2D5D9603-22CF-4B99-83F6-0CD20330F62E}) (Version: 2.04.03 - AVM Berlin)
Garmin BaseCamp (HKLM-x32\...\{EBAC8FD4-28EC-46F7-BF9E-89D6E6673001}) (Version: 4.2.5 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin x64 (HKLM\...\{550331CC-C34B-494F-BCDA-37CE4EF6E924}) (Version: 4.0.3 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{55ae01f2-f0a8-4342-a9cc-a0327cdaa811}) (Version: 3.2.7.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 3.2.7.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 3.2.7.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin MapSource (HKLM-x32\...\{AFBAB9A0-DDE8-49AE-8C17-A01B61BEE64B}) (Version: 6.16.3 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM-x32\...\{510D2239-6C2E-457B-9590-485EC552D94D}) (Version: 2.3.0.0 - Garmin Ltd or its subsidiaries)
GIMP 2.8.4 (HKLM\...\GIMP-2_is1) (Version: 2.8.4 - The GIMP Team)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
iPhone Backup Extractor (HKCU\...\iPhone Backup Extractor) (Version: 4.8.3.0 - Reincubate Ltd)
iTunes (HKLM\...\{9D20916D-C1E9-4E39-9723-13D200D87C40}) (Version: 11.2.0.114 - Apple Inc.)
Java 7 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417045FF}) (Version: 7.0.450 - Oracle)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java SE Development Kit 7 Update 17 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170170}) (Version: 1.7.0.170 - Oracle)
Kaminfeuer Comprehensive Edition Free (HKLM-x32\...\ST5UNST #1) (Version:  - )
Logitech SetPoint 6.32 (HKLM\...\sp6) (Version: 6.32.20 - Logitech)
weiter geht's mit Addition.txt Logfiles
Code:
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Map Maker Sun Clock 7  (HKLM-x32\...\Map Maker Sun Clock 7) (Version:  - Map Maker Ltd)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2010 - Deutsch (HKLM-x32\...\{90140011-0061-0407-0000-0000000FF1CE}) (Version: 14.0.5130.5001 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Mozilla Firefox 23.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 23.0.1 (x86 de)) (Version: 23.0.1 - Mozilla)
Mozilla Firefox 30.0 (x86 de) (HKCU\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 23.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1108.0727 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MultiScreen (HKLM-x32\...\{E36E864B-BFB6-440A-9A23-2B0BEDE59A92}) (Version: 1.00.0000 - Samsung Electronics Ltd.)
MyFreeCodec (HKCU\...\MyFreeCodec) (Version:  - )
Nur Entfernen der CopyTrans Suite möglich (HKCU\...\CopyTrans Suite) (Version: 2.37 - WindSolutions)
NVIDIA 3D Vision Controller-Treiber 335.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 335.21 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3523 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden
NVIDIA Update 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
PDF Architect 2 (HKLM-x32\...\PDF Architect 2) (Version: 2.0.24.16092 - pdfforge GmbH)
PDF Architect 2 View Module (HKLM-x32\...\{46889070-D447-4936-A5D3-246DB972FA2E}) (Version: 2.0.6.16537 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.199.0 - Tracker Software Products Ltd)
Photo Gallery (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
PHOTOfunSTUDIO 6.5 BD Edition (HKLM-x32\...\{AD5B7E20-00E1-4B7B-84DC-53F5CEFFA367}) (Version: 6.05.818 - Panasonic Corporation)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5953 - Realtek Semiconductor Corp.)
Roxio Activation Module (x32 Version: 1.0 - Roxio) Hidden
Roxio BackOnTrack (x32 Version: 1.3.0 - Roxio) Hidden
Roxio Central Audio (x32 Version: 3.8.0 - Roxio) Hidden
Roxio Central Copy (x32 Version: 3.8.0 - Roxio) Hidden
Roxio Central Core (x32 Version: 3.8.0 - Roxio) Hidden
Roxio Central Data (x32 Version: 3.8.0 - Roxio) Hidden
Roxio Central Tools (x32 Version: 3.8.0 - Roxio) Hidden
Roxio Easy CD and DVD Burning (HKLM-x32\...\{537BF16E-7412-448C-95D8-846E85A1D817}) (Version: 10.3 - Roxio)
Roxio Easy CD and DVD Burning (x32 Version: 10.3.106 - Roxio) Hidden
Roxio Express Labeler 3 (x32 Version: 3.2.1 - Roxio) Hidden
Roxio File Backup (Version: 1.3.0 - Roxio) Hidden
Roxio Update Manager (x32 Version: 6.0.0 - Roxio) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.1.0.11112_41 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.1.0.11112_41 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14034.17 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.14034.17 - Samsung Electronics Co., Ltd.) Hidden
Samsung Story Album Viewer (HKLM-x32\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.40.0 - SAMSUNG Electronics Co., Ltd.)
SHIELD Streaming (Version: 2.1.214 - NVIDIA Corporation) Hidden
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden
Steuer-Spar-Erklärung 2012 (HKLM-x32\...\{CCD2BAD2-0919-40CB-80CC-E9538B0E4C2E}) (Version: 17.11 - Wolters Kluwer Deutschland GmbH)
Trojan Remover 6.9.1.2931 (HKLM-x32\...\Trojan Remover_is1) (Version: 6.9.1.2931 - Simply Super Software)
TuneUp Utilities 2011 (HKLM-x32\...\TuneUp Utilities 2011) (Version: 10.0.4600.4 - TuneUp Software)
TuneUp Utilities 2011 (x32 Version: 10.0.4600.4 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 10.0.4600.4 - TuneUp Software) Hidden
Uniblue DriverScanner (HKLM-x32\...\{C2F8CA82-2BD9-4513-B2D1-08A47914C1DA}_is1) (Version: 4.0.2.3 - Uniblue Systems Ltd)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VD64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (06/03/2009 2.3.0.0) (HKLM\...\49CF605F02C7954F4E139D18828DE298CD59217C) (Version: 06/03/2009 2.3.0.0 - Garmin)
Windows Live Communications Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Wondershare MobileTrans ( Version 5.0.0 ) (HKLM-x32\...\{18CDCEAA-A9E4-4A4C-AC0E-C15E87C30EA5}_is1) (Version: 5.0.0 - Wondershare)
xp-AntiSpy 3.98-2 (HKLM-x32\...\xp-AntiSpy) (Version:  - Christian Taubenheim)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{0C3BA0B1-BC14-4B55-98DC-F1E913C1DA10}\InprocServer32 -> C:\Program Files (x86)\Common Files\Roxio Shared\10.0\DLLShared\ActiveX64.ocx (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{6FFA7438-3E00-4176-9717-B3BBE2E704AB}\InprocServer32 -> C:\Program Files (x86)\Common Files\Roxio Shared\10.0\DLLShared\ActiveX64.ocx (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll (

sauterch 30.07.2014 18:48
weiter geht's mit Addition.txt Logfiles
Code:
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0032-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0032-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0033-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0033-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0035-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0035-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0036-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0036-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0037-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0037-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0038-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0038-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0039-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0039-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0040-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0040-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0041-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0041-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0042-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0042-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0043-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0043-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-FFFF-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0042-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0042-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0042-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0043-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0043-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0043-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0044-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0044-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0044-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0045-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0045-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0045-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0046-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0046-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0046-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0047-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0047-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0047-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0048-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0048-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0048-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0049-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0049-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0049-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0050-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0050-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0050-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0051-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0051-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0051-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0052-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0052-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0052-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0053-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0053-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0053-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0054-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0054-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0054-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0055-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0055-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0055-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-FFFF-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0044-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0044-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0044-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0046-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0046-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0046-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0047-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0047-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0047-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0048-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0048-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0048-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0049-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0049-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0049-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0050-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0050-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0050-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0051-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0051-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0051-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0052-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0052-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0052-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0053-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0053-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0053-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0054-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0054-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0054-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0055-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0055-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0055-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0056-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0056-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0056-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0057-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0057-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0057-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0058-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0058-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0058-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0059-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0059-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0059-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0060-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0060-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0060-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0061-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0061-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0061-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0062-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0062-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0062-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0063-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0063-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0063-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0064-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0064-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0064-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0065-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0065-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0065-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-FFFF-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0018-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0018-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0018-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0019-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0019-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0019-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0020-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0020-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0020-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0022-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0022-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0022-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0023-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0023-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0023-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0024-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0024-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0024-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0026-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0026-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0026-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0027-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0027-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0027-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0028-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0028-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0028-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0029-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0029-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0029-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0030-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0030-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0030-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0031-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0031-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0031-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0032-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0032-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0032-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0033-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0033-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0033-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0034-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0034-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0034-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0035-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0035-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0035-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0036-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0036-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0036-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0037-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0037-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0037-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0038-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0038-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0038-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0039-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0039-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0039-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0040-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0040-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0040-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0041-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0041-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0041-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0042-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0042-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0042-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0043-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0043-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0043-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0044-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0044-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0044-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0045-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0045-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0045-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-FFFF-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{E19F9331-3110-11D4-991C-005004D3B3DB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()

==================== Restore Points  =========================


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2014-07-24 22:20 - 00000975 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1      localhost
::1            localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1C61BB6B-92C0-44CF-85EA-48BDA628EB00} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-14] (Adobe Systems Incorporated)
Task: {22AA7090-E9DC-4978-9054-6069926D2995} - System32\Tasks\Trojan Remover Scheduled Updates => D:\Trojan Remover\trupd.exe [2013-12-30] (Simply Super Software)
Task: {274141D1-6278-4201-9392-C1163A7827E8} - System32\Tasks\Divx-Online-Aktualisierungsprogramm => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
Task: {2EA9717E-2D13-4F89-9EA6-B2260005C33B} - System32\Tasks\{5DB2831F-AD6A-4A83-9274-E33CF6B93952} => Firefox.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?source=lightinstaller&amp;LastError=1603
Task: {36FA38D2-9A00-44D6-8193-10176C4A40E5} - System32\Tasks\{DD5500C3-E770-42ED-99DC-084BABEC91FA} => Firefox.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {3A299FC7-22C8-4C0D-80B9-6C442F03E9B1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-19] (Google Inc.)
Task: {4092A349-91F6-4A8C-A590-24567DD2EF7C} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {4A01E1A4-9DA9-467D-B0D1-C02FD7AE8535} - System32\Tasks\GarminUpdaterTask => D:\Garmin\Express Self Updater\ExpressSelfUpdater.exe [2014-06-09] ()
Task: {4C0F1B36-F4DA-4A13-9762-02BF6397A0D2} - System32\Tasks\{055FCA50-8DE4-4486-B42F-147BF36C5FC7} => Firefox.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {55D88689-CB96-4611-BB0B-F7B792183A42} - System32\Tasks\CCleanerSkipUAC => D:\CCleaner\CCleaner.exe [2014-03-18] (Piriform Ltd)
Task: {7843E8F9-A20C-41FF-99E1-CF0C4AFDD858} - System32\Tasks\{8356B895-1E2D-4985-90C0-600205F330C9} => C:\Program Files (x86)\Common Files\Roxio Shared\10.0\Roxio Central36\Main\Roxio_Central36.exe [2009-06-22] ()
Task: {8179FA94-7FC1-4754-90CA-B7AB5B60023E} - System32\Tasks\{400197BC-65DC-41D5-945A-2EF9298838F1} => Firefox.exe hxxp://ui.skype.com/ui/0/5.10.0.115/de/go/help.faq.installer?LastError=1603
Task: {8572F139-ED56-4DD0-8CE8-421F71ABE034} - System32\Tasks\{E41299EE-6113-4D8D-BDEC-716F782CDE0E} => Firefox.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {A4359E6E-F28D-44FF-8741-C2BCE62FD56B} - System32\Tasks\DriverScanner => D:\DriverScanner\DriverScanner\dsmonitor.exe [2011-09-05] (Uniblue Systems Limited)
Task: {BB329B44-1428-45A4-9FB0-640A9C25661E} - System32\Tasks\{00713CB9-7ED8-4245-BF9E-CC03CC38DF87} => Firefox.exe hxxp://ui.skype.com/ui/0/5.1.0.112/en/abandoninstall?page=tsMain&amp;installinfo=google-toolbar:notoffered;ienotdefaultbrowser2,google-chrome:notoffered;alreadyoffered
Task: {D3C7B6B3-BDF7-421F-8A3E-603709349E2C} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2011 => D:\TuneUp Utilities 2011\OneClick.exe [2011-12-13] (TuneUp Software)
Task: {EED2F478-F08C-4659-B1BC-7982A44E12D9} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)
Task: {EF02DB09-77A0-45B8-9BB2-7B53A2D9EA87} - System32\Tasks\{5C00BB8D-3F7F-4CA2-8BC1-AD073F5AD5FD} => C:\Program Files (x86)\Skype\\Phone\Skype.exe
Task: {FE8FAFA4-46CB-4C34-BF5A-CA4816A7A29B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-19] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DriverScanner.job => D:\DriverScanner\DriverScanner\dsmonitor.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\TuneUpUtilities_Task_BkGndMaintenance2011.job => D:\TuneUp Utilities 2011\OneClick.exe

==================== Loaded Modules (whitelisted) =============


==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:CB0AACC9

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="1"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Audible Download Manager.lnk => C:\Windows\pss\Audible Download Manager.lnk.CommonStartup
MSCONFIG\startupreg: Acronis Scheduler2 Service => "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
MSCONFIG\startupreg: EvtMgr6 => D:\Logitech\SetPointP\SetPoint.exe /launchGaming
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: TrojanScanner => D:\Trojan Remover\Trjscan.exe /boot

==================== Faulty Device Manager Devices =============

Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Could not start eventlog service, could not read events.

Windows-Ereignisprotokoll wird gestartet.
Windows-Ereignisprotokoll konnte nicht gestartet werden.

Ein Systemfehler ist aufgetreten.

Systemfehler 1747 aufgetreten.

Der Authentifizierungsdienst ist unbekannt.


==================== Memory info ===========================

Percentage of memory in use: 10%
Total physical RAM: 8151.12 MB
Available physical RAM: 7304.93 MB
Total Pagefile: 16300.41 MB
Available Pagefile: 15491.34 MB
Total Virtual: 8192 MB
Available Virtual: 8191.87 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:58.59 GB) (Free:15.08 GB) NTFS
Drive d: (Programme) (Fixed) (Total:415.04 GB) (Free:411.25 GB) NTFS
Drive e: (Daten) (Fixed) (Total:457.78 GB) (Free:223.34 GB) NTFS
Drive f: (Daten) (Fixed) (Total:439.45 GB) (Free:252.35 GB) NTFS
Drive g: (Backups) (Fixed) (Total:476.43 GB) (Free:49.44 GB) NTFS
Drive h: (Boot-CD) (CDROM) (Total:0.21 GB) (Free:0 GB) CDFS
Drive i: (Windows Auslagerungsdatei) (Fixed) (Total:15.62 GB) (Free:7.2 GB) NTFS
Drive n: (CHRIS) (Removable) (Total:3.72 GB) (Free:0.97 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 58986874)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=59 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=415 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=458 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 932 GB) (Disk ID: 0003A07E)
Partition 1: (Not Active) - (Size=16 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=439 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=476 GB) - (Type=07 NTFS)

========================================================
Disk: 6 (Size: 4 GB) (Disk ID: 6F20736B)
No partition Table on disk 6.
Disk 6 is a removable device.

==================== End Of Log ============================

cosinus 30.07.2014 19:01
Schädlinge seh ich da so nicht, deswegen vermute ich ein zerschossenes Windows. Gut möglich, dass eine deiner vorherigen Reinigungsaktionen irgendwas löschte, was besser draufgeblieben wäre. Kommst du an alle Logs mit Funden noch ran? Malwarebytes, TrojanRemover etc.pp.?

sauterch 30.07.2014 19:13
Aha, interessant.
Wo finde ich den die ganzen logfiles?
Auch eine systemwiederherstellung funkt nicht, da keine vorhanden, komischerweise.
Wie kann ich den logfiles von windows erstellen, um zu sehen was zerschossen ist?

cosinus 30.07.2014 19:16
Die Logs findest du im jeweiligen Programm. Bei MBAM unter Verlauf.

sauterch 30.07.2014 20:09
MBAM log files

Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 22.07.2014
Suchlauf-Zeit: 20:07:46
Logdatei: mbam_01.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.03.04.09
Rootkit Datenbank: v2014.02.20.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: sauterch

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 249387
Verstrichene Zeit: 17 Min, 30 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 2
PUP.Optional.PCSpeedUp.A, HKLM\SOFTWARE\SPEEDCHECKER LIMITED\PC Speed Up, In Quarantäne, [b8c58e501b5f7cba1b21624ea063748c],
PUP.Optional.AlexaTB.A, HKU\S-1-5-21-2386147833-3081857437-1213626127-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DISTROMATIC\Toolbars, In Quarantäne, [ceaf30aed8a2db5bd19b6a47b251e020],

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 3
PUP.Optional.HelperBar.A, HKU\S-1-5-21-2386147833-3081857437-1213626127-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Bar, hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=DE&userid=8ff9e2c0-c955-4d2e-a461-0606362ab29b&affid=113129&searchtype=ds&babsrc=lnkry&q={searchTerms}, Gut: (hxxp://www.google.com), Schlecht: (hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=DE&userid=8ff9e2c0-c955-4d2e-a461-0606362ab29b&affid=113129&searchtype=ds&babsrc=lnkry&q={searchTerms}),Ersetzt,[1a630fcfdb9fc076400bd05f1fe50bf5]
PUP.Optional.HelperBar.A, HKU\S-1-5-21-2386147833-3081857437-1213626127-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Default_Search_URL, hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=DE&userid=8ff9e2c0-c955-4d2e-a461-0606362ab29b&affid=113129&searchtype=ds&babsrc=lnkry&q={searchTerms}, Gut: (hxxp://www.google.com), Schlecht: (hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=DE&userid=8ff9e2c0-c955-4d2e-a461-0606362ab29b&affid=113129&searchtype=ds&babsrc=lnkry&q={searchTerms}),Ersetzt,[7b02ac3283f7aa8ce9658fa073919769]
PUP.Optional.HelperBar.A, HKU\S-1-5-21-2386147833-3081857437-1213626127-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|SearchAssistant, hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=DE&userid=8ff9e2c0-c955-4d2e-a461-0606362ab29b&affid=113129&searchtype=ds&babsrc=lnkry&q={searchTerms}, Gut: (hxxp://www.google.com), Schlecht: (hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=DE&userid=8ff9e2c0-c955-4d2e-a461-0606362ab29b&affid=113129&searchtype=ds&babsrc=lnkry&q={searchTerms}),Ersetzt,[c8b523bb730747ef6fe083ac17ed1de3]

Ordner: 6
PUP.Optional.OpenCandy, C:\Users\sauterch\AppData\Roaming\OpenCandy, In Quarantäne, [d5a8667880fa3ff7830842446999d52b],
PUP.Optional.OpenCandy, C:\Users\sauterch\AppData\Roaming\OpenCandy\19537D25791648149EC6DB3239AF51EC, In Quarantäne, [d5a8667880fa3ff7830842446999d52b],
PUP.Optional.OpenCandy, C:\Users\sauterch\AppData\Roaming\OpenCandy\30527CCDA89445A0A77DCA1EB2364171, In Quarantäne, [d5a8667880fa3ff7830842446999d52b],
PUP.Optional.OpenCandy, C:\Users\sauterch\AppData\Roaming\OpenCandy\94ACABA8A7174B448C4091FB3D4D4D2C, In Quarantäne, [d5a8667880fa3ff7830842446999d52b],
PUP.Optional.OpenCandy, C:\Users\sauterch\AppData\Roaming\OpenCandy\F8DDD3DF2ABB4947952ECDE9255DE320, In Quarantäne, [d5a8667880fa3ff7830842446999d52b],
PUP.Optional.OpenCandy, C:\Users\sauterch\AppData\Roaming\OpenCandy\OpenCandy_94ACABA8A7174B448C4091FB3D4D4D2C, In Quarantäne, [d5a8667880fa3ff7830842446999d52b],

Dateien: 12
PUP.Optional.Babylon.A, C:\Users\sauterch\AppData\Local\Temp\DeltaTB.exe, In Quarantäne, [700d96487901ae88e7f680c7cc35cd33],
PUP.Optional.Babylon.A, C:\Users\sauterch\AppData\Local\Temp\038213AA-BAB0-7891-815D-5AC9261B177F\BExternal.dll, In Quarantäne, [7508a9352a50c472e0e7d59bbb454cb4],
PUP.Optional.Babylon.A, C:\Users\sauterch\AppData\Local\Temp\038213AA-BAB0-7891-815D-5AC9261B177F\Setup.exe, In Quarantäne, [abd27668b8c2e55143f8571514ec758b],
PUP.Optional.OpenCandy, C:\Users\sauterch\AppData\Roaming\OpenCandy\19537D25791648149EC6DB3239AF51EC\5260.ico, In Quarantäne, [d5a8667880fa3ff7830842446999d52b],
PUP.Optional.OpenCandy, C:\Users\sauterch\AppData\Roaming\OpenCandy\19537D25791648149EC6DB3239AF51EC\conduitinstaller.exe, In Quarantäne, [d5a8667880fa3ff7830842446999d52b],
PUP.Optional.OpenCandy, C:\Users\sauterch\AppData\Roaming\OpenCandy\19537D25791648149EC6DB3239AF51EC\EBB77268-338F-4C6A-8590-AD88FED26F4A, In Quarantäne, [d5a8667880fa3ff7830842446999d52b],
PUP.Optional.OpenCandy, C:\Users\sauterch\AppData\Roaming\OpenCandy\19537D25791648149EC6DB3239AF51EC\OCBrowserHelper_1.0.5.112.dll, In Quarantäne, [d5a8667880fa3ff7830842446999d52b],
PUP.Optional.OpenCandy, C:\Users\sauterch\AppData\Roaming\OpenCandy\30527CCDA89445A0A77DCA1EB2364171\2534.ico, In Quarantäne, [d5a8667880fa3ff7830842446999d52b],
PUP.Optional.OpenCandy, C:\Users\sauterch\AppData\Roaming\OpenCandy\30527CCDA89445A0A77DCA1EB2364171\EBB77268-338F-4C6A-8590-AD88FED26F4A, In Quarantäne, [d5a8667880fa3ff7830842446999d52b],
PUP.Optional.OpenCandy, C:\Users\sauterch\AppData\Roaming\OpenCandy\30527CCDA89445A0A77DCA1EB2364171\OCBrowserHelper_1.0.4.106.dll, In Quarantäne, [d5a8667880fa3ff7830842446999d52b],
PUP.Optional.OpenCandy, C:\Users\sauterch\AppData\Roaming\OpenCandy\94ACABA8A7174B448C4091FB3D4D4D2C\ds_DeDnCD_driverscanner.exe, In Quarantäne, [d5a8667880fa3ff7830842446999d52b],
PUP.Optional.OpenCandy, C:\Users\sauterch\AppData\Roaming\OpenCandy\F8DDD3DF2ABB4947952ECDE9255DE320\PCSU_SL_3.1.2.exe, In Quarantäne, [d5a8667880fa3ff7830842446999d52b],

Physische Sektoren: 0
(No malicious items detected)


(end)
weiterer scan mit MBAM

Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 22.07.2014
Suchlauf-Zeit: 22:29:11
Logdatei: mbam_02.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.03.04.09
Rootkit Datenbank: v2014.02.20.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: sauterch

Suchlauf-Art: Benutzerdefinierter Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 529423
Verstrichene Zeit: 1 Std, 43 Min, 31 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 1
PUP.Optional.Conduit, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1}, In Quarantäne, [d1ac20be24560531293e99e4af517987],

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 1
PUP.Optional.Conduit, C:\Program Files (x86)\Conduit\Community Alerts\Alert.dll, In Quarantäne, [d1ac20be24560531293e99e4af517987],

Physische Sektoren: 0
(No malicious items detected)


(end)
Trojan Remover Logfiles

Code:
***** NORMAL SCAN FOR ACTIVE MALWARE *****
Trojan Remover Ver 6.9.1.2931. For information, email support@simplysup.com
[Registered to: sauterch@yahoo.de]
Scan started at: 22:09:23 29 Jul 2014
Using Database v8420
Operating System:  Windows 7 x64 Home Premium (SP1) [Build: 6.1.7601]
File System:      NTFS
User Account Control is Enabled
[Secure Desktop Prompt is DISABLED]
UserData directory: C:\Users\sauterch\AppData\Roaming\Simply Super Software\Trojan Remover\
Database directory: C:\ProgramData\Simply Super Software\Trojan Remover\Data\
Logfile directory:  C:\Users\sauterch\Documents\Simply Super Software\Trojan Remover Logfiles\
Program directory:  D:\Trojan Remover\
Running with Administrator privileges

************************************************************
PC appears to be in SAFE MODE.

************************************************************

22:09:24: ----- Checking Default File Associations -----
No modified default file associations detected

************************************************************
22:09:24: ----- SCANNING FOR ROOTKIT SERVICES -----
No hidden Services were detected.

************************************************************
22:09:25: Scanning ----- Windows Registry -----
--------------------
Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
This key's "Shell" value calls the following program(s):
Key value: [explorer.exe]
File: C:\Windows\Explorer.exe
C:\Windows\Explorer.exe
2871808 bytes
Created:  27.04.2011 18:56
Modified: 25.02.2011 08:19
Company:  Microsoft Corporation
----------
This key's "Userinit" value calls the following program(s):
Key value: [C:\Windows\system32\userinit.exe,]
File: C:\Windows\system32\userinit.exe
C:\Windows\System32\userinit.exe
30720 bytes
Created:  27.04.2011 22:51
Modified: 20.11.2010 15:25
Company:  Microsoft Corporation
----------
--------------------
Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value Name: [TrojanScanner]
Value Data: [D:\Trojan Remover\Trjscan.exe /boot]
D:\Trojan Remover\Trjscan.exe
1666432 bytes
Created:  25.08.2013 20:52
Modified: 05.06.2014 21:46
Company:  Simply Super Software
--------------------
Value Name: [IMSS]
Value Data: ["C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"]
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
111640 bytes
Created:  31.12.2010 12:38
Modified: 30.09.2009 20:02
Company: 
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
This Registry key appears to be empty
--------------------
Checking HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Value Name: [Sidebar]
Value Data: [C:\Program Files\Windows Sidebar\sidebar.exe /autoRun]
C:\Program Files\Windows Sidebar\sidebar.exe
1475584 bytes
Created:  27.04.2011 22:52
Modified: 20.11.2010 15:25
Company:  Microsoft Corporation
--------------------
Value Name: [ctfmon.exe]
Value Data: ["C:\Windows\system32\ctfmon.exe"]
C:\Windows\SysWoW64\ctfmon.exe
8704 bytes
Created:  14.07.2009 01:26
Modified: 14.07.2009 03:14
Company:  Microsoft Corporation
--------------------
Value Name: [AVMUSBFernanschluss]
Value Data: ["C:\Users\sauterch\AppData\Local\Apps\2.0\N7JC67JJ.28D\EXZ09BGP.07J\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\AVMAutoStart.exe"]
C:\Users\sauterch\AppData\Local\Apps\2.0\N7JC67JJ.28D\EXZ09BGP.07J\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\AVMAutoStart.exe
139264 bytes
Created:  30.12.2013 20:34
Modified: 30.12.2013 20:34
Company:  AVM Berlin
--------------------
Checking HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
This Registry key appears to be empty

************************************************************
22:09:27: Scanning ----- Windows 64-Bit Registry -----
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value Name: [ShadowPlay]
Value Data: [C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart]
C:\Windows\System32\nvspcap64.dll
1279480 bytes
Created:  05.06.2014 10:21
Modified: 30.05.2014 01:07
Company:  NVIDIA Corporation
--------------------
Value Name: [NvBackend]
Value Data: ["C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"]
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
2352072 bytes
Created:  05.06.2014 10:21
Modified: 30.05.2014 01:35
Company:  NVIDIA Corporation
--------------------
Value Name: [EvtMgr6]
Value Data: [D:\Logitech\SetPointP\SetPoint.exe /launchGaming]
D:\Logitech\SetPointP\SetPoint.exe
1744152 bytes
Created:  07.10.2011 11:38
Modified: 07.10.2011 11:38
Company:  Logitech, Inc.
--------------------
Value Name: [Acronis Scheduler2 Service]
Value Data: ["C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"]
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
391240 bytes
Created:  06.12.2010 07:55
Modified: 06.12.2010 07:55
Company:  Acronis
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
This Registry key appears to be empty

************************************************************
22:09:28: Scanning -----SHELLEXECUTEHOOKS-----
ShellExecuteHooks key is empty

************************************************************
22:09:28: Scanning -----HIDDEN REGISTRY ENTRIES-----
Taskdir check completed
----------
No Hidden File-loading Registry Entries found
----------

************************************************************
22:09:28: Scanning -----ACTIVE SCREENSAVER-----
ScreenSaver: C:\Windows\CSS.scr
C:\Windows\CSS.scr
371712 bytes
Created:  08.01.2008 13:37
Modified: 08.01.2008 13:37
Company:  ABF software, Inc.
--------------------

************************************************************
22:09:28: Scanning ----- REGISTRY ACTIVE SETUP KEYS -----
Key:  {2D46B6DC-2207-486B-B523-A557E6D54B47}
Path: C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
C:\Windows\SysWoW64\ie4uinit.exe - [file not found to scan]
----------

************************************************************
22:09:29: Scanning ----- SERVICEDLL REGISTRY KEYS -----

************************************************************
22:09:41: Scanning ----- SERVICES REGISTRY KEYS -----
Key:      FsUsbExDisk
ImagePath: \??\C:\Windows\SysWOW64\FsUsbExDisk.SYS
C:\Windows\SysWOW64\FsUsbExDisk.SYS
37344 bytes
Created:  22.02.2013 23:17
Modified: 05.02.2013 10:54
Company:  [no info]
----------
Key:      RxFilter
ImagePath: system32\DRIVERS\RxFilter.sys
C:\Windows\System32\DRIVERS\RxFilter.sys - [file not found to scan]
----------
Key:      SessionLauncher
ImagePath: C:\Users\sauterch\AppData\Local\Temp\DX9\SessionLauncher.exe
C:\Users\sauterch\AppData\Local\Temp\DX9\SessionLauncher.exe - [file not found to scan]
----------

************************************************************
22:09:53: Scanning -----VXD ENTRIES-----

************************************************************
22:09:53: Scanning ----- ContextMenuHandlers -----
Key:  PhotoStreamsExt
CLSID: {89D984B3-813B-406A-8298-118AFA3A22AE}
Path:  C:\Program Files (x86)\Common Files\Apple\Internet Services\ShellStreams.dll
C:\Program Files (x86)\Common Files\Apple\Internet Services\ShellStreams.dll
600392 bytes
Created:  20.11.2013 16:43
Modified: 20.11.2013 16:43
Company:  Apple Inc.
----------
Key:  TuneUp Shredder Shell Extension
CLSID: {4858E7D9-8E12-45a3-B6A3-1CD128C9D403}
Path:  D:\TuneUp Utilities 2011\SDShelEx-win32.dll
D:\TuneUp Utilities 2011\SDShelEx-win32.dll
30016 bytes
Created:  13.12.2011 10:29
Modified: 13.12.2011 10:29
Company:  TuneUp Software
----------
Key:  VersionsPageShellExt
CLSID: {9E42900A-85F9-4E67-9778-575FBBA0A81C}
Path:  D:\Acronis True Image_2011\versions_page.dll
D:\Acronis True Image_2011\versions_page.dll
128352 bytes
Created:  22.09.2011 23:22
Modified: 22.09.2011 23:22
Company:  Acronis
----------
Key:  {C539A15A-3AF9-4c92-B771-50CB78F5C751}
Path:  D:\Acronis True Image_2011\tishell.dll
D:\Acronis True Image_2011\tishell.dll
1030536 bytes
Created:  22.09.2011 23:21
Modified: 22.09.2011 23:21
Company:  Acronis
----------

************************************************************
22:09:54: Scanning ----- Folder\ColumnHandlers -----
No Folder\ColumnHandler entries found to scan

************************************************************
22:09:54: Scanning ----- 64-Bit ContextMenuHandlers -----
Key:  7-Zip
CLSID: {23170F69-40C1-278A-1000-000100020000}
Path:  D:\7-Zip\7-zip.dll
D:\7-Zip\7-zip.dll
86016 bytes
Created:  18.11.2010 22:08
Modified: 18.11.2010 22:08
Company:  Igor Pavlov
----------
Key:  PhotoStreamsExt
CLSID: {89D984B3-813B-406A-8298-118AFA3A22AE}
Path:  C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll
C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll
1242440 bytes
Created:  20.11.2013 16:43
Modified: 20.11.2013 16:43
Company:  Apple Inc.
----------
Key:  RXDCExtSvr
CLSID: {0FB82570-BB2D-23D3-8D3B-AC2F34F1FA3C}
Path:  C:\Program Files\Roxio\Virtual Drive 10\DC_ShellExt64.dll
C:\Program Files\Roxio\Virtual Drive 10\DC_ShellExt64.dll
145904 bytes
Created:  26.06.2009 12:31
Modified: 26.06.2009 12:31
Company:  Sonic Solutions
----------
Key:  TuneUp Shredder Shell Extension
CLSID: {4858E7D9-8E12-45a3-B6A3-1CD128C9D403}
Path:  D:\TuneUp Utilities 2011\SDShelEx-x64.dll
D:\TuneUp Utilities 2011\SDShelEx-x64.dll
28480 bytes
Created:  13.12.2011 10:29
Modified: 13.12.2011 10:29
Company:  TuneUp Software
----------
Key:  VersionsPageShellExt
CLSID: {9E42900A-85F9-4E67-9778-575FBBA0A81C}
Path:  D:\Acronis True Image_2011\x64\versions_page.dll
D:\Acronis True Image_2011\x64\versions_page.dll
142176 bytes
Created:  22.09.2011 23:22
Modified: 22.09.2011 23:22
Company:  Acronis
----------
Key:  {C539A15A-3AF9-4c92-B771-50CB78F5C751}
Path:  D:\Acronis True Image_2011\tishell64.dll
D:\Acronis True Image_2011\tishell64.dll
1246088 bytes
Created:  22.09.2011 23:22
Modified: 22.09.2011 23:22
Company:  Acronis
----------

************************************************************
22:09:55: Scanning ----- 64-Bit Folder\ColumnHandlers -----
No Folder\ColumnHandler entries found to scan

************************************************************
22:09:55: Scanning ----- Browser Helper Objects -----
Key: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
BHO: D:\Java\bin\ssv.dll
D:\Java\bin\ssv.dll
462760 bytes
Created:  20.10.2013 13:37
Modified: 14.04.2014 20:11
Company:  Oracle Corporation
----------
Key: {DBC80044-A445-435b-BC74-9C25C1C588A9}
BHO: D:\Java\bin\jp2ssv.dll
D:\Java\bin\jp2ssv.dll
171944 bytes
Created:  20.10.2013 13:37
Modified: 14.04.2014 20:07
Company:  Oracle Corporation
----------

************************************************************
22:09:56: Scanning ----- 64-Bit Browser Helper Objects -----
Key: {9030D464-4C02-4ABF-8ECC-5164760863C6}
BHO: C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
529664 bytes
Created:  17.07.2012 15:17
Modified: 17.07.2012 15:17
Company:  Microsoft Corp.
----------

************************************************************
22:09:56: Scanning ----- ShellServiceObjectDelayLoad Entries -----

************************************************************
22:09:56: Scanning ----- 64-Bit ShellServiceObjectDelayLoad Entries -----

************************************************************
22:09:56: Scanning ----- ShellServiceObjects -----

************************************************************
22:10:00: Scanning ----- 64-Bit ShellServiceObjects -----

************************************************************
22:10:05: Scanning ----- SHAREDTASKSCHEDULER ENTRIES -----
No SharedTaskScheduler entries found to scan

************************************************************
22:10:05: Scanning ----- IMAGEFILE DEBUGGERS -----
No "Debugger" entries found.

************************************************************
22:10:05: Scanning ----- APPINIT_DLLS -----
No AppInit_DLLs value found to check

************************************************************
22:10:05: Scanning ----- 64-Bit APPINIT_DLLS -----
No 64-Bit AppInit_DLLs value found to check

************************************************************
22:10:05: Scanning ----- SECURITY PROVIDER DLLS -----

************************************************************
22:10:05: Scanning ----- CREDENTIAL PROVIDERS -----

************************************************************
22:10:07: Scanning ------ COMMON STARTUP GROUP ------
[C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup]
The Common Startup Group attempts to load the following file(s) at boot time:
Audible Download Manager.lnk - links to D:\Audible\Bin\AudibleDownloadHelper.exe [file not found to scan]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Audible Download Manager.lnk - this links to D:\Audible\Bin\AudibleDownloadHelper.exe - this Shortcut has been removed
--------------------
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-HS- 174 bytes
Created:  14.07.2009 06:54
Modified: 14.07.2009 06:54
Company:  [no info]
--------------------

************************************************************
22:10:28: Scanning ----- USER STARTUP GROUPS -----
Checking Startup Group for: sauterch
[C:\Users\sauterch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup]
C:\Users\sauterch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-HS- 174 bytes
Created:  30.12.2010 22:36
Modified: 15.05.2014 18:17
Company:  [no info]
----------
--------------------

************************************************************
22:10:28: Scanning ----- SCHEDULED TASKS -----
Scheduled Tasks not scanned: running in Safe Mode so Task Scheduler service not running

************************************************************
22:10:28: Scanning ----- SHELLICONOVERLAYIDENTIFIERS -----

************************************************************
22:10:28: Scanning ----- DEVICE DRIVER ENTRIES -----
Value: vidc.i420
File:  lvcodec2.dll
C:\Windows\SysWoW64\lvcodec2.dll
416280 bytes
Created:  26.07.2008 16:23
Modified: 26.07.2008 16:23
Company:  Logitech Inc.
----------
Value: msacm.l3acm
File:  C:\Windows\SysWOW64\l3codeca.acm
C:\Windows\SysWOW64\l3codeca.acm
64000 bytes
Created:  14.07.2009 02:07
Modified: 14.07.2009 03:14
Company:  Fraunhofer Institut Integrierte Schaltungen IIS
----------

************************************************************
22:10:29: ----- ADDITIONAL CHECKS -----
Heuristic checks for hidden files/drivers completed
----------
Layered Service Provider entries checks completed
----------
Windows Explorer Policies checks completed
----------
Desktop Wallpaper: C:\Users\sauterch\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
C:\Users\sauterch\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
144595 bytes
Created:  30.12.2010 22:36
Modified: 30.08.2013 21:04
Company:  [no info]
----------
Web Desktop Wallpaper entry is blank
----------
Checks for rogue DNS NameServers completed
----------
Checks for Backdoor.ZeroAccess completed
----------
Safe Mode checks completed
----------
Additional checks completed

************************************************************
22:10:29: Scanning ----- RUNNING PROCESSES -----

C:\Windows\System32\smss.exe
112640 bytes
Created:  12.09.2013 18:17
Modified: 02.08.2013 02:59
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\csrss.exe
7680 bytes
Created:  14.07.2009 01:19
Modified: 14.07.2009 03:39
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\wininit.exe
129024 bytes
Created:  14.07.2009 01:52
Modified: 14.07.2009 03:39
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\winlogon.exe
455168 bytes
Created:  14.05.2014 18:13
Modified: 04.03.2014 11:43
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\services.exe
328704 bytes
Created:  14.07.2009 01:19
Modified: 14.07.2009 03:39
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\lsass.exe
31232 bytes
Created:  14.05.2014 18:13
Modified: 12.04.2014 04:19
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\lsm.exe
343040 bytes
Created:  27.04.2011 22:52
Modified: 20.11.2010 15:24
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\svchost.exe
27136 bytes
Created:  14.07.2009 01:31
Modified: 14.07.2009 03:39
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\ctfmon.exe
9728 bytes
Created:  14.07.2009 01:39
Modified: 14.07.2009 03:39
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\dllhost.exe
9728 bytes
Created:  14.07.2009 01:59
Modified: 14.07.2009 03:39
Company:  Microsoft Corporation
--------------------
D:\Trojan Remover\Rmvtrjan.exe
FileSize:          5468008
[This is a Trojan Remover component]
--------------------
--------------------

************************************************************
22:10:32: Checking HOSTS file
No malicious entries were found in the HOSTS file

************************************************************
22:10:32: Checking ----- ROGUE BROWSER MODIFICATIONS -----

************************************************************
------ INTERNET EXPLORER HOME/START/SEARCH SETTINGS ------
HKLM\Software\Microsoft\Internet Explorer\Main\"Start Page":
about:blank
HKLM\Software\Microsoft\Internet Explorer\Main\"Local Page":
C:\Windows\SysWOW64\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main\"Search Page":
hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKCU\Software\Microsoft\Internet Explorer\Main\"Start Page":
hxxp://www.my-online-search.com/?babsrc=HP_ofln&mntrId=D840ED1AFF0F1A72&cat=delta&dlb=0&affID=122471
HKCU\Software\Microsoft\Internet Explorer\Main\"Local Page":
C:\Windows\system32\blank.htm
HKCU\Software\Microsoft\Internet Explorer\Main\"Search Page":
hxxp://go.microsoft.com/fwlink/?LinkId=54896

************************************************************
=== CHANGES WERE MADE TO A USER'S STARTUP GROUP ===
Scan completed at: 22:10:32 29 Jul 2014
Total Scan time: 00:01:08
************************************************************


======================================
[INCOMPLETE SCAN LOG RECOVERED]
======================================
***** NORMAL SCAN FOR ACTIVE MALWARE *****
Trojan Remover Ver 6.9.1.2931. For information, email support@simplysup.com
[Registered to: sauterch@yahoo.de]
Scan started at: 22:20:57 24 Jul 2014
Using Database v8420
Operating System:  Windows 7 x64 Home Premium (SP1) [Build: 6.1.7601]
File System:      NTFS
User Account Control is Enabled
[Secure Desktop Prompt is DISABLED]
UserData directory: C:\Users\sauterch\AppData\Roaming\Simply Super Software\Trojan Remover\
Database directory: C:\ProgramData\Simply Super Software\Trojan Remover\Data\
Logfile directory:  C:\Users\sauterch\Documents\Simply Super Software\Trojan Remover Logfiles\
Program directory:  D:\Trojan Remover\
Running with Administrator privileges

************************************************************
22:20:57: ----- Checking Default File Associations -----
No modified default file associations detected

************************************************************
22:20:57: ----- SCANNING FOR ROOTKIT SERVICES -----
No hidden Services were detected.

************************************************************
22:20:57: Scanning ----- Windows Registry -----
--------------------
Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
This key's "Shell" value calls the following program(s):
Key value: [explorer.exe]
File: C:\Windows\Explorer.exe
C:\Windows\Explorer.exe
2871808 bytes
Created:  27.04.2011 18:56
Modified: 25.02.2011 08:19
Company:  Microsoft Corporation
----------
This key's "Userinit" value calls the following program(s):
Key value: [C:\Windows\system32\userinit.exe,]
File: C:\Windows\system32\userinit.exe
C:\Windows\System32\userinit.exe
30720 bytes
Created:  27.04.2011 22:51
Modified: 20.11.2010 15:25
Company:  Microsoft Corporation
----------
--------------------
Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value Name: [IMSS]
Value Data: ["C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"]
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
111640 bytes
Created:  31.12.2010 12:38
Modified: 30.09.2009 20:02
Company: 
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
This Registry key appears to be empty
--------------------
Checking HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Value Name: [Sidebar]
Value Data: [C:\Program Files\Windows Sidebar\sidebar.exe /autoRun]
C:\Program Files\Windows Sidebar\sidebar.exe
1475584 bytes
Created:  27.04.2011 22:52
Modified: 20.11.2010 15:25
Company:  Microsoft Corporation
--------------------
Value Name: [ctfmon.exe]
Value Data: ["C:\Windows\system32\ctfmon.exe"]
C:\Windows\SysWoW64\ctfmon.exe
8704 bytes
Created:  14.07.2009 01:26
Modified: 14.07.2009 03:14
Company:  Microsoft Corporation
--------------------
Value Name: [AVMUSBFernanschluss]
Value Data: ["C:\Users\sauterch\AppData\Local\Apps\2.0\N7JC67JJ.28D\EXZ09BGP.07J\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\AVMAutoStart.exe"]
C:\Users\sauterch\AppData\Local\Apps\2.0\N7JC67JJ.28D\EXZ09BGP.07J\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\AVMAutoStart.exe
139264 bytes
Created:  30.12.2013 20:34
Modified: 30.12.2013 20:34
Company:  AVM Berlin
--------------------
Checking HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
This Registry key appears to be empty

************************************************************
22:20:58: Scanning ----- Windows 64-Bit Registry -----
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value Name: [ShadowPlay]
Value Data: [C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart]
C:\Windows\System32\nvspcap64.dll
1279480 bytes
Created:  05.06.2014 10:21
Modified: 30.05.2014 01:07
Company:  NVIDIA Corporation
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
This Registry key appears to be empty

************************************************************
22:20:59: Scanning -----SHELLEXECUTEHOOKS-----
ShellExecuteHooks key is empty

************************************************************
22:20:59: Scanning -----HIDDEN REGISTRY ENTRIES-----
Taskdir check completed
----------
No Hidden File-loading Registry Entries found
----------

************************************************************
22:20:59: Scanning -----ACTIVE SCREENSAVER-----
ScreenSaver: C:\Windows\CSS.scr
C:\Windows\CSS.scr
371712 bytes
Created:  08.01.2008 13:37
Modified: 08.01.2008 13:37
Company:  ABF software, Inc.
--------------------

************************************************************
22:20:59: Scanning ----- REGISTRY ACTIVE SETUP KEYS -----
Key:  {2D46B6DC-2207-486B-B523-A557E6D54B47}
Path: C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
C:\Windows\SysWoW64\ie4uinit.exe - [file not found to scan]
----------

************************************************************
22:20:59: Scanning ----- SERVICEDLL REGISTRY KEYS -----
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
[INCOMPLETE SCAN LOG RECOVERED]
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

***** LAYERED SERVICE PROVIDER CHECKS *****
Trojan Remover Ver 6.9.1.2931. For information, email support@simplysup.com
[Registered to: sauterch@yahoo.de]
Scan started at: 22:20:37 24 Jul 2014
Using Database v8420
Operating System:  Windows 7 x64 Home Premium (SP1) [Build: 6.1.7601]
File System:      NTFS
User Account Control is Enabled
[Secure Desktop Prompt is DISABLED]
UserData directory: C:\Users\sauterch\AppData\Roaming\Simply Super Software\Trojan Remover\
Database directory: C:\ProgramData\Simply Super Software\Trojan Remover\Data\
Logfile directory:  C:\Users\sauterch\Documents\Simply Super Software\Trojan Remover Logfiles\
Program directory:  D:\Trojan Remover\
Running with Administrator privileges

************************************************************
No errors were located in the Layered Service Provider Registry entries.
No action was taken.
************************************************************


***** WINDOWS HOSTS FILE RESET *****
Trojan Remover Ver 6.9.1.2931. For information, email support@simplysup.com
[Registered to: sauterch@yahoo.de]
Scan started at: 22:20:27 24 Jul 2014
Using Database v8420
Operating System:  Windows 7 x64 Home Premium (SP1) [Build: 6.1.7601]
File System:      NTFS
User Account Control is Enabled
[Secure Desktop Prompt is DISABLED]
UserData directory: C:\Users\sauterch\AppData\Roaming\Simply Super Software\Trojan Remover\
Database directory: C:\ProgramData\Simply Super Software\Trojan Remover\Data\
Logfile directory:  C:\Users\sauterch\Documents\Simply Super Software\Trojan Remover Logfiles\
Program directory:  D:\Trojan Remover\
Running with Administrator privileges

************************************************************
The original HOSTS file has been backed up to C:\Windows\system32\Drivers\etc\hosts.trb
The HOSTS file has been reset to the default supplied by Microsoft
************************************************************


***** LAYERED SERVICE PROVIDER CHECKS *****
Trojan Remover Ver 6.9.1.2931. For information, email support@simplysup.com
[Registered to: sauterch@yahoo.de]
Scan started at: 22:20:04 24 Jul 2014
Using Database v8420
Operating System:  Windows 7 x64 Home Premium (SP1) [Build: 6.1.7601]
File System:      NTFS
User Account Control is Enabled
[Secure Desktop Prompt is DISABLED]
UserData directory: C:\Users\sauterch\AppData\Roaming\Simply Super Software\Trojan Remover\
Database directory: C:\ProgramData\Simply Super Software\Trojan Remover\Data\
Logfile directory:  C:\Users\sauterch\Documents\Simply Super Software\Trojan Remover Logfiles\
Program directory:  D:\Trojan Remover\
Running with Administrator privileges

************************************************************
No errors were located in the Layered Service Provider Registry entries.
No action was taken.
************************************************************


======================================
[INCOMPLETE SCAN LOG RECOVERED]
======================================
***** NORMAL SCAN FOR ACTIVE MALWARE *****
Trojan Remover Ver 6.9.1.2931. For information, email support@simplysup.com
[Registered to: sauterch@yahoo.de]
Scan started at: 22:13:57 24 Jul 2014
Using Database v8420
Operating System:  Windows 7 x64 Home Premium (SP1) [Build: 6.1.7601]
File System:      NTFS
User Account Control is Enabled
[Secure Desktop Prompt is DISABLED]
UserData directory: C:\Users\sauterch\AppData\Roaming\Simply Super Software\Trojan Remover\
Database directory: C:\ProgramData\Simply Super Software\Trojan Remover\Data\
Logfile directory:  C:\Users\sauterch\Documents\Simply Super Software\Trojan Remover Logfiles\
Program directory:  D:\Trojan Remover\
Running with Administrator privileges

************************************************************
22:13:58: ----- Checking Default File Associations -----
No modified default file associations detected

************************************************************
22:13:58: ----- SCANNING FOR ROOTKIT SERVICES -----
No hidden Services were detected.

************************************************************
22:13:58: Scanning ----- Windows Registry -----
--------------------
Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
This key's "Shell" value calls the following program(s):
Key value: [explorer.exe]
File: C:\Windows\Explorer.exe
C:\Windows\Explorer.exe
2871808 bytes
Created:  27.04.2011 18:56
Modified: 25.02.2011 08:19
Company:  Microsoft Corporation
----------
This key's "Userinit" value calls the following program(s):
Key value: [C:\Windows\system32\userinit.exe,]
File: C:\Windows\system32\userinit.exe
C:\Windows\System32\userinit.exe
30720 bytes
Created:  27.04.2011 22:51
Modified: 20.11.2010 15:25
Company:  Microsoft Corporation
----------
--------------------
Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value Name: [IMSS]
Value Data: ["C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"]
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
111640 bytes
Created:  31.12.2010 12:38
Modified: 30.09.2009 20:02
Company: 
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
This Registry key appears to be empty
--------------------
Checking HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Value Name: [Sidebar]
Value Data: [C:\Program Files\Windows Sidebar\sidebar.exe /autoRun]
C:\Program Files\Windows Sidebar\sidebar.exe
1475584 bytes
Created:  27.04.2011 22:52
Modified: 20.11.2010 15:25
Company:  Microsoft Corporation
--------------------
Value Name: [ctfmon.exe]
Value Data: ["C:\Windows\system32\ctfmon.exe"]
C:\Windows\SysWoW64\ctfmon.exe
8704 bytes
Created:  14.07.2009 01:26
Modified: 14.07.2009 03:14
Company:  Microsoft Corporation
--------------------
Value Name: [AVMUSBFernanschluss]
Value Data: ["C:\Users\sauterch\AppData\Local\Apps\2.0\N7JC67JJ.28D\EXZ09BGP.07J\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\AVMAutoStart.exe"]
C:\Users\sauterch\AppData\Local\Apps\2.0\N7JC67JJ.28D\EXZ09BGP.07J\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\AVMAutoStart.exe
139264 bytes
Created:  30.12.2013 20:34
Modified: 30.12.2013 20:34
Company:  AVM Berlin
--------------------
Checking HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
This Registry key appears to be empty

************************************************************
22:13:59: Scanning ----- Windows 64-Bit Registry -----
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value Name: [ShadowPlay]
Value Data: [C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart]
C:\Windows\System32\nvspcap64.dll
1279480 bytes
Created:  05.06.2014 10:21
Modified: 30.05.2014 01:07
Company:  NVIDIA Corporation
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
This Registry key appears to be empty

************************************************************
22:13:59: Scanning -----SHELLEXECUTEHOOKS-----
ShellExecuteHooks key is empty

************************************************************
22:13:59: Scanning -----HIDDEN REGISTRY ENTRIES-----
Taskdir check completed
----------
No Hidden File-loading Registry Entries found
----------

************************************************************
22:14:00: Scanning -----ACTIVE SCREENSAVER-----
ScreenSaver: C:\Windows\CSS.scr
C:\Windows\CSS.scr
371712 bytes
Created:  08.01.2008 13:37
Modified: 08.01.2008 13:37
Company:  ABF software, Inc.
--------------------

************************************************************
22:14:00: Scanning ----- REGISTRY ACTIVE SETUP KEYS -----
Key:  {2D46B6DC-2207-486B-B523-A557E6D54B47}
Path: C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
C:\Windows\SysWoW64\ie4uinit.exe - [file not found to scan]
----------

************************************************************
22:14:00: Scanning ----- SERVICEDLL REGISTRY KEYS -----
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
[INCOMPLETE SCAN LOG RECOVERED]
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

***** THE SYSTEM HAS BEEN RESTARTED *****
24.07.2014 22:07:31: Trojan Remover has been restarted
24.07.2014 22:07:31: Trojan Remover closed
************************************************************


***** NORMAL SCAN FOR ACTIVE MALWARE *****
Trojan Remover Ver 6.9.1.2931. For information, email support@simplysup.com
[Registered to: sauterch@yahoo.de]
Scan started at: 17:41:57 23 Jul 2014
Using Database v8420
Operating System:  Windows 7 x64 Home Premium (SP1) [Build: 6.1.7601]
File System:      NTFS
User Account Control is Enabled
[Secure Desktop Prompt is DISABLED]
UserData directory: C:\Users\sauterch\AppData\Roaming\Simply Super Software\Trojan Remover\
Database directory: C:\ProgramData\Simply Super Software\Trojan Remover\Data\
Logfile directory:  C:\Users\sauterch\Documents\Simply Super Software\Trojan Remover Logfiles\
Program directory:  D:\Trojan Remover\
Running with Administrator privileges

************************************************************
PC appears to be in SAFE MODE.

************************************************************

17:41:58: ----- Checking Default File Associations -----
No modified default file associations detected

************************************************************
17:41:58: ----- SCANNING FOR ROOTKIT SERVICES -----
No hidden Services were detected.

************************************************************
17:41:59: Scanning ----- Windows Registry -----
--------------------
Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
This key's "Shell" value calls the following program(s):
Key value: [explorer.exe]
File: C:\Windows\Explorer.exe
C:\Windows\Explorer.exe
2871808 bytes
Created:  27.04.2011 18:56
Modified: 25.02.2011 08:19
Company:  Microsoft Corporation
----------
This key's "Userinit" value calls the following program(s):
Key value: [C:\Windows\system32\userinit.exe,]
File: C:\Windows\system32\userinit.exe
C:\Windows\System32\userinit.exe
30720 bytes
Created:  27.04.2011 22:51
Modified: 20.11.2010 15:25
Company:  Microsoft Corporation
----------
--------------------
Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value Name: [IMSS]
Value Data: ["C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"]
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
111640 bytes
Created:  31.12.2010 12:38
Modified: 30.09.2009 20:02
Company: 
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
Value Name: [Malwarebytes Anti-Malware (cleanup)]
Value Data: ["C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe" "C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware"]
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe
54072 bytes
Created:  23.07.2014 06:44
Modified: 12.05.2014 07:24
Company:  Malwarebytes Corporation
--------------------
Value Name: [Trojan Remover]
Value Data: ["D:\Trojan Remover\RMVTRJAN.EXE" /restart]
D:\Trojan Remover\RMVTRJAN.EXE
5468008 bytes
Created:  25.08.2013 20:52
Modified: 22.05.2014 18:34
Company:  Simply Super Software
--------------------
Checking HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Value Name: [Sidebar]
Value Data: [C:\Program Files\Windows Sidebar\sidebar.exe /autoRun]
C:\Program Files\Windows Sidebar\sidebar.exe
1475584 bytes
Created:  27.04.2011 22:52
Modified: 20.11.2010 15:25
Company:  Microsoft Corporation
--------------------
Value Name: [ctfmon.exe]
Value Data: ["C:\Windows\system32\ctfmon.exe"]
C:\Windows\SysWoW64\ctfmon.exe
8704 bytes
Created:  14.07.2009 01:26
Modified: 14.07.2009 03:14
Company:  Microsoft Corporation
--------------------
Value Name: [AVMUSBFernanschluss]
Value Data: ["C:\Users\sauterch\AppData\Local\Apps\2.0\N7JC67JJ.28D\EXZ09BGP.07J\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\AVMAutoStart.exe"]
C:\Users\sauterch\AppData\Local\Apps\2.0\N7JC67JJ.28D\EXZ09BGP.07J\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\AVMAutoStart.exe
139264 bytes
Created:  30.12.2013 20:34
Modified: 30.12.2013 20:34
Company:  AVM Berlin
--------------------
Checking HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
This Registry key appears to be empty

************************************************************
17:42:01: Scanning ----- Windows 64-Bit Registry -----
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value Name: [ShadowPlay]
Value Data: [C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart]
C:\Windows\System32\nvspcap64.dll
1279480 bytes
Created:  05.06.2014 10:21
Modified: 30.05.2014 01:07
Company:  NVIDIA Corporation
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
This Registry key appears to be empty

************************************************************
17:42:01: Scanning -----SHELLEXECUTEHOOKS-----
ShellExecuteHooks key is empty

************************************************************
17:42:01: Scanning -----HIDDEN REGISTRY ENTRIES-----
Taskdir check completed
----------
No Hidden File-loading Registry Entries found
----------

************************************************************
17:42:01: Scanning -----ACTIVE SCREENSAVER-----
ScreenSaver: C:\Windows\CSS.scr
C:\Windows\CSS.scr
371712 bytes
Created:  08.01.2008 13:37
Modified: 08.01.2008 13:37
Company:  ABF software, Inc.
--------------------

************************************************************
17:42:02: Scanning ----- REGISTRY ACTIVE SETUP KEYS -----
Key:  {2D46B6DC-2207-486B-B523-A557E6D54B47}
Path: C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
C:\Windows\SysWoW64\ie4uinit.exe - [file not found to scan]
----------

************************************************************
17:42:02: Scanning ----- SERVICEDLL REGISTRY KEYS -----

************************************************************
17:42:20: Scanning ----- SERVICES REGISTRY KEYS -----
Key:      FsUsbExDisk
ImagePath: \??\C:\Windows\SysWOW64\FsUsbExDisk.SYS
C:\Windows\SysWOW64\FsUsbExDisk.SYS
37344 bytes
Created:  22.02.2013 23:17
Modified: 05.02.2013 10:54
Company:  [no info]
----------
Key:      RxFilter
ImagePath: system32\DRIVERS\RxFilter.sys
C:\Windows\System32\DRIVERS\RxFilter.sys - [file not found to scan]
----------
Key:      SessionLauncher
ImagePath: C:\Users\sauterch\AppData\Local\Temp\DX9\SessionLauncher.exe
C:\Users\sauterch\AppData\Local\Temp\DX9\SessionLauncher.exe - [file not found to scan]
----------

************************************************************
17:42:32: Scanning -----VXD ENTRIES-----

************************************************************
17:42:32: Scanning ----- ContextMenuHandlers -----
Key:  PhotoStreamsExt
CLSID: {89D984B3-813B-406A-8298-118AFA3A22AE}
Path:  C:\Program Files (x86)\Common Files\Apple\Internet Services\ShellStreams.dll
C:\Program Files (x86)\Common Files\Apple\Internet Services\ShellStreams.dll
600392 bytes
Created:  20.11.2013 16:43
Modified: 20.11.2013 16:43
Company:  Apple Inc.
----------
Key:  TuneUp Shredder Shell Extension
CLSID: {4858E7D9-8E12-45a3-B6A3-1CD128C9D403}
Path:  D:\TuneUp Utilities 2011\SDShelEx-win32.dll
D:\TuneUp Utilities 2011\SDShelEx-win32.dll
30016 bytes
Created:  13.12.2011 10:29
Modified: 13.12.2011 10:29
Company:  TuneUp Software
----------
Key:  VersionsPageShellExt
CLSID: {9E42900A-85F9-4E67-9778-575FBBA0A81C}
Path:  D:\Acronis True Image_2011\versions_page.dll
D:\Acronis True Image_2011\versions_page.dll
128352 bytes
Created:  22.09.2011 23:22
Modified: 22.09.2011 23:22
Company:  Acronis
----------
Key:  {C539A15A-3AF9-4c92-B771-50CB78F5C751}
Path:  D:\Acronis True Image_2011\tishell.dll
D:\Acronis True Image_2011\tishell.dll
1030536 bytes
Created:  22.09.2011 23:21
Modified: 22.09.2011 23:21
Company:  Acronis
----------

************************************************************
17:42:33: Scanning ----- Folder\ColumnHandlers -----
No Folder\ColumnHandler entries found to scan

************************************************************
17:42:33: Scanning ----- 64-Bit ContextMenuHandlers -----
Key:  7-Zip
CLSID: {23170F69-40C1-278A-1000-000100020000}
Path:  D:\7-Zip\7-zip.dll
D:\7-Zip\7-zip.dll
86016 bytes
Created:  18.11.2010 22:08
Modified: 18.11.2010 22:08
Company:  Igor Pavlov
----------
Key:  PhotoStreamsExt
CLSID: {89D984B3-813B-406A-8298-118AFA3A22AE}
Path:  C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll
C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll
1242440 bytes
Created:  20.11.2013 16:43
Modified: 20.11.2013 16:43
Company:  Apple Inc.
----------
Key:  RXDCExtSvr
CLSID: {0FB82570-BB2D-23D3-8D3B-AC2F34F1FA3C}
Path:  C:\Program Files\Roxio\Virtual Drive 10\DC_ShellExt64.dll
C:\Program Files\Roxio\Virtual Drive 10\DC_ShellExt64.dll
145904 bytes
Created:  26.06.2009 12:31
Modified: 26.06.2009 12:31
Company:  Sonic Solutions
----------
Key:  TuneUp Shredder Shell Extension
CLSID: {4858E7D9-8E12-45a3-B6A3-1CD128C9D403}
Path:  D:\TuneUp Utilities 2011\SDShelEx-x64.dll
D:\TuneUp Utilities 2011\SDShelEx-x64.dll
28480 bytes
Created:  13.12.2011 10:29
Modified: 13.12.2011 10:29
Company:  TuneUp Software
----------
Key:  VersionsPageShellExt
CLSID: {9E42900A-85F9-4E67-9778-575FBBA0A81C}
Path:  D:\Acronis True Image_2011\x64\versions_page.dll
D:\Acronis True Image_2011\x64\versions_page.dll
142176 bytes
Created:  22.09.2011 23:22
Modified: 22.09.2011 23:22
Company:  Acronis
----------
Key:  {C539A15A-3AF9-4c92-B771-50CB78F5C751}
Path:  D:\Acronis True Image_2011\tishell64.dll
D:\Acronis True Image_2011\tishell64.dll
1246088 bytes
Created:  22.09.2011 23:22
Modified: 22.09.2011 23:22
Company:  Acronis
----------

************************************************************
17:42:34: Scanning ----- 64-Bit Folder\ColumnHandlers -----
No Folder\ColumnHandler entries found to scan

************************************************************
17:42:34: Scanning ----- Browser Helper Objects -----
Key: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
BHO: D:\Java\bin\ssv.dll
D:\Java\bin\ssv.dll
462760 bytes
Created:  20.10.2013 13:37
Modified: 14.04.2014 20:11
Company:  Oracle Corporation
----------
Key: {DBC80044-A445-435b-BC74-9C25C1C588A9}
BHO: D:\Java\bin\jp2ssv.dll
D:\Java\bin\jp2ssv.dll
171944 bytes
Created:  20.10.2013 13:37
Modified: 14.04.2014 20:07
Company:  Oracle Corporation
----------

************************************************************
17:42:34: Scanning ----- 64-Bit Browser Helper Objects -----
Key: {9030D464-4C02-4ABF-8ECC-5164760863C6}
BHO: C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
529664 bytes
Created:  17.07.2012 15:17
Modified: 17.07.2012 15:17
Company:  Microsoft Corp.
----------

************************************************************
17:42:34: Scanning ----- ShellServiceObjectDelayLoad Entries -----

************************************************************
17:42:34: Scanning ----- 64-Bit ShellServiceObjectDelayLoad Entries -----

************************************************************
17:42:34: Scanning ----- ShellServiceObjects -----

************************************************************
17:42:39: Scanning ----- 64-Bit ShellServiceObjects -----

************************************************************
17:42:43: Scanning ----- SHAREDTASKSCHEDULER ENTRIES -----
No SharedTaskScheduler entries found to scan

************************************************************
17:42:43: Scanning ----- IMAGEFILE DEBUGGERS -----
No "Debugger" entries found.

************************************************************
17:42:43: Scanning ----- APPINIT_DLLS -----
No AppInit_DLLs value found to check

************************************************************
17:42:43: Scanning ----- 64-Bit APPINIT_DLLS -----
No 64-Bit AppInit_DLLs value found to check

************************************************************
17:42:44: Scanning ----- SECURITY PROVIDER DLLS -----

************************************************************
17:42:44: Scanning ----- CREDENTIAL PROVIDERS -----

************************************************************
17:42:46: Scanning ------ COMMON STARTUP GROUP ------
[C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup]
The Common Startup Group attempts to load the following file(s) at boot time:
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-HS- 174 bytes
Created:  14.07.2009 06:54
Modified: 14.07.2009 06:54
Company:  [no info]
--------------------

************************************************************
17:42:46: Scanning ----- USER STARTUP GROUPS -----
Checking Startup Group for: sauterch
[C:\Users\sauterch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup]
C:\Users\sauterch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-HS- 174 bytes
Created:  30.12.2010 22:36
Modified: 15.05.2014 18:17
Company:  [no info]
----------
--------------------

************************************************************
17:42:46: Scanning ----- SCHEDULED TASKS -----
Scheduled Tasks not scanned: running in Safe Mode so Task Scheduler service not running

************************************************************
17:42:46: Scanning ----- SHELLICONOVERLAYIDENTIFIERS -----

************************************************************
17:42:46: Scanning ----- DEVICE DRIVER ENTRIES -----
Value: vidc.i420
File:  lvcodec2.dll
C:\Windows\SysWoW64\lvcodec2.dll
416280 bytes
Created:  26.07.2008 16:23
Modified: 26.07.2008 16:23
Company:  Logitech Inc.
----------
Value: msacm.l3acm
File:  C:\Windows\SysWOW64\l3codeca.acm
C:\Windows\SysWOW64\l3codeca.acm
64000 bytes
Created:  14.07.2009 02:07
Modified: 14.07.2009 03:14
Company:  Fraunhofer Institut Integrierte Schaltungen IIS
----------

************************************************************
17:42:47: ----- ADDITIONAL CHECKS -----
Heuristic checks for hidden files/drivers completed
----------
Layered Service Provider entries checks completed
----------
Windows Explorer Policies checks completed
----------
Desktop Wallpaper: C:\Users\sauterch\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
C:\Users\sauterch\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
144595 bytes
Created:  30.12.2010 22:36
Modified: 30.08.2013 21:04
Company:  [no info]
----------
Web Desktop Wallpaper entry is blank
----------
Checks for rogue DNS NameServers completed
----------
Checks for Backdoor.ZeroAccess completed
----------
Safe Mode checks completed
----------
Additional checks completed

************************************************************
17:42:47: Scanning ----- RUNNING PROCESSES -----

C:\Windows\System32\smss.exe
112640 bytes
Created:  12.09.2013 18:17
Modified: 02.08.2013 02:59
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\csrss.exe
7680 bytes
Created:  14.07.2009 01:19
Modified: 14.07.2009 03:39
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\wininit.exe
129024 bytes
Created:  14.07.2009 01:52
Modified: 14.07.2009 03:39
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\winlogon.exe
455168 bytes
Created:  14.05.2014 18:13
Modified: 04.03.2014 11:43
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\services.exe
328704 bytes
Created:  14.07.2009 01:19
Modified: 14.07.2009 03:39
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\lsass.exe
31232 bytes
Created:  14.05.2014 18:13
Modified: 12.04.2014 04:19
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\lsm.exe
343040 bytes
Created:  27.04.2011 22:52
Modified: 20.11.2010 15:24
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\svchost.exe
27136 bytes
Created:  14.07.2009 01:31
Modified: 14.07.2009 03:39
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\ctfmon.exe
9728 bytes
Created:  14.07.2009 01:39
Modified: 14.07.2009 03:39
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\wbem\WmiPrvSE.exe
372736 bytes
Created:  27.04.2011 22:52
Modified: 20.11.2010 15:25
Company:  Microsoft Corporation
--------------------

************************************************************
17:42:49: Checking HOSTS file
No malicious entries were found in the HOSTS file

************************************************************
17:42:49: Checking ----- ROGUE BROWSER MODIFICATIONS -----

************************************************************
------ INTERNET EXPLORER HOME/START/SEARCH SETTINGS ------
HKLM\Software\Microsoft\Internet Explorer\Main\"Start Page":
about:blank
HKLM\Software\Microsoft\Internet Explorer\Main\"Local Page":
C:\Windows\SysWOW64\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main\"Search Page":
hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKCU\Software\Microsoft\Internet Explorer\Main\"Start Page":
hxxp://www.my-online-search.com/?babsrc=HP_ofln&mntrId=D840ED1AFF0F1A72&cat=delta&dlb=0&affID=122471
HKCU\Software\Microsoft\Internet Explorer\Main\"Local Page":
C:\Windows\system32\blank.htm
HKCU\Software\Microsoft\Internet Explorer\Main\"Search Page":
hxxp://go.microsoft.com/fwlink/?LinkId=54896

************************************************************
=== NO CHANGES HAVE BEEN MADE TO YOUR SYSTEM FILES ===
Scan completed at: 17:42:49 23 Jul 2014
Total Scan time: 00:00:52
************************************************************


***** NORMAL SCAN FOR ACTIVE MALWARE *****
Trojan Remover Ver 6.9.1.2931. For information, email support@simplysup.com
[Registered to: sauterch@yahoo.de]
Scan started at: 17:36:43 23 Jul 2014
Using Database v8420
Operating System:  Windows 7 x64 Home Premium (SP1) [Build: 6.1.7601]
File System:      NTFS
User Account Control is Enabled
[Secure Desktop Prompt is DISABLED]
UserData directory: C:\Users\sauterch\AppData\Roaming\Simply Super Software\Trojan Remover\
Database directory: C:\ProgramData\Simply Super Software\Trojan Remover\Data\
Logfile directory:  C:\Users\sauterch\Documents\Simply Super Software\Trojan Remover Logfiles\
Program directory:  D:\Trojan Remover\
Running with Administrator privileges

************************************************************
PC appears to be in SAFE MODE.

************************************************************

17:36:44: ----- Checking Default File Associations -----
No modified default file associations detected

************************************************************
17:36:44: ----- SCANNING FOR ROOTKIT SERVICES -----
No hidden Services were detected.

************************************************************
17:36:44: Scanning ----- Windows Registry -----
--------------------
Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
This key's "Shell" value calls the following program(s):
Key value: [explorer.exe]
File: C:\Windows\Explorer.exe
C:\Windows\Explorer.exe
2871808 bytes
Created:  27.04.2011 18:56
Modified: 25.02.2011 08:19
Company:  Microsoft Corporation
----------
This key's "Userinit" value calls the following program(s):
Key value: [C:\Windows\system32\userinit.exe,]
File: C:\Windows\system32\userinit.exe
C:\Windows\System32\userinit.exe
30720 bytes
Created:  27.04.2011 22:51
Modified: 20.11.2010 15:25
Company:  Microsoft Corporation
----------
--------------------
Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value Name: [IMSS]
Value Data: ["C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"]
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
111640 bytes
Created:  31.12.2010 12:38
Modified: 30.09.2009 20:02
Company: 
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
Value Name: [Malwarebytes Anti-Malware (cleanup)]
Value Data: ["C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe" "C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware"]
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe
54072 bytes
Created:  23.07.2014 06:44
Modified: 12.05.2014 07:24
Company:  Malwarebytes Corporation
--------------------
Checking HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Value Name: [Sidebar]
Value Data: [C:\Program Files\Windows Sidebar\sidebar.exe /autoRun]
C:\Program Files\Windows Sidebar\sidebar.exe
1475584 bytes
Created:  27.04.2011 22:52
Modified: 20.11.2010 15:25
Company:  Microsoft Corporation
--------------------
Value Name: [ctfmon.exe]
Value Data: ["C:\Windows\system32\ctfmon.exe"]
C:\Windows\SysWoW64\ctfmon.exe
8704 bytes
Created:  14.07.2009 01:26
Modified: 14.07.2009 03:14
Company:  Microsoft Corporation
--------------------
Value Name: [AVMUSBFernanschluss]
Value Data: ["C:\Users\sauterch\AppData\Local\Apps\2.0\N7JC67JJ.28D\EXZ09BGP.07J\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\AVMAutoStart.exe"]
C:\Users\sauterch\AppData\Local\Apps\2.0\N7JC67JJ.28D\EXZ09BGP.07J\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\AVMAutoStart.exe
139264 bytes
Created:  30.12.2013 20:34
Modified: 30.12.2013 20:34
Company:  AVM Berlin
--------------------
Checking HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
This Registry key appears to be empty

************************************************************
17:36:46: Scanning ----- Windows 64-Bit Registry -----
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value Name: [ShadowPlay]
Value Data: [C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart]
C:\Windows\System32\nvspcap64.dll
1279480 bytes
Created:  05.06.2014 10:21
Modified: 30.05.2014 01:07
Company:  NVIDIA Corporation
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
This Registry key appears to be empty

************************************************************
17:36:46: Scanning -----SHELLEXECUTEHOOKS-----
ShellExecuteHooks key is empty

************************************************************
17:36:46: Scanning -----HIDDEN REGISTRY ENTRIES-----
Taskdir check completed
----------
No Hidden File-loading Registry Entries found
----------

************************************************************
17:36:46: Scanning -----ACTIVE SCREENSAVER-----
ScreenSaver: C:\Windows\CSS.scr
C:\Windows\CSS.scr
371712 bytes
Created:  08.01.2008 13:37
Modified: 08.01.2008 13:37
Company:  ABF software, Inc.
--------------------

************************************************************
17:36:47: Scanning ----- REGISTRY ACTIVE SETUP KEYS -----
Key:  {2D46B6DC-2207-486B-B523-A557E6D54B47}
Path: C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
C:\Windows\SysWoW64\ie4uinit.exe - [file not found to scan]
----------

************************************************************
17:36:47: Scanning ----- SERVICEDLL REGISTRY KEYS -----

************************************************************
17:37:06: Scanning ----- SERVICES REGISTRY KEYS -----
Key:      FsUsbExDisk
ImagePath: \??\C:\Windows\SysWOW64\FsUsbExDisk.SYS
C:\Windows\SysWOW64\FsUsbExDisk.SYS
37344 bytes
Created:  22.02.2013 23:17
Modified: 05.02.2013 10:54
Company:  [no info]
----------
Key:      RxFilter
ImagePath: system32\DRIVERS\RxFilter.sys
C:\Windows\System32\DRIVERS\RxFilter.sys - [file not found to scan]
----------
Key:      SessionLauncher
ImagePath: C:\Users\sauterch\AppData\Local\Temp\DX9\SessionLauncher.exe
C:\Users\sauterch\AppData\Local\Temp\DX9\SessionLauncher.exe - [file not found to scan]
----------

************************************************************
17:37:18: Scanning -----VXD ENTRIES-----

************************************************************
17:37:18: Scanning ----- ContextMenuHandlers -----
Key:  PhotoStreamsExt
CLSID: {89D984B3-813B-406A-8298-118AFA3A22AE}
Path:  C:\Program Files (x86)\Common Files\Apple\Internet Services\ShellStreams.dll
C:\Program Files (x86)\Common Files\Apple\Internet Services\ShellStreams.dll
600392 bytes
Created:  20.11.2013 16:43
Modified: 20.11.2013 16:43
Company:  Apple Inc.
----------
Key:  TuneUp Shredder Shell Extension
CLSID: {4858E7D9-8E12-45a3-B6A3-1CD128C9D403}
Path:  D:\TuneUp Utilities 2011\SDShelEx-win32.dll
D:\TuneUp Utilities 2011\SDShelEx-win32.dll
30016 bytes
Created:  13.12.2011 10:29
Modified: 13.12.2011 10:29
Company:  TuneUp Software
----------
Key:  VersionsPageShellExt
CLSID: {9E42900A-85F9-4E67-9778-575FBBA0A81C}
Path:  D:\Acronis True Image_2011\versions_page.dll
D:\Acronis True Image_2011\versions_page.dll
128352 bytes
Created:  22.09.2011 23:22
Modified: 22.09.2011 23:22
Company:  Acronis
----------
Key:  {C539A15A-3AF9-4c92-B771-50CB78F5C751}
Path:  D:\Acronis True Image_2011\tishell.dll
D:\Acronis True Image_2011\tishell.dll
1030536 bytes
Created:  22.09.2011 23:21
Modified: 22.09.2011 23:21
Company:  Acronis
----------

************************************************************
17:37:19: Scanning ----- Folder\ColumnHandlers -----
No Folder\ColumnHandler entries found to scan

************************************************************
17:37:19: Scanning ----- 64-Bit ContextMenuHandlers -----
Key:  7-Zip
CLSID: {23170F69-40C1-278A-1000-000100020000}
Path:  D:\7-Zip\7-zip.dll
D:\7-Zip\7-zip.dll
86016 bytes
Created:  18.11.2010 22:08
Modified: 18.11.2010 22:08
Company:  Igor Pavlov
----------
Key:  PhotoStreamsExt
CLSID: {89D984B3-813B-406A-8298-118AFA3A22AE}
Path:  C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll
C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll
1242440 bytes
Created:  20.11.2013 16:43
Modified: 20.11.2013 16:43
Company:  Apple Inc.
----------
Key:  RXDCExtSvr
CLSID: {0FB82570-BB2D-23D3-8D3B-AC2F34F1FA3C}
Path:  C:\Program Files\Roxio\Virtual Drive 10\DC_ShellExt64.dll
C:\Program Files\Roxio\Virtual Drive 10\DC_ShellExt64.dll
145904 bytes
Created:  26.06.2009 12:31
Modified: 26.06.2009 12:31
Company:  Sonic Solutions
----------
Key:  TuneUp Shredder Shell Extension
CLSID: {4858E7D9-8E12-45a3-B6A3-1CD128C9D403}
Path:  D:\TuneUp Utilities 2011\SDShelEx-x64.dll
D:\TuneUp Utilities 2011\SDShelEx-x64.dll
28480 bytes
Created:  13.12.2011 10:29
Modified: 13.12.2011 10:29
Company:  TuneUp Software
----------
Key:  VersionsPageShellExt
CLSID: {9E42900A-85F9-4E67-9778-575FBBA0A81C}
Path:  D:\Acronis True Image_2011\x64\versions_page.dll
D:\Acronis True Image_2011\x64\versions_page.dll
142176 bytes
Created:  22.09.2011 23:22
Modified: 22.09.2011 23:22
Company:  Acronis
----------
Key:  {C539A15A-3AF9-4c92-B771-50CB78F5C751}
Path:  D:\Acronis True Image_2011\tishell64.dll
D:\Acronis True Image_2011\tishell64.dll
1246088 bytes
Created:  22.09.2011 23:22
Modified: 22.09.2011 23:22
Company:  Acronis
----------

************************************************************
17:37:20: Scanning ----- 64-Bit Folder\ColumnHandlers -----
No Folder\ColumnHandler entries found to scan

************************************************************
17:37:20: Scanning ----- Browser Helper Objects -----
Key: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
BHO: D:\Java\bin\ssv.dll
D:\Java\bin\ssv.dll
462760 bytes
Created:  20.10.2013 13:37
Modified: 14.04.2014 20:11
Company:  Oracle Corporation
----------
Key: {DBC80044-A445-435b-BC74-9C25C1C588A9}
BHO: D:\Java\bin\jp2ssv.dll
D:\Java\bin\jp2ssv.dll
171944 bytes
Created:  20.10.2013 13:37
Modified: 14.04.2014 20:07
Company:  Oracle Corporation
----------

************************************************************
17:37:20: Scanning ----- 64-Bit Browser Helper Objects -----
Key: {9030D464-4C02-4ABF-8ECC-5164760863C6}
BHO: C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
529664 bytes
Created:  17.07.2012 15:17
Modified: 17.07.2012 15:17
Company:  Microsoft Corp.
----------

************************************************************
17:37:21: Scanning ----- ShellServiceObjectDelayLoad Entries -----

************************************************************
17:37:21: Scanning ----- 64-Bit ShellServiceObjectDelayLoad Entries -----

************************************************************
17:37:21: Scanning ----- ShellServiceObjects -----

************************************************************
17:37:25: Scanning ----- 64-Bit ShellServiceObjects -----

************************************************************
17:37:30: Scanning ----- SHAREDTASKSCHEDULER ENTRIES -----
No SharedTaskScheduler entries found to scan

************************************************************
17:37:30: Scanning ----- IMAGEFILE DEBUGGERS -----
No "Debugger" entries found.

************************************************************
17:37:30: Scanning ----- APPINIT_DLLS -----
AppInitDLLs entry = []
 - this reference will be removed
----------

************************************************************
17:40:18: Scanning ----- 64-Bit APPINIT_DLLS -----
AppInitDLLs entry = []
 - this reference will be removed
----------

************************************************************
17:40:23: Scanning ----- SECURITY PROVIDER DLLS -----

************************************************************
17:40:23: Scanning ----- CREDENTIAL PROVIDERS -----

************************************************************
17:40:25: Scanning ------ COMMON STARTUP GROUP ------
[C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup]
The Common Startup Group attempts to load the following file(s) at boot time:
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-HS- 174 bytes
Created:  14.07.2009 06:54
Modified: 14.07.2009 06:54
Company:  [no info]
--------------------

************************************************************
17:40:25: Scanning ----- USER STARTUP GROUPS -----
Checking Startup Group for: sauterch
[C:\Users\sauterch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup]
C:\Users\sauterch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-HS- 174 bytes
Created:  30.12.2010 22:36
Modified: 15.05.2014 18:17
Company:  [no info]
----------
--------------------

************************************************************
17:40:25: Scanning ----- SCHEDULED TASKS -----
Scheduled Tasks not scanned: running in Safe Mode so Task Scheduler service not running

************************************************************
17:40:25: Scanning ----- SHELLICONOVERLAYIDENTIFIERS -----

************************************************************
17:40:25: Scanning ----- DEVICE DRIVER ENTRIES -----
Value: vidc.i420
File:  lvcodec2.dll
C:\Windows\SysWoW64\lvcodec2.dll
416280 bytes
Created:  26.07.2008 16:23
Modified: 26.07.2008 16:23
Company:  Logitech Inc.
----------
Value: msacm.l3acm
File:  C:\Windows\SysWOW64\l3codeca.acm
C:\Windows\SysWOW64\l3codeca.acm
64000 bytes
Created:  14.07.2009 02:07
Modified: 14.07.2009 03:14
Company:  Fraunhofer Institut Integrierte Schaltungen IIS
----------

************************************************************
17:40:26: ----- ADDITIONAL CHECKS -----
Heuristic checks for hidden files/drivers completed
----------
Layered Service Provider entries checks completed
----------
Windows Explorer Policies checks completed
----------
Desktop Wallpaper: C:\Users\sauterch\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
C:\Users\sauterch\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
144595 bytes
Created:  30.12.2010 22:36
Modified: 30.08.2013 21:04
Company:  [no info]
----------
Web Desktop Wallpaper entry is blank
----------
Checks for rogue DNS NameServers completed
----------
Checks for Backdoor.ZeroAccess completed
----------
Safe Mode checks completed
----------
Additional checks completed

************************************************************
17:40:26: Scanning ----- RUNNING PROCESSES -----

C:\Windows\System32\smss.exe
112640 bytes
Created:  12.09.2013 18:17
Modified: 02.08.2013 02:59
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\csrss.exe
7680 bytes
Created:  14.07.2009 01:19
Modified: 14.07.2009 03:39
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\wininit.exe
129024 bytes
Created:  14.07.2009 01:52
Modified: 14.07.2009 03:39
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\winlogon.exe
455168 bytes
Created:  14.05.2014 18:13
Modified: 04.03.2014 11:43
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\services.exe
328704 bytes
Created:  14.07.2009 01:19
Modified: 14.07.2009 03:39
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\lsass.exe
31232 bytes
Created:  14.05.2014 18:13
Modified: 12.04.2014 04:19
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\lsm.exe
343040 bytes
Created:  27.04.2011 22:52
Modified: 20.11.2010 15:24
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\svchost.exe
27136 bytes
Created:  14.07.2009 01:31
Modified: 14.07.2009 03:39
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\ctfmon.exe
9728 bytes
Created:  14.07.2009 01:39
Modified: 14.07.2009 03:39
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\dllhost.exe
9728 bytes
Created:  14.07.2009 01:59
Modified: 14.07.2009 03:39
Company:  Microsoft Corporation
--------------------
D:\Trojan Remover\Rmvtrjan.exe
FileSize:          5468008
[This is a Trojan Remover component]
--------------------
--------------------

************************************************************
17:40:28: Checking HOSTS file
No malicious entries were found in the HOSTS file

************************************************************
17:40:28: Checking ----- ROGUE BROWSER MODIFICATIONS -----
{006ee092-9658-4fd6-bd8e-a21a348e59f5} - this rogue IE SearchScope, associated with BrowserHijack.SnapDo, has been removed

************************************************************
------ INTERNET EXPLORER HOME/START/SEARCH SETTINGS ------
HKLM\Software\Microsoft\Internet Explorer\Main\"Start Page":
about:blank
HKLM\Software\Microsoft\Internet Explorer\Main\"Local Page":
C:\Windows\SysWOW64\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main\"Search Page":
hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKCU\Software\Microsoft\Internet Explorer\Main\"Start Page":
hxxp://www.my-online-search.com/?babsrc=HP_ofln&mntrId=D840ED1AFF0F1A72&cat=delta&dlb=0&affID=122471
HKCU\Software\Microsoft\Internet Explorer\Main\"Local Page":
C:\Windows\system32\blank.htm
HKCU\Software\Microsoft\Internet Explorer\Main\"Search Page":
hxxp://go.microsoft.com/fwlink/?LinkId=54896

************************************************************
=== CHANGES WERE MADE TO THE WINDOWS REGISTRY ===
Scan completed at: 17:40:35 23 Jul 2014
Total Scan time: 00:03:52
-------------------------------------------------------------------------
Trojan Remover needs to restart the system to complete operations
23.07.2014 17:40:39: restart commenced
************************************************************


======================================
[INCOMPLETE SCAN LOG RECOVERED]
======================================
***** NORMAL SCAN FOR ACTIVE MALWARE *****
Trojan Remover Ver 6.9.1.2931. For information, email support@simplysup.com
[Registered to: sauterch@yahoo.de]
Scan started at: 22:43:11 15 Jul 2014
Using Database v8420
Operating System:  Windows 7 x64 Home Premium (SP1) [Build: 6.1.7601]
File System:      NTFS
User Account Control is Enabled
[Secure Desktop Prompt is DISABLED]
UserData directory: C:\Users\sauterch\AppData\Roaming\Simply Super Software\Trojan Remover\
Database directory: C:\ProgramData\Simply Super Software\Trojan Remover\Data\
Logfile directory:  C:\Users\sauterch\Documents\Simply Super Software\Trojan Remover Logfiles\
Program directory:  D:\Trojan Remover\
Running with Administrator privileges

************************************************************
22:43:11: ----- Checking Default File Associations -----
No modified default file associations detected

************************************************************
22:43:11: ----- SCANNING FOR ROOTKIT SERVICES -----
No hidden Services were detected.

************************************************************
22:43:11: Scanning ----- Windows Registry -----
--------------------
Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
This key's "Shell" value calls the following program(s):
Key value: [explorer.exe]
File: C:\Windows\Explorer.exe
C:\Windows\Explorer.exe
2871808 bytes
Created:  27.04.2011 18:56
Modified: 25.02.2011 08:19
Company:  Microsoft Corporation
----------
This key's "Userinit" value calls the following program(s):
Key value: [C:\Windows\system32\userinit.exe,]
File: C:\Windows\system32\userinit.exe
C:\Windows\System32\userinit.exe
30720 bytes
Created:  27.04.2011 22:51
Modified: 20.11.2010 15:25
Company:  Microsoft Corporation
----------
--------------------
Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value Name: [TrojanScanner]
Value Data: [D:\Trojan Remover\Trjscan.exe /boot]
D:\Trojan Remover\Trjscan.exe
1666432 bytes
Created:  25.08.2013 20:52
Modified: 05.06.2014 21:46
Company:  Simply Super Software
--------------------
Value Name: [IMSS]
Value Data: ["C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"]
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
111640 bytes
Created:  31.12.2010 12:38
Modified: 30.09.2009 20:02
Company: 
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
This Registry key appears to be empty
--------------------
Checking HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Value Name: [Sidebar]
Value Data: [C:\Program Files\Windows Sidebar\sidebar.exe /autoRun]
C:\Program Files\Windows Sidebar\sidebar.exe
1475584 bytes
Created:  27.04.2011 22:52
Modified: 20.11.2010 15:25
Company:  Microsoft Corporation
--------------------
Value Name: [ctfmon.exe]
Value Data: ["C:\Windows\system32\ctfmon.exe"]
C:\Windows\SysWoW64\ctfmon.exe
8704 bytes
Created:  14.07.2009 01:26
Modified: 14.07.2009 03:14
Company:  Microsoft Corporation
--------------------
Value Name: []
Value Data: [D:\Kies\Kies\External\FirmwareUpdate\KiesPDLR.exe Run                                                                                                                                                                                                                    ]
D:\Kies\Kies\External\FirmwareUpdate\KiesPDLR.exe
845120 bytes
Created:  29.11.2011 21:58
Modified: 14.02.2014 14:55
Company:  Samsung
--------------------
Value Name: [AVMUSBFernanschluss]
Value Data: ["C:\Users\sauterch\AppData\Local\Apps\2.0\N7JC67JJ.28D\EXZ09BGP.07J\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\AVMAutoStart.exe"]
C:\Users\sauterch\AppData\Local\Apps\2.0\N7JC67JJ.28D\EXZ09BGP.07J\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\AVMAutoStart.exe
139264 bytes
Created:  30.12.2013 20:34
Modified: 30.12.2013 20:34
Company:  AVM Berlin
--------------------
Checking HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
This Registry key appears to be empty

************************************************************
22:43:13: Scanning ----- Windows 64-Bit Registry -----
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value Name: [Acronis Scheduler2 Service]
Value Data: ["C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"]
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
391240 bytes
Created:  06.12.2010 07:55
Modified: 06.12.2010 07:55
Company:  Acronis
--------------------
Value Name: [EvtMgr6]
Value Data: [D:\Logitech\SetPointP\SetPoint.exe /launchGaming]
D:\Logitech\SetPointP\SetPoint.exe
1744152 bytes
Created:  07.10.2011 11:38
Modified: 07.10.2011 11:38
Company:  Logitech, Inc.
--------------------
Value Name: [ShadowPlay]
Value Data: [C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart]
C:\Windows\System32\nvspcap64.dll
1279480 bytes
Created:  05.06.2014 10:21
Modified: 30.05.2014 01:07
Company:  NVIDIA Corporation
--------------------
Value Name: [NvBackend]
Value Data: ["C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"]
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
2352072 bytes
Created:  05.06.2014 10:21
Modified: 30.05.2014 01:35
Company:  NVIDIA Corporation
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
This Registry key appears to be empty

************************************************************
22:43:14: Scanning -----SHELLEXECUTEHOOKS-----
ShellExecuteHooks key is empty

************************************************************
22:43:14: Scanning -----HIDDEN REGISTRY ENTRIES-----
Taskdir check completed
----------
No Hidden File-loading Registry Entries found
----------

************************************************************
22:43:14: Scanning -----ACTIVE SCREENSAVER-----
ScreenSaver: C:\Windows\CSS.scr
C:\Windows\CSS.scr
371712 bytes
Created:  08.01.2008 13:37
Modified: 08.01.2008 13:37
Company:  ABF software, Inc.
--------------------

************************************************************
22:43:14: Scanning ----- REGISTRY ACTIVE SETUP KEYS -----
Key:  {2D46B6DC-2207-486B-B523-A557E6D54B47}
Path: C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
C:\Windows\SysWoW64\ie4uinit.exe - [file not found to scan]
----------

************************************************************
22:43:14: Scanning ----- SERVICEDLL REGISTRY KEYS -----

************************************************************
22:43:17: Scanning ----- SERVICES REGISTRY KEYS -----
Key:      FsUsbExDisk
ImagePath: \??\C:\Windows\SysWOW64\FsUsbExDisk.SYS
C:\Windows\SysWOW64\FsUsbExDisk.SYS
37344 bytes
Created:  22.02.2013 23:17
Modified: 05.02.2013 10:54
Company:  [no info]
----------
Key:      GDFwSvc
ImagePath: "D:\GData\Firewall\GDFwSvcx64.exe"
D:\GData\Firewall\GDFwSvcx64.exe - [file not found to scan]
----------
Key:      RxFilter
ImagePath: system32\DRIVERS\RxFilter.sys
C:\Windows\System32\DRIVERS\RxFilter.sys - [file not found to scan]
----------
Key:      SessionLauncher
ImagePath: C:\Users\sauterch\AppData\Local\Temp\DX9\SessionLauncher.exe
C:\Users\sauterch\AppData\Local\Temp\DX9\SessionLauncher.exe - [file not found to scan]
----------

************************************************************
22:43:37: Scanning -----VXD ENTRIES-----

************************************************************
22:43:37: Scanning ----- ContextMenuHandlers -----
Key:  PhotoStreamsExt
CLSID: {89D984B3-813B-406A-8298-118AFA3A22AE}
Path:  C:\Program Files (x86)\Common Files\Apple\Internet Services\ShellStreams.dll
C:\Program Files (x86)\Common Files\Apple\Internet Services\ShellStreams.dll
600392 bytes
Created:  20.11.2013 16:43
Modified: 20.11.2013 16:43
Company:  Apple Inc.
----------
Key:  TuneUp Shredder Shell Extension
CLSID: {4858E7D9-8E12-45a3-B6A3-1CD128C9D403}
Path:  D:\TuneUp Utilities 2011\SDShelEx-win32.dll
D:\TuneUp Utilities 2011\SDShelEx-win32.dll
30016 bytes
Created:  13.12.2011 10:29
Modified: 13.12.2011 10:29
Company:  TuneUp Software
----------
Key:  VersionsPageShellExt
CLSID: {9E42900A-85F9-4E67-9778-575FBBA0A81C}
Path:  D:\Acronis True Image_2011\versions_page.dll
D:\Acronis True Image_2011\versions_page.dll
128352 bytes
Created:  22.09.2011 23:22
Modified: 22.09.2011 23:22
Company:  Acronis
----------
Key:  {C539A15A-3AF9-4c92-B771-50CB78F5C751}
Path:  D:\Acronis True Image_2011\tishell.dll
D:\Acronis True Image_2011\tishell.dll
1030536 bytes
Created:  22.09.2011 23:21
Modified: 22.09.2011 23:21
Company:  Acronis
----------

************************************************************
22:43:37: Scanning ----- Folder\ColumnHandlers -----
Key:  {16148659-720A-457d-850B-2DBD87BB129D}
File: D:\Audible\Bin\AudibleExt.dll
D:\Audible\Bin\AudibleExt.dll
165208 bytes
Created:  09.04.2009 13:55
Modified: 09.04.2009 13:55
Company:  Audible, Inc.
----------

************************************************************
22:43:38: Scanning ----- 64-Bit ContextMenuHandlers -----
Key:  7-Zip
CLSID: {23170F69-40C1-278A-1000-000100020000}
Path:  D:\7-Zip\7-zip.dll
D:\7-Zip\7-zip.dll
86016 bytes
Created:  18.11.2010 22:08
Modified: 18.11.2010 22:08
Company:  Igor Pavlov
----------
Key:  PhotoStreamsExt
CLSID: {89D984B3-813B-406A-8298-118AFA3A22AE}
Path:  C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll
C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll
1242440 bytes
Created:  20.11.2013 16:43
Modified: 20.11.2013 16:43
Company:  Apple Inc.
----------
Key:  RXDCExtSvr
CLSID: {0FB82570-BB2D-23D3-8D3B-AC2F34F1FA3C}
Path:  C:\Program Files\Roxio\Virtual Drive 10\DC_ShellExt64.dll
C:\Program Files\Roxio\Virtual Drive 10\DC_ShellExt64.dll
145904 bytes
Created:  26.06.2009 12:31
Modified: 26.06.2009 12:31
Company:  Sonic Solutions
----------
Key:  TuneUp Shredder Shell Extension
CLSID: {4858E7D9-8E12-45a3-B6A3-1CD128C9D403}
Path:  D:\TuneUp Utilities 2011\SDShelEx-x64.dll
D:\TuneUp Utilities 2011\SDShelEx-x64.dll
28480 bytes
Created:  13.12.2011 10:29
Modified: 13.12.2011 10:29
Company:  TuneUp Software
----------
Key:  VersionsPageShellExt
CLSID: {9E42900A-85F9-4E67-9778-575FBBA0A81C}
Path:  D:\Acronis True Image_2011\x64\versions_page.dll
D:\Acronis True Image_2011\x64\versions_page.dll
142176 bytes
Created:  22.09.2011 23:22
Modified: 22.09.2011 23:22
Company:  Acronis
----------
Key:  {C539A15A-3AF9-4c92-B771-50CB78F5C751}
Path:  D:\Acronis True Image_2011\tishell64.dll
D:\Acronis True Image_2011\tishell64.dll
1246088 bytes
Created:  22.09.2011 23:22
Modified: 22.09.2011 23:22
Company:  Acronis
----------

************************************************************
22:43:38: Scanning ----- 64-Bit Folder\ColumnHandlers -----

************************************************************
22:43:38: Scanning ----- Browser Helper Objects -----
Key: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
BHO: D:\Java\bin\ssv.dll
D:\Java\bin\ssv.dll
462760 bytes
Created:  20.10.2013 13:37
Modified: 14.04.2014 20:11
Company:  Oracle Corporation
----------
Key: {DBC80044-A445-435b-BC74-9C25C1C588A9}
BHO: D:\Java\bin\jp2ssv.dll
D:\Java\bin\jp2ssv.dll
171944 bytes
Created:  20.10.2013 13:37
Modified: 14.04.2014 20:07
Company:  Oracle Corporation
----------

************************************************************
22:43:39: Scanning ----- 64-Bit Browser Helper Objects -----
Key: {9030D464-4C02-4ABF-8ECC-5164760863C6}
BHO: C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
529664 bytes
Created:  17.07.2012 15:17
Modified: 17.07.2012 15:17
Company:  Microsoft Corp.
----------

************************************************************
22:43:39: Scanning ----- ShellServiceObjectDelayLoad Entries -----

************************************************************
22:43:39: Scanning ----- 64-Bit ShellServiceObjectDelayLoad Entries -----

************************************************************
22:43:39: Scanning ----- ShellServiceObjects -----

************************************************************
22:43:42: Scanning ----- 64-Bit ShellServiceObjects -----

************************************************************
22:43:45: Scanning ----- SHAREDTASKSCHEDULER ENTRIES -----
No SharedTaskScheduler entries found to scan

************************************************************
22:43:45: Scanning ----- IMAGEFILE DEBUGGERS -----
Key = kies.exe
Image File Debugger details:
D:\TuneUp Utilities 2011\TUAutoReactivator64.exe
113472 bytes
Created:  13.12.2011 10:35
Modified: 13.12.2011 10:35
Company:  TuneUp Software
"D:\TuneUp Utilities 2011\TUAutoReactivator64.exe" - Debugger entry has been excluded from scanning
----------
Key = kiesagent.exe
Image File Debugger details:
D:\TuneUp Utilities 2011\TUAutoReactivator64.exe
113472 bytes
Created:  13.12.2011 10:35
Modified: 13.12.2011 10:35
Company:  TuneUp Software
"D:\TuneUp Utilities 2011\TUAutoReactivator64.exe" - Debugger entry has been excluded from scanning
----------
Key = setup.exe
Image File Debugger details:
D:\TuneUp Utilities 2011\TUAutoReactivator64.exe
113472 bytes
Created:  13.12.2011 10:35
Modified: 13.12.2011 10:35
Company:  TuneUp Software
"D:\TuneUp Utilities 2011\TUAutoReactivator64.exe" - Debugger entry has been excluded from scanning
----------

************************************************************
22:43:45: Scanning ----- APPINIT_DLLS -----
No AppInit_DLLs value found to check

************************************************************
22:43:45: Scanning ----- 64-Bit APPINIT_DLLS -----
No 64-Bit AppInit_DLLs value found to check

************************************************************
22:43:46: Scanning ----- SECURITY PROVIDER DLLS -----

************************************************************
22:43:46: Scanning ----- CREDENTIAL PROVIDERS -----

************************************************************
22:43:47: Scanning ------ COMMON STARTUP GROUP ------
[C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup]
The Common Startup Group attempts to load the following file(s) at boot time:
Audible Download Manager.lnk - links to D:\Audible\Bin\AUDIBL~1.EXE
D:\Audible\Bin\AUDIBL~1.EXE
2125472 bytes
Created:  14.03.2011 10:22
Modified: 14.03.2011 10:22
Company:  Audible, Inc.
--------------------
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-HS- 174 bytes
Created:  14.07.2009 06:54
Modified: 14.07.2009 06:54
Company:  [no info]
--------------------

************************************************************
22:43:48: Scanning ----- USER STARTUP GROUPS -----
Checking Startup Group for: sauterch
[C:\Users\sauterch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup]
C:\Users\sauterch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-HS- 174 bytes
Created:  30.12.2010 22:36
Modified: 15.05.2014 18:17
Company:  [no info]
----------
--------------------

************************************************************
22:43:48: Scanning ----- SCHEDULED TASKS -----
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
[INCOMPLETE SCAN LOG RECOVERED]
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

======================================
[INCOMPLETE SCAN LOG RECOVERED]
======================================
***** NORMAL SCAN FOR ACTIVE MALWARE *****
Trojan Remover Ver 6.9.1.2931. For information, email support@simplysup.com
[Registered to: sauterch@yahoo.de]
Scan started at: 22:34:52 15 Jul 2014
Using Database v8420
Operating System:  Windows 7 x64 Home Premium (SP1) [Build: 6.1.7601]
File System:      NTFS
User Account Control is Enabled
[Secure Desktop Prompt is DISABLED]
UserData directory: C:\Users\sauterch\AppData\Roaming\Simply Super Software\Trojan Remover\
Database directory: C:\ProgramData\Simply Super Software\Trojan Remover\Data\
Logfile directory:  C:\Users\sauterch\Documents\Simply Super Software\Trojan Remover Logfiles\
Program directory:  D:\Trojan Remover\
Running with Administrator privileges

************************************************************
22:34:52: ----- Checking Default File Associations -----
No modified default file associations detected

************************************************************
22:34:52: ----- SCANNING FOR ROOTKIT SERVICES -----
No hidden Services were detected.

************************************************************
22:34:53: Scanning ----- Windows Registry -----
--------------------
Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
This key's "Shell" value calls the following program(s):
Key value: [explorer.exe]
File: C:\Windows\Explorer.exe
C:\Windows\Explorer.exe
2871808 bytes
Created:  27.04.2011 18:56
Modified: 25.02.2011 08:19
Company:  Microsoft Corporation
----------
This key's "Userinit" value calls the following program(s):
Key value: [C:\Windows\system32\userinit.exe,]
File: C:\Windows\system32\userinit.exe
C:\Windows\System32\userinit.exe
30720 bytes
Created:  27.04.2011 22:51
Modified: 20.11.2010 15:25
Company:  Microsoft Corporation
----------
--------------------
Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value Name: [TrojanScanner]
Value Data: [D:\Trojan Remover\Trjscan.exe /boot]
D:\Trojan Remover\Trjscan.exe
1666432 bytes
Created:  25.08.2013 20:52
Modified: 05.06.2014 21:46
Company:  Simply Super Software
--------------------
Value Name: [IMSS]
Value Data: ["C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"]
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
111640 bytes
Created:  31.12.2010 12:38
Modified: 30.09.2009 20:02
Company: 
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
This Registry key appears to be empty
--------------------
Checking HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Value Name: [Sidebar]
Value Data: [C:\Program Files\Windows Sidebar\sidebar.exe /autoRun]
C:\Program Files\Windows Sidebar\sidebar.exe
1475584 bytes
Created:  27.04.2011 22:52
Modified: 20.11.2010 15:25
Company:  Microsoft Corporation
--------------------
Value Name: [ctfmon.exe]
Value Data: ["C:\Windows\system32\ctfmon.exe"]
C:\Windows\SysWoW64\ctfmon.exe
8704 bytes
Created:  14.07.2009 01:26
Modified: 14.07.2009 03:14
Company:  Microsoft Corporation
--------------------
Value Name: []
Value Data: [D:\Kies\Kies\External\FirmwareUpdate\KiesPDLR.exe Run                                                                                                                                                                                                                    ]
D:\Kies\Kies\External\FirmwareUpdate\KiesPDLR.exe
845120 bytes
Created:  29.11.2011 21:58
Modified: 14.02.2014 14:55
Company:  Samsung
--------------------
Value Name: [AVMUSBFernanschluss]
Value Data: ["C:\Users\sauterch\AppData\Local\Apps\2.0\N7JC67JJ.28D\EXZ09BGP.07J\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\AVMAutoStart.exe"]
C:\Users\sauterch\AppData\Local\Apps\2.0\N7JC67JJ.28D\EXZ09BGP.07J\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\AVMAutoStart.exe
139264 bytes
Created:  30.12.2013 20:34
Modified: 30.12.2013 20:34
Company:  AVM Berlin
--------------------
Checking HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
This Registry key appears to be empty

************************************************************
22:34:54: Scanning ----- Windows 64-Bit Registry -----
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value Name: [Acronis Scheduler2 Service]
Value Data: ["C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"]
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
391240 bytes
Created:  06.12.2010 07:55
Modified: 06.12.2010 07:55
Company:  Acronis
--------------------
Value Name: [EvtMgr6]
Value Data: [D:\Logitech\SetPointP\SetPoint.exe /launchGaming]
D:\Logitech\SetPointP\SetPoint.exe
1744152 bytes
Created:  07.10.2011 11:38
Modified: 07.10.2011 11:38
Company:  Logitech, Inc.
--------------------
Value Name: [ShadowPlay]
Value Data: [C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart]
C:\Windows\System32\nvspcap64.dll
1279480 bytes
Created:  05.06.2014 10:21
Modified: 30.05.2014 01:07
Company:  NVIDIA Corporation
--------------------
Value Name: [NvBackend]
Value Data: ["C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"]
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
2352072 bytes
Created:  05.06.2014 10:21
Modified: 30.05.2014 01:35
Company:  NVIDIA Corporation
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
This Registry key appears to be empty

************************************************************
22:34:55: Scanning -----SHELLEXECUTEHOOKS-----
ShellExecuteHooks key is empty

************************************************************
22:34:55: Scanning -----HIDDEN REGISTRY ENTRIES-----
Taskdir check completed
----------
No Hidden File-loading Registry Entries found
----------

************************************************************
22:34:55: Scanning -----ACTIVE SCREENSAVER-----
ScreenSaver: C:\Windows\CSS.scr
C:\Windows\CSS.scr
371712 bytes
Created:  08.01.2008 13:37
Modified: 08.01.2008 13:37
Company:  ABF software, Inc.
--------------------

************************************************************
22:34:55: Scanning ----- REGISTRY ACTIVE SETUP KEYS -----
Key:  {2D46B6DC-2207-486B-B523-A557E6D54B47}
Path: C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
C:\Windows\SysWoW64\ie4uinit.exe - [file not found to scan]
----------

************************************************************
22:34:55: Scanning ----- SERVICEDLL REGISTRY KEYS -----
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
[INCOMPLETE SCAN LOG RECOVERED]
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

***** NORMAL SCAN FOR ACTIVE MALWARE *****
Trojan Remover Ver 6.9.1.2629. For information, email support@simplysup.com
[Registered to: sauterch@yahoo.de]
Scan started at: 22:50:00 03 Apr 2014
Using Database v8344
Operating System:  Windows 7 x64 Home Premium (SP1) [Build: 6.1.7601]
File System:      NTFS
User Account Control is Enabled
[Secure Desktop Prompt is DISABLED]
UserData directory: C:\Users\sauterch\AppData\Roaming\Simply Super Software\Trojan Remover\
Database directory: C:\ProgramData\Simply Super Software\Trojan Remover\Data\
Logfile directory:  C:\Users\sauterch\Documents\Simply Super Software\Trojan Remover Logfiles\
Program directory:  D:\Trojan Remover\
Running with Administrator privileges

************************************************************
22:50:01: ----- Checking Default File Associations -----
No modified default file associations detected

************************************************************
22:50:01: ----- SCANNING FOR ROOTKIT SERVICES -----
No hidden Services were detected.

************************************************************
22:50:01: Scanning ----- Windows Registry -----
--------------------
Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
This key's "Shell" value calls the following program(s):
Key value: [explorer.exe]
File: C:\Windows\Explorer.exe
C:\Windows\Explorer.exe
2871808 bytes
Created:  27.04.2011 18:56
Modified: 25.02.2011 08:19
Company:  Microsoft Corporation
----------
This key's "Userinit" value calls the following program(s):
Key value: [C:\Windows\system32\userinit.exe,]
File: C:\Windows\system32\userinit.exe
C:\Windows\System32\userinit.exe
30720 bytes
Created:  27.04.2011 22:51
Modified: 20.11.2010 15:25
Company:  Microsoft Corporation
----------
--------------------
Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value Name: [G Data AntiVirus Tray Application]
Value Data: [D:\GData\AVKTray\AVKTray.exe]
D:\GData\AVKTray\AVKTray.exe
1035216 bytes
Created:  22.02.2013 23:08
Modified: 09.01.2013 14:01
Company:  G Data Software AG
--------------------
Value Name: [GDFirewallTray]
Value Data: [D:\GData\Firewall\GDFirewallTray.exe]
D:\GData\Firewall\GDFirewallTray.exe
1475096 bytes
Created:  08.01.2013 13:21
Modified: 29.11.2012 06:20
Company:  G Data Software AG
--------------------
Value Name: [TrojanScanner]
Value Data: [D:\Trojan Remover\Trjscan.exe /boot]
D:\Trojan Remover\Trjscan.exe
1661856 bytes
Created:  25.08.2013 20:52
Modified: 23.02.2014 20:04
Company:  Simply Super Software
--------------------
Value Name: [IMSS]
Value Data: ["C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"]
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
111640 bytes
Created:  31.12.2010 12:38
Modified: 30.09.2009 20:02
Company: 
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
This Registry key appears to be empty
--------------------
Checking HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Value Name: [Sidebar]
Value Data: [C:\Program Files\Windows Sidebar\sidebar.exe /autoRun]
C:\Program Files\Windows Sidebar\sidebar.exe
1475584 bytes
Created:  27.04.2011 22:52
Modified: 20.11.2010 15:25
Company:  Microsoft Corporation
--------------------
Value Name: [ctfmon.exe]
Value Data: ["C:\Windows\system32\ctfmon.exe"]
C:\Windows\SysWoW64\ctfmon.exe
8704 bytes
Created:  14.07.2009 01:26
Modified: 14.07.2009 03:14
Company:  Microsoft Corporation
--------------------
Value Name: []
Value Data: [D:\Kies\Kies\External\FirmwareUpdate\KiesPDLR.exe Run]
D:\Kies\Kies\External\FirmwareUpdate\KiesPDLR.exe
845120 bytes
Created:  29.11.2011 21:58
Modified: 14.02.2014 14:55
Company:  Samsung
--------------------
Value Name: [AVMUSBFernanschluss]
Value Data: ["C:\Users\sauterch\AppData\Local\Apps\2.0\N7JC67JJ.28D\EXZ09BGP.07J\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\AVMAutoStart.exe"]
C:\Users\sauterch\AppData\Local\Apps\2.0\N7JC67JJ.28D\EXZ09BGP.07J\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\AVMAutoStart.exe
139264 bytes
Created:  30.12.2013 20:34
Modified: 30.12.2013 20:34
Company:  AVM Berlin
--------------------
Checking HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
Value Name: [Uninstall C:\Users\sauterch\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64]
Value Data: [C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\sauterch\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64"]
rmdir /s /q C:\Users\sauterch\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64 - [file not found to scan]

************************************************************
22:50:02: Scanning ----- Windows 64-Bit Registry -----
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value Name: [Acronis Scheduler2 Service]
Value Data: ["C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"]
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
391240 bytes
Created:  06.12.2010 07:55
Modified: 06.12.2010 07:55
Company:  Acronis
--------------------
Value Name: [EvtMgr6]
Value Data: [D:\Logitech\SetPointP\SetPoint.exe /launchGaming]
D:\Logitech\SetPointP\SetPoint.exe
1744152 bytes
Created:  07.10.2011 11:38
Modified: 07.10.2011 11:38
Company:  Logitech, Inc.
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
This Registry key appears to be empty

************************************************************
22:50:03: Scanning -----SHELLEXECUTEHOOKS-----
ShellExecuteHooks key is empty

************************************************************
22:50:03: Scanning -----HIDDEN REGISTRY ENTRIES-----
Taskdir check completed
----------
No Hidden File-loading Registry Entries found
----------

************************************************************
22:50:03: Scanning -----ACTIVE SCREENSAVER-----
ScreenSaver: C:\Windows\KAMINF~1.SCR
C:\Windows\KAMINF~1.SCR
14257664 bytes
Created:  02.02.2014 16:07
Modified: 21.05.2013 20:03
Company:  Jochen Moschko
--------------------

************************************************************
22:50:03: Scanning ----- REGISTRY ACTIVE SETUP KEYS -----
Key:  {2D46B6DC-2207-486B-B523-A557E6D54B47}
Path: C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
C:\Windows\SysWoW64\ie4uinit.exe - [file not found to scan]
----------

************************************************************
22:50:03: Scanning ----- SERVICEDLL REGISTRY KEYS -----
Key:  UxTuneUp
Path: %SystemRoot%\System32\uxtuneup.dll
C:\Windows\System32\uxtuneup.dll
36160 bytes
Created:  15.01.2011 17:11
Modified: 13.12.2011 10:29
Company:  TuneUp Software
----------
Key:  wuauserv
Path: C:\Windows\system32\wuaueng.dll
C:\Windows\System32\wuaueng.dll
2428952 bytes
Created:  22.06.2012 18:39
Modified: 03.06.2012 00:19
Company:  Microsoft Corporation
----------

************************************************************


Alle Zeitangaben in WEZ +1. Es ist jetzt 18:51 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19