Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Über Nacht: Kein ereignisprotokoll, keine Internetverbindung, PC sehr langsam nach Anmeldung (https://www.trojaner-board.de/157020-uber-nacht-kein-ereignisprotokoll-keine-internetverbindung-pc-sehr-langsam-anmeldung.html)

sauterch 29.07.2014 21:32
Über Nacht: Kein ereignisprotokoll, keine Internetverbindung, PC sehr langsam nach Anmeldung
 
Hallo zusammen,

ich versuche nun schon seit 3 Wochen meinen Rechner zu reparieren, leider zwecklos trotz Google und diversen Foren. Deshalb probiere ich nun mal selbst ein Thema zu eröffnen in der Hoffnung, dass ich mal einen Schritt vorwärts mache.
Zum Problem: Ich hatte versehentlich meinen Rechner über Nacht laufen lassen, da ich u.a. ein Backup meines Samsung Handys durchgeführt hatte. Am nächsten Morgen bemerkte ich beim Herunterfahren des Rechners, dass er extrem lange benötigt. Fahre ich den Rechner hoch läuft alles Problemlos bis nach der Anmeldung als Admin-Benutzer. Ab hier geht alles sehr langsam (Rechner braucht sehr lange bis der Startbildschirm bzw. Desktop erscheint). Des Weiteren habe ich keine Internetverbindung mehr.
Folgende Meldung poppt u.a. auf:
Es konnte keine Verbindung mit einem Windows-Dienst hergestellt (das ist die Überschrift)
Es konnte keine Verbindung mit dem Dienst "Benachrichtigungsdienst für Systemereignisse" hergestellt werden. Daher können sich Standardnutzer nicht am System anmelden. Wenn Sie Administrator sind, finden Sie weitere Details zu diesem Fehler im systemere
Sobald ich die Maus bewege verschwindet die Meldung.
Später habe ich noch herausgefunden, dass das Ereignisprotokoll nicht aktiviert ist. Auch durch vieles und langes googeln konnte ich das Ereignisprotokoll nicht aktivieren.
Im abgesicherten Modus läuft der Rechner aber auch hier keine Internetverbindung und kein Erreignisprotokoll

Ich habe sfc scans durchgeführt -> nichts gefunden
Anti-Malware scan -> hat ca. 10 Dateien gefunden die ich bereits gelöscht habe
G-Data start-scan -> nichts gefunden (mittlerweile habe ich GData deinstalliert da ich dachte das Programm blockiert irgendetwas
Trojan-Remover scan: hat einen Trojaner gefunden (bereits gelöscht)
HijackThis scan: LogFile liegt vor falls benötigt
Win7 Reparatur mit DVD durchgeführt -> fehlgeschlagen, ohne Internet Verbindung schwierig da nicht aktuelle Version
Reparaturversuch mit Win7 Möglichkeiten (F8) -> kein erfolg
Gmer.txt log file ist leer, deshalb nicht gepostet

Ich hoffe mir kann jemand weiterhelfen. Bin um jeden Rat dankbar.

defogger_disable.txt
Code:
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 21:19 on 29/07/2014 (sauterch)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
FRST.txt
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-07-2014
Ran by sauterch (administrator) on SAUTERCH-PC on 29-07-2014 20:33:17
Running from N:\
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Safe Mode (minimal)

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [111640 2009-09-30] ()
HKLM-x32\...\runonceex: [ContentMerger] => C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\ContentMerger10.exe [19952 2009-06-26] (Sonic Solutions)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\.DEFAULT\...\Run: [GarminExpressTrayApp] => D:\Garmin\Express Tray\ExpressTray.exe [122200 2014-06-09] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-2386147833-3081857437-1213626127-1000\...\Run: [ctfmon.exe] => C:\Windows\system32\ctfmon.exe [9728 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-2386147833-3081857437-1213626127-1000\...\Run: [AVMUSBFernanschluss] => "C:\Users\sauterch\AppData\Local\Apps\2.0\N7JC67JJ.28D\EXZ09BGP.07J\frit..tion_1acae14e4778b8d2_0002 (the data entry has 41 more characters).
HKU\S-1-5-21-2386147833-3081857437-1213626127-1000\...\Policies\Explorer: [NoRecentDocsHistory] 1
HKU\S-1-5-21-2386147833-3081857437-1213626127-1000\...\Policies\Explorer: [NoRecentDocsMenu] 1

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.my-online-search.com/?babsrc=HP_ofln&mntrId=D840ED1AFF0F1A72&cat=delta&dlb=0&affID=122471
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x618CF0B50BFACD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKCU - DefaultScope {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p24_serp_ie_de_display?ie=UTF8&tagbase=bds-p24&tag=bds-p24-serp-de-ie-21&tbrId=v1_abb-channel-24_4bd9705f7ce34286b66d3eda149032da_39_1007_20130820_DE_ie_ds_&query={searchTerms}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.my-online-search.com/?q={searchTerms}&babsrc=SP_ofln&mntrId=D840ED1AFF0F1A72&cat=delta&dlb=0&affID=122471
SearchScopes: HKCU - {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p24_serp_ie_de_display?ie=UTF8&tagbase=bds-p24&tag=bds-p24-serp-de-ie-21&tbrId=v1_abb-channel-24_4bd9705f7ce34286b66d3eda149032da_39_1007_20130820_DE_ie_ds_&query={searchTerms}
SearchScopes: HKCU - {C1712D6F-212C-4935-9DA4-A11FDD428DAB} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=827316&p={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\Java\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\Java\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} https://support.dell.com/systemprofiler/SysProExe.CAB
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 05 %ProgramFiles(x86)%\FRITZ!DSL\\sarah.dll File Not found ()
Winsock: Missing Catalog5-x64 entry, broken internet access. <===== ATTENTION.
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\sauterch\AppData\Roaming\Mozilla\Firefox\Profiles\yzhn2xac.default
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - D:\PDF_XChange Viewer\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - D:\PDF_XChange Viewer\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - D:\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - D:\PDF_XChange Viewer\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - D:\Picasa\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - D:\Java\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - D:\Java\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nullsoft.com/winampDetector;version=1 - D:\Winamp Detect\npwachk.dll (Nullsoft, Inc.)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - D:\PDF_XChange Viewer\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - D:\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - D:\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: PDF Architect 2 - C:\Program Files (x86)\PDF Architect 2\np-previewer.dll (pdfforge GmbH)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - D:\PDF_XChange Viewer\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF user.js: detected! => C:\Users\sauterch\AppData\Roaming\Mozilla\Firefox\Profiles\yzhn2xac.default\user.js
FF SearchPlugin: C:\Users\sauterch\AppData\Roaming\Mozilla\Firefox\Profiles\yzhn2xac.default\searchplugins\amazon.xml
FF Extension: ProxTube - Unblock YouTube - C:\Users\sauterch\AppData\Roaming\Mozilla\Firefox\Profiles\yzhn2xac.default\Extensions\ich@maltegoetz.de [2013-12-30]
FF Extension: Garmin Communicator - C:\Users\sauterch\AppData\Roaming\Mozilla\Firefox\Profiles\yzhn2xac.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2014-05-13]
FF Extension: Add-on Compatibility Reporter - C:\Users\sauterch\AppData\Roaming\Mozilla\Firefox\Profiles\yzhn2xac.default\Extensions\compatibility@addons.mozilla.org.xpi [2011-11-10]
FF Extension: Session Manager - C:\Users\sauterch\AppData\Roaming\Mozilla\Firefox\Profiles\yzhn2xac.default\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2013-08-22]
FF Extension: Adblock Plus - C:\Users\sauterch\AppData\Roaming\Mozilla\Firefox\Profiles\yzhn2xac.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-03-28]
FF Extension: Tab Mix Plus - C:\Users\sauterch\AppData\Roaming\Mozilla\Firefox\Profiles\yzhn2xac.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2011-05-11]
FF StartMenuInternet: FIREFOX.EXE - D:\Mozilla Firefox\firefox.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

ATTENTION: => Could not perform signature verification. Cryptographic Service is not running.

S2 AAV UpdateService; D:\Steuer-Spar-Erklaerung\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
S2 CLKMSVC10_C19A2874; D:\Cyberlink PowerDVD\PowerDVD9\NavFilter\kmsvc.exe [247768 2013-04-03] (CyberLink)
S2 Garmin Core Update Service; D:\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [435032 2014-06-09] (Garmin Ltd or its subsidiaries)
S2 IGDCTRL; C:\Program Files\FRITZ!DSL\IGDCTRL.EXE [88888 2009-07-28] (AVM Berlin)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-30] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-30] (NVIDIA Corporation)
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1716264 2014-04-30] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-04-30] (pdfforge GmbH)
S2 SkypeUpdate; D:\Skype\Updater\Updater.exe [172192 2013-10-23] (Skype Technologies)
S2 TuneUp.UtilitiesSvc; D:\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [2028864 2011-12-13] (TuneUp Software)
S2 SessionLauncher; C:\Users\sauterch\AppData\Local\Temp\DX9\SessionLauncher.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 avmaudio; C:\Windows\System32\DRIVERS\avmaudio.sys [116096 2011-01-08] (AVM Berlin)
S3 avmaura; C:\Windows\System32\DRIVERS\avmaura.sys [116480 2012-12-22] (AVM Berlin)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] ()
S3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [62368 2013-01-08] (G Data Software AG)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-30] (NVIDIA Corporation)
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S1 RxFilter; C:\Windows\SysWOW64\DRIVERS\RxFilter.sys [65520 2009-06-26] (Sonic Solutions)
S3 TuneUpUtilitiesDrv; D:\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [11856 2010-11-29] (TuneUp Software)
U5 UnlockerDriver5; D:\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-29 20:30 - 2014-07-29 20:30 - 00000000 _____ () C:\Users\sauterch\Desktop\Gmer.txt
2014-07-29 20:10 - 2014-07-29 20:33 - 00000000 ___DC () C:\FRST
2014-07-29 20:08 - 2014-07-29 20:08 - 00000000 _____ () C:\Users\sauterch\defogger_reenable
2014-07-29 18:13 - 2014-07-29 18:13 - 00009034 _____ () C:\Users\sauterch\Desktop\E597QJAQ.log
2014-07-29 07:12 - 2014-07-29 07:12 - 00074720 _____ () C:\Users\sauterch\AppData\Local\GDIPFONTCACHEV1.DAT
2014-07-29 07:12 - 2014-07-29 07:12 - 00000000 ____D () C:\Users\sauterch\AppData\Local\Deployment
2014-07-25 21:30 - 2014-07-25 21:31 - 00010029 _____ () C:\Users\sauterch\Desktop\hijackthis.log
2014-07-24 22:20 - 2009-06-10 23:00 - 00000824 _____ () C:\Windows\system32\Drivers\etc\hosts.trb
2014-07-22 20:08 - 2014-07-22 20:08 - 00000000 ___DC () C:\bootmedium
2014-07-22 19:58 - 2014-07-23 17:44 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-22 19:57 - 2014-07-22 19:57 - 00000622 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-22 19:57 - 2014-07-22 19:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-22 19:57 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-22 19:57 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-22 19:57 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-07-22 19:55 - 2014-07-22 19:55 - 00388608 _____ (Trend Micro Inc.) C:\Users\sauterch\Desktop\HiJackThis204.exe
2014-07-22 19:40 - 2014-07-22 19:57 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-22 19:40 - 2014-07-22 19:40 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-07-20 13:41 - 2014-03-04 13:32 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-07-20 13:39 - 2014-03-04 16:35 - 31474976 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-07-20 13:39 - 2014-03-04 16:35 - 25255256 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-07-20 13:39 - 2014-03-04 16:35 - 23716640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-07-20 13:39 - 2014-03-04 16:35 - 18302384 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-07-20 13:39 - 2014-03-04 16:35 - 17755424 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-07-20 13:39 - 2014-03-04 16:35 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-07-20 13:39 - 2014-03-04 16:35 - 15783992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-07-20 13:39 - 2014-03-04 16:35 - 14709720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-07-20 13:39 - 2014-03-04 16:35 - 12708128 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-07-20 13:39 - 2014-03-04 16:35 - 11636176 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-07-20 13:39 - 2014-03-04 16:35 - 11589272 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-07-20 13:39 - 2014-03-04 16:35 - 09728064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-07-20 13:39 - 2014-03-04 16:35 - 09690424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-07-20 13:39 - 2014-03-04 16:35 - 03143456 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-07-20 13:39 - 2014-03-04 16:35 - 03093280 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-07-20 13:39 - 2014-03-04 16:35 - 02958792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-07-20 13:39 - 2014-03-04 16:35 - 02783008 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-07-20 13:39 - 2014-03-04 16:35 - 02715264 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-07-20 13:39 - 2014-03-04 16:35 - 02411976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-07-20 13:39 - 2014-03-04 16:35 - 00947808 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-07-20 13:39 - 2014-03-04 16:35 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-07-20 13:39 - 2014-03-04 16:35 - 00877856 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-07-20 13:39 - 2014-03-04 16:35 - 00863064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-07-20 13:39 - 2014-03-04 16:35 - 00846168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-07-20 13:39 - 2014-03-04 16:35 - 00832936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-07-20 13:39 - 2014-03-04 16:35 - 00353504 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-07-20 13:39 - 2014-03-04 16:35 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-07-20 13:39 - 2014-03-04 16:35 - 00174296 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-07-20 11:40 - 2014-05-20 04:44 - 01889112 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433788.dll
2014-07-20 11:40 - 2014-05-20 04:44 - 01541576 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433788.dll
2014-07-20 01:30 - 2014-03-04 16:35 - 00062408 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-07-20 01:30 - 2014-03-04 16:35 - 00054216 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-07-20 01:29 - 2013-11-28 15:38 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-07-20 01:29 - 2013-11-28 15:38 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-07-19 22:00 - 2014-03-04 15:06 - 06714312 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-07-19 22:00 - 2014-03-04 15:06 - 03497816 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-07-19 22:00 - 2014-03-04 15:05 - 03649185 _____ () C:\Windows\system32\nvcoproc.bin
2014-07-19 22:00 - 2014-03-04 15:05 - 02558808 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-07-19 22:00 - 2014-03-04 15:05 - 00922968 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-07-19 22:00 - 2014-03-04 15:05 - 00386336 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-07-19 22:00 - 2014-03-04 15:05 - 00064968 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-07-19 21:01 - 2014-03-04 16:35 - 01885472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433523.dll
2014-07-19 21:01 - 2014-03-04 16:35 - 01516488 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433523.dll
2014-07-19 13:24 - 2009-08-15 11:44 - 00008494 _____ () C:\Users\sauterch\Desktop\[1].xml
2014-07-19 13:02 - 2014-07-19 13:02 - 00000000 ____D () C:\Windows\8A809006C25A4A3A9DAB94659BCDB107.TMP
2014-07-19 12:57 - 2014-07-19 12:57 - 00000000 ___DC () C:\NVIDIA
2014-07-19 12:57 - 2010-06-22 00:07 - 00255592 _____ (NVIDIA Corporation) C:\Windows\system32\nvcohda6.dll
2014-07-19 12:47 - 2010-08-06 11:27 - 00314984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvdecodemft.dll
2014-07-17 20:42 - 2014-07-17 20:42 - 00000000 ____D () C:\Users\sauterch\AppData\Roaming\Apple Computer
2014-07-15 19:15 - 2014-07-24 22:47 - 00022958 _____ () C:\Windows\PFRO.log
2014-07-13 15:48 - 2014-07-25 22:06 - 00029955 _____ () C:\Windows\diagwrn.xml
2014-07-13 15:48 - 2014-07-25 22:03 - 00001890 _____ () C:\Windows\diagerr.xml
2014-07-13 11:26 - 2014-07-13 11:26 - 00000553 _____ () C:\Users\sauterch\Desktop\Start Unlocker.lnk
2014-07-12 16:36 - 2014-07-12 16:36 - 00000000 ____D () C:\Users\sauterch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2014-07-12 16:36 - 2014-07-12 16:36 - 00000000 ____D () C:\Users\sauterch\AppData\Roaming\Babylon
2014-07-12 16:36 - 2014-07-12 16:36 - 00000000 ____D () C:\ProgramData\Babylon
2014-07-12 12:10 - 2014-07-25 17:44 - 00049635 _____ () C:\Windows\avmacc.log
2014-07-11 20:08 - 2014-07-11 20:08 - 00000200 _____ () C:\Windows\Tasks\TuneUpUtilities_Task_BkGndMaintenance2011.job
2014-07-11 20:06 - 2014-07-12 14:38 - 00002512 _____ () C:\Windows\LkmdfCoInst.log
2014-07-10 22:27 - 2014-07-10 22:27 - 00016648 ____C () C:\bootsqm.dat
2014-07-08 20:45 - 2014-07-25 22:20 - 00006620 _____ () C:\Users\sauterch\Desktop\Windows Compatibility Report.htm
2014-07-07 17:25 - 2014-07-29 07:12 - 00013370 _____ () C:\Windows\setupact.log
2014-07-03 22:12 - 2014-07-03 22:12 - 00000000 ____D () C:\Users\sauterch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Control Center
2014-07-03 20:15 - 2014-07-03 20:15 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_netaapl64_01009.Wdf
2014-07-03 20:12 - 2014-07-12 05:59 - 00000000 ____D () C:\Users\sauterch\Documents\Audible
2014-07-03 20:12 - 2014-07-03 20:45 - 00000000 ____D () C:\Program Files (x86)\Audible
2014-06-29 15:36 - 2014-06-29 15:36 - 00000000 ____D () C:\Users\sauterch\AppData\Roaming\pdfforge_GmbH
2014-06-29 15:36 - 2014-06-29 15:36 - 00000000 ____D () C:\Users\sauterch\AppData\Roaming\PDF Architect 2

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-29 20:33 - 2014-07-29 20:10 - 00000000 ___DC () C:\FRST
2014-07-29 20:30 - 2014-07-29 20:30 - 00000000 _____ () C:\Users\sauterch\Desktop\Gmer.txt
2014-07-29 20:08 - 2014-07-29 20:08 - 00000000 _____ () C:\Users\sauterch\defogger_reenable
2014-07-29 20:08 - 2010-12-30 22:36 - 00000000 ____D () C:\Users\sauterch
2014-07-29 18:13 - 2014-07-29 18:13 - 00009034 _____ () C:\Users\sauterch\Desktop\E597QJAQ.log
2014-07-29 18:11 - 2011-01-03 17:48 - 00000000 ____D () C:\Users\sauterch\AppData\Roaming\vlc
2014-07-29 08:19 - 2010-12-30 22:28 - 01067859 _____ () C:\Windows\WindowsUpdate.log
2014-07-29 08:04 - 2009-07-14 06:45 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-29 08:04 - 2009-07-14 06:45 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-29 07:12 - 2014-07-29 07:12 - 00074720 _____ () C:\Users\sauterch\AppData\Local\GDIPFONTCACHEV1.DAT
2014-07-29 07:12 - 2014-07-29 07:12 - 00000000 ____D () C:\Users\sauterch\AppData\Local\Deployment
2014-07-29 07:12 - 2014-07-07 17:25 - 00013370 _____ () C:\Windows\setupact.log
2014-07-29 07:12 - 2011-01-06 12:19 - 00000000 ____D () C:\Users\sauterch\AppData\Local\Apps\2.0
2014-07-29 07:09 - 2010-12-31 12:47 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-07-25 22:20 - 2014-07-08 20:45 - 00006620 _____ () C:\Users\sauterch\Desktop\Windows Compatibility Report.htm
2014-07-25 22:06 - 2014-07-13 15:48 - 00029955 _____ () C:\Windows\diagwrn.xml
2014-07-25 22:03 - 2014-07-13 15:48 - 00001890 _____ () C:\Windows\diagerr.xml
2014-07-25 22:03 - 2014-04-07 06:57 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-25 21:31 - 2014-07-25 21:30 - 00010029 _____ () C:\Users\sauterch\Desktop\hijackthis.log
2014-07-25 17:44 - 2014-07-12 12:10 - 00049635 _____ () C:\Windows\avmacc.log
2014-07-24 22:47 - 2014-07-15 19:15 - 00022958 _____ () C:\Windows\PFRO.log
2014-07-24 22:15 - 2011-01-06 13:02 - 00000000 ____D () C:\ProgramData\Temp
2014-07-23 17:44 - 2014-07-22 19:58 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-23 17:30 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat
2014-07-22 20:28 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Branding
2014-07-22 20:08 - 2014-07-22 20:08 - 00000000 ___DC () C:\bootmedium
2014-07-22 19:57 - 2014-07-22 19:57 - 00000622 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-22 19:57 - 2014-07-22 19:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-22 19:57 - 2014-07-22 19:40 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-22 19:55 - 2014-07-22 19:55 - 00388608 _____ (Trend Micro Inc.) C:\Users\sauterch\Desktop\HiJackThis204.exe
2014-07-22 19:40 - 2014-07-22 19:40 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-07-20 13:54 - 2013-09-09 22:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-07-20 13:41 - 2013-03-09 22:47 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-07-19 22:00 - 2010-12-31 12:45 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-07-19 22:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help
2014-07-19 21:59 - 2011-12-10 18:36 - 00000000 ____D () C:\Temp
2014-07-19 13:02 - 2014-07-19 13:02 - 00000000 ____D () C:\Windows\8A809006C25A4A3A9DAB94659BCDB107.TMP
2014-07-19 12:57 - 2014-07-19 12:57 - 00000000 ___DC () C:\NVIDIA
2014-07-19 11:56 - 2010-12-31 07:23 - 00699868 _____ () C:\Windows\system32\perfh007.dat
2014-07-19 11:56 - 2010-12-31 07:23 - 00149750 _____ () C:\Windows\system32\perfc007.dat
2014-07-19 11:56 - 2009-07-14 07:13 - 01622164 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-19 11:54 - 2011-01-06 13:57 - 00000000 ____D () C:\ProgramData\InstallShield
2014-07-19 11:54 - 2011-01-06 12:58 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-07-19 11:54 - 2010-12-31 12:38 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-07-17 20:42 - 2014-07-17 20:42 - 00000000 ____D () C:\Users\sauterch\AppData\Roaming\Apple Computer
2014-07-17 20:23 - 2010-12-31 19:38 - 00000000 ____D () C:\Windows\pss
2014-07-15 21:24 - 2013-10-20 18:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Screenomania
2014-07-15 21:24 - 2013-10-20 13:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2014-07-15 19:15 - 2010-12-31 12:24 - 00000000 ____D () C:\ProgramData\G DATA
2014-07-13 11:26 - 2014-07-13 11:26 - 00000553 _____ () C:\Users\sauterch\Desktop\Start Unlocker.lnk
2014-07-12 16:36 - 2014-07-12 16:36 - 00000000 ____D () C:\Users\sauterch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2014-07-12 16:36 - 2014-07-12 16:36 - 00000000 ____D () C:\Users\sauterch\AppData\Roaming\Babylon
2014-07-12 16:36 - 2014-07-12 16:36 - 00000000 ____D () C:\ProgramData\Babylon
2014-07-12 14:38 - 2014-07-11 20:06 - 00002512 _____ () C:\Windows\LkmdfCoInst.log
2014-07-12 14:36 - 2011-01-06 21:30 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2014-07-12 05:59 - 2014-07-03 20:12 - 00000000 ____D () C:\Users\sauterch\Documents\Audible
2014-07-12 05:59 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-07-12 05:59 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-07-11 20:08 - 2014-07-11 20:08 - 00000200 _____ () C:\Windows\Tasks\TuneUpUtilities_Task_BkGndMaintenance2011.job
2014-07-10 22:27 - 2014-07-10 22:27 - 00016648 ____C () C:\bootsqm.dat
2014-07-07 21:47 - 2014-05-19 22:35 - 00001114 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-07 21:25 - 2013-10-14 19:49 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-07 18:35 - 2014-05-19 22:35 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-07 17:31 - 2011-11-02 20:35 - 01366861 _____ () C:\Windows\SysWOW64\sig.bin
2014-07-07 17:31 - 2011-11-02 20:35 - 00064099 _____ () C:\Windows\SysWOW64\nmp.map
2014-07-07 17:28 - 2011-01-03 17:46 - 00003954 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{E65FAF42-D005-4209-8259-34AE0371B7A1}
2014-07-07 17:25 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-06 17:39 - 2013-08-11 19:39 - 00000000 ____D () C:\Windows\Minidump
2014-07-03 22:12 - 2014-07-03 22:12 - 00000000 ____D () C:\Users\sauterch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Control Center
2014-07-03 22:12 - 2014-02-14 12:02 - 00001343 _____ () C:\Users\sauterch\Desktop\CopyTrans Control Center.lnk
2014-07-03 20:45 - 2014-07-03 20:12 - 00000000 ____D () C:\Program Files (x86)\Audible
2014-07-03 20:15 - 2014-07-03 20:15 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_netaapl64_01009.Wdf
2014-06-29 15:36 - 2014-06-29 15:36 - 00000000 ____D () C:\Users\sauterch\AppData\Roaming\pdfforge_GmbH
2014-06-29 15:36 - 2014-06-29 15:36 - 00000000 ____D () C:\Users\sauterch\AppData\Roaming\PDF Architect 2
2014-06-29 12:42 - 2014-05-19 22:35 - 00004110 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-29 12:42 - 2014-05-19 22:35 - 00003858 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

Files to move or delete:
====================
C:\Users\Public\AlexaNSISPlugin.1072.dll


Some content of TEMP:
====================
C:\Users\sauterch\AppData\Local\Temp\AudibleDM_iTunesSetup(1).exe
C:\Users\sauterch\AppData\Local\Temp\AudibleDM_iTunesSetup.exe
C:\Users\sauterch\AppData\Local\Temp\nvStInst.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-06-29 16:49

==================== End Of Log ============================

sauterch 29.07.2014 21:39
anbei noch meine
Additions.txt als Anhang

cosinus 29.07.2014 21:46
Hallo und :hallo:

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!



Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307

sauterch 30.07.2014 11:09
Zitat:
Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => Trojaner-Board - Viren und Trojaner entfernen - kostenlos

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!
Wie gesagt, der Virenscanner hatte nichts gefunden.
Malwarebytes Logs finde ich nicht. Bei mir schaut das ein wenig anders aus als in dem Link. Es gibt nur Protokolldaten. Dort ist aber nichts zu finden.

cosinus 30.07.2014 11:29
Zitat:
Boot Mode: Safe Mode (minimal)
Warum abgesicherter Modus, geht der normale Modus nicht mehr?

sauterch 30.07.2014 14:36
Im normalen Modus hat sich der Rechner aufgehängt. Rechner läuft sehr träge bzw langsam.
Manche Programme lassen sich teilweise gar nicht öffnen

cosinus 30.07.2014 14:44
Ok, verstehe, poste aber bitte die Addition.txt NICHT als Anhang.

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307

sauterch 30.07.2014 16:49
Code:
Ok, verstehe, poste aber bitte die Addition.txt NICHT als Anhang.
Sorry, die Datei war zu groß zum einfügen. Deshalb als Anhang

cosinus 30.07.2014 17:45
Jau, und ich hab extra das dazu geschrieben:

Zitat:
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

sauterch 30.07.2014 18:47
verdammi, hab ich gelesen. Ich habe aber auch das gelesen
Code:
3. Informationen vorbereiten
Du solltest jetzt auf deinem Desktop haben: defogger_disable.txt, FRST.txt mit Additions.txt, Gmer.txt, Andere Logfiles (evtl. hast du bereits etwas ohne uns unternommen)

Persönliche Informationen:
Sollte in den Logfiles dein vollständiger Name oder deine Emailadresse vorkommen, dann hast du jetzt die Möglichkeit diese zu ändern. Beachte dazu bitte folgendes:
Wenn du etwas an den Logfiles änderst, erschwert dies deinem Helfer unter Umständen die Arbeit. Mache dies also nur, wenn es unbedingt sein muss. Taucht nur dein Vorname oder ein Fantasiename auf, ist dies unkritisch. Taucht dein richtige Name auf, dann benutze zum Ändern die "Suchen und Ersetzen"-Funktion eines Texteditors und ersetze deinen Namen in *****.
Denke bitte daran: trojaner-board.de wird deine Logfiles nicht im Nachhinein abändern!
Ausnahme: Logfile zu gross
Dies kann passieren und wird passieren. Dann und nur dann kannst du dein Logfile anhängen oder gezippt anhängen. Anleitung dazu weiter unten.
Aber bedenke bitte: Anhänge erschweren deinem Helfer die Arbeit!
okay wie auch immer. anbei die Addition.txt Logfiles aufgeteilt in mehrere Beiträge
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-07-2014
Ran by sauterch at 2014-07-29 20:34:27
Running from N:\
Boot Mode: Safe Mode (minimal)
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
AAVUpdateManager (HKLM-x32\...\{AFA42FE1-A5C3-485F-9180-BFCF5BF1F1C3}) (Version: 18.00.0000 - Wolters Kluwer Deutschland GmbH)
Acronis*True*Image*Home 2011 (HKLM-x32\...\{04A3A6B0-8E19-49BB-82FF-65C5A55F917D}) (Version: 14.0.6942 - Acronis)
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audiograbber 1.83 SE  (HKLM-x32\...\Audiograbber) (Version: 1.83 SE  - Audiograbber)
Biet-O-Matic v2.14.8 (HKLM-x32\...\Biet-O-Matic v2.14.8) (Version: Biet-O-Matic v2.14.8 - BOM Development Team)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom NetXtreme-I Netlink Driver and Management Installer (HKLM\...\{982E1601-0DFC-4FD3-A427-AC6570697858}) (Version: 12.55.01 - Broadcom Corporation)
Canon MP Navigator 3.0 (HKLM-x32\...\MP Navigator 3.0) (Version:  - )
Canon MP510 (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP510) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 4.12 - Piriform)
Cities of Earth 3D Screensaver v. 2.1 (HKLM-x32\...\Cities of Earth 3D Screensaver_is1) (Version:  - Screenomania.com)
Clock Screen Saver (HKLM-x32\...\{C7A8AA10-B632-42F8-9F57-A16FDCE0601E}) (Version: 1.6 - ABF software)
CyberLink PowerDVD 9.5 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.5.1.6523 - CyberLink Corp.)
CyberLink PowerDVD 9.5 (x32 Version: 9.5.1.6523 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Driver Download Manager (HKCU\...\f031ef6ac137efc5) (Version: 2.1.0.0 - Dell Inc.)
Dell System Detect (HKCU\...\9204f5692a8faf3b) (Version: 5.1.0.41 - Dell)
Dell System Detect Bootstrapper (HKCU\...\8e3135b376bd523e) (Version: 5.1.0.41 - Dell)
DirectXInstallService (x32 Version: 9.0.2 - Roxio) Hidden
Dream Aquarium (HKLM-x32\...\DreamAqua) (Version:  - )
Easy Phone Sync (HKLM-x32\...\{6FD92A84-E917-4974-8977-F04F910ABC25}) (Version: 63 - Media Mushroom Limited)
Elevated Installer (x32 Version: 3.2.7.0 - Garmin Ltd or its subsidiaries) Hidden
ElsterFormular für Privatanwender (HKLM-x32\...\ElsterFormular für Privatanwender 12.1.0.6164p) (Version: 12.1.0.6164p - Landesfinanzdirektion Thüringen)
EMC 10 Content (x32 Version: 1.0.035 - Ihr Firmenname) Hidden
EMCGadgets64 (Version: 1.0.302 - Ihr Firmenname) Hidden
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Fotogalerie (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Free Fire Screensaver (HKLM-x32\...\Free Fire Screensaver) (Version:  - Laconic Software)
Free M4a to MP3 Converter 7.1 (HKLM-x32\...\Free M4a to MP3 Converter_is1) (Version:  - ManiacTools.com)
Free Mp3 Wma Converter V 2.2 (HKLM-x32\...\Free Mp3 Wma Converter_is1) (Version: 2.2.0.0 - Koyote Soft)
FRITZ!Box USB-Fernanschluss (HKCU\...\2db37667170956ee) (Version: 2.3.2.0 - AVM Berlin)
FRITZ!DSL64 (HKLM\...\{2D5D9603-22CF-4B99-83F6-0CD20330F62E}) (Version: 2.04.03 - AVM Berlin)
Garmin BaseCamp (HKLM-x32\...\{EBAC8FD4-28EC-46F7-BF9E-89D6E6673001}) (Version: 4.2.5 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin x64 (HKLM\...\{550331CC-C34B-494F-BCDA-37CE4EF6E924}) (Version: 4.0.3 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{55ae01f2-f0a8-4342-a9cc-a0327cdaa811}) (Version: 3.2.7.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 3.2.7.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 3.2.7.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin MapSource (HKLM-x32\...\{AFBAB9A0-DDE8-49AE-8C17-A01B61BEE64B}) (Version: 6.16.3 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM-x32\...\{510D2239-6C2E-457B-9590-485EC552D94D}) (Version: 2.3.0.0 - Garmin Ltd or its subsidiaries)
GIMP 2.8.4 (HKLM\...\GIMP-2_is1) (Version: 2.8.4 - The GIMP Team)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
iPhone Backup Extractor (HKCU\...\iPhone Backup Extractor) (Version: 4.8.3.0 - Reincubate Ltd)
iTunes (HKLM\...\{9D20916D-C1E9-4E39-9723-13D200D87C40}) (Version: 11.2.0.114 - Apple Inc.)
Java 7 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417045FF}) (Version: 7.0.450 - Oracle)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java SE Development Kit 7 Update 17 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170170}) (Version: 1.7.0.170 - Oracle)
Kaminfeuer Comprehensive Edition Free (HKLM-x32\...\ST5UNST #1) (Version:  - )
Logitech SetPoint 6.32 (HKLM\...\sp6) (Version: 6.32.20 - Logitech)
weiter geht's mit Addition.txt Logfiles
Code:
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Map Maker Sun Clock 7  (HKLM-x32\...\Map Maker Sun Clock 7) (Version:  - Map Maker Ltd)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2010 - Deutsch (HKLM-x32\...\{90140011-0061-0407-0000-0000000FF1CE}) (Version: 14.0.5130.5001 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Mozilla Firefox 23.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 23.0.1 (x86 de)) (Version: 23.0.1 - Mozilla)
Mozilla Firefox 30.0 (x86 de) (HKCU\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 23.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1108.0727 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MultiScreen (HKLM-x32\...\{E36E864B-BFB6-440A-9A23-2B0BEDE59A92}) (Version: 1.00.0000 - Samsung Electronics Ltd.)
MyFreeCodec (HKCU\...\MyFreeCodec) (Version:  - )
Nur Entfernen der CopyTrans Suite möglich (HKCU\...\CopyTrans Suite) (Version: 2.37 - WindSolutions)
NVIDIA 3D Vision Controller-Treiber 335.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 335.21 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3523 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden
NVIDIA Update 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
PDF Architect 2 (HKLM-x32\...\PDF Architect 2) (Version: 2.0.24.16092 - pdfforge GmbH)
PDF Architect 2 View Module (HKLM-x32\...\{46889070-D447-4936-A5D3-246DB972FA2E}) (Version: 2.0.6.16537 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.199.0 - Tracker Software Products Ltd)
Photo Gallery (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
PHOTOfunSTUDIO 6.5 BD Edition (HKLM-x32\...\{AD5B7E20-00E1-4B7B-84DC-53F5CEFFA367}) (Version: 6.05.818 - Panasonic Corporation)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5953 - Realtek Semiconductor Corp.)
Roxio Activation Module (x32 Version: 1.0 - Roxio) Hidden
Roxio BackOnTrack (x32 Version: 1.3.0 - Roxio) Hidden
Roxio Central Audio (x32 Version: 3.8.0 - Roxio) Hidden
Roxio Central Copy (x32 Version: 3.8.0 - Roxio) Hidden
Roxio Central Core (x32 Version: 3.8.0 - Roxio) Hidden
Roxio Central Data (x32 Version: 3.8.0 - Roxio) Hidden
Roxio Central Tools (x32 Version: 3.8.0 - Roxio) Hidden
Roxio Easy CD and DVD Burning (HKLM-x32\...\{537BF16E-7412-448C-95D8-846E85A1D817}) (Version: 10.3 - Roxio)
Roxio Easy CD and DVD Burning (x32 Version: 10.3.106 - Roxio) Hidden
Roxio Express Labeler 3 (x32 Version: 3.2.1 - Roxio) Hidden
Roxio File Backup (Version: 1.3.0 - Roxio) Hidden
Roxio Update Manager (x32 Version: 6.0.0 - Roxio) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.1.0.11112_41 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.1.0.11112_41 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14034.17 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.14034.17 - Samsung Electronics Co., Ltd.) Hidden
Samsung Story Album Viewer (HKLM-x32\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.40.0 - SAMSUNG Electronics Co., Ltd.)
SHIELD Streaming (Version: 2.1.214 - NVIDIA Corporation) Hidden
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden
Steuer-Spar-Erklärung 2012 (HKLM-x32\...\{CCD2BAD2-0919-40CB-80CC-E9538B0E4C2E}) (Version: 17.11 - Wolters Kluwer Deutschland GmbH)
Trojan Remover 6.9.1.2931 (HKLM-x32\...\Trojan Remover_is1) (Version: 6.9.1.2931 - Simply Super Software)
TuneUp Utilities 2011 (HKLM-x32\...\TuneUp Utilities 2011) (Version: 10.0.4600.4 - TuneUp Software)
TuneUp Utilities 2011 (x32 Version: 10.0.4600.4 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 10.0.4600.4 - TuneUp Software) Hidden
Uniblue DriverScanner (HKLM-x32\...\{C2F8CA82-2BD9-4513-B2D1-08A47914C1DA}_is1) (Version: 4.0.2.3 - Uniblue Systems Ltd)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VD64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (06/03/2009 2.3.0.0) (HKLM\...\49CF605F02C7954F4E139D18828DE298CD59217C) (Version: 06/03/2009 2.3.0.0 - Garmin)
Windows Live Communications Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Wondershare MobileTrans ( Version 5.0.0 ) (HKLM-x32\...\{18CDCEAA-A9E4-4A4C-AC0E-C15E87C30EA5}_is1) (Version: 5.0.0 - Wondershare)
xp-AntiSpy 3.98-2 (HKLM-x32\...\xp-AntiSpy) (Version:  - Christian Taubenheim)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{0C3BA0B1-BC14-4B55-98DC-F1E913C1DA10}\InprocServer32 -> C:\Program Files (x86)\Common Files\Roxio Shared\10.0\DLLShared\ActiveX64.ocx (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{6FFA7438-3E00-4176-9717-B3BBE2E704AB}\InprocServer32 -> C:\Program Files (x86)\Common Files\Roxio Shared\10.0\DLLShared\ActiveX64.ocx (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll (

sauterch 30.07.2014 18:48
weiter geht's mit Addition.txt Logfiles
Code:
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0032-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0032-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0033-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0033-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0035-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0035-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0036-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0036-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0037-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0037-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0038-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0038-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0039-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0039-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0040-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0040-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0041-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0041-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0042-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0042-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0043-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0043-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0014-0002-FFFF-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0042-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0042-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0042-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0043-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0043-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0043-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0044-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0044-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0044-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0045-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0045-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0045-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0046-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0046-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0046-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0047-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0047-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0047-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0048-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0048-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0048-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0049-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0049-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0049-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0050-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0050-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0050-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0051-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0051-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0051-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0052-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0052-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0052-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0053-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0053-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0053-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0054-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0054-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0054-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0055-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0055-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0055-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0015-0000-FFFF-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0044-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0044-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0044-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0046-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0046-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0046-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0047-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0047-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0047-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0048-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0048-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0048-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0049-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0049-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0049-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0050-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0050-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0050-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0051-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0051-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0051-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0052-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0052-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0052-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0053-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0053-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0053-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0054-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0054-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0054-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0055-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0055-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0055-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0056-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0056-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0056-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0057-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0057-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0057-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0058-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0058-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0058-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0059-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0059-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0059-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0060-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0060-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0060-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0061-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0061-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0061-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0062-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0062-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0062-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0063-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0063-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0063-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0064-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0064-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0064-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0065-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0065-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0065-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0016-0000-FFFF-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0018-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0018-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0018-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0019-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0019-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0019-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0020-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0020-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0020-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0022-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0022-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0022-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0023-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0023-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0023-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0024-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0024-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0024-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0026-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0026-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0026-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0027-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0027-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0027-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0028-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0028-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0028-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0029-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0029-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0029-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0030-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0030-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0030-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0031-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0031-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0031-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0032-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0032-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0032-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0033-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0033-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0033-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0034-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0034-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0034-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0035-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0035-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0035-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0036-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0036-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0036-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0037-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0037-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0037-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0038-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0038-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0038-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0039-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0039-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0039-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0040-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0040-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0040-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0041-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0041-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0041-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0042-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0042-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0042-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0043-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0043-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0043-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0044-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0044-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0044-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0045-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0045-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0045-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{CAFEEFAC-0017-0000-FFFF-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2386147833-3081857437-1213626127-1000_Classes\CLSID\{E19F9331-3110-11D4-991C-005004D3B3DB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()

==================== Restore Points  =========================


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2014-07-24 22:20 - 00000975 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1      localhost
::1            localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1C61BB6B-92C0-44CF-85EA-48BDA628EB00} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-14] (Adobe Systems Incorporated)
Task: {22AA7090-E9DC-4978-9054-6069926D2995} - System32\Tasks\Trojan Remover Scheduled Updates => D:\Trojan Remover\trupd.exe [2013-12-30] (Simply Super Software)
Task: {274141D1-6278-4201-9392-C1163A7827E8} - System32\Tasks\Divx-Online-Aktualisierungsprogramm => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
Task: {2EA9717E-2D13-4F89-9EA6-B2260005C33B} - System32\Tasks\{5DB2831F-AD6A-4A83-9274-E33CF6B93952} => Firefox.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?source=lightinstaller&amp;LastError=1603
Task: {36FA38D2-9A00-44D6-8193-10176C4A40E5} - System32\Tasks\{DD5500C3-E770-42ED-99DC-084BABEC91FA} => Firefox.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {3A299FC7-22C8-4C0D-80B9-6C442F03E9B1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-19] (Google Inc.)
Task: {4092A349-91F6-4A8C-A590-24567DD2EF7C} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {4A01E1A4-9DA9-467D-B0D1-C02FD7AE8535} - System32\Tasks\GarminUpdaterTask => D:\Garmin\Express Self Updater\ExpressSelfUpdater.exe [2014-06-09] ()
Task: {4C0F1B36-F4DA-4A13-9762-02BF6397A0D2} - System32\Tasks\{055FCA50-8DE4-4486-B42F-147BF36C5FC7} => Firefox.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {55D88689-CB96-4611-BB0B-F7B792183A42} - System32\Tasks\CCleanerSkipUAC => D:\CCleaner\CCleaner.exe [2014-03-18] (Piriform Ltd)
Task: {7843E8F9-A20C-41FF-99E1-CF0C4AFDD858} - System32\Tasks\{8356B895-1E2D-4985-90C0-600205F330C9} => C:\Program Files (x86)\Common Files\Roxio Shared\10.0\Roxio Central36\Main\Roxio_Central36.exe [2009-06-22] ()
Task: {8179FA94-7FC1-4754-90CA-B7AB5B60023E} - System32\Tasks\{400197BC-65DC-41D5-945A-2EF9298838F1} => Firefox.exe hxxp://ui.skype.com/ui/0/5.10.0.115/de/go/help.faq.installer?LastError=1603
Task: {8572F139-ED56-4DD0-8CE8-421F71ABE034} - System32\Tasks\{E41299EE-6113-4D8D-BDEC-716F782CDE0E} => Firefox.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {A4359E6E-F28D-44FF-8741-C2BCE62FD56B} - System32\Tasks\DriverScanner => D:\DriverScanner\DriverScanner\dsmonitor.exe [2011-09-05] (Uniblue Systems Limited)
Task: {BB329B44-1428-45A4-9FB0-640A9C25661E} - System32\Tasks\{00713CB9-7ED8-4245-BF9E-CC03CC38DF87} => Firefox.exe hxxp://ui.skype.com/ui/0/5.1.0.112/en/abandoninstall?page=tsMain&amp;installinfo=google-toolbar:notoffered;ienotdefaultbrowser2,google-chrome:notoffered;alreadyoffered
Task: {D3C7B6B3-BDF7-421F-8A3E-603709349E2C} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2011 => D:\TuneUp Utilities 2011\OneClick.exe [2011-12-13] (TuneUp Software)
Task: {EED2F478-F08C-4659-B1BC-7982A44E12D9} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)
Task: {EF02DB09-77A0-45B8-9BB2-7B53A2D9EA87} - System32\Tasks\{5C00BB8D-3F7F-4CA2-8BC1-AD073F5AD5FD} => C:\Program Files (x86)\Skype\\Phone\Skype.exe
Task: {FE8FAFA4-46CB-4C34-BF5A-CA4816A7A29B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-19] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DriverScanner.job => D:\DriverScanner\DriverScanner\dsmonitor.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\TuneUpUtilities_Task_BkGndMaintenance2011.job => D:\TuneUp Utilities 2011\OneClick.exe

==================== Loaded Modules (whitelisted) =============


==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:CB0AACC9

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="1"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Audible Download Manager.lnk => C:\Windows\pss\Audible Download Manager.lnk.CommonStartup
MSCONFIG\startupreg: Acronis Scheduler2 Service => "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
MSCONFIG\startupreg: EvtMgr6 => D:\Logitech\SetPointP\SetPoint.exe /launchGaming
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: TrojanScanner => D:\Trojan Remover\Trjscan.exe /boot

==================== Faulty Device Manager Devices =============

Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Could not start eventlog service, could not read events.

Windows-Ereignisprotokoll wird gestartet.
Windows-Ereignisprotokoll konnte nicht gestartet werden.

Ein Systemfehler ist aufgetreten.

Systemfehler 1747 aufgetreten.

Der Authentifizierungsdienst ist unbekannt.


==================== Memory info ===========================

Percentage of memory in use: 10%
Total physical RAM: 8151.12 MB
Available physical RAM: 7304.93 MB
Total Pagefile: 16300.41 MB
Available Pagefile: 15491.34 MB
Total Virtual: 8192 MB
Available Virtual: 8191.87 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:58.59 GB) (Free:15.08 GB) NTFS
Drive d: (Programme) (Fixed) (Total:415.04 GB) (Free:411.25 GB) NTFS
Drive e: (Daten) (Fixed) (Total:457.78 GB) (Free:223.34 GB) NTFS
Drive f: (Daten) (Fixed) (Total:439.45 GB) (Free:252.35 GB) NTFS
Drive g: (Backups) (Fixed) (Total:476.43 GB) (Free:49.44 GB) NTFS
Drive h: (Boot-CD) (CDROM) (Total:0.21 GB) (Free:0 GB) CDFS
Drive i: (Windows Auslagerungsdatei) (Fixed) (Total:15.62 GB) (Free:7.2 GB) NTFS
Drive n: (CHRIS) (Removable) (Total:3.72 GB) (Free:0.97 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 58986874)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=59 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=415 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=458 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 932 GB) (Disk ID: 0003A07E)
Partition 1: (Not Active) - (Size=16 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=439 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=476 GB) - (Type=07 NTFS)

========================================================
Disk: 6 (Size: 4 GB) (Disk ID: 6F20736B)
No partition Table on disk 6.
Disk 6 is a removable device.

==================== End Of Log ============================

cosinus 30.07.2014 19:01
Schädlinge seh ich da so nicht, deswegen vermute ich ein zerschossenes Windows. Gut möglich, dass eine deiner vorherigen Reinigungsaktionen irgendwas löschte, was besser draufgeblieben wäre. Kommst du an alle Logs mit Funden noch ran? Malwarebytes, TrojanRemover etc.pp.?

sauterch 30.07.2014 19:13
Aha, interessant.
Wo finde ich den die ganzen logfiles?
Auch eine systemwiederherstellung funkt nicht, da keine vorhanden, komischerweise.
Wie kann ich den logfiles von windows erstellen, um zu sehen was zerschossen ist?

cosinus 30.07.2014 19:16
Die Logs findest du im jeweiligen Programm. Bei MBAM unter Verlauf.

sauterch 30.07.2014 20:09
MBAM log files

Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 22.07.2014
Suchlauf-Zeit: 20:07:46
Logdatei: mbam_01.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.03.04.09
Rootkit Datenbank: v2014.02.20.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: sauterch

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 249387
Verstrichene Zeit: 17 Min, 30 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 2
PUP.Optional.PCSpeedUp.A, HKLM\SOFTWARE\SPEEDCHECKER LIMITED\PC Speed Up, In Quarantäne, [b8c58e501b5f7cba1b21624ea063748c],
PUP.Optional.AlexaTB.A, HKU\S-1-5-21-2386147833-3081857437-1213626127-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DISTROMATIC\Toolbars, In Quarantäne, [ceaf30aed8a2db5bd19b6a47b251e020],

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 3
PUP.Optional.HelperBar.A, HKU\S-1-5-21-2386147833-3081857437-1213626127-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Bar, hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=DE&userid=8ff9e2c0-c955-4d2e-a461-0606362ab29b&affid=113129&searchtype=ds&babsrc=lnkry&q={searchTerms}, Gut: (hxxp://www.google.com), Schlecht: (hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=DE&userid=8ff9e2c0-c955-4d2e-a461-0606362ab29b&affid=113129&searchtype=ds&babsrc=lnkry&q={searchTerms}),Ersetzt,[1a630fcfdb9fc076400bd05f1fe50bf5]
PUP.Optional.HelperBar.A, HKU\S-1-5-21-2386147833-3081857437-1213626127-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Default_Search_URL, hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=DE&userid=8ff9e2c0-c955-4d2e-a461-0606362ab29b&affid=113129&searchtype=ds&babsrc=lnkry&q={searchTerms}, Gut: (hxxp://www.google.com), Schlecht: (hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=DE&userid=8ff9e2c0-c955-4d2e-a461-0606362ab29b&affid=113129&searchtype=ds&babsrc=lnkry&q={searchTerms}),Ersetzt,[7b02ac3283f7aa8ce9658fa073919769]
PUP.Optional.HelperBar.A, HKU\S-1-5-21-2386147833-3081857437-1213626127-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|SearchAssistant, hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=DE&userid=8ff9e2c0-c955-4d2e-a461-0606362ab29b&affid=113129&searchtype=ds&babsrc=lnkry&q={searchTerms}, Gut: (hxxp://www.google.com), Schlecht: (hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=DE&userid=8ff9e2c0-c955-4d2e-a461-0606362ab29b&affid=113129&searchtype=ds&babsrc=lnkry&q={searchTerms}),Ersetzt,[c8b523bb730747ef6fe083ac17ed1de3]

Ordner: 6
PUP.Optional.OpenCandy, C:\Users\sauterch\AppData\Roaming\OpenCandy, In Quarantäne, [d5a8667880fa3ff7830842446999d52b],
PUP.Optional.OpenCandy, C:\Users\sauterch\AppData\Roaming\OpenCandy\19537D25791648149EC6DB3239AF51EC, In Quarantäne, [d5a8667880fa3ff7830842446999d52b],
PUP.Optional.OpenCandy, C:\Users\sauterch\AppData\Roaming\OpenCandy\30527CCDA89445A0A77DCA1EB2364171, In Quarantäne, [d5a8667880fa3ff7830842446999d52b],
PUP.Optional.OpenCandy, C:\Users\sauterch\AppData\Roaming\OpenCandy\94ACABA8A7174B448C4091FB3D4D4D2C, In Quarantäne, [d5a8667880fa3ff7830842446999d52b],
PUP.Optional.OpenCandy, C:\Users\sauterch\AppData\Roaming\OpenCandy\F8DDD3DF2ABB4947952ECDE9255DE320, In Quarantäne, [d5a8667880fa3ff7830842446999d52b],
PUP.Optional.OpenCandy, C:\Users\sauterch\AppData\Roaming\OpenCandy\OpenCandy_94ACABA8A7174B448C4091FB3D4D4D2C, In Quarantäne, [d5a8667880fa3ff7830842446999d52b],

Dateien: 12
PUP.Optional.Babylon.A, C:\Users\sauterch\AppData\Local\Temp\DeltaTB.exe, In Quarantäne, [700d96487901ae88e7f680c7cc35cd33],
PUP.Optional.Babylon.A, C:\Users\sauterch\AppData\Local\Temp\038213AA-BAB0-7891-815D-5AC9261B177F\BExternal.dll, In Quarantäne, [7508a9352a50c472e0e7d59bbb454cb4],
PUP.Optional.Babylon.A, C:\Users\sauterch\AppData\Local\Temp\038213AA-BAB0-7891-815D-5AC9261B177F\Setup.exe, In Quarantäne, [abd27668b8c2e55143f8571514ec758b],
PUP.Optional.OpenCandy, C:\Users\sauterch\AppData\Roaming\OpenCandy\19537D25791648149EC6DB3239AF51EC\5260.ico, In Quarantäne, [d5a8667880fa3ff7830842446999d52b],
PUP.Optional.OpenCandy, C:\Users\sauterch\AppData\Roaming\OpenCandy\19537D25791648149EC6DB3239AF51EC\conduitinstaller.exe, In Quarantäne, [d5a8667880fa3ff7830842446999d52b],
PUP.Optional.OpenCandy, C:\Users\sauterch\AppData\Roaming\OpenCandy\19537D25791648149EC6DB3239AF51EC\EBB77268-338F-4C6A-8590-AD88FED26F4A, In Quarantäne, [d5a8667880fa3ff7830842446999d52b],
PUP.Optional.OpenCandy, C:\Users\sauterch\AppData\Roaming\OpenCandy\19537D25791648149EC6DB3239AF51EC\OCBrowserHelper_1.0.5.112.dll, In Quarantäne, [d5a8667880fa3ff7830842446999d52b],
PUP.Optional.OpenCandy, C:\Users\sauterch\AppData\Roaming\OpenCandy\30527CCDA89445A0A77DCA1EB2364171\2534.ico, In Quarantäne, [d5a8667880fa3ff7830842446999d52b],
PUP.Optional.OpenCandy, C:\Users\sauterch\AppData\Roaming\OpenCandy\30527CCDA89445A0A77DCA1EB2364171\EBB77268-338F-4C6A-8590-AD88FED26F4A, In Quarantäne, [d5a8667880fa3ff7830842446999d52b],
PUP.Optional.OpenCandy, C:\Users\sauterch\AppData\Roaming\OpenCandy\30527CCDA89445A0A77DCA1EB2364171\OCBrowserHelper_1.0.4.106.dll, In Quarantäne, [d5a8667880fa3ff7830842446999d52b],
PUP.Optional.OpenCandy, C:\Users\sauterch\AppData\Roaming\OpenCandy\94ACABA8A7174B448C4091FB3D4D4D2C\ds_DeDnCD_driverscanner.exe, In Quarantäne, [d5a8667880fa3ff7830842446999d52b],
PUP.Optional.OpenCandy, C:\Users\sauterch\AppData\Roaming\OpenCandy\F8DDD3DF2ABB4947952ECDE9255DE320\PCSU_SL_3.1.2.exe, In Quarantäne, [d5a8667880fa3ff7830842446999d52b],

Physische Sektoren: 0
(No malicious items detected)


(end)
weiterer scan mit MBAM

Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 22.07.2014
Suchlauf-Zeit: 22:29:11
Logdatei: mbam_02.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.03.04.09
Rootkit Datenbank: v2014.02.20.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: sauterch

Suchlauf-Art: Benutzerdefinierter Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 529423
Verstrichene Zeit: 1 Std, 43 Min, 31 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 1
PUP.Optional.Conduit, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1}, In Quarantäne, [d1ac20be24560531293e99e4af517987],

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 1
PUP.Optional.Conduit, C:\Program Files (x86)\Conduit\Community Alerts\Alert.dll, In Quarantäne, [d1ac20be24560531293e99e4af517987],

Physische Sektoren: 0
(No malicious items detected)


(end)
Trojan Remover Logfiles

Code:
***** NORMAL SCAN FOR ACTIVE MALWARE *****
Trojan Remover Ver 6.9.1.2931. For information, email support@simplysup.com
[Registered to: sauterch@yahoo.de]
Scan started at: 22:09:23 29 Jul 2014
Using Database v8420
Operating System:  Windows 7 x64 Home Premium (SP1) [Build: 6.1.7601]
File System:      NTFS
User Account Control is Enabled
[Secure Desktop Prompt is DISABLED]
UserData directory: C:\Users\sauterch\AppData\Roaming\Simply Super Software\Trojan Remover\
Database directory: C:\ProgramData\Simply Super Software\Trojan Remover\Data\
Logfile directory:  C:\Users\sauterch\Documents\Simply Super Software\Trojan Remover Logfiles\
Program directory:  D:\Trojan Remover\
Running with Administrator privileges

************************************************************
PC appears to be in SAFE MODE.

************************************************************

22:09:24: ----- Checking Default File Associations -----
No modified default file associations detected

************************************************************
22:09:24: ----- SCANNING FOR ROOTKIT SERVICES -----
No hidden Services were detected.

************************************************************
22:09:25: Scanning ----- Windows Registry -----
--------------------
Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
This key's "Shell" value calls the following program(s):
Key value: [explorer.exe]
File: C:\Windows\Explorer.exe
C:\Windows\Explorer.exe
2871808 bytes
Created:  27.04.2011 18:56
Modified: 25.02.2011 08:19
Company:  Microsoft Corporation
----------
This key's "Userinit" value calls the following program(s):
Key value: [C:\Windows\system32\userinit.exe,]
File: C:\Windows\system32\userinit.exe
C:\Windows\System32\userinit.exe
30720 bytes
Created:  27.04.2011 22:51
Modified: 20.11.2010 15:25
Company:  Microsoft Corporation
----------
--------------------
Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value Name: [TrojanScanner]
Value Data: [D:\Trojan Remover\Trjscan.exe /boot]
D:\Trojan Remover\Trjscan.exe
1666432 bytes
Created:  25.08.2013 20:52
Modified: 05.06.2014 21:46
Company:  Simply Super Software
--------------------
Value Name: [IMSS]
Value Data: ["C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"]
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
111640 bytes
Created:  31.12.2010 12:38
Modified: 30.09.2009 20:02
Company: 
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
This Registry key appears to be empty
--------------------
Checking HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Value Name: [Sidebar]
Value Data: [C:\Program Files\Windows Sidebar\sidebar.exe /autoRun]
C:\Program Files\Windows Sidebar\sidebar.exe
1475584 bytes
Created:  27.04.2011 22:52
Modified: 20.11.2010 15:25
Company:  Microsoft Corporation
--------------------
Value Name: [ctfmon.exe]
Value Data: ["C:\Windows\system32\ctfmon.exe"]
C:\Windows\SysWoW64\ctfmon.exe
8704 bytes
Created:  14.07.2009 01:26
Modified: 14.07.2009 03:14
Company:  Microsoft Corporation
--------------------
Value Name: [AVMUSBFernanschluss]
Value Data: ["C:\Users\sauterch\AppData\Local\Apps\2.0\N7JC67JJ.28D\EXZ09BGP.07J\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\AVMAutoStart.exe"]
C:\Users\sauterch\AppData\Local\Apps\2.0\N7JC67JJ.28D\EXZ09BGP.07J\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\AVMAutoStart.exe
139264 bytes
Created:  30.12.2013 20:34
Modified: 30.12.2013 20:34
Company:  AVM Berlin
--------------------
Checking HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
This Registry key appears to be empty

************************************************************
22:09:27: Scanning ----- Windows 64-Bit Registry -----
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value Name: [ShadowPlay]
Value Data: [C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart]
C:\Windows\System32\nvspcap64.dll
1279480 bytes
Created:  05.06.2014 10:21
Modified: 30.05.2014 01:07
Company:  NVIDIA Corporation
--------------------
Value Name: [NvBackend]
Value Data: ["C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"]
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
2352072 bytes
Created:  05.06.2014 10:21
Modified: 30.05.2014 01:35
Company:  NVIDIA Corporation
--------------------
Value Name: [EvtMgr6]
Value Data: [D:\Logitech\SetPointP\SetPoint.exe /launchGaming]
D:\Logitech\SetPointP\SetPoint.exe
1744152 bytes
Created:  07.10.2011 11:38
Modified: 07.10.2011 11:38
Company:  Logitech, Inc.
--------------------
Value Name: [Acronis Scheduler2 Service]
Value Data: ["C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"]
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
391240 bytes
Created:  06.12.2010 07:55
Modified: 06.12.2010 07:55
Company:  Acronis
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
This Registry key appears to be empty

************************************************************
22:09:28: Scanning -----SHELLEXECUTEHOOKS-----
ShellExecuteHooks key is empty

************************************************************
22:09:28: Scanning -----HIDDEN REGISTRY ENTRIES-----
Taskdir check completed
----------
No Hidden File-loading Registry Entries found
----------

************************************************************
22:09:28: Scanning -----ACTIVE SCREENSAVER-----
ScreenSaver: C:\Windows\CSS.scr
C:\Windows\CSS.scr
371712 bytes
Created:  08.01.2008 13:37
Modified: 08.01.2008 13:37
Company:  ABF software, Inc.
--------------------

************************************************************
22:09:28: Scanning ----- REGISTRY ACTIVE SETUP KEYS -----
Key:  {2D46B6DC-2207-486B-B523-A557E6D54B47}
Path: C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
C:\Windows\SysWoW64\ie4uinit.exe - [file not found to scan]
----------

************************************************************
22:09:29: Scanning ----- SERVICEDLL REGISTRY KEYS -----

************************************************************
22:09:41: Scanning ----- SERVICES REGISTRY KEYS -----
Key:      FsUsbExDisk
ImagePath: \??\C:\Windows\SysWOW64\FsUsbExDisk.SYS
C:\Windows\SysWOW64\FsUsbExDisk.SYS
37344 bytes
Created:  22.02.2013 23:17
Modified: 05.02.2013 10:54
Company:  [no info]
----------
Key:      RxFilter
ImagePath: system32\DRIVERS\RxFilter.sys
C:\Windows\System32\DRIVERS\RxFilter.sys - [file not found to scan]
----------
Key:      SessionLauncher
ImagePath: C:\Users\sauterch\AppData\Local\Temp\DX9\SessionLauncher.exe
C:\Users\sauterch\AppData\Local\Temp\DX9\SessionLauncher.exe - [file not found to scan]
----------

************************************************************
22:09:53: Scanning -----VXD ENTRIES-----

************************************************************
22:09:53: Scanning ----- ContextMenuHandlers -----
Key:  PhotoStreamsExt
CLSID: {89D984B3-813B-406A-8298-118AFA3A22AE}
Path:  C:\Program Files (x86)\Common Files\Apple\Internet Services\ShellStreams.dll
C:\Program Files (x86)\Common Files\Apple\Internet Services\ShellStreams.dll
600392 bytes
Created:  20.11.2013 16:43
Modified: 20.11.2013 16:43
Company:  Apple Inc.
----------
Key:  TuneUp Shredder Shell Extension
CLSID: {4858E7D9-8E12-45a3-B6A3-1CD128C9D403}
Path:  D:\TuneUp Utilities 2011\SDShelEx-win32.dll
D:\TuneUp Utilities 2011\SDShelEx-win32.dll
30016 bytes
Created:  13.12.2011 10:29
Modified: 13.12.2011 10:29
Company:  TuneUp Software
----------
Key:  VersionsPageShellExt
CLSID: {9E42900A-85F9-4E67-9778-575FBBA0A81C}
Path:  D:\Acronis True Image_2011\versions_page.dll
D:\Acronis True Image_2011\versions_page.dll
128352 bytes
Created:  22.09.2011 23:22
Modified: 22.09.2011 23:22
Company:  Acronis
----------
Key:  {C539A15A-3AF9-4c92-B771-50CB78F5C751}
Path:  D:\Acronis True Image_2011\tishell.dll
D:\Acronis True Image_2011\tishell.dll
1030536 bytes
Created:  22.09.2011 23:21
Modified: 22.09.2011 23:21
Company:  Acronis
----------

************************************************************
22:09:54: Scanning ----- Folder\ColumnHandlers -----
No Folder\ColumnHandler entries found to scan

************************************************************
22:09:54: Scanning ----- 64-Bit ContextMenuHandlers -----
Key:  7-Zip
CLSID: {23170F69-40C1-278A-1000-000100020000}
Path:  D:\7-Zip\7-zip.dll
D:\7-Zip\7-zip.dll
86016 bytes
Created:  18.11.2010 22:08
Modified: 18.11.2010 22:08
Company:  Igor Pavlov
----------
Key:  PhotoStreamsExt
CLSID: {89D984B3-813B-406A-8298-118AFA3A22AE}
Path:  C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll
C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll
1242440 bytes
Created:  20.11.2013 16:43
Modified: 20.11.2013 16:43
Company:  Apple Inc.
----------
Key:  RXDCExtSvr
CLSID: {0FB82570-BB2D-23D3-8D3B-AC2F34F1FA3C}
Path:  C:\Program Files\Roxio\Virtual Drive 10\DC_ShellExt64.dll
C:\Program Files\Roxio\Virtual Drive 10\DC_ShellExt64.dll
145904 bytes
Created:  26.06.2009 12:31
Modified: 26.06.2009 12:31
Company:  Sonic Solutions
----------
Key:  TuneUp Shredder Shell Extension
CLSID: {4858E7D9-8E12-45a3-B6A3-1CD128C9D403}
Path:  D:\TuneUp Utilities 2011\SDShelEx-x64.dll
D:\TuneUp Utilities 2011\SDShelEx-x64.dll
28480 bytes
Created:  13.12.2011 10:29
Modified: 13.12.2011 10:29
Company:  TuneUp Software
----------
Key:  VersionsPageShellExt
CLSID: {9E42900A-85F9-4E67-9778-575FBBA0A81C}
Path:  D:\Acronis True Image_2011\x64\versions_page.dll
D:\Acronis True Image_2011\x64\versions_page.dll
142176 bytes
Created:  22.09.2011 23:22
Modified: 22.09.2011 23:22
Company:  Acronis
----------
Key:  {C539A15A-3AF9-4c92-B771-50CB78F5C751}
Path:  D:\Acronis True Image_2011\tishell64.dll
D:\Acronis True Image_2011\tishell64.dll
1246088 bytes
Created:  22.09.2011 23:22
Modified: 22.09.2011 23:22
Company:  Acronis
----------

************************************************************
22:09:55: Scanning ----- 64-Bit Folder\ColumnHandlers -----
No Folder\ColumnHandler entries found to scan

************************************************************
22:09:55: Scanning ----- Browser Helper Objects -----
Key: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
BHO: D:\Java\bin\ssv.dll
D:\Java\bin\ssv.dll
462760 bytes
Created:  20.10.2013 13:37
Modified: 14.04.2014 20:11
Company:  Oracle Corporation
----------
Key: {DBC80044-A445-435b-BC74-9C25C1C588A9}
BHO: D:\Java\bin\jp2ssv.dll
D:\Java\bin\jp2ssv.dll
171944 bytes
Created:  20.10.2013 13:37
Modified: 14.04.2014 20:07
Company:  Oracle Corporation
----------

************************************************************
22:09:56: Scanning ----- 64-Bit Browser Helper Objects -----
Key: {9030D464-4C02-4ABF-8ECC-5164760863C6}
BHO: C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
529664 bytes
Created:  17.07.2012 15:17
Modified: 17.07.2012 15:17
Company:  Microsoft Corp.
----------

************************************************************
22:09:56: Scanning ----- ShellServiceObjectDelayLoad Entries -----

************************************************************
22:09:56: Scanning ----- 64-Bit ShellServiceObjectDelayLoad Entries -----

************************************************************
22:09:56: Scanning ----- ShellServiceObjects -----

************************************************************
22:10:00: Scanning ----- 64-Bit ShellServiceObjects -----

************************************************************
22:10:05: Scanning ----- SHAREDTASKSCHEDULER ENTRIES -----
No SharedTaskScheduler entries found to scan

************************************************************
22:10:05: Scanning ----- IMAGEFILE DEBUGGERS -----
No "Debugger" entries found.

************************************************************
22:10:05: Scanning ----- APPINIT_DLLS -----
No AppInit_DLLs value found to check

************************************************************
22:10:05: Scanning ----- 64-Bit APPINIT_DLLS -----
No 64-Bit AppInit_DLLs value found to check

************************************************************
22:10:05: Scanning ----- SECURITY PROVIDER DLLS -----

************************************************************
22:10:05: Scanning ----- CREDENTIAL PROVIDERS -----

************************************************************
22:10:07: Scanning ------ COMMON STARTUP GROUP ------
[C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup]
The Common Startup Group attempts to load the following file(s) at boot time:
Audible Download Manager.lnk - links to D:\Audible\Bin\AudibleDownloadHelper.exe [file not found to scan]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Audible Download Manager.lnk - this links to D:\Audible\Bin\AudibleDownloadHelper.exe - this Shortcut has been removed
--------------------
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-HS- 174 bytes
Created:  14.07.2009 06:54
Modified: 14.07.2009 06:54
Company:  [no info]
--------------------

************************************************************
22:10:28: Scanning ----- USER STARTUP GROUPS -----
Checking Startup Group for: sauterch
[C:\Users\sauterch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup]
C:\Users\sauterch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-HS- 174 bytes
Created:  30.12.2010 22:36
Modified: 15.05.2014 18:17
Company:  [no info]
----------
--------------------

************************************************************
22:10:28: Scanning ----- SCHEDULED TASKS -----
Scheduled Tasks not scanned: running in Safe Mode so Task Scheduler service not running

************************************************************
22:10:28: Scanning ----- SHELLICONOVERLAYIDENTIFIERS -----

************************************************************
22:10:28: Scanning ----- DEVICE DRIVER ENTRIES -----
Value: vidc.i420
File:  lvcodec2.dll
C:\Windows\SysWoW64\lvcodec2.dll
416280 bytes
Created:  26.07.2008 16:23
Modified: 26.07.2008 16:23
Company:  Logitech Inc.
----------
Value: msacm.l3acm
File:  C:\Windows\SysWOW64\l3codeca.acm
C:\Windows\SysWOW64\l3codeca.acm
64000 bytes
Created:  14.07.2009 02:07
Modified: 14.07.2009 03:14
Company:  Fraunhofer Institut Integrierte Schaltungen IIS
----------

************************************************************
22:10:29: ----- ADDITIONAL CHECKS -----
Heuristic checks for hidden files/drivers completed
----------
Layered Service Provider entries checks completed
----------
Windows Explorer Policies checks completed
----------
Desktop Wallpaper: C:\Users\sauterch\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
C:\Users\sauterch\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
144595 bytes
Created:  30.12.2010 22:36
Modified: 30.08.2013 21:04
Company:  [no info]
----------
Web Desktop Wallpaper entry is blank
----------
Checks for rogue DNS NameServers completed
----------
Checks for Backdoor.ZeroAccess completed
----------
Safe Mode checks completed
----------
Additional checks completed

************************************************************
22:10:29: Scanning ----- RUNNING PROCESSES -----

C:\Windows\System32\smss.exe
112640 bytes
Created:  12.09.2013 18:17
Modified: 02.08.2013 02:59
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\csrss.exe
7680 bytes
Created:  14.07.2009 01:19
Modified: 14.07.2009 03:39
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\wininit.exe
129024 bytes
Created:  14.07.2009 01:52
Modified: 14.07.2009 03:39
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\winlogon.exe
455168 bytes
Created:  14.05.2014 18:13
Modified: 04.03.2014 11:43
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\services.exe
328704 bytes
Created:  14.07.2009 01:19
Modified: 14.07.2009 03:39
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\lsass.exe
31232 bytes
Created:  14.05.2014 18:13
Modified: 12.04.2014 04:19
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\lsm.exe
343040 bytes
Created:  27.04.2011 22:52
Modified: 20.11.2010 15:24
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\svchost.exe
27136 bytes
Created:  14.07.2009 01:31
Modified: 14.07.2009 03:39
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\ctfmon.exe
9728 bytes
Created:  14.07.2009 01:39
Modified: 14.07.2009 03:39
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\dllhost.exe
9728 bytes
Created:  14.07.2009 01:59
Modified: 14.07.2009 03:39
Company:  Microsoft Corporation
--------------------
D:\Trojan Remover\Rmvtrjan.exe
FileSize:          5468008
[This is a Trojan Remover component]
--------------------
--------------------

************************************************************
22:10:32: Checking HOSTS file
No malicious entries were found in the HOSTS file

************************************************************
22:10:32: Checking ----- ROGUE BROWSER MODIFICATIONS -----

************************************************************
------ INTERNET EXPLORER HOME/START/SEARCH SETTINGS ------
HKLM\Software\Microsoft\Internet Explorer\Main\"Start Page":
about:blank
HKLM\Software\Microsoft\Internet Explorer\Main\"Local Page":
C:\Windows\SysWOW64\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main\"Search Page":
hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKCU\Software\Microsoft\Internet Explorer\Main\"Start Page":
hxxp://www.my-online-search.com/?babsrc=HP_ofln&mntrId=D840ED1AFF0F1A72&cat=delta&dlb=0&affID=122471
HKCU\Software\Microsoft\Internet Explorer\Main\"Local Page":
C:\Windows\system32\blank.htm
HKCU\Software\Microsoft\Internet Explorer\Main\"Search Page":
hxxp://go.microsoft.com/fwlink/?LinkId=54896

************************************************************
=== CHANGES WERE MADE TO A USER'S STARTUP GROUP ===
Scan completed at: 22:10:32 29 Jul 2014
Total Scan time: 00:01:08
************************************************************


======================================
[INCOMPLETE SCAN LOG RECOVERED]
======================================
***** NORMAL SCAN FOR ACTIVE MALWARE *****
Trojan Remover Ver 6.9.1.2931. For information, email support@simplysup.com
[Registered to: sauterch@yahoo.de]
Scan started at: 22:20:57 24 Jul 2014
Using Database v8420
Operating System:  Windows 7 x64 Home Premium (SP1) [Build: 6.1.7601]
File System:      NTFS
User Account Control is Enabled
[Secure Desktop Prompt is DISABLED]
UserData directory: C:\Users\sauterch\AppData\Roaming\Simply Super Software\Trojan Remover\
Database directory: C:\ProgramData\Simply Super Software\Trojan Remover\Data\
Logfile directory:  C:\Users\sauterch\Documents\Simply Super Software\Trojan Remover Logfiles\
Program directory:  D:\Trojan Remover\
Running with Administrator privileges

************************************************************
22:20:57: ----- Checking Default File Associations -----
No modified default file associations detected

************************************************************
22:20:57: ----- SCANNING FOR ROOTKIT SERVICES -----
No hidden Services were detected.

************************************************************
22:20:57: Scanning ----- Windows Registry -----
--------------------
Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
This key's "Shell" value calls the following program(s):
Key value: [explorer.exe]
File: C:\Windows\Explorer.exe
C:\Windows\Explorer.exe
2871808 bytes
Created:  27.04.2011 18:56
Modified: 25.02.2011 08:19
Company:  Microsoft Corporation
----------
This key's "Userinit" value calls the following program(s):
Key value: [C:\Windows\system32\userinit.exe,]
File: C:\Windows\system32\userinit.exe
C:\Windows\System32\userinit.exe
30720 bytes
Created:  27.04.2011 22:51
Modified: 20.11.2010 15:25
Company:  Microsoft Corporation
----------
--------------------
Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value Name: [IMSS]
Value Data: ["C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"]
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
111640 bytes
Created:  31.12.2010 12:38
Modified: 30.09.2009 20:02
Company: 
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
This Registry key appears to be empty
--------------------
Checking HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Value Name: [Sidebar]
Value Data: [C:\Program Files\Windows Sidebar\sidebar.exe /autoRun]
C:\Program Files\Windows Sidebar\sidebar.exe
1475584 bytes
Created:  27.04.2011 22:52
Modified: 20.11.2010 15:25
Company:  Microsoft Corporation
--------------------
Value Name: [ctfmon.exe]
Value Data: ["C:\Windows\system32\ctfmon.exe"]
C:\Windows\SysWoW64\ctfmon.exe
8704 bytes
Created:  14.07.2009 01:26
Modified: 14.07.2009 03:14
Company:  Microsoft Corporation
--------------------
Value Name: [AVMUSBFernanschluss]
Value Data: ["C:\Users\sauterch\AppData\Local\Apps\2.0\N7JC67JJ.28D\EXZ09BGP.07J\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\AVMAutoStart.exe"]
C:\Users\sauterch\AppData\Local\Apps\2.0\N7JC67JJ.28D\EXZ09BGP.07J\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\AVMAutoStart.exe
139264 bytes
Created:  30.12.2013 20:34
Modified: 30.12.2013 20:34
Company:  AVM Berlin
--------------------
Checking HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
This Registry key appears to be empty

************************************************************
22:20:58: Scanning ----- Windows 64-Bit Registry -----
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value Name: [ShadowPlay]
Value Data: [C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart]
C:\Windows\System32\nvspcap64.dll
1279480 bytes
Created:  05.06.2014 10:21
Modified: 30.05.2014 01:07
Company:  NVIDIA Corporation
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
This Registry key appears to be empty

************************************************************
22:20:59: Scanning -----SHELLEXECUTEHOOKS-----
ShellExecuteHooks key is empty

************************************************************
22:20:59: Scanning -----HIDDEN REGISTRY ENTRIES-----
Taskdir check completed
----------
No Hidden File-loading Registry Entries found
----------

************************************************************
22:20:59: Scanning -----ACTIVE SCREENSAVER-----
ScreenSaver: C:\Windows\CSS.scr
C:\Windows\CSS.scr
371712 bytes
Created:  08.01.2008 13:37
Modified: 08.01.2008 13:37
Company:  ABF software, Inc.
--------------------

************************************************************
22:20:59: Scanning ----- REGISTRY ACTIVE SETUP KEYS -----
Key:  {2D46B6DC-2207-486B-B523-A557E6D54B47}
Path: C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
C:\Windows\SysWoW64\ie4uinit.exe - [file not found to scan]
----------

************************************************************
22:20:59: Scanning ----- SERVICEDLL REGISTRY KEYS -----
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
[INCOMPLETE SCAN LOG RECOVERED]
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

***** LAYERED SERVICE PROVIDER CHECKS *****
Trojan Remover Ver 6.9.1.2931. For information, email support@simplysup.com
[Registered to: sauterch@yahoo.de]
Scan started at: 22:20:37 24 Jul 2014
Using Database v8420
Operating System:  Windows 7 x64 Home Premium (SP1) [Build: 6.1.7601]
File System:      NTFS
User Account Control is Enabled
[Secure Desktop Prompt is DISABLED]
UserData directory: C:\Users\sauterch\AppData\Roaming\Simply Super Software\Trojan Remover\
Database directory: C:\ProgramData\Simply Super Software\Trojan Remover\Data\
Logfile directory:  C:\Users\sauterch\Documents\Simply Super Software\Trojan Remover Logfiles\
Program directory:  D:\Trojan Remover\
Running with Administrator privileges

************************************************************
No errors were located in the Layered Service Provider Registry entries.
No action was taken.
************************************************************


***** WINDOWS HOSTS FILE RESET *****
Trojan Remover Ver 6.9.1.2931. For information, email support@simplysup.com
[Registered to: sauterch@yahoo.de]
Scan started at: 22:20:27 24 Jul 2014
Using Database v8420
Operating System:  Windows 7 x64 Home Premium (SP1) [Build: 6.1.7601]
File System:      NTFS
User Account Control is Enabled
[Secure Desktop Prompt is DISABLED]
UserData directory: C:\Users\sauterch\AppData\Roaming\Simply Super Software\Trojan Remover\
Database directory: C:\ProgramData\Simply Super Software\Trojan Remover\Data\
Logfile directory:  C:\Users\sauterch\Documents\Simply Super Software\Trojan Remover Logfiles\
Program directory:  D:\Trojan Remover\
Running with Administrator privileges

************************************************************
The original HOSTS file has been backed up to C:\Windows\system32\Drivers\etc\hosts.trb
The HOSTS file has been reset to the default supplied by Microsoft
************************************************************


***** LAYERED SERVICE PROVIDER CHECKS *****
Trojan Remover Ver 6.9.1.2931. For information, email support@simplysup.com
[Registered to: sauterch@yahoo.de]
Scan started at: 22:20:04 24 Jul 2014
Using Database v8420
Operating System:  Windows 7 x64 Home Premium (SP1) [Build: 6.1.7601]
File System:      NTFS
User Account Control is Enabled
[Secure Desktop Prompt is DISABLED]
UserData directory: C:\Users\sauterch\AppData\Roaming\Simply Super Software\Trojan Remover\
Database directory: C:\ProgramData\Simply Super Software\Trojan Remover\Data\
Logfile directory:  C:\Users\sauterch\Documents\Simply Super Software\Trojan Remover Logfiles\
Program directory:  D:\Trojan Remover\
Running with Administrator privileges

************************************************************
No errors were located in the Layered Service Provider Registry entries.
No action was taken.
************************************************************


======================================
[INCOMPLETE SCAN LOG RECOVERED]
======================================
***** NORMAL SCAN FOR ACTIVE MALWARE *****
Trojan Remover Ver 6.9.1.2931. For information, email support@simplysup.com
[Registered to: sauterch@yahoo.de]
Scan started at: 22:13:57 24 Jul 2014
Using Database v8420
Operating System:  Windows 7 x64 Home Premium (SP1) [Build: 6.1.7601]
File System:      NTFS
User Account Control is Enabled
[Secure Desktop Prompt is DISABLED]
UserData directory: C:\Users\sauterch\AppData\Roaming\Simply Super Software\Trojan Remover\
Database directory: C:\ProgramData\Simply Super Software\Trojan Remover\Data\
Logfile directory:  C:\Users\sauterch\Documents\Simply Super Software\Trojan Remover Logfiles\
Program directory:  D:\Trojan Remover\
Running with Administrator privileges

************************************************************
22:13:58: ----- Checking Default File Associations -----
No modified default file associations detected

************************************************************
22:13:58: ----- SCANNING FOR ROOTKIT SERVICES -----
No hidden Services were detected.

************************************************************
22:13:58: Scanning ----- Windows Registry -----
--------------------
Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
This key's "Shell" value calls the following program(s):
Key value: [explorer.exe]
File: C:\Windows\Explorer.exe
C:\Windows\Explorer.exe
2871808 bytes
Created:  27.04.2011 18:56
Modified: 25.02.2011 08:19
Company:  Microsoft Corporation
----------
This key's "Userinit" value calls the following program(s):
Key value: [C:\Windows\system32\userinit.exe,]
File: C:\Windows\system32\userinit.exe
C:\Windows\System32\userinit.exe
30720 bytes
Created:  27.04.2011 22:51
Modified: 20.11.2010 15:25
Company:  Microsoft Corporation
----------
--------------------
Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value Name: [IMSS]
Value Data: ["C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"]
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
111640 bytes
Created:  31.12.2010 12:38
Modified: 30.09.2009 20:02
Company: 
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
This Registry key appears to be empty
--------------------
Checking HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Value Name: [Sidebar]
Value Data: [C:\Program Files\Windows Sidebar\sidebar.exe /autoRun]
C:\Program Files\Windows Sidebar\sidebar.exe
1475584 bytes
Created:  27.04.2011 22:52
Modified: 20.11.2010 15:25
Company:  Microsoft Corporation
--------------------
Value Name: [ctfmon.exe]
Value Data: ["C:\Windows\system32\ctfmon.exe"]
C:\Windows\SysWoW64\ctfmon.exe
8704 bytes
Created:  14.07.2009 01:26
Modified: 14.07.2009 03:14
Company:  Microsoft Corporation
--------------------
Value Name: [AVMUSBFernanschluss]
Value Data: ["C:\Users\sauterch\AppData\Local\Apps\2.0\N7JC67JJ.28D\EXZ09BGP.07J\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\AVMAutoStart.exe"]
C:\Users\sauterch\AppData\Local\Apps\2.0\N7JC67JJ.28D\EXZ09BGP.07J\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\AVMAutoStart.exe
139264 bytes
Created:  30.12.2013 20:34
Modified: 30.12.2013 20:34
Company:  AVM Berlin
--------------------
Checking HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
This Registry key appears to be empty

************************************************************
22:13:59: Scanning ----- Windows 64-Bit Registry -----
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value Name: [ShadowPlay]
Value Data: [C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart]
C:\Windows\System32\nvspcap64.dll
1279480 bytes
Created:  05.06.2014 10:21
Modified: 30.05.2014 01:07
Company:  NVIDIA Corporation
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
This Registry key appears to be empty

************************************************************
22:13:59: Scanning -----SHELLEXECUTEHOOKS-----
ShellExecuteHooks key is empty

************************************************************
22:13:59: Scanning -----HIDDEN REGISTRY ENTRIES-----
Taskdir check completed
----------
No Hidden File-loading Registry Entries found
----------

************************************************************
22:14:00: Scanning -----ACTIVE SCREENSAVER-----
ScreenSaver: C:\Windows\CSS.scr
C:\Windows\CSS.scr
371712 bytes
Created:  08.01.2008 13:37
Modified: 08.01.2008 13:37
Company:  ABF software, Inc.
--------------------

************************************************************
22:14:00: Scanning ----- REGISTRY ACTIVE SETUP KEYS -----
Key:  {2D46B6DC-2207-486B-B523-A557E6D54B47}
Path: C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
C:\Windows\SysWoW64\ie4uinit.exe - [file not found to scan]
----------

************************************************************
22:14:00: Scanning ----- SERVICEDLL REGISTRY KEYS -----
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
[INCOMPLETE SCAN LOG RECOVERED]
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

***** THE SYSTEM HAS BEEN RESTARTED *****
24.07.2014 22:07:31: Trojan Remover has been restarted
24.07.2014 22:07:31: Trojan Remover closed
************************************************************


***** NORMAL SCAN FOR ACTIVE MALWARE *****
Trojan Remover Ver 6.9.1.2931. For information, email support@simplysup.com
[Registered to: sauterch@yahoo.de]
Scan started at: 17:41:57 23 Jul 2014
Using Database v8420
Operating System:  Windows 7 x64 Home Premium (SP1) [Build: 6.1.7601]
File System:      NTFS
User Account Control is Enabled
[Secure Desktop Prompt is DISABLED]
UserData directory: C:\Users\sauterch\AppData\Roaming\Simply Super Software\Trojan Remover\
Database directory: C:\ProgramData\Simply Super Software\Trojan Remover\Data\
Logfile directory:  C:\Users\sauterch\Documents\Simply Super Software\Trojan Remover Logfiles\
Program directory:  D:\Trojan Remover\
Running with Administrator privileges

************************************************************
PC appears to be in SAFE MODE.

************************************************************

17:41:58: ----- Checking Default File Associations -----
No modified default file associations detected

************************************************************
17:41:58: ----- SCANNING FOR ROOTKIT SERVICES -----
No hidden Services were detected.

************************************************************
17:41:59: Scanning ----- Windows Registry -----
--------------------
Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
This key's "Shell" value calls the following program(s):
Key value: [explorer.exe]
File: C:\Windows\Explorer.exe
C:\Windows\Explorer.exe
2871808 bytes
Created:  27.04.2011 18:56
Modified: 25.02.2011 08:19
Company:  Microsoft Corporation
----------
This key's "Userinit" value calls the following program(s):
Key value: [C:\Windows\system32\userinit.exe,]
File: C:\Windows\system32\userinit.exe
C:\Windows\System32\userinit.exe
30720 bytes
Created:  27.04.2011 22:51
Modified: 20.11.2010 15:25
Company:  Microsoft Corporation
----------
--------------------
Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value Name: [IMSS]
Value Data: ["C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"]
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
111640 bytes
Created:  31.12.2010 12:38
Modified: 30.09.2009 20:02
Company: 
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
Value Name: [Malwarebytes Anti-Malware (cleanup)]
Value Data: ["C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe" "C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware"]
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe
54072 bytes
Created:  23.07.2014 06:44
Modified: 12.05.2014 07:24
Company:  Malwarebytes Corporation
--------------------
Value Name: [Trojan Remover]
Value Data: ["D:\Trojan Remover\RMVTRJAN.EXE" /restart]
D:\Trojan Remover\RMVTRJAN.EXE
5468008 bytes
Created:  25.08.2013 20:52
Modified: 22.05.2014 18:34
Company:  Simply Super Software
--------------------
Checking HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Value Name: [Sidebar]
Value Data: [C:\Program Files\Windows Sidebar\sidebar.exe /autoRun]
C:\Program Files\Windows Sidebar\sidebar.exe
1475584 bytes
Created:  27.04.2011 22:52
Modified: 20.11.2010 15:25
Company:  Microsoft Corporation
--------------------
Value Name: [ctfmon.exe]
Value Data: ["C:\Windows\system32\ctfmon.exe"]
C:\Windows\SysWoW64\ctfmon.exe
8704 bytes
Created:  14.07.2009 01:26
Modified: 14.07.2009 03:14
Company:  Microsoft Corporation
--------------------
Value Name: [AVMUSBFernanschluss]
Value Data: ["C:\Users\sauterch\AppData\Local\Apps\2.0\N7JC67JJ.28D\EXZ09BGP.07J\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\AVMAutoStart.exe"]
C:\Users\sauterch\AppData\Local\Apps\2.0\N7JC67JJ.28D\EXZ09BGP.07J\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\AVMAutoStart.exe
139264 bytes
Created:  30.12.2013 20:34
Modified: 30.12.2013 20:34
Company:  AVM Berlin
--------------------
Checking HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
This Registry key appears to be empty

************************************************************
17:42:01: Scanning ----- Windows 64-Bit Registry -----
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value Name: [ShadowPlay]
Value Data: [C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart]
C:\Windows\System32\nvspcap64.dll
1279480 bytes
Created:  05.06.2014 10:21
Modified: 30.05.2014 01:07
Company:  NVIDIA Corporation
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
This Registry key appears to be empty

************************************************************
17:42:01: Scanning -----SHELLEXECUTEHOOKS-----
ShellExecuteHooks key is empty

************************************************************
17:42:01: Scanning -----HIDDEN REGISTRY ENTRIES-----
Taskdir check completed
----------
No Hidden File-loading Registry Entries found
----------

************************************************************
17:42:01: Scanning -----ACTIVE SCREENSAVER-----
ScreenSaver: C:\Windows\CSS.scr
C:\Windows\CSS.scr
371712 bytes
Created:  08.01.2008 13:37
Modified: 08.01.2008 13:37
Company:  ABF software, Inc.
--------------------

************************************************************
17:42:02: Scanning ----- REGISTRY ACTIVE SETUP KEYS -----
Key:  {2D46B6DC-2207-486B-B523-A557E6D54B47}
Path: C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
C:\Windows\SysWoW64\ie4uinit.exe - [file not found to scan]
----------

************************************************************
17:42:02: Scanning ----- SERVICEDLL REGISTRY KEYS -----

************************************************************
17:42:20: Scanning ----- SERVICES REGISTRY KEYS -----
Key:      FsUsbExDisk
ImagePath: \??\C:\Windows\SysWOW64\FsUsbExDisk.SYS
C:\Windows\SysWOW64\FsUsbExDisk.SYS
37344 bytes
Created:  22.02.2013 23:17
Modified: 05.02.2013 10:54
Company:  [no info]
----------
Key:      RxFilter
ImagePath: system32\DRIVERS\RxFilter.sys
C:\Windows\System32\DRIVERS\RxFilter.sys - [file not found to scan]
----------
Key:      SessionLauncher
ImagePath: C:\Users\sauterch\AppData\Local\Temp\DX9\SessionLauncher.exe
C:\Users\sauterch\AppData\Local\Temp\DX9\SessionLauncher.exe - [file not found to scan]
----------

************************************************************
17:42:32: Scanning -----VXD ENTRIES-----

************************************************************
17:42:32: Scanning ----- ContextMenuHandlers -----
Key:  PhotoStreamsExt
CLSID: {89D984B3-813B-406A-8298-118AFA3A22AE}
Path:  C:\Program Files (x86)\Common Files\Apple\Internet Services\ShellStreams.dll
C:\Program Files (x86)\Common Files\Apple\Internet Services\ShellStreams.dll
600392 bytes
Created:  20.11.2013 16:43
Modified: 20.11.2013 16:43
Company:  Apple Inc.
----------
Key:  TuneUp Shredder Shell Extension
CLSID: {4858E7D9-8E12-45a3-B6A3-1CD128C9D403}
Path:  D:\TuneUp Utilities 2011\SDShelEx-win32.dll
D:\TuneUp Utilities 2011\SDShelEx-win32.dll
30016 bytes
Created:  13.12.2011 10:29
Modified: 13.12.2011 10:29
Company:  TuneUp Software
----------
Key:  VersionsPageShellExt
CLSID: {9E42900A-85F9-4E67-9778-575FBBA0A81C}
Path:  D:\Acronis True Image_2011\versions_page.dll
D:\Acronis True Image_2011\versions_page.dll
128352 bytes
Created:  22.09.2011 23:22
Modified: 22.09.2011 23:22
Company:  Acronis
----------
Key:  {C539A15A-3AF9-4c92-B771-50CB78F5C751}
Path:  D:\Acronis True Image_2011\tishell.dll
D:\Acronis True Image_2011\tishell.dll
1030536 bytes
Created:  22.09.2011 23:21
Modified: 22.09.2011 23:21
Company:  Acronis
----------

************************************************************
17:42:33: Scanning ----- Folder\ColumnHandlers -----
No Folder\ColumnHandler entries found to scan

************************************************************
17:42:33: Scanning ----- 64-Bit ContextMenuHandlers -----
Key:  7-Zip
CLSID: {23170F69-40C1-278A-1000-000100020000}
Path:  D:\7-Zip\7-zip.dll
D:\7-Zip\7-zip.dll
86016 bytes
Created:  18.11.2010 22:08
Modified: 18.11.2010 22:08
Company:  Igor Pavlov
----------
Key:  PhotoStreamsExt
CLSID: {89D984B3-813B-406A-8298-118AFA3A22AE}
Path:  C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll
C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll
1242440 bytes
Created:  20.11.2013 16:43
Modified: 20.11.2013 16:43
Company:  Apple Inc.
----------
Key:  RXDCExtSvr
CLSID: {0FB82570-BB2D-23D3-8D3B-AC2F34F1FA3C}
Path:  C:\Program Files\Roxio\Virtual Drive 10\DC_ShellExt64.dll
C:\Program Files\Roxio\Virtual Drive 10\DC_ShellExt64.dll
145904 bytes
Created:  26.06.2009 12:31
Modified: 26.06.2009 12:31
Company:  Sonic Solutions
----------
Key:  TuneUp Shredder Shell Extension
CLSID: {4858E7D9-8E12-45a3-B6A3-1CD128C9D403}
Path:  D:\TuneUp Utilities 2011\SDShelEx-x64.dll
D:\TuneUp Utilities 2011\SDShelEx-x64.dll
28480 bytes
Created:  13.12.2011 10:29
Modified: 13.12.2011 10:29
Company:  TuneUp Software
----------
Key:  VersionsPageShellExt
CLSID: {9E42900A-85F9-4E67-9778-575FBBA0A81C}
Path:  D:\Acronis True Image_2011\x64\versions_page.dll
D:\Acronis True Image_2011\x64\versions_page.dll
142176 bytes
Created:  22.09.2011 23:22
Modified: 22.09.2011 23:22
Company:  Acronis
----------
Key:  {C539A15A-3AF9-4c92-B771-50CB78F5C751}
Path:  D:\Acronis True Image_2011\tishell64.dll
D:\Acronis True Image_2011\tishell64.dll
1246088 bytes
Created:  22.09.2011 23:22
Modified: 22.09.2011 23:22
Company:  Acronis
----------

************************************************************
17:42:34: Scanning ----- 64-Bit Folder\ColumnHandlers -----
No Folder\ColumnHandler entries found to scan

************************************************************
17:42:34: Scanning ----- Browser Helper Objects -----
Key: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
BHO: D:\Java\bin\ssv.dll
D:\Java\bin\ssv.dll
462760 bytes
Created:  20.10.2013 13:37
Modified: 14.04.2014 20:11
Company:  Oracle Corporation
----------
Key: {DBC80044-A445-435b-BC74-9C25C1C588A9}
BHO: D:\Java\bin\jp2ssv.dll
D:\Java\bin\jp2ssv.dll
171944 bytes
Created:  20.10.2013 13:37
Modified: 14.04.2014 20:07
Company:  Oracle Corporation
----------

************************************************************
17:42:34: Scanning ----- 64-Bit Browser Helper Objects -----
Key: {9030D464-4C02-4ABF-8ECC-5164760863C6}
BHO: C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
529664 bytes
Created:  17.07.2012 15:17
Modified: 17.07.2012 15:17
Company:  Microsoft Corp.
----------

************************************************************
17:42:34: Scanning ----- ShellServiceObjectDelayLoad Entries -----

************************************************************
17:42:34: Scanning ----- 64-Bit ShellServiceObjectDelayLoad Entries -----

************************************************************
17:42:34: Scanning ----- ShellServiceObjects -----

************************************************************
17:42:39: Scanning ----- 64-Bit ShellServiceObjects -----

************************************************************
17:42:43: Scanning ----- SHAREDTASKSCHEDULER ENTRIES -----
No SharedTaskScheduler entries found to scan

************************************************************
17:42:43: Scanning ----- IMAGEFILE DEBUGGERS -----
No "Debugger" entries found.

************************************************************
17:42:43: Scanning ----- APPINIT_DLLS -----
No AppInit_DLLs value found to check

************************************************************
17:42:43: Scanning ----- 64-Bit APPINIT_DLLS -----
No 64-Bit AppInit_DLLs value found to check

************************************************************
17:42:44: Scanning ----- SECURITY PROVIDER DLLS -----

************************************************************
17:42:44: Scanning ----- CREDENTIAL PROVIDERS -----

************************************************************
17:42:46: Scanning ------ COMMON STARTUP GROUP ------
[C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup]
The Common Startup Group attempts to load the following file(s) at boot time:
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-HS- 174 bytes
Created:  14.07.2009 06:54
Modified: 14.07.2009 06:54
Company:  [no info]
--------------------

************************************************************
17:42:46: Scanning ----- USER STARTUP GROUPS -----
Checking Startup Group for: sauterch
[C:\Users\sauterch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup]
C:\Users\sauterch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-HS- 174 bytes
Created:  30.12.2010 22:36
Modified: 15.05.2014 18:17
Company:  [no info]
----------
--------------------

************************************************************
17:42:46: Scanning ----- SCHEDULED TASKS -----
Scheduled Tasks not scanned: running in Safe Mode so Task Scheduler service not running

************************************************************
17:42:46: Scanning ----- SHELLICONOVERLAYIDENTIFIERS -----

************************************************************
17:42:46: Scanning ----- DEVICE DRIVER ENTRIES -----
Value: vidc.i420
File:  lvcodec2.dll
C:\Windows\SysWoW64\lvcodec2.dll
416280 bytes
Created:  26.07.2008 16:23
Modified: 26.07.2008 16:23
Company:  Logitech Inc.
----------
Value: msacm.l3acm
File:  C:\Windows\SysWOW64\l3codeca.acm
C:\Windows\SysWOW64\l3codeca.acm
64000 bytes
Created:  14.07.2009 02:07
Modified: 14.07.2009 03:14
Company:  Fraunhofer Institut Integrierte Schaltungen IIS
----------

************************************************************
17:42:47: ----- ADDITIONAL CHECKS -----
Heuristic checks for hidden files/drivers completed
----------
Layered Service Provider entries checks completed
----------
Windows Explorer Policies checks completed
----------
Desktop Wallpaper: C:\Users\sauterch\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
C:\Users\sauterch\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
144595 bytes
Created:  30.12.2010 22:36
Modified: 30.08.2013 21:04
Company:  [no info]
----------
Web Desktop Wallpaper entry is blank
----------
Checks for rogue DNS NameServers completed
----------
Checks for Backdoor.ZeroAccess completed
----------
Safe Mode checks completed
----------
Additional checks completed

************************************************************
17:42:47: Scanning ----- RUNNING PROCESSES -----

C:\Windows\System32\smss.exe
112640 bytes
Created:  12.09.2013 18:17
Modified: 02.08.2013 02:59
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\csrss.exe
7680 bytes
Created:  14.07.2009 01:19
Modified: 14.07.2009 03:39
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\wininit.exe
129024 bytes
Created:  14.07.2009 01:52
Modified: 14.07.2009 03:39
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\winlogon.exe
455168 bytes
Created:  14.05.2014 18:13
Modified: 04.03.2014 11:43
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\services.exe
328704 bytes
Created:  14.07.2009 01:19
Modified: 14.07.2009 03:39
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\lsass.exe
31232 bytes
Created:  14.05.2014 18:13
Modified: 12.04.2014 04:19
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\lsm.exe
343040 bytes
Created:  27.04.2011 22:52
Modified: 20.11.2010 15:24
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\svchost.exe
27136 bytes
Created:  14.07.2009 01:31
Modified: 14.07.2009 03:39
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\ctfmon.exe
9728 bytes
Created:  14.07.2009 01:39
Modified: 14.07.2009 03:39
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\wbem\WmiPrvSE.exe
372736 bytes
Created:  27.04.2011 22:52
Modified: 20.11.2010 15:25
Company:  Microsoft Corporation
--------------------

************************************************************
17:42:49: Checking HOSTS file
No malicious entries were found in the HOSTS file

************************************************************
17:42:49: Checking ----- ROGUE BROWSER MODIFICATIONS -----

************************************************************
------ INTERNET EXPLORER HOME/START/SEARCH SETTINGS ------
HKLM\Software\Microsoft\Internet Explorer\Main\"Start Page":
about:blank
HKLM\Software\Microsoft\Internet Explorer\Main\"Local Page":
C:\Windows\SysWOW64\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main\"Search Page":
hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKCU\Software\Microsoft\Internet Explorer\Main\"Start Page":
hxxp://www.my-online-search.com/?babsrc=HP_ofln&mntrId=D840ED1AFF0F1A72&cat=delta&dlb=0&affID=122471
HKCU\Software\Microsoft\Internet Explorer\Main\"Local Page":
C:\Windows\system32\blank.htm
HKCU\Software\Microsoft\Internet Explorer\Main\"Search Page":
hxxp://go.microsoft.com/fwlink/?LinkId=54896

************************************************************
=== NO CHANGES HAVE BEEN MADE TO YOUR SYSTEM FILES ===
Scan completed at: 17:42:49 23 Jul 2014
Total Scan time: 00:00:52
************************************************************


***** NORMAL SCAN FOR ACTIVE MALWARE *****
Trojan Remover Ver 6.9.1.2931. For information, email support@simplysup.com
[Registered to: sauterch@yahoo.de]
Scan started at: 17:36:43 23 Jul 2014
Using Database v8420
Operating System:  Windows 7 x64 Home Premium (SP1) [Build: 6.1.7601]
File System:      NTFS
User Account Control is Enabled
[Secure Desktop Prompt is DISABLED]
UserData directory: C:\Users\sauterch\AppData\Roaming\Simply Super Software\Trojan Remover\
Database directory: C:\ProgramData\Simply Super Software\Trojan Remover\Data\
Logfile directory:  C:\Users\sauterch\Documents\Simply Super Software\Trojan Remover Logfiles\
Program directory:  D:\Trojan Remover\
Running with Administrator privileges

************************************************************
PC appears to be in SAFE MODE.

************************************************************

17:36:44: ----- Checking Default File Associations -----
No modified default file associations detected

************************************************************
17:36:44: ----- SCANNING FOR ROOTKIT SERVICES -----
No hidden Services were detected.

************************************************************
17:36:44: Scanning ----- Windows Registry -----
--------------------
Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
This key's "Shell" value calls the following program(s):
Key value: [explorer.exe]
File: C:\Windows\Explorer.exe
C:\Windows\Explorer.exe
2871808 bytes
Created:  27.04.2011 18:56
Modified: 25.02.2011 08:19
Company:  Microsoft Corporation
----------
This key's "Userinit" value calls the following program(s):
Key value: [C:\Windows\system32\userinit.exe,]
File: C:\Windows\system32\userinit.exe
C:\Windows\System32\userinit.exe
30720 bytes
Created:  27.04.2011 22:51
Modified: 20.11.2010 15:25
Company:  Microsoft Corporation
----------
--------------------
Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value Name: [IMSS]
Value Data: ["C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"]
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
111640 bytes
Created:  31.12.2010 12:38
Modified: 30.09.2009 20:02
Company: 
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
Value Name: [Malwarebytes Anti-Malware (cleanup)]
Value Data: ["C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe" "C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware"]
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe
54072 bytes
Created:  23.07.2014 06:44
Modified: 12.05.2014 07:24
Company:  Malwarebytes Corporation
--------------------
Checking HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Value Name: [Sidebar]
Value Data: [C:\Program Files\Windows Sidebar\sidebar.exe /autoRun]
C:\Program Files\Windows Sidebar\sidebar.exe
1475584 bytes
Created:  27.04.2011 22:52
Modified: 20.11.2010 15:25
Company:  Microsoft Corporation
--------------------
Value Name: [ctfmon.exe]
Value Data: ["C:\Windows\system32\ctfmon.exe"]
C:\Windows\SysWoW64\ctfmon.exe
8704 bytes
Created:  14.07.2009 01:26
Modified: 14.07.2009 03:14
Company:  Microsoft Corporation
--------------------
Value Name: [AVMUSBFernanschluss]
Value Data: ["C:\Users\sauterch\AppData\Local\Apps\2.0\N7JC67JJ.28D\EXZ09BGP.07J\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\AVMAutoStart.exe"]
C:\Users\sauterch\AppData\Local\Apps\2.0\N7JC67JJ.28D\EXZ09BGP.07J\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\AVMAutoStart.exe
139264 bytes
Created:  30.12.2013 20:34
Modified: 30.12.2013 20:34
Company:  AVM Berlin
--------------------
Checking HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
This Registry key appears to be empty

************************************************************
17:36:46: Scanning ----- Windows 64-Bit Registry -----
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value Name: [ShadowPlay]
Value Data: [C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart]
C:\Windows\System32\nvspcap64.dll
1279480 bytes
Created:  05.06.2014 10:21
Modified: 30.05.2014 01:07
Company:  NVIDIA Corporation
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
This Registry key appears to be empty

************************************************************
17:36:46: Scanning -----SHELLEXECUTEHOOKS-----
ShellExecuteHooks key is empty

************************************************************
17:36:46: Scanning -----HIDDEN REGISTRY ENTRIES-----
Taskdir check completed
----------
No Hidden File-loading Registry Entries found
----------

************************************************************
17:36:46: Scanning -----ACTIVE SCREENSAVER-----
ScreenSaver: C:\Windows\CSS.scr
C:\Windows\CSS.scr
371712 bytes
Created:  08.01.2008 13:37
Modified: 08.01.2008 13:37
Company:  ABF software, Inc.
--------------------

************************************************************
17:36:47: Scanning ----- REGISTRY ACTIVE SETUP KEYS -----
Key:  {2D46B6DC-2207-486B-B523-A557E6D54B47}
Path: C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
C:\Windows\SysWoW64\ie4uinit.exe - [file not found to scan]
----------

************************************************************
17:36:47: Scanning ----- SERVICEDLL REGISTRY KEYS -----

************************************************************
17:37:06: Scanning ----- SERVICES REGISTRY KEYS -----
Key:      FsUsbExDisk
ImagePath: \??\C:\Windows\SysWOW64\FsUsbExDisk.SYS
C:\Windows\SysWOW64\FsUsbExDisk.SYS
37344 bytes
Created:  22.02.2013 23:17
Modified: 05.02.2013 10:54
Company:  [no info]
----------
Key:      RxFilter
ImagePath: system32\DRIVERS\RxFilter.sys
C:\Windows\System32\DRIVERS\RxFilter.sys - [file not found to scan]
----------
Key:      SessionLauncher
ImagePath: C:\Users\sauterch\AppData\Local\Temp\DX9\SessionLauncher.exe
C:\Users\sauterch\AppData\Local\Temp\DX9\SessionLauncher.exe - [file not found to scan]
----------

************************************************************
17:37:18: Scanning -----VXD ENTRIES-----

************************************************************
17:37:18: Scanning ----- ContextMenuHandlers -----
Key:  PhotoStreamsExt
CLSID: {89D984B3-813B-406A-8298-118AFA3A22AE}
Path:  C:\Program Files (x86)\Common Files\Apple\Internet Services\ShellStreams.dll
C:\Program Files (x86)\Common Files\Apple\Internet Services\ShellStreams.dll
600392 bytes
Created:  20.11.2013 16:43
Modified: 20.11.2013 16:43
Company:  Apple Inc.
----------
Key:  TuneUp Shredder Shell Extension
CLSID: {4858E7D9-8E12-45a3-B6A3-1CD128C9D403}
Path:  D:\TuneUp Utilities 2011\SDShelEx-win32.dll
D:\TuneUp Utilities 2011\SDShelEx-win32.dll
30016 bytes
Created:  13.12.2011 10:29
Modified: 13.12.2011 10:29
Company:  TuneUp Software
----------
Key:  VersionsPageShellExt
CLSID: {9E42900A-85F9-4E67-9778-575FBBA0A81C}
Path:  D:\Acronis True Image_2011\versions_page.dll
D:\Acronis True Image_2011\versions_page.dll
128352 bytes
Created:  22.09.2011 23:22
Modified: 22.09.2011 23:22
Company:  Acronis
----------
Key:  {C539A15A-3AF9-4c92-B771-50CB78F5C751}
Path:  D:\Acronis True Image_2011\tishell.dll
D:\Acronis True Image_2011\tishell.dll
1030536 bytes
Created:  22.09.2011 23:21
Modified: 22.09.2011 23:21
Company:  Acronis
----------

************************************************************
17:37:19: Scanning ----- Folder\ColumnHandlers -----
No Folder\ColumnHandler entries found to scan

************************************************************
17:37:19: Scanning ----- 64-Bit ContextMenuHandlers -----
Key:  7-Zip
CLSID: {23170F69-40C1-278A-1000-000100020000}
Path:  D:\7-Zip\7-zip.dll
D:\7-Zip\7-zip.dll
86016 bytes
Created:  18.11.2010 22:08
Modified: 18.11.2010 22:08
Company:  Igor Pavlov
----------
Key:  PhotoStreamsExt
CLSID: {89D984B3-813B-406A-8298-118AFA3A22AE}
Path:  C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll
C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll
1242440 bytes
Created:  20.11.2013 16:43
Modified: 20.11.2013 16:43
Company:  Apple Inc.
----------
Key:  RXDCExtSvr
CLSID: {0FB82570-BB2D-23D3-8D3B-AC2F34F1FA3C}
Path:  C:\Program Files\Roxio\Virtual Drive 10\DC_ShellExt64.dll
C:\Program Files\Roxio\Virtual Drive 10\DC_ShellExt64.dll
145904 bytes
Created:  26.06.2009 12:31
Modified: 26.06.2009 12:31
Company:  Sonic Solutions
----------
Key:  TuneUp Shredder Shell Extension
CLSID: {4858E7D9-8E12-45a3-B6A3-1CD128C9D403}
Path:  D:\TuneUp Utilities 2011\SDShelEx-x64.dll
D:\TuneUp Utilities 2011\SDShelEx-x64.dll
28480 bytes
Created:  13.12.2011 10:29
Modified: 13.12.2011 10:29
Company:  TuneUp Software
----------
Key:  VersionsPageShellExt
CLSID: {9E42900A-85F9-4E67-9778-575FBBA0A81C}
Path:  D:\Acronis True Image_2011\x64\versions_page.dll
D:\Acronis True Image_2011\x64\versions_page.dll
142176 bytes
Created:  22.09.2011 23:22
Modified: 22.09.2011 23:22
Company:  Acronis
----------
Key:  {C539A15A-3AF9-4c92-B771-50CB78F5C751}
Path:  D:\Acronis True Image_2011\tishell64.dll
D:\Acronis True Image_2011\tishell64.dll
1246088 bytes
Created:  22.09.2011 23:22
Modified: 22.09.2011 23:22
Company:  Acronis
----------

************************************************************
17:37:20: Scanning ----- 64-Bit Folder\ColumnHandlers -----
No Folder\ColumnHandler entries found to scan

************************************************************
17:37:20: Scanning ----- Browser Helper Objects -----
Key: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
BHO: D:\Java\bin\ssv.dll
D:\Java\bin\ssv.dll
462760 bytes
Created:  20.10.2013 13:37
Modified: 14.04.2014 20:11
Company:  Oracle Corporation
----------
Key: {DBC80044-A445-435b-BC74-9C25C1C588A9}
BHO: D:\Java\bin\jp2ssv.dll
D:\Java\bin\jp2ssv.dll
171944 bytes
Created:  20.10.2013 13:37
Modified: 14.04.2014 20:07
Company:  Oracle Corporation
----------

************************************************************
17:37:20: Scanning ----- 64-Bit Browser Helper Objects -----
Key: {9030D464-4C02-4ABF-8ECC-5164760863C6}
BHO: C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
529664 bytes
Created:  17.07.2012 15:17
Modified: 17.07.2012 15:17
Company:  Microsoft Corp.
----------

************************************************************
17:37:21: Scanning ----- ShellServiceObjectDelayLoad Entries -----

************************************************************
17:37:21: Scanning ----- 64-Bit ShellServiceObjectDelayLoad Entries -----

************************************************************
17:37:21: Scanning ----- ShellServiceObjects -----

************************************************************
17:37:25: Scanning ----- 64-Bit ShellServiceObjects -----

************************************************************
17:37:30: Scanning ----- SHAREDTASKSCHEDULER ENTRIES -----
No SharedTaskScheduler entries found to scan

************************************************************
17:37:30: Scanning ----- IMAGEFILE DEBUGGERS -----
No "Debugger" entries found.

************************************************************
17:37:30: Scanning ----- APPINIT_DLLS -----
AppInitDLLs entry = []
 - this reference will be removed
----------

************************************************************
17:40:18: Scanning ----- 64-Bit APPINIT_DLLS -----
AppInitDLLs entry = []
 - this reference will be removed
----------

************************************************************
17:40:23: Scanning ----- SECURITY PROVIDER DLLS -----

************************************************************
17:40:23: Scanning ----- CREDENTIAL PROVIDERS -----

************************************************************
17:40:25: Scanning ------ COMMON STARTUP GROUP ------
[C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup]
The Common Startup Group attempts to load the following file(s) at boot time:
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-HS- 174 bytes
Created:  14.07.2009 06:54
Modified: 14.07.2009 06:54
Company:  [no info]
--------------------

************************************************************
17:40:25: Scanning ----- USER STARTUP GROUPS -----
Checking Startup Group for: sauterch
[C:\Users\sauterch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup]
C:\Users\sauterch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-HS- 174 bytes
Created:  30.12.2010 22:36
Modified: 15.05.2014 18:17
Company:  [no info]
----------
--------------------

************************************************************
17:40:25: Scanning ----- SCHEDULED TASKS -----
Scheduled Tasks not scanned: running in Safe Mode so Task Scheduler service not running

************************************************************
17:40:25: Scanning ----- SHELLICONOVERLAYIDENTIFIERS -----

************************************************************
17:40:25: Scanning ----- DEVICE DRIVER ENTRIES -----
Value: vidc.i420
File:  lvcodec2.dll
C:\Windows\SysWoW64\lvcodec2.dll
416280 bytes
Created:  26.07.2008 16:23
Modified: 26.07.2008 16:23
Company:  Logitech Inc.
----------
Value: msacm.l3acm
File:  C:\Windows\SysWOW64\l3codeca.acm
C:\Windows\SysWOW64\l3codeca.acm
64000 bytes
Created:  14.07.2009 02:07
Modified: 14.07.2009 03:14
Company:  Fraunhofer Institut Integrierte Schaltungen IIS
----------

************************************************************
17:40:26: ----- ADDITIONAL CHECKS -----
Heuristic checks for hidden files/drivers completed
----------
Layered Service Provider entries checks completed
----------
Windows Explorer Policies checks completed
----------
Desktop Wallpaper: C:\Users\sauterch\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
C:\Users\sauterch\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
144595 bytes
Created:  30.12.2010 22:36
Modified: 30.08.2013 21:04
Company:  [no info]
----------
Web Desktop Wallpaper entry is blank
----------
Checks for rogue DNS NameServers completed
----------
Checks for Backdoor.ZeroAccess completed
----------
Safe Mode checks completed
----------
Additional checks completed

************************************************************
17:40:26: Scanning ----- RUNNING PROCESSES -----

C:\Windows\System32\smss.exe
112640 bytes
Created:  12.09.2013 18:17
Modified: 02.08.2013 02:59
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\csrss.exe
7680 bytes
Created:  14.07.2009 01:19
Modified: 14.07.2009 03:39
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\wininit.exe
129024 bytes
Created:  14.07.2009 01:52
Modified: 14.07.2009 03:39
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\winlogon.exe
455168 bytes
Created:  14.05.2014 18:13
Modified: 04.03.2014 11:43
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\services.exe
328704 bytes
Created:  14.07.2009 01:19
Modified: 14.07.2009 03:39
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\lsass.exe
31232 bytes
Created:  14.05.2014 18:13
Modified: 12.04.2014 04:19
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\lsm.exe
343040 bytes
Created:  27.04.2011 22:52
Modified: 20.11.2010 15:24
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\svchost.exe
27136 bytes
Created:  14.07.2009 01:31
Modified: 14.07.2009 03:39
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\ctfmon.exe
9728 bytes
Created:  14.07.2009 01:39
Modified: 14.07.2009 03:39
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\dllhost.exe
9728 bytes
Created:  14.07.2009 01:59
Modified: 14.07.2009 03:39
Company:  Microsoft Corporation
--------------------
D:\Trojan Remover\Rmvtrjan.exe
FileSize:          5468008
[This is a Trojan Remover component]
--------------------
--------------------

************************************************************
17:40:28: Checking HOSTS file
No malicious entries were found in the HOSTS file

************************************************************
17:40:28: Checking ----- ROGUE BROWSER MODIFICATIONS -----
{006ee092-9658-4fd6-bd8e-a21a348e59f5} - this rogue IE SearchScope, associated with BrowserHijack.SnapDo, has been removed

************************************************************
------ INTERNET EXPLORER HOME/START/SEARCH SETTINGS ------
HKLM\Software\Microsoft\Internet Explorer\Main\"Start Page":
about:blank
HKLM\Software\Microsoft\Internet Explorer\Main\"Local Page":
C:\Windows\SysWOW64\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main\"Search Page":
hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKCU\Software\Microsoft\Internet Explorer\Main\"Start Page":
hxxp://www.my-online-search.com/?babsrc=HP_ofln&mntrId=D840ED1AFF0F1A72&cat=delta&dlb=0&affID=122471
HKCU\Software\Microsoft\Internet Explorer\Main\"Local Page":
C:\Windows\system32\blank.htm
HKCU\Software\Microsoft\Internet Explorer\Main\"Search Page":
hxxp://go.microsoft.com/fwlink/?LinkId=54896

************************************************************
=== CHANGES WERE MADE TO THE WINDOWS REGISTRY ===
Scan completed at: 17:40:35 23 Jul 2014
Total Scan time: 00:03:52
-------------------------------------------------------------------------
Trojan Remover needs to restart the system to complete operations
23.07.2014 17:40:39: restart commenced
************************************************************


======================================
[INCOMPLETE SCAN LOG RECOVERED]
======================================
***** NORMAL SCAN FOR ACTIVE MALWARE *****
Trojan Remover Ver 6.9.1.2931. For information, email support@simplysup.com
[Registered to: sauterch@yahoo.de]
Scan started at: 22:43:11 15 Jul 2014
Using Database v8420
Operating System:  Windows 7 x64 Home Premium (SP1) [Build: 6.1.7601]
File System:      NTFS
User Account Control is Enabled
[Secure Desktop Prompt is DISABLED]
UserData directory: C:\Users\sauterch\AppData\Roaming\Simply Super Software\Trojan Remover\
Database directory: C:\ProgramData\Simply Super Software\Trojan Remover\Data\
Logfile directory:  C:\Users\sauterch\Documents\Simply Super Software\Trojan Remover Logfiles\
Program directory:  D:\Trojan Remover\
Running with Administrator privileges

************************************************************
22:43:11: ----- Checking Default File Associations -----
No modified default file associations detected

************************************************************
22:43:11: ----- SCANNING FOR ROOTKIT SERVICES -----
No hidden Services were detected.

************************************************************
22:43:11: Scanning ----- Windows Registry -----
--------------------
Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
This key's "Shell" value calls the following program(s):
Key value: [explorer.exe]
File: C:\Windows\Explorer.exe
C:\Windows\Explorer.exe
2871808 bytes
Created:  27.04.2011 18:56
Modified: 25.02.2011 08:19
Company:  Microsoft Corporation
----------
This key's "Userinit" value calls the following program(s):
Key value: [C:\Windows\system32\userinit.exe,]
File: C:\Windows\system32\userinit.exe
C:\Windows\System32\userinit.exe
30720 bytes
Created:  27.04.2011 22:51
Modified: 20.11.2010 15:25
Company:  Microsoft Corporation
----------
--------------------
Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value Name: [TrojanScanner]
Value Data: [D:\Trojan Remover\Trjscan.exe /boot]
D:\Trojan Remover\Trjscan.exe
1666432 bytes
Created:  25.08.2013 20:52
Modified: 05.06.2014 21:46
Company:  Simply Super Software
--------------------
Value Name: [IMSS]
Value Data: ["C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"]
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
111640 bytes
Created:  31.12.2010 12:38
Modified: 30.09.2009 20:02
Company: 
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
This Registry key appears to be empty
--------------------
Checking HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Value Name: [Sidebar]
Value Data: [C:\Program Files\Windows Sidebar\sidebar.exe /autoRun]
C:\Program Files\Windows Sidebar\sidebar.exe
1475584 bytes
Created:  27.04.2011 22:52
Modified: 20.11.2010 15:25
Company:  Microsoft Corporation
--------------------
Value Name: [ctfmon.exe]
Value Data: ["C:\Windows\system32\ctfmon.exe"]
C:\Windows\SysWoW64\ctfmon.exe
8704 bytes
Created:  14.07.2009 01:26
Modified: 14.07.2009 03:14
Company:  Microsoft Corporation
--------------------
Value Name: []
Value Data: [D:\Kies\Kies\External\FirmwareUpdate\KiesPDLR.exe Run                                                                                                                                                                                                                    ]
D:\Kies\Kies\External\FirmwareUpdate\KiesPDLR.exe
845120 bytes
Created:  29.11.2011 21:58
Modified: 14.02.2014 14:55
Company:  Samsung
--------------------
Value Name: [AVMUSBFernanschluss]
Value Data: ["C:\Users\sauterch\AppData\Local\Apps\2.0\N7JC67JJ.28D\EXZ09BGP.07J\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\AVMAutoStart.exe"]
C:\Users\sauterch\AppData\Local\Apps\2.0\N7JC67JJ.28D\EXZ09BGP.07J\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\AVMAutoStart.exe
139264 bytes
Created:  30.12.2013 20:34
Modified: 30.12.2013 20:34
Company:  AVM Berlin
--------------------
Checking HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
This Registry key appears to be empty

************************************************************
22:43:13: Scanning ----- Windows 64-Bit Registry -----
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value Name: [Acronis Scheduler2 Service]
Value Data: ["C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"]
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
391240 bytes
Created:  06.12.2010 07:55
Modified: 06.12.2010 07:55
Company:  Acronis
--------------------
Value Name: [EvtMgr6]
Value Data: [D:\Logitech\SetPointP\SetPoint.exe /launchGaming]
D:\Logitech\SetPointP\SetPoint.exe
1744152 bytes
Created:  07.10.2011 11:38
Modified: 07.10.2011 11:38
Company:  Logitech, Inc.
--------------------
Value Name: [ShadowPlay]
Value Data: [C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart]
C:\Windows\System32\nvspcap64.dll
1279480 bytes
Created:  05.06.2014 10:21
Modified: 30.05.2014 01:07
Company:  NVIDIA Corporation
--------------------
Value Name: [NvBackend]
Value Data: ["C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"]
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
2352072 bytes
Created:  05.06.2014 10:21
Modified: 30.05.2014 01:35
Company:  NVIDIA Corporation
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
This Registry key appears to be empty

************************************************************
22:43:14: Scanning -----SHELLEXECUTEHOOKS-----
ShellExecuteHooks key is empty

************************************************************
22:43:14: Scanning -----HIDDEN REGISTRY ENTRIES-----
Taskdir check completed
----------
No Hidden File-loading Registry Entries found
----------

************************************************************
22:43:14: Scanning -----ACTIVE SCREENSAVER-----
ScreenSaver: C:\Windows\CSS.scr
C:\Windows\CSS.scr
371712 bytes
Created:  08.01.2008 13:37
Modified: 08.01.2008 13:37
Company:  ABF software, Inc.
--------------------

************************************************************
22:43:14: Scanning ----- REGISTRY ACTIVE SETUP KEYS -----
Key:  {2D46B6DC-2207-486B-B523-A557E6D54B47}
Path: C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
C:\Windows\SysWoW64\ie4uinit.exe - [file not found to scan]
----------

************************************************************
22:43:14: Scanning ----- SERVICEDLL REGISTRY KEYS -----

************************************************************
22:43:17: Scanning ----- SERVICES REGISTRY KEYS -----
Key:      FsUsbExDisk
ImagePath: \??\C:\Windows\SysWOW64\FsUsbExDisk.SYS
C:\Windows\SysWOW64\FsUsbExDisk.SYS
37344 bytes
Created:  22.02.2013 23:17
Modified: 05.02.2013 10:54
Company:  [no info]
----------
Key:      GDFwSvc
ImagePath: "D:\GData\Firewall\GDFwSvcx64.exe"
D:\GData\Firewall\GDFwSvcx64.exe - [file not found to scan]
----------
Key:      RxFilter
ImagePath: system32\DRIVERS\RxFilter.sys
C:\Windows\System32\DRIVERS\RxFilter.sys - [file not found to scan]
----------
Key:      SessionLauncher
ImagePath: C:\Users\sauterch\AppData\Local\Temp\DX9\SessionLauncher.exe
C:\Users\sauterch\AppData\Local\Temp\DX9\SessionLauncher.exe - [file not found to scan]
----------

************************************************************
22:43:37: Scanning -----VXD ENTRIES-----

************************************************************
22:43:37: Scanning ----- ContextMenuHandlers -----
Key:  PhotoStreamsExt
CLSID: {89D984B3-813B-406A-8298-118AFA3A22AE}
Path:  C:\Program Files (x86)\Common Files\Apple\Internet Services\ShellStreams.dll
C:\Program Files (x86)\Common Files\Apple\Internet Services\ShellStreams.dll
600392 bytes
Created:  20.11.2013 16:43
Modified: 20.11.2013 16:43
Company:  Apple Inc.
----------
Key:  TuneUp Shredder Shell Extension
CLSID: {4858E7D9-8E12-45a3-B6A3-1CD128C9D403}
Path:  D:\TuneUp Utilities 2011\SDShelEx-win32.dll
D:\TuneUp Utilities 2011\SDShelEx-win32.dll
30016 bytes
Created:  13.12.2011 10:29
Modified: 13.12.2011 10:29
Company:  TuneUp Software
----------
Key:  VersionsPageShellExt
CLSID: {9E42900A-85F9-4E67-9778-575FBBA0A81C}
Path:  D:\Acronis True Image_2011\versions_page.dll
D:\Acronis True Image_2011\versions_page.dll
128352 bytes
Created:  22.09.2011 23:22
Modified: 22.09.2011 23:22
Company:  Acronis
----------
Key:  {C539A15A-3AF9-4c92-B771-50CB78F5C751}
Path:  D:\Acronis True Image_2011\tishell.dll
D:\Acronis True Image_2011\tishell.dll
1030536 bytes
Created:  22.09.2011 23:21
Modified: 22.09.2011 23:21
Company:  Acronis
----------

************************************************************
22:43:37: Scanning ----- Folder\ColumnHandlers -----
Key:  {16148659-720A-457d-850B-2DBD87BB129D}
File: D:\Audible\Bin\AudibleExt.dll
D:\Audible\Bin\AudibleExt.dll
165208 bytes
Created:  09.04.2009 13:55
Modified: 09.04.2009 13:55
Company:  Audible, Inc.
----------

************************************************************
22:43:38: Scanning ----- 64-Bit ContextMenuHandlers -----
Key:  7-Zip
CLSID: {23170F69-40C1-278A-1000-000100020000}
Path:  D:\7-Zip\7-zip.dll
D:\7-Zip\7-zip.dll
86016 bytes
Created:  18.11.2010 22:08
Modified: 18.11.2010 22:08
Company:  Igor Pavlov
----------
Key:  PhotoStreamsExt
CLSID: {89D984B3-813B-406A-8298-118AFA3A22AE}
Path:  C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll
C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll
1242440 bytes
Created:  20.11.2013 16:43
Modified: 20.11.2013 16:43
Company:  Apple Inc.
----------
Key:  RXDCExtSvr
CLSID: {0FB82570-BB2D-23D3-8D3B-AC2F34F1FA3C}
Path:  C:\Program Files\Roxio\Virtual Drive 10\DC_ShellExt64.dll
C:\Program Files\Roxio\Virtual Drive 10\DC_ShellExt64.dll
145904 bytes
Created:  26.06.2009 12:31
Modified: 26.06.2009 12:31
Company:  Sonic Solutions
----------
Key:  TuneUp Shredder Shell Extension
CLSID: {4858E7D9-8E12-45a3-B6A3-1CD128C9D403}
Path:  D:\TuneUp Utilities 2011\SDShelEx-x64.dll
D:\TuneUp Utilities 2011\SDShelEx-x64.dll
28480 bytes
Created:  13.12.2011 10:29
Modified: 13.12.2011 10:29
Company:  TuneUp Software
----------
Key:  VersionsPageShellExt
CLSID: {9E42900A-85F9-4E67-9778-575FBBA0A81C}
Path:  D:\Acronis True Image_2011\x64\versions_page.dll
D:\Acronis True Image_2011\x64\versions_page.dll
142176 bytes
Created:  22.09.2011 23:22
Modified: 22.09.2011 23:22
Company:  Acronis
----------
Key:  {C539A15A-3AF9-4c92-B771-50CB78F5C751}
Path:  D:\Acronis True Image_2011\tishell64.dll
D:\Acronis True Image_2011\tishell64.dll
1246088 bytes
Created:  22.09.2011 23:22
Modified: 22.09.2011 23:22
Company:  Acronis
----------

************************************************************
22:43:38: Scanning ----- 64-Bit Folder\ColumnHandlers -----

************************************************************
22:43:38: Scanning ----- Browser Helper Objects -----
Key: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
BHO: D:\Java\bin\ssv.dll
D:\Java\bin\ssv.dll
462760 bytes
Created:  20.10.2013 13:37
Modified: 14.04.2014 20:11
Company:  Oracle Corporation
----------
Key: {DBC80044-A445-435b-BC74-9C25C1C588A9}
BHO: D:\Java\bin\jp2ssv.dll
D:\Java\bin\jp2ssv.dll
171944 bytes
Created:  20.10.2013 13:37
Modified: 14.04.2014 20:07
Company:  Oracle Corporation
----------

************************************************************
22:43:39: Scanning ----- 64-Bit Browser Helper Objects -----
Key: {9030D464-4C02-4ABF-8ECC-5164760863C6}
BHO: C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
529664 bytes
Created:  17.07.2012 15:17
Modified: 17.07.2012 15:17
Company:  Microsoft Corp.
----------

************************************************************
22:43:39: Scanning ----- ShellServiceObjectDelayLoad Entries -----

************************************************************
22:43:39: Scanning ----- 64-Bit ShellServiceObjectDelayLoad Entries -----

************************************************************
22:43:39: Scanning ----- ShellServiceObjects -----

************************************************************
22:43:42: Scanning ----- 64-Bit ShellServiceObjects -----

************************************************************
22:43:45: Scanning ----- SHAREDTASKSCHEDULER ENTRIES -----
No SharedTaskScheduler entries found to scan

************************************************************
22:43:45: Scanning ----- IMAGEFILE DEBUGGERS -----
Key = kies.exe
Image File Debugger details:
D:\TuneUp Utilities 2011\TUAutoReactivator64.exe
113472 bytes
Created:  13.12.2011 10:35
Modified: 13.12.2011 10:35
Company:  TuneUp Software
"D:\TuneUp Utilities 2011\TUAutoReactivator64.exe" - Debugger entry has been excluded from scanning
----------
Key = kiesagent.exe
Image File Debugger details:
D:\TuneUp Utilities 2011\TUAutoReactivator64.exe
113472 bytes
Created:  13.12.2011 10:35
Modified: 13.12.2011 10:35
Company:  TuneUp Software
"D:\TuneUp Utilities 2011\TUAutoReactivator64.exe" - Debugger entry has been excluded from scanning
----------
Key = setup.exe
Image File Debugger details:
D:\TuneUp Utilities 2011\TUAutoReactivator64.exe
113472 bytes
Created:  13.12.2011 10:35
Modified: 13.12.2011 10:35
Company:  TuneUp Software
"D:\TuneUp Utilities 2011\TUAutoReactivator64.exe" - Debugger entry has been excluded from scanning
----------

************************************************************
22:43:45: Scanning ----- APPINIT_DLLS -----
No AppInit_DLLs value found to check

************************************************************
22:43:45: Scanning ----- 64-Bit APPINIT_DLLS -----
No 64-Bit AppInit_DLLs value found to check

************************************************************
22:43:46: Scanning ----- SECURITY PROVIDER DLLS -----

************************************************************
22:43:46: Scanning ----- CREDENTIAL PROVIDERS -----

************************************************************
22:43:47: Scanning ------ COMMON STARTUP GROUP ------
[C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup]
The Common Startup Group attempts to load the following file(s) at boot time:
Audible Download Manager.lnk - links to D:\Audible\Bin\AUDIBL~1.EXE
D:\Audible\Bin\AUDIBL~1.EXE
2125472 bytes
Created:  14.03.2011 10:22
Modified: 14.03.2011 10:22
Company:  Audible, Inc.
--------------------
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-HS- 174 bytes
Created:  14.07.2009 06:54
Modified: 14.07.2009 06:54
Company:  [no info]
--------------------

************************************************************
22:43:48: Scanning ----- USER STARTUP GROUPS -----
Checking Startup Group for: sauterch
[C:\Users\sauterch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup]
C:\Users\sauterch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-HS- 174 bytes
Created:  30.12.2010 22:36
Modified: 15.05.2014 18:17
Company:  [no info]
----------
--------------------

************************************************************
22:43:48: Scanning ----- SCHEDULED TASKS -----
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
[INCOMPLETE SCAN LOG RECOVERED]
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

======================================
[INCOMPLETE SCAN LOG RECOVERED]
======================================
***** NORMAL SCAN FOR ACTIVE MALWARE *****
Trojan Remover Ver 6.9.1.2931. For information, email support@simplysup.com
[Registered to: sauterch@yahoo.de]
Scan started at: 22:34:52 15 Jul 2014
Using Database v8420
Operating System:  Windows 7 x64 Home Premium (SP1) [Build: 6.1.7601]
File System:      NTFS
User Account Control is Enabled
[Secure Desktop Prompt is DISABLED]
UserData directory: C:\Users\sauterch\AppData\Roaming\Simply Super Software\Trojan Remover\
Database directory: C:\ProgramData\Simply Super Software\Trojan Remover\Data\
Logfile directory:  C:\Users\sauterch\Documents\Simply Super Software\Trojan Remover Logfiles\
Program directory:  D:\Trojan Remover\
Running with Administrator privileges

************************************************************
22:34:52: ----- Checking Default File Associations -----
No modified default file associations detected

************************************************************
22:34:52: ----- SCANNING FOR ROOTKIT SERVICES -----
No hidden Services were detected.

************************************************************
22:34:53: Scanning ----- Windows Registry -----
--------------------
Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
This key's "Shell" value calls the following program(s):
Key value: [explorer.exe]
File: C:\Windows\Explorer.exe
C:\Windows\Explorer.exe
2871808 bytes
Created:  27.04.2011 18:56
Modified: 25.02.2011 08:19
Company:  Microsoft Corporation
----------
This key's "Userinit" value calls the following program(s):
Key value: [C:\Windows\system32\userinit.exe,]
File: C:\Windows\system32\userinit.exe
C:\Windows\System32\userinit.exe
30720 bytes
Created:  27.04.2011 22:51
Modified: 20.11.2010 15:25
Company:  Microsoft Corporation
----------
--------------------
Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value Name: [TrojanScanner]
Value Data: [D:\Trojan Remover\Trjscan.exe /boot]
D:\Trojan Remover\Trjscan.exe
1666432 bytes
Created:  25.08.2013 20:52
Modified: 05.06.2014 21:46
Company:  Simply Super Software
--------------------
Value Name: [IMSS]
Value Data: ["C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"]
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
111640 bytes
Created:  31.12.2010 12:38
Modified: 30.09.2009 20:02
Company: 
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
This Registry key appears to be empty
--------------------
Checking HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Value Name: [Sidebar]
Value Data: [C:\Program Files\Windows Sidebar\sidebar.exe /autoRun]
C:\Program Files\Windows Sidebar\sidebar.exe
1475584 bytes
Created:  27.04.2011 22:52
Modified: 20.11.2010 15:25
Company:  Microsoft Corporation
--------------------
Value Name: [ctfmon.exe]
Value Data: ["C:\Windows\system32\ctfmon.exe"]
C:\Windows\SysWoW64\ctfmon.exe
8704 bytes
Created:  14.07.2009 01:26
Modified: 14.07.2009 03:14
Company:  Microsoft Corporation
--------------------
Value Name: []
Value Data: [D:\Kies\Kies\External\FirmwareUpdate\KiesPDLR.exe Run                                                                                                                                                                                                                    ]
D:\Kies\Kies\External\FirmwareUpdate\KiesPDLR.exe
845120 bytes
Created:  29.11.2011 21:58
Modified: 14.02.2014 14:55
Company:  Samsung
--------------------
Value Name: [AVMUSBFernanschluss]
Value Data: ["C:\Users\sauterch\AppData\Local\Apps\2.0\N7JC67JJ.28D\EXZ09BGP.07J\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\AVMAutoStart.exe"]
C:\Users\sauterch\AppData\Local\Apps\2.0\N7JC67JJ.28D\EXZ09BGP.07J\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\AVMAutoStart.exe
139264 bytes
Created:  30.12.2013 20:34
Modified: 30.12.2013 20:34
Company:  AVM Berlin
--------------------
Checking HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
This Registry key appears to be empty

************************************************************
22:34:54: Scanning ----- Windows 64-Bit Registry -----
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value Name: [Acronis Scheduler2 Service]
Value Data: ["C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"]
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
391240 bytes
Created:  06.12.2010 07:55
Modified: 06.12.2010 07:55
Company:  Acronis
--------------------
Value Name: [EvtMgr6]
Value Data: [D:\Logitech\SetPointP\SetPoint.exe /launchGaming]
D:\Logitech\SetPointP\SetPoint.exe
1744152 bytes
Created:  07.10.2011 11:38
Modified: 07.10.2011 11:38
Company:  Logitech, Inc.
--------------------
Value Name: [ShadowPlay]
Value Data: [C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart]
C:\Windows\System32\nvspcap64.dll
1279480 bytes
Created:  05.06.2014 10:21
Modified: 30.05.2014 01:07
Company:  NVIDIA Corporation
--------------------
Value Name: [NvBackend]
Value Data: ["C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"]
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
2352072 bytes
Created:  05.06.2014 10:21
Modified: 30.05.2014 01:35
Company:  NVIDIA Corporation
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
This Registry key appears to be empty

************************************************************
22:34:55: Scanning -----SHELLEXECUTEHOOKS-----
ShellExecuteHooks key is empty

************************************************************
22:34:55: Scanning -----HIDDEN REGISTRY ENTRIES-----
Taskdir check completed
----------
No Hidden File-loading Registry Entries found
----------

************************************************************
22:34:55: Scanning -----ACTIVE SCREENSAVER-----
ScreenSaver: C:\Windows\CSS.scr
C:\Windows\CSS.scr
371712 bytes
Created:  08.01.2008 13:37
Modified: 08.01.2008 13:37
Company:  ABF software, Inc.
--------------------

************************************************************
22:34:55: Scanning ----- REGISTRY ACTIVE SETUP KEYS -----
Key:  {2D46B6DC-2207-486B-B523-A557E6D54B47}
Path: C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
C:\Windows\SysWoW64\ie4uinit.exe - [file not found to scan]
----------

************************************************************
22:34:55: Scanning ----- SERVICEDLL REGISTRY KEYS -----
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
[INCOMPLETE SCAN LOG RECOVERED]
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

***** NORMAL SCAN FOR ACTIVE MALWARE *****
Trojan Remover Ver 6.9.1.2629. For information, email support@simplysup.com
[Registered to: sauterch@yahoo.de]
Scan started at: 22:50:00 03 Apr 2014
Using Database v8344
Operating System:  Windows 7 x64 Home Premium (SP1) [Build: 6.1.7601]
File System:      NTFS
User Account Control is Enabled
[Secure Desktop Prompt is DISABLED]
UserData directory: C:\Users\sauterch\AppData\Roaming\Simply Super Software\Trojan Remover\
Database directory: C:\ProgramData\Simply Super Software\Trojan Remover\Data\
Logfile directory:  C:\Users\sauterch\Documents\Simply Super Software\Trojan Remover Logfiles\
Program directory:  D:\Trojan Remover\
Running with Administrator privileges

************************************************************
22:50:01: ----- Checking Default File Associations -----
No modified default file associations detected

************************************************************
22:50:01: ----- SCANNING FOR ROOTKIT SERVICES -----
No hidden Services were detected.

************************************************************
22:50:01: Scanning ----- Windows Registry -----
--------------------
Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
This key's "Shell" value calls the following program(s):
Key value: [explorer.exe]
File: C:\Windows\Explorer.exe
C:\Windows\Explorer.exe
2871808 bytes
Created:  27.04.2011 18:56
Modified: 25.02.2011 08:19
Company:  Microsoft Corporation
----------
This key's "Userinit" value calls the following program(s):
Key value: [C:\Windows\system32\userinit.exe,]
File: C:\Windows\system32\userinit.exe
C:\Windows\System32\userinit.exe
30720 bytes
Created:  27.04.2011 22:51
Modified: 20.11.2010 15:25
Company:  Microsoft Corporation
----------
--------------------
Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value Name: [G Data AntiVirus Tray Application]
Value Data: [D:\GData\AVKTray\AVKTray.exe]
D:\GData\AVKTray\AVKTray.exe
1035216 bytes
Created:  22.02.2013 23:08
Modified: 09.01.2013 14:01
Company:  G Data Software AG
--------------------
Value Name: [GDFirewallTray]
Value Data: [D:\GData\Firewall\GDFirewallTray.exe]
D:\GData\Firewall\GDFirewallTray.exe
1475096 bytes
Created:  08.01.2013 13:21
Modified: 29.11.2012 06:20
Company:  G Data Software AG
--------------------
Value Name: [TrojanScanner]
Value Data: [D:\Trojan Remover\Trjscan.exe /boot]
D:\Trojan Remover\Trjscan.exe
1661856 bytes
Created:  25.08.2013 20:52
Modified: 23.02.2014 20:04
Company:  Simply Super Software
--------------------
Value Name: [IMSS]
Value Data: ["C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"]
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
111640 bytes
Created:  31.12.2010 12:38
Modified: 30.09.2009 20:02
Company: 
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
This Registry key appears to be empty
--------------------
Checking HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Value Name: [Sidebar]
Value Data: [C:\Program Files\Windows Sidebar\sidebar.exe /autoRun]
C:\Program Files\Windows Sidebar\sidebar.exe
1475584 bytes
Created:  27.04.2011 22:52
Modified: 20.11.2010 15:25
Company:  Microsoft Corporation
--------------------
Value Name: [ctfmon.exe]
Value Data: ["C:\Windows\system32\ctfmon.exe"]
C:\Windows\SysWoW64\ctfmon.exe
8704 bytes
Created:  14.07.2009 01:26
Modified: 14.07.2009 03:14
Company:  Microsoft Corporation
--------------------
Value Name: []
Value Data: [D:\Kies\Kies\External\FirmwareUpdate\KiesPDLR.exe Run]
D:\Kies\Kies\External\FirmwareUpdate\KiesPDLR.exe
845120 bytes
Created:  29.11.2011 21:58
Modified: 14.02.2014 14:55
Company:  Samsung
--------------------
Value Name: [AVMUSBFernanschluss]
Value Data: ["C:\Users\sauterch\AppData\Local\Apps\2.0\N7JC67JJ.28D\EXZ09BGP.07J\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\AVMAutoStart.exe"]
C:\Users\sauterch\AppData\Local\Apps\2.0\N7JC67JJ.28D\EXZ09BGP.07J\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\AVMAutoStart.exe
139264 bytes
Created:  30.12.2013 20:34
Modified: 30.12.2013 20:34
Company:  AVM Berlin
--------------------
Checking HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
Value Name: [Uninstall C:\Users\sauterch\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64]
Value Data: [C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\sauterch\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64"]
rmdir /s /q C:\Users\sauterch\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64 - [file not found to scan]

************************************************************
22:50:02: Scanning ----- Windows 64-Bit Registry -----
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value Name: [Acronis Scheduler2 Service]
Value Data: ["C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"]
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
391240 bytes
Created:  06.12.2010 07:55
Modified: 06.12.2010 07:55
Company:  Acronis
--------------------
Value Name: [EvtMgr6]
Value Data: [D:\Logitech\SetPointP\SetPoint.exe /launchGaming]
D:\Logitech\SetPointP\SetPoint.exe
1744152 bytes
Created:  07.10.2011 11:38
Modified: 07.10.2011 11:38
Company:  Logitech, Inc.
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
This Registry key appears to be empty

************************************************************
22:50:03: Scanning -----SHELLEXECUTEHOOKS-----
ShellExecuteHooks key is empty

************************************************************
22:50:03: Scanning -----HIDDEN REGISTRY ENTRIES-----
Taskdir check completed
----------
No Hidden File-loading Registry Entries found
----------

************************************************************
22:50:03: Scanning -----ACTIVE SCREENSAVER-----
ScreenSaver: C:\Windows\KAMINF~1.SCR
C:\Windows\KAMINF~1.SCR
14257664 bytes
Created:  02.02.2014 16:07
Modified: 21.05.2013 20:03
Company:  Jochen Moschko
--------------------

************************************************************
22:50:03: Scanning ----- REGISTRY ACTIVE SETUP KEYS -----
Key:  {2D46B6DC-2207-486B-B523-A557E6D54B47}
Path: C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
C:\Windows\SysWoW64\ie4uinit.exe - [file not found to scan]
----------

************************************************************
22:50:03: Scanning ----- SERVICEDLL REGISTRY KEYS -----
Key:  UxTuneUp
Path: %SystemRoot%\System32\uxtuneup.dll
C:\Windows\System32\uxtuneup.dll
36160 bytes
Created:  15.01.2011 17:11
Modified: 13.12.2011 10:29
Company:  TuneUp Software
----------
Key:  wuauserv
Path: C:\Windows\system32\wuaueng.dll
C:\Windows\System32\wuaueng.dll
2428952 bytes
Created:  22.06.2012 18:39
Modified: 03.06.2012 00:19
Company:  Microsoft Corporation
----------

************************************************************

sauterch 30.07.2014 20:10
Trojan Remover Logfiles

Code:
22:50:12: Scanning ----- SERVICES REGISTRY KEYS -----
Key:      AAV UpdateService
ImagePath: D:\Steuer-Spar-Erklaerung\AAVUpdateManager\aavus.exe
D:\Steuer-Spar-Erklaerung\AAVUpdateManager\aavus.exe
128296 bytes
Created:  24.10.2008 16:35
Modified: 24.10.2008 16:35
Company: 
----------
Key:      AcrSch2Svc
ImagePath: "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe"
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
1112744 bytes
Created:  06.12.2010 07:55
Modified: 06.12.2010 07:55
Company:  Acronis
----------
Key:      amdsata
ImagePath: \SystemRoot\system32\drivers\amdsata.sys
C:\Windows\System32\drivers\amdsata.sys
107904 bytes
Created:  27.04.2011 18:56
Modified: 11.03.2011 08:41
Company:  Advanced Micro Devices
----------
Key:      Apple Mobile Device
ImagePath: "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
43336 bytes
Created:  12.02.2014 17:50
Modified: 12.02.2014 17:50
Company:  Apple Inc.
----------
Key:      AVKProxy
ImagePath: "C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe"
C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
1548312 bytes
Created:  08.01.2013 13:21
Modified: 29.11.2012 05:49
Company:  G Data Software AG
----------
Key:      AVKService
ImagePath: "D:\GData\AVK\AVKService.exe"
D:\GData\AVK\AVKService.exe
469016 bytes
Created:  08.01.2013 13:21
Modified: 29.11.2012 05:47
Company:  G Data Software AG
----------
Key:      AVKWCtl
ImagePath: "D:\GData\AVK\AVKWCtlX64.exe"
D:\GData\AVK\AVKWCtlX64.exe
2012592 bytes
Created:  08.01.2013 13:21
Modified: 29.11.2012 06:08
Company:  G Data Software AG
----------
Key:      avmaudio
ImagePath: system32\DRIVERS\avmaudio.sys
C:\Windows\System32\DRIVERS\avmaudio.sys
116096 bytes
Created:  08.01.2011 21:23
Modified: 08.01.2011 21:23
Company:  AVM Berlin
----------
Key:      avmaura
ImagePath: system32\DRIVERS\avmaura.sys
C:\Windows\System32\DRIVERS\avmaura.sys
116480 bytes
Created:  22.12.2012 11:27
Modified: 22.12.2012 11:26
Company:  AVM Berlin
----------
Key:      Bonjour Service
ImagePath: "C:\Program Files\Bonjour\mDNSResponder.exe"
C:\Program Files\Bonjour\mDNSResponder.exe
462184 bytes
Created:  30.08.2011 23:05
Modified: 30.08.2011 23:05
Company:  Apple Inc.
----------
Key:      CLKMSVC10_C19A2874
ImagePath: "D:\Cyberlink PowerDVD\PowerDVD9\NavFilter\kmsvc.exe" /svc
D:\Cyberlink PowerDVD\PowerDVD9\NavFilter\kmsvc.exe
247768 bytes
Created:  03.04.2013 16:07
Modified: 03.04.2013 16:07
Company:  CyberLink
----------
Key:      clr_optimization_v2.0.50727_32
ImagePath: %systemroot%\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
66384 bytes
Created:  13.07.2009 22:46
Modified: 10.06.2009 23:23
Company:  Microsoft Corporation
----------
Key:      COMSysApp
ImagePath: %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
C:\Windows\System32\dllhost.exe
9728 bytes
Created:  14.07.2009 01:59
Modified: 14.07.2009 03:39
Company:  Microsoft Corporation
----------
Key:      cvhsvc
ImagePath: "C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
822504 bytes
Created:  22.04.2013 10:02
Modified: 22.04.2013 10:02
Company:  Microsoft Corporation
----------
Key:      dg_ssudbus
ImagePath: system32\DRIVERS\ssudbus.sys
C:\Windows\System32\DRIVERS\ssudbus.sys
109056 bytes
Created:  01.04.2014 22:06
Modified: 19.03.2014 03:27
Company:  DEVGURU Co., LTD.(www.devguru.co.kr)
----------
Key:      Filetrace
ImagePath: system32\drivers\filetrace.sys
C:\Windows\System32\drivers\filetrace.sys
34304 bytes
Created:  14.07.2009 01:25
Modified: 14.07.2009 01:25
Company:  Microsoft Corporation
----------
Key:      FLEXnet Licensing Service
ImagePath: "C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe"
C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
1045256 bytes
Created:  06.01.2011 13:00
Modified: 06.01.2011 13:00
Company:  Acresso Software Inc.
----------
Key:      flpydisk
ImagePath: \SystemRoot\system32\DRIVERS\flpydisk.sys
C:\Windows\System32\DRIVERS\flpydisk.sys
24576 bytes
Created:  14.07.2009 02:00
Modified: 14.07.2009 02:00
Company:  Microsoft Corporation
----------
Key:      FsUsbExDisk
ImagePath: \??\C:\Windows\SysWOW64\FsUsbExDisk.SYS
C:\Windows\SysWOW64\FsUsbExDisk.SYS
37344 bytes
Created:  22.02.2013 23:17
Modified: 05.02.2013 10:54
Company:  [no info]
----------
Key:      Garmin Core Update Service
ImagePath: "D:\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe"
D:\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
250712 bytes
Created:  30.12.2013 10:05
Modified: 30.12.2013 10:05
Company:  Garmin Ltd or its subsidiaries
----------
Key:      GDBehave
ImagePath: system32\drivers\GDBehave.sys
C:\Windows\System32\drivers\GDBehave.sys
54176 bytes
Created:  31.12.2010 12:25
Modified: 08.01.2013 13:21
Company:  G Data Software AG
----------
Key:      GDFwSvc
ImagePath: "D:\GData\Firewall\GDFwSvcx64.exe"
D:\GData\Firewall\GDFwSvcx64.exe
2377736 bytes
Created:  08.01.2013 13:21
Modified: 29.11.2012 06:14
Company:  G Data Software AG
----------
Key:      GDMnIcpt
ImagePath: \??\C:\Windows\system32\drivers\MiniIcpt.sys
C:\Windows\System32\drivers\MiniIcpt.sys
126880 bytes
Created:  31.12.2010 12:24
Modified: 08.01.2013 13:21
Company:  G Data Software AG
----------
Key:      GdNetMon
ImagePath: \??\C:\Windows\system32\drivers\GdNetMon64.sys
C:\Windows\System32\drivers\GdNetMon64.sys
31608 bytes
Created:  31.10.2011 23:38
Modified: 31.10.2011 23:38
Company:  G Data Software AG
----------
Key:      GDPkIcpt
ImagePath: \??\C:\Windows\system32\drivers\PktIcpt.sys
C:\Windows\System32\drivers\PktIcpt.sys
62368 bytes
Created:  31.12.2010 12:25
Modified: 08.01.2013 13:23
Company:  G Data Software AG
----------
Key:      GDScan
ImagePath: "C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe"
C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
470008 bytes
Created:  17.08.2012 16:29
Modified: 29.03.2012 04:42
Company:  G Data Software AG
----------
Key:      gdwfpcd
ImagePath: system32\drivers\gdwfpcd64.sys
C:\Windows\System32\drivers\gdwfpcd64.sys
65008 bytes
Created:  31.12.2010 12:24
Modified: 22.02.2013 23:08
Company:  G Data Software AG
----------
Key:      GRD
ImagePath: \??\C:\Windows\system32\drivers\GRD.sys
C:\Windows\System32\drivers\GRD.sys
106648 bytes
Created:  31.12.2010 13:21
Modified: 01.09.2012 13:15
Company:  G Data Software
----------
Key:      gusvc
ImagePath: "C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe"
C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
136120 bytes
Created:  04.01.2011 22:06
Modified: 11.06.2010 02:40
Company:  Google
----------
Key:      HECIx64
ImagePath: system32\DRIVERS\HECIx64.sys
C:\Windows\System32\DRIVERS\HECIx64.sys
56344 bytes
Created:  31.12.2010 12:37
Modified: 17.09.2009 13:54
Company:  Intel Corporation
----------
Key:      HookCentre
ImagePath: \??\C:\Windows\system32\drivers\HookCentre.sys
C:\Windows\System32\drivers\HookCentre.sys
64416 bytes
Created:  31.10.2011 23:38
Modified: 22.02.2013 23:08
Company:  G Data Software AG
----------
Key:      idsvc
ImagePath: "%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe"
C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
856400 bytes
Created:  27.04.2011 22:51
Modified: 05.11.2010 03:52
Company:  Microsoft Corporation
----------
Key:      IEEtwCollectorService
ImagePath: %SystemRoot%\system32\IEEtwCollector.exe /V
C:\Windows\System32\IEEtwCollector.exe
111616 bytes
Created:  12.03.2014 18:23
Modified: 01.03.2014 06:33
Company:  Microsoft Corporation
----------
Key:      IGDCTRL
ImagePath: "C:\Program Files\FRITZ!DSL\IGDCTRL.EXE"
C:\Program Files\FRITZ!DSL\IGDCTRL.EXE
88888 bytes
Created:  28.07.2009 17:10
Modified: 28.07.2009 17:10
Company:  AVM Berlin
----------
Key:      IntcAzAudAddService
ImagePath: system32\drivers\RTKVHD64.sys
C:\Windows\System32\drivers\RTKVHD64.sys
2009376 bytes
Created:  27.08.2013 20:41
Modified: 06.10.2009 19:51
Company:  Realtek Semiconductor Corp.
----------
Key:      iPod Service
ImagePath: "C:\Program Files\iPod\bin\iPodService.exe"
C:\Program Files\iPod\bin\iPodService.exe
641352 bytes
Created:  21.02.2014 04:54
Modified: 21.02.2014 04:54
Company:  Apple Inc.
----------
Key:      k57nd60a
ImagePath: system32\DRIVERS\k57nd60a.sys
C:\Windows\System32\DRIVERS\k57nd60a.sys
321064 bytes
Created:  16.10.2009 03:32
Modified: 16.10.2009 03:32
Company:  Broadcom Corporation
----------
Key:      LBTServ
ImagePath: C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
359192 bytes
Created:  27.09.2011 21:04
Modified: 27.09.2011 21:04
Company:  Logitech, Inc.
----------
Key:      LMS
ImagePath: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
268824 bytes
Created:  31.12.2010 12:38
Modified: 30.09.2009 20:02
Company:  Intel Corporation
----------
Key:      LUsbFilt
ImagePath: System32\Drivers\LUsbFilt.Sys
C:\Windows\System32\Drivers\LUsbFilt.Sys
42776 bytes
Created:  02.09.2011 08:30
Modified: 02.09.2011 08:30
Company:  Logitech, Inc.
----------
Key:      lvpepf64
ImagePath: system32\DRIVERS\lv302a64.sys
C:\Windows\System32\DRIVERS\lv302a64.sys
15768 bytes
Created:  26.07.2008 16:22
Modified: 26.07.2008 16:22
Company:  Logitech Inc.
----------
Key:      LVRS64
ImagePath: system32\DRIVERS\lvrs64.sys
C:\Windows\System32\DRIVERS\lvrs64.sys
790424 bytes
Created:  26.07.2008 16:25
Modified: 26.07.2008 16:25
Company:  Logitech Inc.
----------
Key:      LVUSBS64
ImagePath: system32\drivers\LVUSBS64.sys
C:\Windows\System32\drivers\LVUSBS64.sys
50072 bytes
Created:  26.07.2008 16:26
Modified: 26.07.2008 16:26
Company:  Logitech Inc.
----------
Key:      MozillaMaintenance
ImagePath: "C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe"
C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
117656 bytes
Created:  22.08.2013 19:50
Modified: 14.08.2013 19:55
Company:  Mozilla Foundation
----------
Key:      NvStreamSvc
ImagePath: "C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
14997280 bytes
Created:  09.09.2013 22:35
Modified: 27.08.2013 23:17
Company:  NVIDIA Corporation
----------
Key:      nvUpdatusService
ImagePath: "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
2155296 bytes
Created:  09.09.2013 22:29
Modified: 27.08.2013 23:16
Company:  NVIDIA Corporation
----------
Key:      nvvad_WaveExtensible
ImagePath: system32\drivers\nvvad64v.sys
C:\Windows\System32\drivers\nvvad64v.sys
39200 bytes
Created:  09.09.2013 22:35
Modified: 20.08.2013 15:33
Company:  NVIDIA Corporation
----------
Key:      PID_PEPI
ImagePath: system32\DRIVERS\LV302V64.SYS
C:\Windows\System32\DRIVERS\LV302V64.SYS
2624408 bytes
Created:  26.07.2008 16:22
Modified: 26.07.2008 16:22
Company:  Logitech Inc.
----------
Key:      rdpbus
ImagePath: \SystemRoot\system32\DRIVERS\rdpbus.sys
C:\Windows\System32\DRIVERS\rdpbus.sys
24064 bytes
Created:  14.07.2009 02:17
Modified: 14.07.2009 02:17
Company:  Microsoft Corporation
----------
Key:      RoxMediaDB10
ImagePath: "C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe"
C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
1124848 bytes
Created:  26.06.2009 12:19
Modified: 26.06.2009 12:19
Company:  Sonic Solutions
----------
Key:      RxFilter
ImagePath: system32\DRIVERS\RxFilter.sys
C:\Windows\System32\DRIVERS\RxFilter.sys - [file not found to scan]
----------
Key:      Serial
ImagePath: \SystemRoot\system32\DRIVERS\serial.sys
C:\Windows\System32\DRIVERS\serial.sys
94208 bytes
Created:  14.07.2009 02:00
Modified: 14.07.2009 02:00
Company:  Brother Industries Ltd.
----------
Key:      SessionLauncher
ImagePath: C:\Users\sauterch\AppData\Local\Temp\DX9\SessionLauncher.exe
C:\Users\sauterch\AppData\Local\Temp\DX9\SessionLauncher.exe - [file not found to scan]
----------
Key:      Sftfs
ImagePath: system32\DRIVERS\Sftfslh.sys
C:\Windows\System32\DRIVERS\Sftfslh.sys
767144 bytes
Created:  26.06.2013 19:21
Modified: 26.06.2013 19:21
Company:  Microsoft Corporation
----------
Key:      sftlist
ImagePath: "C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
523944 bytes
Created:  26.06.2013 19:21
Modified: 26.06.2013 19:21
Company:  Microsoft Corporation
----------
Key:      Sftplay
ImagePath: system32\DRIVERS\Sftplaylh.sys
C:\Windows\System32\DRIVERS\Sftplaylh.sys
273576 bytes
Created:  26.06.2013 19:21
Modified: 26.06.2013 19:21
Company:  Microsoft Corporation
----------
Key:      Sftredir
ImagePath: system32\DRIVERS\Sftredirlh.sys
C:\Windows\System32\DRIVERS\Sftredirlh.sys
28840 bytes
Created:  26.06.2013 19:21
Modified: 26.06.2013 19:21
Company:  Microsoft Corporation
----------
Key:      Sftvol
ImagePath: system32\DRIVERS\Sftvollh.sys
C:\Windows\System32\DRIVERS\Sftvollh.sys
23208 bytes
Created:  26.06.2013 19:21
Modified: 26.06.2013 19:21
Company:  Microsoft Corporation
----------
Key:      sftvsa
ImagePath: "C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
207528 bytes
Created:  26.06.2013 19:21
Modified: 26.06.2013 19:21
Company:  Microsoft Corporation
----------
Key:      SkypeUpdate
ImagePath: D:\Skype\Updater\Updater.exe
D:\Skype\Updater\Updater.exe
-R- 172192 bytes
Created:  23.10.2013 09:15
Modified: 23.10.2013 09:15
Company:  Skype Technologies
----------
Key:      ssudmdm
ImagePath: system32\DRIVERS\ssudmdm.sys
C:\Windows\System32\DRIVERS\ssudmdm.sys
206080 bytes
Created:  01.04.2014 22:06
Modified: 19.03.2014 03:27
Company:  DEVGURU Co., LTD.(www.devguru.co.kr)
----------
Key:      stllssvr
ImagePath: "C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe"
C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
-R- 74392 bytes
Created:  30.04.2009 13:59
Modified: 30.04.2009 13:59
Company:  MicroVision Development, Inc.
----------
Key:      TuneUp.UtilitiesSvc
ImagePath: "D:\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe"
D:\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe
2028864 bytes
Created:  13.12.2011 10:34
Modified: 13.12.2011 10:34
Company:  TuneUp Software
----------
Key:      TuneUpUtilitiesDrv
ImagePath: \??\D:\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys
D:\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys
11856 bytes
Created:  29.11.2010 20:27
Modified: 29.11.2010 20:27
Company:  TuneUp Software
----------
Key:      UNS
ImagePath: "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
2320920 bytes
Created:  31.12.2010 12:38
Modified: 30.09.2009 20:02
Company:  Intel Corporation
----------
Key:      wbengine
ImagePath: "%systemroot%\system32\wbengine.exe"
C:\Windows\System32\wbengine.exe
1504256 bytes
Created:  27.04.2011 22:52
Modified: 20.11.2010 15:25
Company:  Microsoft Corporation
----------
Key:      WMPNetworkSvc
ImagePath: "%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe"
C:\Program Files\Windows Media Player\wmpnetwk.exe
1525248 bytes
Created:  27.04.2011 22:52
Modified: 20.11.2010 15:25
Company:  Microsoft Corporation
----------

************************************************************
22:50:44: Scanning -----VXD ENTRIES-----

************************************************************
22:50:44: Scanning ----- ContextMenuHandlers -----
Key:  PhotoStreamsExt
CLSID: {89D984B3-813B-406A-8298-118AFA3A22AE}
Path:  C:\Program Files (x86)\Common Files\Apple\Internet Services\ShellStreams.dll
C:\Program Files (x86)\Common Files\Apple\Internet Services\ShellStreams.dll
600392 bytes
Created:  20.11.2013 16:43
Modified: 20.11.2013 16:43
Company:  Apple Inc.
----------
Key:  TuneUp Shredder Shell Extension
CLSID: {4858E7D9-8E12-45a3-B6A3-1CD128C9D403}
Path:  D:\TuneUp Utilities 2011\SDShelEx-win32.dll
D:\TuneUp Utilities 2011\SDShelEx-win32.dll
30016 bytes
Created:  13.12.2011 10:29
Modified: 13.12.2011 10:29
Company:  TuneUp Software
----------
Key:  VersionsPageShellExt
CLSID: {9E42900A-85F9-4E67-9778-575FBBA0A81C}
Path:  D:\Acronis True Image_2011\versions_page.dll
D:\Acronis True Image_2011\versions_page.dll
128352 bytes
Created:  22.09.2011 23:22
Modified: 22.09.2011 23:22
Company:  Acronis
----------
Key:  {C539A15A-3AF9-4c92-B771-50CB78F5C751}
Path:  D:\Acronis True Image_2011\tishell.dll
D:\Acronis True Image_2011\tishell.dll
1030536 bytes
Created:  22.09.2011 23:21
Modified: 22.09.2011 23:21
Company:  Acronis
----------

************************************************************
22:50:44: Scanning ----- Folder\ColumnHandlers -----
No Folder\ColumnHandler entries found to scan

************************************************************
22:50:44: Scanning ----- 64-Bit ContextMenuHandlers -----
Key:  7-Zip
CLSID: {23170F69-40C1-278A-1000-000100020000}
Path:  D:\7-Zip\7-zip.dll
D:\7-Zip\7-zip.dll
86016 bytes
Created:  18.11.2010 22:08
Modified: 18.11.2010 22:08
Company:  Igor Pavlov
----------
Key:  AVK9CM
CLSID: {CAF4C320-32F5-11D3-A222-004095200FF2}
Path:  D:\GData\AVK\ShellExt64.dll
D:\GData\AVK\ShellExt64.dll
333848 bytes
Created:  17.08.2011 16:00
Modified: 21.05.2012 05:35
Company:  G Data Software AG
----------
Key:  PhotoStreamsExt
CLSID: {89D984B3-813B-406A-8298-118AFA3A22AE}
Path:  C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll
C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll
1242440 bytes
Created:  20.11.2013 16:43
Modified: 20.11.2013 16:43
Company:  Apple Inc.
----------
Key:  RXDCExtSvr
CLSID: {0FB82570-BB2D-23D3-8D3B-AC2F34F1FA3C}
Path:  C:\Program Files\Roxio\Virtual Drive 10\DC_ShellExt64.dll
C:\Program Files\Roxio\Virtual Drive 10\DC_ShellExt64.dll
145904 bytes
Created:  26.06.2009 12:31
Modified: 26.06.2009 12:31
Company:  Sonic Solutions
----------
Key:  TuneUp Shredder Shell Extension
CLSID: {4858E7D9-8E12-45a3-B6A3-1CD128C9D403}
Path:  D:\TuneUp Utilities 2011\SDShelEx-x64.dll
D:\TuneUp Utilities 2011\SDShelEx-x64.dll
28480 bytes
Created:  13.12.2011 10:29
Modified: 13.12.2011 10:29
Company:  TuneUp Software
----------
Key:  VersionsPageShellExt
CLSID: {9E42900A-85F9-4E67-9778-575FBBA0A81C}
Path:  D:\Acronis True Image_2011\x64\versions_page.dll
D:\Acronis True Image_2011\x64\versions_page.dll
142176 bytes
Created:  22.09.2011 23:22
Modified: 22.09.2011 23:22
Company:  Acronis
----------
Key:  {C539A15A-3AF9-4c92-B771-50CB78F5C751}
Path:  D:\Acronis True Image_2011\tishell64.dll
D:\Acronis True Image_2011\tishell64.dll
1246088 bytes
Created:  22.09.2011 23:22
Modified: 22.09.2011 23:22
Company:  Acronis
----------

************************************************************
22:50:45: Scanning ----- 64-Bit Folder\ColumnHandlers -----
No Folder\ColumnHandler entries found to scan

************************************************************
22:50:45: Scanning ----- Browser Helper Objects -----
Key: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
BHO: D:\Java\bin\ssv.dll
D:\Java\bin\ssv.dll
462760 bytes
Created:  20.10.2013 13:37
Modified: 18.12.2013 22:07
Company:  Oracle Corporation
----------
Key: {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC}
BHO: C:\Program Files (x86)\Common Files\G DATA\AVKProxy\BanksafeBHO.dll
C:\Program Files (x86)\Common Files\G DATA\AVKProxy\BanksafeBHO.dll
52728 bytes
Created:  10.08.2011 17:31
Modified: 27.01.2012 15:40
Company:  G Data Software AG
----------
Key: {DBC80044-A445-435b-BC74-9C25C1C588A9}
BHO: D:\Java\bin\jp2ssv.dll
D:\Java\bin\jp2ssv.dll
171944 bytes
Created:  20.10.2013 13:37
Modified: 18.12.2013 22:05
Company:  Oracle Corporation
----------

************************************************************
22:50:45: Scanning ----- 64-Bit Browser Helper Objects -----
Key: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
BHO: C:\Program Files\Java\jre7\bin\ssv.dll
C:\Program Files\Java\jre7\bin\ssv.dll
553384 bytes
Created:  20.10.2013 13:25
Modified: 20.10.2013 13:25
Company:  Oracle Corporation
----------
Key: {9030D464-4C02-4ABF-8ECC-5164760863C6}
BHO: C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
529664 bytes
Created:  17.07.2012 15:17
Modified: 17.07.2012 15:17
Company:  Microsoft Corp.
----------
Key: {DBC80044-A445-435b-BC74-9C25C1C588A9}
BHO: C:\Program Files\Java\jre7\bin\jp2ssv.dll
C:\Program Files\Java\jre7\bin\jp2ssv.dll
210856 bytes
Created:  20.10.2013 13:25
Modified: 20.10.2013 13:25
Company:  Oracle Corporation
----------

************************************************************
22:50:45: Scanning ----- ShellServiceObjectDelayLoad Entries -----

************************************************************
22:50:45: Scanning ----- 64-Bit ShellServiceObjectDelayLoad Entries -----

************************************************************
22:50:45: Scanning ----- ShellServiceObjects -----

************************************************************
22:50:48: Scanning ----- 64-Bit ShellServiceObjects -----

************************************************************
22:50:50: Scanning ----- SHAREDTASKSCHEDULER ENTRIES -----
No SharedTaskScheduler entries found to scan

************************************************************
22:50:50: Scanning ----- IMAGEFILE DEBUGGERS -----
No "Debugger" entries found.

************************************************************
22:50:50: Scanning ----- APPINIT_DLLS -----
No AppInit_DLLs value found to check

************************************************************
22:50:50: Scanning ----- 64-Bit APPINIT_DLLS -----
No AppInit_DLLs value found to check

************************************************************
22:50:51: Scanning ----- SECURITY PROVIDER DLLS -----

************************************************************
22:50:51: Scanning ----- CREDENTIAL PROVIDERS -----

************************************************************
22:50:52: Scanning ------ COMMON STARTUP GROUP ------
[C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup]
The Common Startup Group attempts to load the following file(s) at boot time:
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-HS- 174 bytes
Created:  14.07.2009 06:54
Modified: 14.07.2009 06:54
Company:  [no info]
--------------------

************************************************************
22:50:52: Scanning ----- USER STARTUP GROUPS -----
Checking Startup Group for: sauterch
[C:\Users\sauterch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup]
C:\Users\sauterch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-HS- 174 bytes
Created:  30.12.2010 22:36
Modified: 15.09.2013 21:53
Company:  [no info]
----------
--------------------

************************************************************
22:50:52: Scanning ----- SCHEDULED TASKS -----
Taskname:      {00713CB9-7ED8-4245-BF9E-CC03CC38DF87}
File:          d:\mozilla firefox\firefox.exe
d:\mozilla firefox\firefox.exe
275568 bytes
Created:  31.03.2014 21:47
Modified: 31.03.2014 21:47
Company:  Mozilla Corporation
Parameters:    hxxp://ui.skype.com/ui/0/5.1.0.112/en/abandoninstall?page=tsMain&installinfo=google-toolbar:notoffered;ienotdefaultbrowser2,google-chrome:notoffered;alreadyoffered
Schedule:      At task creation/modification
Next Run Time:
Status:        Ready
Creator:      SkypeSetup
Comments:     
----------
Taskname:      {055FCA50-8DE4-4486-B42F-147BF36C5FC7}
File:          d:\mozilla firefox\firefox.exe
d:\mozilla firefox\firefox.exe
275568 bytes
Created:  31.03.2014 21:47
Modified: 31.03.2014 21:47
Company:  Mozilla Corporation
Parameters:    hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Schedule:      At task creation/modification
Next Run Time:
Status:        Ready
Creator:      SkypeSetup
Comments:     
----------
Taskname:      {400197BC-65DC-41D5-945A-2EF9298838F1}
File:          d:\mozilla firefox\firefox.exe
d:\mozilla firefox\firefox.exe
275568 bytes
Created:  31.03.2014 21:47
Modified: 31.03.2014 21:47
Company:  Mozilla Corporation
Parameters:    hxxp://ui.skype.com/ui/0/5.10.0.115/de/go/help.faq.installer?LastError=1603
Schedule:      At task creation/modification
Next Run Time:
Status:        Ready
Creator:      SkypeSetup
Comments:     
----------
Taskname:      {5C00BB8D-3F7F-4CA2-8BC1-AD073F5AD5FD}
File:          C:\Program Files (x86)\Skype\Phone\Skype.exe
Schedule:      At task creation/modification
Next Run Time:
Status:        Ready
Creator:      SkypeSetup
Comments:     
C:\Program Files (x86)\Skype\Phone\Skype.exe - [file not found to scan]
----------
Taskname:      {5DB2831F-AD6A-4A83-9274-E33CF6B93952}
File:          d:\mozilla firefox\firefox.exe
d:\mozilla firefox\firefox.exe
275568 bytes
Created:  31.03.2014 21:47
Modified: 31.03.2014 21:47
Company:  Mozilla Corporation
Parameters:    hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?source=lightinstaller&LastError=1603
Schedule:      At task creation/modification
Next Run Time:
Status:        Ready
Creator:      SkypeSetupLight
Comments:     
----------
Taskname:      {8356B895-1E2D-4985-90C0-600205F330C9}
File:          C:\Program Files (x86)\Common Files\Roxio Shared\10.0\Roxio Central36\Main\Roxio_Central36.exe
C:\Program Files (x86)\Common Files\Roxio Shared\10.0\Roxio Central36\Main\Roxio_Central36.exe
2677232 bytes
Created:  22.06.2009 12:36
Modified: 22.06.2009 12:36
Company: 
Schedule:      At task creation/modification
Next Run Time:
Status:        Ready
Creator:     
Comments:     
----------
Taskname:      {DD5500C3-E770-42ED-99DC-084BABEC91FA}
File:          d:\mozilla firefox\firefox.exe
d:\mozilla firefox\firefox.exe
275568 bytes
Created:  31.03.2014 21:47
Modified: 31.03.2014 21:47
Company:  Mozilla Corporation
Parameters:    hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Schedule:      At task creation/modification
Next Run Time:
Status:        Ready
Creator:      SkypeSetup
Comments:     
----------
Taskname:      {E41299EE-6113-4D8D-BDEC-716F782CDE0E}
File:          d:\mozilla firefox\firefox.exe
d:\mozilla firefox\firefox.exe
275568 bytes
Created:  31.03.2014 21:47
Modified: 31.03.2014 21:47
Company:  Mozilla Corporation
Parameters:    hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Schedule:      At task creation/modification
Next Run Time:
Status:        Ready
Creator:      SkypeSetup
Comments:     
----------
Taskname:      Adobe Flash Player Updater
File:          C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
257928 bytes
Created:  07.03.2013 17:27
Modified: 12.03.2014 22:25
Company:  Adobe Systems Incorporated
Schedule:      At 01:25:00 every day
Next Run Time: 03.04.2014 23:25:00
Status:        Ready
Creator:      Adobe Systems Incorporated
Comments:      Mit diesem Task ist Ihre Flash Player-Installation immer aktuell und verwendet die neuesten Verbesserungen und Sicherheits-Fixes. Wenn dieser Task deaktiviert oder entfernt wird, kann Adobe Flash Player Ihren Computer nicht automatisch mit den neuesten Sicherheits-Fixes sichern.
----------
Taskname:      CCleanerSkipUAC
File:          D:\CCleaner\CCleaner.exe
D:\CCleaner\CCleaner.exe
4324120 bytes
Created:  22.11.2013 15:42
Modified: 22.11.2013 15:42
Company:  Piriform Ltd
Parameters:    $(Arg0)
Schedule:      Task not scheduled
Next Run Time:
Status:        Ready
Creator:      Piriform Ltd
Comments:     
----------
Taskname:      Divx-Online-Aktualisierungsprogramm
File:          C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
Parameters:    /CHECKNOW
Schedule:      At 10:00:00 every Montag of every week, starting 01.01.2009
Next Run Time: 07.04.2014 10:00:00
Status:        Ready
Creator:      TuneUp
Comments:      tuident:2123EDB4
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe - [file not found to scan]
----------
Taskname:      DriverScanner
File:          D:\DriverScanner\DriverScanner\dsmonitor.exe
D:\DriverScanner\DriverScanner\dsmonitor.exe
25464 bytes
Created:  17.11.2011 23:11
Modified: 05.09.2011 17:20
Company:  Uniblue Systems Limited
Schedule:      At logon
Next Run Time:
Status:        Ready
Creator:      sauterch
Comments:     
----------
Taskname:      Java Update Scheduler
File:          C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
254336 bytes
Created:  02.07.2013 09:16
Modified: 02.07.2013 09:16
Company:  Oracle Corporation
Schedule:      At 10:00:00 every Montag of every week, starting 01.01.2009
Next Run Time: 07.04.2014 10:00:00
Status:        Ready
Creator:      TuneUp
Comments:      tuident:78C4302E
----------
Taskname:      SidebarExecute
File:          C:\Program Files (x86)\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Windows Sidebar\sidebar.exe
1174016 bytes
Created:  27.04.2011 22:52
Modified: 20.11.2010 14:17
Company:  Microsoft Corporation
Schedule:      At task creation/modification
Next Run Time:
Status:        Ready
Creator:     
Comments:     
----------
Taskname:      Trojan Remover Scheduled Updates
File:          D:\Trojan Remover\trupd.exe
D:\Trojan Remover\trupd.exe
1219336 bytes
Created:  25.08.2013 20:52
Modified: 30.12.2013 20:21
Company:  Simply Super Software
Parameters:    /silent
Schedule:      At 19:04:20 every day
Next Run Time: 04.04.2014 19:04:20
Status:        Ready
Creator:      sauterch-PC\sauterch
Comments:      Automatically checks for updates at the selected date/time
----------
Taskname:      TuneUpUtilities_Task_BkGndMaintenance2011
File:          D:\TuneUp Utilities 2011\OneClick.exe
D:\TuneUp Utilities 2011\OneClick.exe
603968 bytes
Created:  13.12.2011 10:37
Modified: 13.12.2011 10:37
Company:  TuneUp Software
Parameters:    $(Arg0)
Schedule:      Task not scheduled
Next Run Time:
Status:        Ready
Creator:     
Comments:     
----------
Taskname:      User_Feed_Synchronization-{E65FAF42-D005-4209-8259-34AE0371B7A1}
File:          C:\Windows\System32\msfeedssync.exe
C:\Windows\System32\msfeedssync.exe
13312 bytes
Created:  31.12.2013 10:43
Modified: 31.12.2013 10:43
Company:  Microsoft Corporation
Parameters:    sync
Schedule:      At 19:34:48 every day
Next Run Time: 04.04.2014 21:34:48
Status:        Ready
Creator:      sauterch-PC\sauterch
Comments:      Aktualisiert veraltete Systemfeeds.
----------

************************************************************
22:50:54: Scanning ----- SHELLICONOVERLAYIDENTIFIERS -----
Key:  SharingPrivate
CLSID: {08244EE6-92F0-47f2-9FC9-929BAA2E7235}
File:  %SystemRoot%\system32\ntshrui.dll
C:\Windows\SysWoW64\ntshrui.dll
442880 bytes
Created:  18.02.2012 11:28
Modified: 04.01.2012 10:58
Company:  Microsoft Corporation
----------

************************************************************
22:50:54: Scanning ----- DEVICE DRIVER ENTRIES -----
Value: vidc.i420
File:  lvcodec2.dll
C:\Windows\SysWoW64\lvcodec2.dll
416280 bytes
Created:  26.07.2008 16:23
Modified: 26.07.2008 16:23
Company:  Logitech Inc.
----------
Value: msacm.l3acm
File:  C:\Windows\SysWOW64\l3codeca.acm
C:\Windows\SysWOW64\l3codeca.acm
64000 bytes
Created:  14.07.2009 02:07
Modified: 14.07.2009 03:14
Company:  Fraunhofer Institut Integrierte Schaltungen IIS
----------

************************************************************
22:50:54: ----- ADDITIONAL CHECKS -----
Heuristic checks for hidden files/drivers completed
----------
Layered Service Provider entries checks completed
----------
Windows Explorer Policies checks completed
----------
Desktop Wallpaper: C:\Users\sauterch\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
C:\Users\sauterch\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
144595 bytes
Created:  30.12.2010 22:36
Modified: 30.08.2013 21:04
Company:  [no info]
----------
Web Desktop Wallpaper entry is blank
----------
Checks for rogue DNS NameServers completed
----------
Checks for Backdoor.ZeroAccess completed
----------
Safe Mode checks completed
----------
Additional checks completed

************************************************************
22:50:55: Scanning ----- RUNNING PROCESSES -----

C:\Windows\System32\smss.exe
112640 bytes
Created:  12.09.2013 18:17
Modified: 02.08.2013 02:59
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\csrss.exe
7680 bytes
Created:  14.07.2009 01:19
Modified: 14.07.2009 03:39
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\wininit.exe
129024 bytes
Created:  14.07.2009 01:52
Modified: 14.07.2009 03:39
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\services.exe
328704 bytes
Created:  14.07.2009 01:19
Modified: 14.07.2009 03:39
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\winlogon.exe
390656 bytes
Created:  27.04.2011 22:52
Modified: 20.11.2010 15:25
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\lsm.exe
343040 bytes
Created:  27.04.2011 22:52
Modified: 20.11.2010 15:24
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\svchost.exe
27136 bytes
Created:  14.07.2009 01:31
Modified: 14.07.2009 03:39
Company:  Microsoft Corporation
--------------------
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
1203488 bytes
Created:  09.09.2013 22:29
Modified: 08.02.2014 19:42
Company:  NVIDIA Corporation
--------------------
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
223488 bytes
Created:  17.07.2012 15:14
Modified: 17.07.2012 15:14
Company:  Microsoft Corp.
--------------------
C:\Windows\System32\WUDFHost.exe
229888 bytes
Created:  17.11.2012 01:28
Modified: 26.07.2012 05:08
Company:  Microsoft Corporation
--------------------
C:\Program Files (x86)\Common Files\G Data\AVKProxy\AvkBap64.exe
283640 bytes
Created:  28.07.2011 03:59
Modified: 27.01.2012 05:49
Company:  G Data Software AG
--------------------
C:\Windows\System32\taskhost.exe
68608 bytes
Created:  09.01.2013 20:53
Modified: 23.11.2012 05:13
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\dwm.exe
120320 bytes
Created:  14.07.2009 01:37
Modified: 14.07.2009 03:39
Company:  Microsoft Corporation
--------------------
D:\TuneUp Utilities 2011\TuneUpUtilitiesApp64.exe
786240 bytes
Created:  13.12.2011 10:34
Modified: 13.12.2011 10:34
Company:  TuneUp Software
--------------------
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
231704 bytes
Created:  27.09.2011 21:05
Modified: 27.09.2011 21:05
Company:  Logitech, Inc.
--------------------
C:\Users\sauterch\AppData\Local\Apps\2.0\N7JC67JJ.28D\EXZ09BGP.07J\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\fritzbox-usb-fernanschluss.exe
333152 bytes
Created:  30.12.2013 20:34
Modified: 30.12.2013 20:34
Company:  AVM Berlin
--------------------
C:\Windows\System32\conhost.exe
338432 bytes
Created:  12.09.2013 18:16
Modified: 02.08.2013 03:09
Company:  Microsoft Corporation
--------------------
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
2448160 bytes
Created:  09.09.2013 22:29
Modified: 08.02.2014 19:42
Company:  NVIDIA Corporation
--------------------
C:\Windows\System32\SearchIndexer.exe
591872 bytes
Created:  30.06.2011 17:55
Modified: 04.05.2011 07:19
Company:  Microsoft Corporation
--------------------
F:\Mozilla Download\Samsung Backup\UBTv1.3.2\adb.exe
815104 bytes
Created:  15.11.2012 20:46
Modified: 12.03.2014 21:09
Company:  [no info]
--------------------
C:\Windows\System32\SearchProtocolHost.exe
249856 bytes
Created:  30.06.2011 17:55
Modified: 04.05.2011 07:19
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\SearchFilterHost.exe
113664 bytes
Created:  30.06.2011 17:55
Modified: 04.05.2011 07:19
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\wbem\WmiPrvSE.exe
372736 bytes
Created:  27.04.2011 22:52
Modified: 20.11.2010 15:25
Company:  Microsoft Corporation
--------------------
D:\Trojan Remover\Rmvtrjan.exe
FileSize:          5491224
[This is a Trojan Remover component]
--------------------
--------------------

************************************************************
22:50:57: Checking HOSTS file
No malicious entries were found in the HOSTS file

************************************************************
------ INTERNET EXPLORER HOME/START/SEARCH SETTINGS ------
HKLM\Software\Microsoft\Internet Explorer\Main\"Start Page":
hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Microsoft\Internet Explorer\Main\"Local Page":
C:\Windows\SysWOW64\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main\"Search Page":
hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Microsoft\Internet Explorer\Main\"Default_Page_URL":
hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Microsoft\Internet Explorer\Main\"Default_Search_URL":
hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKCU\Software\Microsoft\Internet Explorer\Main\"Start Page":
hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main\"Local Page":
C:\Windows\system32\blank.htm
HKCU\Software\Microsoft\Internet Explorer\Main\"Search Page":
hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=DE&userid=8ff9e2c0-c955-4d2e-a461-0606362ab29b&affid=113129&searchtype=ds&babsrc=lnkry&q={searchTerms}

************************************************************
=== NO CHANGES HAVE BEEN MADE TO YOUR SYSTEM FILES ===
Scan completed at: 22:50:57 03 Apr 2014
Total Scan time: 00:00:56
************************************************************


***** DRIVE/DIRECTORY SCAN *****
Trojan Remover Ver 6.9.1.2629. For information, email support@simplysup.com
[Registered to: sauterch@yahoo.de]
Scan started at: 22:49:16 03 Apr 2014
Using Database v8344
Operating System:  Windows 7 x64 Home Premium (SP1) [Build: 6.1.7601]
File System:      NTFS
User Account Control is Enabled
[Secure Desktop Prompt is DISABLED]
UserData directory: C:\Users\sauterch\AppData\Roaming\Simply Super Software\Trojan Remover\
Database directory: C:\ProgramData\Simply Super Software\Trojan Remover\Data\
Logfile directory:  C:\Users\sauterch\Documents\Simply Super Software\Trojan Remover Logfiles\
Program directory:  D:\Trojan Remover\
Running with Administrator privileges

************************************************************
Carrying out scan on C:\Users\sauterch\Desktop\Bilder
(including subdirectories)
Archive files will be EXCLUDED.
------------------------------
------------------------------
Scan stopped by user after 58 files were checked
No Malware files detected
Scan stopped at: 03.04.2014 22:49:26
Total Scan time: 00:00:09
************************************************************


***** DRIVE/DIRECTORY SCAN *****
Trojan Remover Ver 6.9.1.2629. For information, email support@simplysup.com
[Registered to: sauterch@yahoo.de]
Scan started at: 22:47:22 03 Apr 2014
Using Database v8339
Operating System:  Windows 7 x64 Home Premium (SP1) [Build: 6.1.7601]
File System:      NTFS
User Account Control is Enabled
[Secure Desktop Prompt is DISABLED]
UserData directory: C:\Users\sauterch\AppData\Roaming\Simply Super Software\Trojan Remover\
Database directory: C:\ProgramData\Simply Super Software\Trojan Remover\Data\
Logfile directory:  C:\Users\sauterch\Documents\Simply Super Software\Trojan Remover Logfiles\
Program directory:  D:\Trojan Remover\
Running with Administrator privileges

************************************************************
Carrying out scan on C:\Users\sauterch\Desktop\Bilder
(including subdirectories)
Archive files will be EXCLUDED.
------------------------------
------------------------------
124 files scanned
Directory scan complete - no Malware files detected
Scan completed at: 22:47:33 03 Apr 2014
Total Scan time: 00:00:10
************************************************************


***** NORMAL SCAN FOR ACTIVE MALWARE *****
Trojan Remover Ver 6.9.0.2628. For information, email support@simplysup.com
[Registered to: sauterch@yahoo.de]
Scan started at: 14:53:33 02 Feb 2014
Using Database v8307
Operating System:  Windows 7 x64 Home Premium (SP1) [Build: 6.1.7601]
File System:      NTFS
User Account Control is Enabled
[Secure Desktop Prompt is DISABLED]
UserData directory: C:\Users\sauterch\AppData\Roaming\Simply Super Software\Trojan Remover\
Database directory: C:\ProgramData\Simply Super Software\Trojan Remover\Data\
Logfile directory:  C:\Users\sauterch\Documents\Simply Super Software\Trojan Remover Logfiles\
Program directory:  D:\Trojan Remover\
Running with Administrator privileges

************************************************************
14:53:34: ----- Checking Default File Associations -----
No modified default file associations detected

************************************************************
14:53:34: ----- SCANNING FOR ROOTKIT SERVICES -----
No hidden Services were detected.

************************************************************
14:53:35: Scanning ----- Windows Registry -----
--------------------
Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
This key's "Shell" value calls the following program(s):
Key value: [explorer.exe]
File: C:\Windows\Explorer.exe
C:\Windows\Explorer.exe
2871808 bytes
Created:  27.04.2011 17:56
Modified: 25.02.2011 07:19
Company:  Microsoft Corporation
----------
This key's "Userinit" value calls the following program(s):
Key value: [C:\Windows\system32\userinit.exe,]
File: C:\Windows\system32\userinit.exe
C:\Windows\System32\userinit.exe
30720 bytes
Created:  27.04.2011 21:51
Modified: 20.11.2010 14:25
Company:  Microsoft Corporation
----------
--------------------
Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value Name: [G Data AntiVirus Tray Application]
Value Data: [D:\GData\AVKTray\AVKTray.exe]
D:\GData\AVKTray\AVKTray.exe
1035216 bytes
Created:  22.02.2013 22:08
Modified: 09.01.2013 13:01
Company:  G Data Software AG
--------------------
Value Name: [GDFirewallTray]
Value Data: [D:\GData\Firewall\GDFirewallTray.exe]
D:\GData\Firewall\GDFirewallTray.exe
1475096 bytes
Created:  08.01.2013 12:21
Modified: 29.11.2012 05:20
Company:  G Data Software AG
--------------------
Value Name: [TrojanScanner]
Value Data: [D:\Trojan Remover\Trjscan.exe /boot]
D:\Trojan Remover\Trjscan.exe
1704720 bytes
Created:  25.08.2013 19:52
Modified: 02.02.2014 14:52
Company:  Simply Super Software
--------------------
Value Name: [IMSS]
Value Data: ["C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"]
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
111640 bytes
Created:  31.12.2010 11:38
Modified: 30.09.2009 19:02
Company: 
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
This Registry key appears to be empty
--------------------
Checking HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Value Name: [Sidebar]
Value Data: [C:\Program Files\Windows Sidebar\sidebar.exe /autoRun]
C:\Program Files\Windows Sidebar\sidebar.exe
1475584 bytes
Created:  27.04.2011 21:52
Modified: 20.11.2010 14:25
Company:  Microsoft Corporation
--------------------
Value Name: [ctfmon.exe]
Value Data: ["C:\Windows\system32\ctfmon.exe"]
C:\Windows\SysWoW64\ctfmon.exe
8704 bytes
Created:  14.07.2009 00:26
Modified: 14.07.2009 02:14
Company:  Microsoft Corporation
--------------------
Value Name: []
Value Data: [D:\Kies\Kies\External\FirmwareUpdate\KiesPDLR.exe Run]
D:\Kies\Kies\External\FirmwareUpdate\KiesPDLR.exe
845168 bytes
Created:  29.11.2011 20:58
Modified: 06.11.2013 02:55
Company:  Samsung
--------------------
Value Name: [AVMUSBFernanschluss]
Value Data: ["C:\Users\sauterch\AppData\Local\Apps\2.0\N7JC67JJ.28D\EXZ09BGP.07J\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\AVMAutoStart.exe"]
C:\Users\sauterch\AppData\Local\Apps\2.0\N7JC67JJ.28D\EXZ09BGP.07J\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\AVMAutoStart.exe
139264 bytes
Created:  30.12.2013 19:34
Modified: 30.12.2013 19:34
Company:  AVM Berlin
--------------------
Value Name: [GarminExpressTrayApp]
Value Data: ["D:\Garmin\Express Tray\ExpressTray.exe"]
D:\Garmin\Express Tray\ExpressTray.exe
1095000 bytes
Created:  30.12.2013 09:05
Modified: 30.12.2013 09:05
Company:  Garmin Ltd or its subsidiaries
--------------------
Checking HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
Value Name: [Uninstall C:\Users\sauterch\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64]
Value Data: [C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\sauterch\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64"]
rmdir /s /q C:\Users\sauterch\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64 - [file not found to scan]

************************************************************
14:53:37: Scanning ----- Windows 64-Bit Registry -----
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value Name: [Acronis Scheduler2 Service]
Value Data: ["C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"]
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
391240 bytes
Created:  06.12.2010 06:55
Modified: 06.12.2010 06:55
Company:  Acronis
--------------------
Value Name: [EvtMgr6]
Value Data: [D:\Logitech\SetPointP\SetPoint.exe /launchGaming]
D:\Logitech\SetPointP\SetPoint.exe
1744152 bytes
Created:  07.10.2011 10:38
Modified: 07.10.2011 10:38
Company:  Logitech, Inc.
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
This Registry key appears to be empty

************************************************************
14:53:38: Scanning -----SHELLEXECUTEHOOKS-----
ShellExecuteHooks key is empty

************************************************************
14:53:38: Scanning -----HIDDEN REGISTRY ENTRIES-----
Taskdir check completed
----------
No Hidden File-loading Registry Entries found
----------

************************************************************
14:53:38: Scanning -----ACTIVE SCREENSAVER-----
ScreenSaver: C:\Windows\SysWOW64\Cities.scr
C:\Windows\SysWOW64\Cities.scr
2789376 bytes
Created:  20.10.2013 17:23
Modified: 23.09.2007 22:08
Company:  Screenomania.com
--------------------

************************************************************
14:53:38: Scanning ----- REGISTRY ACTIVE SETUP KEYS -----
Key:  {2D46B6DC-2207-486B-B523-A557E6D54B47}
Path: C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
C:\Windows\SysWoW64\ie4uinit.exe - [file not found to scan]
----------
C:\Program Files (x86)\Windows Mail\WinMail.exe

************************************************************
14:53:38: Scanning ----- SERVICEDLL REGISTRY KEYS -----
Key:  UxTuneUp
Path: %SystemRoot%\System32\uxtuneup.dll
C:\Windows\System32\uxtuneup.dll
36160 bytes
Created:  15.01.2011 16:11
Modified: 13.12.2011 09:29
Company:  TuneUp Software
--------------------
Key:  wuauserv
Path: C:\Windows\system32\wuaueng.dll
C:\Windows\System32\wuaueng.dll
2428952 bytes
Created:  22.06.2012 17:39
Modified: 02.06.2012 23:19
Company:  Microsoft Corporation
--------------------

************************************************************
14:53:39: Scanning ----- SERVICES REGISTRY KEYS -----
Key:      AAV UpdateService
ImagePath: D:\Steuer-Spar-Erklaerung\AAVUpdateManager\aavus.exe
D:\Steuer-Spar-Erklaerung\AAVUpdateManager\aavus.exe
128296 bytes
Created:  24.10.2008 15:35
Modified: 24.10.2008 15:35
Company: 
----------
Key:      AcrSch2Svc
ImagePath: "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe"
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
1112744 bytes
Created:  06.12.2010 06:55
Modified: 06.12.2010 06:55
Company:  Acronis
----------
Key:      AdobeFlashPlayerUpdateSvc
ImagePath: C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
257928 bytes
Created:  07.03.2013 16:27
Modified: 18.01.2014 16:22
Company:  Adobe Systems Incorporated
----------
Key:      afcdp
ImagePath: system32\DRIVERS\afcdp.sys
C:\Windows\System32\DRIVERS\afcdp.sys
285280 bytes
Created:  06.03.2012 10:59
Modified: 06.03.2012 10:59
Company:  Acronis
----------
Key:      afcdpsrv
ImagePath: C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
3246040 bytes
Created:  06.03.2012 10:59
Modified: 06.03.2012 10:59
Company:  Acronis
----------
Key:      amdsata
ImagePath: \SystemRoot\system32\drivers\amdsata.sys
C:\Windows\System32\drivers\amdsata.sys
107904 bytes
Created:  27.04.2011 17:56
Modified: 11.03.2011 07:41
Company:  Advanced Micro Devices
----------
Key:      Apple Mobile Device
ImagePath: "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
55624 bytes
Created:  07.09.2013 09:13
Modified: 07.09.2013 09:13
Company:  Apple Inc.
----------
Key:      atapi
ImagePath: system32\drivers\atapi.sys
C:\Windows\System32\drivers\atapi.sys
24128 bytes
Created:  14.07.2009 00:19
Modified: 14.07.2009 02:52
Company:  Microsoft Corporation
----------
Key:      AVKProxy
ImagePath: "C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe"
C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
1548312 bytes
Created:  08.01.2013 12:21
Modified: 29.11.2012 04:49
Company:  G Data Software AG
----------
Key:      AVKService
ImagePath: "D:\GData\AVK\AVKService.exe"
D:\GData\AVK\AVKService.exe
469016 bytes
Created:  08.01.2013 12:21
Modified: 29.11.2012 04:47
Company:  G Data Software AG
----------
Key:      AVKWCtl
ImagePath: "D:\GData\AVK\AVKWCtlX64.exe"
D:\GData\AVK\AVKWCtlX64.exe
2012592 bytes
Created:  08.01.2013 12:21
Modified: 29.11.2012 05:08
Company:  G Data Software AG
----------
Key:      avmaudio
ImagePath: system32\DRIVERS\avmaudio.sys
C:\Windows\System32\DRIVERS\avmaudio.sys
116096 bytes
Created:  08.01.2011 20:23
Modified: 08.01.2011 20:23
Company:  AVM Berlin
----------
Key:      avmaura
ImagePath: system32\DRIVERS\avmaura.sys
C:\Windows\System32\DRIVERS\avmaura.sys
116480 bytes
Created:  22.12.2012 10:27
Modified: 22.12.2012 10:26
Company:  AVM Berlin
----------
Key:      b06bdrv
ImagePath: \SystemRoot\system32\DRIVERS\bxvbda.sys
C:\Windows\System32\DRIVERS\bxvbda.sys
468480 bytes
Created:  10.06.2009 21:34
Modified: 10.06.2009 21:34
Company:  Broadcom Corporation
----------
Key:      b57nd60a
ImagePath: system32\DRIVERS\b57nd60a.sys
C:\Windows\System32\DRIVERS\b57nd60a.sys
270848 bytes
Created:  10.06.2009 21:34
Modified: 10.06.2009 21:34
Company:  Broadcom Corporation
----------
Key:      CLKMSVC10_C19A2874
ImagePath: "D:\Cyberlink PowerDVD\PowerDVD9\NavFilter\kmsvc.exe" /svc
D:\Cyberlink PowerDVD\PowerDVD9\NavFilter\kmsvc.exe
232944 bytes
Created:  26.04.2010 18:10
Modified: 26.04.2010 18:10
Company:  CyberLink
----------
Key:      clr_optimization_v2.0.50727_64
ImagePath: %systemroot%\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
89920 bytes
Created:  13.07.2009 21:37
Modified: 10.06.2009 21:39
Company:  Microsoft Corporation
----------
Key:      clr_optimization_v4.0.30319_32
ImagePath: C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
105144 bytes
Created:  11.09.2013 21:21
Modified: 11.09.2013 21:21
Company:  Microsoft Corporation
----------
Key:      clr_optimization_v4.0.30319_64
ImagePath: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
124088 bytes
Created:  11.09.2013 19:39
Modified: 11.09.2013 19:39
Company:  Microsoft Corporation
----------
Key:      CompositeBus
ImagePath: \SystemRoot\system32\drivers\CompositeBus.sys
C:\Windows\System32\drivers\CompositeBus.sys
38912 bytes
Created:  27.04.2011 21:51
Modified: 20.11.2010 11:33
Company:  Microsoft Corporation
----------
Key:      cvhsvc
ImagePath: "C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
822504 bytes
Created:  22.04.2013 09:02
Modified: 22.04.2013 09:02
Company:  Microsoft Corporation
----------
Key:      dg_ssudbus
ImagePath: system32\DRIVERS\ssudbus.sys
C:\Windows\System32\DRIVERS\ssudbus.sys
107288 bytes
Created:  28.10.2013 01:12
Modified: 28.10.2013 01:12
Company:  DEVGURU Co., LTD.(www.devguru.co.kr)
----------
Key:      drmkaud
ImagePath: \SystemRoot\system32\drivers\drmkaud.sys
C:\Windows\System32\drivers\drmkaud.sys
5632 bytes
Created:  14.07.2009 01:06
Modified: 14.07.2009 01:06
Company:  Microsoft Corporation
----------
Key:      ebdrv
ImagePath: \SystemRoot\system32\DRIVERS\evbda.sys
C:\Windows\System32\DRIVERS\evbda.sys
3286016 bytes
Created:  10.06.2009 21:34
Modified: 10.06.2009 21:34
Company:  Broadcom Corporation
----------
Key:      FLEXnet Licensing Service
ImagePath: "C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe"
C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
1045256 bytes
Created:  06.01.2011 12:00
Modified: 06.01.2011 12:00
Company:  Acresso Software Inc.
----------
Key:      FontCache3.0.0.0
ImagePath: %systemroot%\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
42856 bytes
Created:  27.04.2011 21:51
Modified: 05.11.2010 02:53
Company:  Microsoft Corporation
----------
Key:      FsUsbExDisk
ImagePath: \??\C:\Windows\SysWOW64\FsUsbExDisk.SYS
C:\Windows\SysWOW64\FsUsbExDisk.SYS
37344 bytes
Created:  22.02.2013 22:17
Modified: 05.02.2013 09:54
Company:  [no info]
----------
Key:      Garmin Core Update Service
ImagePath: "D:\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe"
D:\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
250712 bytes
Created:  30.12.2013 09:05
Modified: 30.12.2013 09:05
Company:  Garmin Ltd or its subsidiaries
----------
Key:      GDBehave
ImagePath: system32\drivers\GDBehave.sys
C:\Windows\System32\drivers\GDBehave.sys
54176 bytes
Created:  31.12.2010 11:25
Modified: 08.01.2013 12:21
Company:  G Data Software AG
----------
Key:      GDFwSvc
ImagePath: "D:\GData\Firewall\GDFwSvcx64.exe"
D:\GData\Firewall\GDFwSvcx64.exe
2377736 bytes
Created:  08.01.2013 12:21
Modified: 29.11.2012 05:14
Company:  G Data Software AG
----------
Key:      GDMnIcpt
ImagePath: \??\C:\Windows\system32\drivers\MiniIcpt.sys
C:\Windows\System32\drivers\MiniIcpt.sys
126880 bytes
Created:  31.12.2010 11:24
Modified: 08.01.2013 12:21
Company:  G Data Software AG
----------
Key:      GdNetMon
ImagePath: \??\C:\Windows\system32\drivers\GdNetMon64.sys
C:\Windows\System32\drivers\GdNetMon64.sys
31608 bytes
Created:  31.10.2011 22:38
Modified: 31.10.2011 22:38
Company:  G Data Software AG
----------
Key:      GDPkIcpt
ImagePath: \??\C:\Windows\system32\drivers\PktIcpt.sys
C:\Windows\System32\drivers\PktIcpt.sys
62368 bytes
Created:  31.12.2010 11:25
Modified: 08.01.2013 12:23
Company:  G Data Software AG
----------
Key:      GDScan
ImagePath: "C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe"
C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
470008 bytes
Created:  17.08.2012 15:29
Modified: 29.03.2012 03:42
Company:  G Data Software AG
----------
Key:      gdwfpcd
ImagePath: system32\drivers\gdwfpcd64.sys
C:\Windows\System32\drivers\gdwfpcd64.sys
65008 bytes
Created:  31.12.2010 11:24
Modified: 22.02.2013 22:08
Company:  G Data Software AG
----------
Key:      GRD
ImagePath: \??\C:\Windows\system32\drivers\GRD.sys
C:\Windows\System32\drivers\GRD.sys
106648 bytes
Created:  31.12.2010 12:21
Modified: 01.09.2012 12:15
Company:  G Data Software
----------
Key:      gusvc
ImagePath: "C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe"
C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
136120 bytes
Created:  04.01.2011 21:06
Modified: 11.06.2010 01:40
Company:  Google
----------
Key:      HECIx64
ImagePath: system32\DRIVERS\HECIx64.sys
C:\Windows\System32\DRIVERS\HECIx64.sys
56344 bytes
Created:  31.12.2010 11:37
Modified: 17.09.2009 12:54
Company:  Intel Corporation
----------
Key:      HidUsb
ImagePath: \SystemRoot\system32\drivers\hidusb.sys
C:\Windows\System32\drivers\hidusb.sys
30208 bytes
Created:  27.04.2011 21:51
Modified: 20.11.2010 11:43
Company:  Microsoft Corporation
----------
Key:      HookCentre
ImagePath: \??\C:\Windows\system32\drivers\HookCentre.sys
C:\Windows\System32\drivers\HookCentre.sys
64416 bytes
Created:  31.10.2011 22:38
Modified: 22.02.2013 22:08
Company:  G Data Software AG
----------
Key:      iaStorV
ImagePath: \SystemRoot\system32\drivers\iaStorV.sys
C:\Windows\System32\drivers\iaStorV.sys
410496 bytes
Created:  27.04.2011 17:56
Modified: 11.03.2011 07:41
Company:  Intel Corporation
----------
Key:      idsvc
ImagePath: "%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe"
C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
856400 bytes
Created:  27.04.2011 21:51
Modified: 05.11.2010 02:52
Company:  Microsoft Corporation
----------
Key:      IEEtwCollectorService
ImagePath: %SystemRoot%\system32\IEEtwCollector.exe /V
C:\Windows\System32\IEEtwCollector.exe
111616 bytes
Created:  31.12.2013 11:54
Modified: 26.11.2013 10:18
Company:  Microsoft Corporation
----------
Key:      IGDCTRL
ImagePath: "C:\Program Files\FRITZ!DSL\IGDCTRL.EXE"
C:\Program Files\FRITZ!DSL\IGDCTRL.EXE
88888 bytes
Created:  28.07.2009 16:10
Modified: 28.07.2009 16:10
Company:  AVM Berlin
----------
Key:      IntcAzAudAddService
ImagePath: system32\drivers\RTKVHD64.sys
C:\Windows\System32\drivers\RTKVHD64.sys
2009376 bytes
Created:  27.08.2013 19:41
Modified: 06.10.2009 18:51
Company:  Realtek Semiconductor Corp.
----------
Key:      k57nd60a
ImagePath: system32\DRIVERS\k57nd60a.sys
C:\Windows\System32\DRIVERS\k57nd60a.sys
321064 bytes
Created:  16.10.2009 02:32
Modified: 16.10.2009 02:32
Company:  Broadcom Corporation
----------
Key:      ksthunk
ImagePath: \SystemRoot\system32\drivers\ksthunk.sys
C:\Windows\System32\drivers\ksthunk.sys
20992 bytes
Created:  14.07.2009 01:00
Modified: 14.07.2009 01:00
Company:  Microsoft Corporation
----------
Key:      LBTServ
ImagePath: C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
359192 bytes
Created:  27.09.2011 20:04
Modified: 27.09.2011 20:04
Company:  Logitech, Inc.
----------
Key:      LMS
ImagePath: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
268824 bytes
Created:  31.12.2010 11:38
Modified: 30.09.2009 19:02
Company:  Intel Corporation
----------
Key:      LUsbFilt
ImagePath: System32\Drivers\LUsbFilt.Sys
C:\Windows\System32\Drivers\LUsbFilt.Sys
42776 bytes
Created:  02.09.2011 07:30
Modified: 02.09.2011 07:30
Company:  Logitech, Inc.
----------
Key:      lvpepf64
ImagePath: system32\DRIVERS\lv302a64.sys
C:\Windows\System32\DRIVERS\lv302a64.sys
15768 bytes
Created:  26.07.2008 15:22
Modified: 26.07.2008 15:22
Company:  Logitech Inc.
----------
Key:      LVRS64
ImagePath: system32\DRIVERS\lvrs64.sys
C:\Windows\System32\DRIVERS\lvrs64.sys
790424 bytes
Created:  26.07.2008 15:25
Modified: 26.07.2008 15:25
Company:  Logitech Inc.
----------
Key:      LVUSBS64
ImagePath: system32\drivers\LVUSBS64.sys
C:\Windows\System32\drivers\LVUSBS64.sys
50072 bytes
Created:  26.07.2008 15:26
Modified: 26.07.2008 15:26
Company:  Logitech Inc.
----------
Key:      MozillaMaintenance
ImagePath: "C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe"
C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
117656 bytes
Created:  22.08.2013 18:50
Modified: 14.08.2013 18:55
Company:  Mozilla Foundation
----------
Key:      mssmbios
ImagePath: \SystemRoot\system32\drivers\mssmbios.sys
C:\Windows\System32\drivers\mssmbios.sys
32320 bytes
Created:  14.07.2009 00:31
Modified: 14.07.2009 02:48
Company:  Microsoft Corporation
----------
Key:      NVHDA
ImagePath: system32\drivers\nvhda64v.sys
C:\Windows\System32\drivers\nvhda64v.sys
194848 bytes
Created:  09.09.2013 21:27
Modified: 25.02.2013 06:27
Company:  NVIDIA Corporation
----------
Key:      NvStreamSvc
ImagePath: "C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
14997280 bytes
Created:  09.09.2013 21:35
Modified: 27.08.2013 22:17
Company:  NVIDIA Corporation
----------
Key:      nvsvc
ImagePath: "C:\Windows\system32\nvvsvc.exe"
C:\Windows\System32\nvvsvc.exe
893728 bytes
Created:  09.09.2013 21:29
Modified: 09.08.2013 21:07
Company:  NVIDIA Corporation
----------
Key:      nvUpdatusService
ImagePath: "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
2155296 bytes
Created:  09.09.2013 21:29
Modified: 27.08.2013 22:16
Company:  NVIDIA Corporation
----------
Key:      nvvad_WaveExtensible
ImagePath: system32\drivers\nvvad64v.sys
C:\Windows\System32\drivers\nvvad64v.sys
39200 bytes
Created:  09.09.2013 21:35
Modified: 20.08.2013 14:33
Company:  NVIDIA Corporation
----------
Key:      ose
ImagePath: "C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE"
C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
149352 bytes
Created:  09.01.2010 21:18
Modified: 09.01.2010 21:18
Company:  Microsoft Corporation
----------
Key:      osppsvc
ImagePath: "C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
4925184 bytes
Created:  09.01.2010 21:34
Modified: 09.01.2010 21:34
Company:  Microsoft Corporation
----------
Key:      PerfHost
ImagePath: %SystemRoot%\SysWow64\perfhost.exe
C:\Windows\SysWow64\perfhost.exe
20992 bytes
Created:  14.07.2009 00:11
Modified: 14.07.2009 02:14
Company:  Microsoft Corporation
----------
Key:      PID_PEPI
ImagePath: system32\DRIVERS\LV302V64.SYS
C:\Windows\System32\DRIVERS\LV302V64.SYS
2624408 bytes
Created:  26.07.2008 15:22
Modified: 26.07.2008 15:22
Company:  Logitech Inc.
----------
Key:      PxHlpa64
ImagePath: System32\Drivers\PxHlpa64.sys
C:\Windows\System32\Drivers\PxHlpa64.sys
55856 bytes
Created:  06.01.2011 12:58
Modified: 04.03.2011 20:44
Company:  Sonic Solutions
----------
Key:      rdpbus
ImagePath: \SystemRoot\system32\DRIVERS\rdpbus.sys
C:\Windows\System32\DRIVERS\rdpbus.sys
24064 bytes
Created:  14.07.2009 01:17
Modified: 14.07.2009 01:17
Company:  Microsoft Corporation
----------
Key:      RdpVideoMiniport
ImagePath: System32\drivers\rdpvideominiport.sys
C:\Windows\System32\drivers\rdpvideominiport.sys
19456 bytes
Created:  15.12.2012 01:23
Modified: 23.08.2012 15:10
Company:  Microsoft Corporation
----------
Key:      RoxMediaDB10
ImagePath: "C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe"
C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
1124848 bytes
Created:  26.06.2009 11:19
Modified: 26.06.2009 11:19
Company:  Sonic Solutions
----------
Key:      RxFilter
ImagePath: system32\DRIVERS\RxFilter.sys
C:\Windows\System32\DRIVERS\RxFilter.sys - [file not found to scan]
----------
Key:      Serenum
ImagePath: \SystemRoot\system32\DRIVERS\serenum.sys
C:\Windows\System32\DRIVERS\serenum.sys
23552 bytes
Created:  14.07.2009 01:00
Modified: 14.07.2009 01:00
Company:  Microsoft Corporation
----------
Key:      Serial
ImagePath: \SystemRoot\system32\DRIVERS\serial.sys
C:\Windows\System32\DRIVERS\serial.sys
94208 bytes
Created:  14.07.2009 01:00
Modified: 14.07.2009 01:00
Company:  Brother Industries Ltd.
----------
Key:      SessionLauncher
ImagePath: C:\Users\sauterch\AppData\Local\Temp\DX9\SessionLauncher.exe
C:\Users\sauterch\AppData\Local\Temp\DX9\SessionLauncher.exe - [file not found to scan]
----------
Key:      Sftfs
ImagePath: system32\DRIVERS\Sftfslh.sys
C:\Windows\System32\DRIVERS\Sftfslh.sys
767144 bytes
Created:  26.06.2013 18:21
Modified: 26.06.2013 18:21
Company:  Microsoft Corporation
----------
Key:      sftlist
ImagePath: "C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
523944 bytes
Created:  26.06.2013 18:21
Modified: 26.06.2013 18:21
Company:  Microsoft Corporation
----------
Key:      Sftplay
ImagePath: system32\DRIVERS\Sftplaylh.sys
C:\Windows\System32\DRIVERS\Sftplaylh.sys
273576 bytes
Created:  26.06.2013 18:21
Modified: 26.06.2013 18:21
Company:  Microsoft Corporation
----------
Key:      Sftredir
ImagePath: system32\DRIVERS\Sftredirlh.sys
C:\Windows\System32\DRIVERS\Sftredirlh.sys
28840 bytes
Created:  26.06.2013 18:21
Modified: 26.06.2013 18:21
Company:  Microsoft Corporation
----------
Key:      Sftvol
ImagePath: system32\DRIVERS\Sftvollh.sys
C:\Windows\System32\DRIVERS\Sftvollh.sys
23208 bytes
Created:  26.06.2013 18:21
Modified: 26.06.2013 18:21
Company:  Microsoft Corporation
----------
Key:      sftvsa
ImagePath: "C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
207528 bytes
Created:  26.06.2013 18:21
Modified: 26.06.2013 18:21
Company:  Microsoft Corporation
----------
Key:      SkypeUpdate
ImagePath: D:\Skype\Updater\Updater.exe
D:\Skype\Updater\Updater.exe
-R- 172192 bytes
Created:  23.10.2013 08:15
Modified: 23.10.2013 08:15
Company:  Skype Technologies
----------
Key:      ssudmdm
ImagePath: system32\DRIVERS\ssudmdm.sys
C:\Windows\System32\DRIVERS\ssudmdm.sys
204568 bytes
Created:  28.10.2013 01:12
Modified: 28.10.2013 01:12
Company:  DEVGURU Co., LTD.(www.devguru.co.kr)
----------
Key:      Stereo Service
ImagePath: "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
413472 bytes
Created:  09.08.2013 14:37
Modified: 09.08.2013 14:37
Company:  NVIDIA Corporation
----------
Key:      stllssvr
ImagePath: "C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe"
C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
-R- 74392 bytes
Created:  30.04.2009 12:59
Modified: 30.04.2009 12:59
Company:  MicroVision Development, Inc.
----------
Key:      swenum
ImagePath: \SystemRoot\system32\drivers\swenum.sys
C:\Windows\System32\drivers\swenum.sys
12496 bytes
Created:  14.07.2009 01:00
Modified: 14.07.2009 02:45
Company:  Microsoft Corporation
----------
Key:      tdrpman273
ImagePath: system32\DRIVERS\tdrpm273.sys
C:\Windows\System32\DRIVERS\tdrpm273.sys
1263200 bytes
Created:  23.01.2011 14:27
Modified: 06.03.2012 10:59
Company:  Acronis
----------
Key:      TermDD
ImagePath: \SystemRoot\system32\drivers\termdd.sys
C:\Windows\System32\drivers\termdd.sys
63360 bytes
Created:  27.04.2011 21:51
Modified: 20.11.2010 14:33
Company:  Microsoft Corporation
----------
Key:      TsUsbFlt
ImagePath: system32\drivers\tsusbflt.sys
C:\Windows\System32\drivers\tsusbflt.sys
57856 bytes
Created:  15.12.2012 01:23
Modified: 23.08.2012 15:07
Company:  Microsoft Corporation
----------
Key:      TuneUp.UtilitiesSvc
ImagePath: "D:\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe"
D:\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe
2028864 bytes
Created:  13.12.2011 09:34
Modified: 13.12.2011 09:34
Company:  TuneUp Software
----------
Key:      TuneUpUtilitiesDrv
ImagePath: \??\D:\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys
D:\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys
11856 bytes
Created:  29.11.2010 19:27
Modified: 29.11.2010 19:27
Company:  TuneUp Software
----------
Key:      UNS
ImagePath: "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
2320920 bytes
Created:  31.12.2010 11:38
Modified: 30.09.2009 19:02
Company:  Intel Corporation
----------
Key:      USBAAPL64
ImagePath: System32\Drivers\usbaapl64.sys
C:\Windows\System32\Drivers\usbaapl64.sys
54784 bytes
Created:  13.12.2012 13:50
Modified: 13.12.2012 13:50
Company:  Apple, Inc.
----------
Key:      WinUsb
ImagePath: system32\DRIVERS\WinUSB.SYS
C:\Windows\System32\DRIVERS\WinUSB.SYS
41984 bytes
Created:  27.04.2011 21:51
Modified: 20.11.2010 11:43
Company:  Microsoft Corporation
----------
Key:      wlidsvc
ImagePath: "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
2292480 bytes
Created:  17.07.2012 14:14
Modified: 17.07.2012 14:14
Company:  Microsoft Corp.
----------

************************************************************
14:53:52: Scanning -----VXD ENTRIES-----

************************************************************
14:53:52: Scanning ----- ContextMenuHandlers -----
Key:  7-Zip
CLSID: {23170F69-40C1-278A-1000-000100020000}
Path:  D:\7_Zip\7-Zip\7-zip.dll
D:\7_Zip\7-Zip\7-zip.dll
55808 bytes
Created:  18.11.2010 17:08
Modified: 18.11.2010 17:08
Company:  Igor Pavlov
----------
Key:  PhotoStreamsExt
CLSID: {89D984B3-813B-406A-8298-118AFA3A22AE}
Path:  C:\Program Files (x86)\Common Files\Apple\Internet Services\ShellStreams.dll
C:\Program Files (x86)\Common Files\Apple\Internet Services\ShellStreams.dll
600392 bytes
Created:  20.11.2013 15:43
Modified: 20.11.2013 15:43
Company:  Apple Inc.
----------
Key:  TuneUp Shredder Shell Extension
CLSID: {4858E7D9-8E12-45a3-B6A3-1CD128C9D403}
Path:  D:\TuneUp Utilities 2011\SDShelEx-win32.dll
D:\TuneUp Utilities 2011\SDShelEx-win32.dll
30016 bytes
Created:  13.12.2011 09:29
Modified: 13.12.2011 09:29
Company:  TuneUp Software
----------
Key:  VersionsPageShellExt
CLSID: {9E42900A-85F9-4E67-9778-575FBBA0A81C}
Path:  D:\Acronis True Image_2011\versions_page.dll
D:\Acronis True Image_2011\versions_page.dll
128352 bytes
Created:  22.09.2011 22:22
Modified: 22.09.2011 22:22
Company:  Acronis
----------
Key:  {C539A15A-3AF9-4c92-B771-50CB78F5C751}
Path:  D:\Acronis True Image_2011\tishell.dll
D:\Acronis True Image_2011\tishell.dll
1030536 bytes
Created:  22.09.2011 22:21
Modified: 22.09.2011 22:21
Company:  Acronis
----------

************************************************************
14:53:52: Scanning ----- Folder\ColumnHandlers -----
No Folder\ColumnHandler entries found to scan

************************************************************
14:53:52: Scanning ----- 64-Bit ContextMenuHandlers -----
Key:  AVK9CM
CLSID: {CAF4C320-32F5-11D3-A222-004095200FF2}
Path:  D:\GData\AVK\ShellExt64.dll
D:\GData\AVK\ShellExt64.dll
333848 bytes
Created:  17.08.2011 15:00
Modified: 21.05.2012 04:35
Company:  G Data Software AG
----------
Key:  PhotoStreamsExt
CLSID: {89D984B3-813B-406A-8298-118AFA3A22AE}
Path:  C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll
C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll
1242440 bytes
Created:  20.11.2013 15:43
Modified: 20.11.2013 15:43
Company:  Apple Inc.
----------
Key:  RXDCExtSvr
CLSID: {0FB82570-BB2D-23D3-8D3B-AC2F34F1FA3C}
Path:  C:\Program Files\Roxio\Virtual Drive 10\DC_ShellExt64.dll
C:\Program Files\Roxio\Virtual Drive 10\DC_ShellExt64.dll
145904 bytes
Created:  26.06.2009 11:31
Modified: 26.06.2009 11:31
Company:  Sonic Solutions
----------
Key:  TuneUp Shredder Shell Extension
CLSID: {4858E7D9-8E12-45a3-B6A3-1CD128C9D403}
Path:  D:\TuneUp Utilities 2011\SDShelEx-x64.dll
D:\TuneUp Utilities 2011\SDShelEx-x64.dll
28480 bytes
Created:  13.12.2011 09:29
Modified: 13.12.2011 09:29
Company:  TuneUp Software
----------
Key:  VersionsPageShellExt
CLSID: {9E42900A-85F9-4E67-9778-575FBBA0A81C}
Path:  D:\Acronis True Image_2011\x64\versions_page.dll
D:\Acronis True Image_2011\x64\versions_page.dll
142176 bytes
Created:  22.09.2011 22:22
Modified: 22.09.2011 22:22
Company:  Acronis
----------
Key:  {C539A15A-3AF9-4c92-B771-50CB78F5C751}
Path:  D:\Acronis True Image_2011\tishell64.dll
D:\Acronis True Image_2011\tishell64.dll
1246088 bytes
Created:  22.09.2011 22:22
Modified: 22.09.2011 22:22
Company:  Acronis
----------

************************************************************
14:53:53: Scanning ----- 64-Bit Folder\ColumnHandlers -----
No Folder\ColumnHandler entries found to scan

************************************************************
14:53:53: Scanning ----- Browser Helper Objects -----
Key: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
BHO: D:\Java\bin\ssv.dll
D:\Java\bin\ssv.dll
462760 bytes
Created:  20.10.2013 12:37
Modified: 18.12.2013 21:07
Company:  Oracle Corporation
----------
Key: {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC}
BHO: C:\Program Files (x86)\Common Files\G DATA\AVKProxy\BanksafeBHO.dll
C:\Program Files (x86)\Common Files\G DATA\AVKProxy\BanksafeBHO.dll
52728 bytes
Created:  10.08.2011 16:31
Modified: 27.01.2012 14:40
Company:  G Data Software AG
----------
Key: {DBC80044-A445-435b-BC74-9C25C1C588A9}
BHO: D:\Java\bin\jp2ssv.dll
D:\Java\bin\jp2ssv.dll
171944 bytes
Created:  20.10.2013 12:37
Modified: 18.12.2013 21:05
Company:  Oracle Corporation
----------

************************************************************
14:53:53: Scanning ----- 64-Bit Browser Helper Objects -----
Key: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
BHO: C:\Program Files\Java\jre7\bin\ssv.dll
C:\Program Files\Java\jre7\bin\ssv.dll
553384 bytes
Created:  20.10.2013 12:25
Modified: 20.10.2013 12:25
Company:  Oracle Corporation
----------
Key: {9030D464-4C02-4ABF-8ECC-5164760863C6}
BHO: C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
529664 bytes
Created:  17.07.2012 14:17
Modified: 17.07.2012 14:17
Company:  Microsoft Corp.
----------
Key: {DBC80044-A445-435b-BC74-9C25C1C588A9}
BHO: C:\Program Files\Java\jre7\bin\jp2ssv.dll
C:\Program Files\Java\jre7\bin\jp2ssv.dll
210856 bytes
Created:  20.10.2013 12:25
Modified: 20.10.2013 12:25
Company:  Oracle Corporation
----------

************************************************************
14:53:54: Scanning ----- ShellServiceObjectDelayLoad Entries -----

************************************************************
14:53:54: Scanning ----- 64-Bit ShellServiceObjectDelayLoad Entries -----

************************************************************
14:53:54: Scanning ----- ShellServiceObjects -----
CLSID: {3BF043EF-A974-49B3-8322-B853CF1E5EC5}
File: %SystemRoot%\System32\SndVolSSO.dll
C:\Windows\SysWoW64\SndVolSSO.dll
220160 bytes
Created:  27.04.2011 21:51
Modified: 20.11.2010 13:21
Company:  Microsoft Corporation
----------
CLSID: {68ddbb56-9d1d-4fd9-89c5-c0da2a625392}
File: %SystemRoot%\system32\stobject.dll
C:\Windows\SysWoW64\stobject.dll
228352 bytes
Created:  27.04.2011 21:51
Modified: 20.11.2010 13:21
Company:  Microsoft Corporation
----------
CLSID: {7007ACCF-3202-11D1-AAD2-00805FC1270E}
File: %SystemRoot%\System32\netshell.dll
C:\Windows\SysWoW64\netshell.dll
2494464 bytes
Created:  27.04.2011 21:51
Modified: 20.11.2010 13:20
Company:  Microsoft Corporation
----------
CLSID: {900c0763-5cad-4a34-bc1f-40cd513679d5}
File: %SystemRoot%\System32\hcproviders.dll
C:\Windows\SysWoW64\hcproviders.dll
26112 bytes
Created:  14.07.2009 00:40
Modified: 14.07.2009 02:15
Company:  Microsoft Corporation
----------
CLSID: {A1607060-5D4C-467a-B711-2B59A6F25957}
File: %SystemRoot%\System32\AltTab.dll
C:\Windows\SysWoW64\AltTab.dll
46592 bytes
Created:  14.07.2009 00:39
Modified: 14.07.2009 02:14
Company:  Microsoft Corporation
----------
CLSID: {AAA288BA-9A4C-45B0-95D7-94D524869DB5}
File: %SystemRoot%\system32\wpdshserviceobj.dll
C:\Windows\SysWoW64\wpdshserviceobj.dll
105984 bytes
Created:  27.04.2011 21:51
Modified: 20.11.2010 13:21
Company:  Microsoft Corporation
----------
CLSID: {C2796011-81BA-4148-8FCA-C6643245113F}
File: %SystemRoot%\System32\pnidui.dll
C:\Windows\SysWoW64\pnidui.dll
1750528 bytes
Created:  27.04.2011 21:51
Modified: 20.11.2010 13:20
Company:  Microsoft Corporation
----------
CLSID: {DA67B8AD-E81B-4c70-9B91-B417B5E33527}
File: %SystemRoot%\System32\srchadmin.dll
C:\Windows\SysWoW64\srchadmin.dll
301568 bytes
Created:  27.04.2011 21:51
Modified: 20.11.2010 13:21
Company:  Microsoft Corporation
----------
CLSID: {EF4D1E1A-1C87-4AA8-8934-E68E4367468D}
File: C:\Windows\SysWOW64\shdocvw.dll
C:\Windows\SysWOW64\shdocvw.dll
180224 bytes
Created:  12.09.2013 17:16
Modified: 26.07.2013 02:55
Company:  Microsoft Corporation
----------
CLSID: {F08C5AC2-E722-4116-ADB7-CE41B527994B}
File: C:\Windows\SysWOW64\bthprops.cpl
C:\Windows\SysWOW64\bthprops.cpl
692736 bytes
Created:  27.04.2011 21:51
Modified: 20.11.2010 13:16
Company:  Microsoft Corporation
----------
CLSID: {F20487CC-FC04-4B1E-863F-D9801796130B}
File: %SystemRoot%\System32\SyncCenter.dll
C:\Windows\SysWoW64\SyncCenter.dll
2146304 bytes
Created:  27.04.2011 21:51
Modified: 20.11.2010 13:21
Company:  Microsoft Corporation
----------
CLSID: {F56F6FDD-AA9D-4618-A949-C1B91AF43B1A}
File: %SystemRoot%\System32\Actioncenter.dll
C:\Windows\SysWoW64\Actioncenter.dll
744448 bytes
Created:  27.04.2011 21:51
Modified: 20.11.2010 13:18
Company:  Microsoft Corporation
----------
CLSID: {ff363bfe-4941-4179-a81c-f3f1ca72d820}
File: %SystemRoot%\System32\hgcpl.dll
C:\Windows\SysWoW64\hgcpl.dll
312832 bytes
Created:  27.04.2011 21:51
Modified: 20.11.2010 13:19
Company:  Microsoft Corporation
----------

************************************************************
14:53:57: Scanning ----- 64-Bit ShellServiceObjects -----
CLSID: {3BF043EF-A974-49B3-8322-B853CF1E5EC5}
File: %SystemRoot%\System32\SndVolSSO.dll
C:\Windows\System32\SndVolSSO.dll
225280 bytes
Created:  27.04.2011 21:51
Modified: 20.11.2010 14:27
Company:  Microsoft Corporation
----------
CLSID: {566296fe-e0e8-475f-ba9c-a31ad31620b1}
File: %systemroot%\system32\dxp.dll
C:\Windows\System32\dxp.dll
459776 bytes
Created:  27.04.2011 21:51
Modified: 20.11.2010 14:26
Company:  Microsoft Corporation
----------
CLSID: {68ddbb56-9d1d-4fd9-89c5-c0da2a625392}
File: %SystemRoot%\system32\stobject.dll
C:\Windows\System32\stobject.dll
257024 bytes
Created:  27.04.2011 21:51
Modified: 20.11.2010 14:27
Company:  Microsoft Corporation
----------
CLSID: {6FDEDD65-AC51-43CA-B2D0-9EB5D1155D03}
File: C:\Windows\ehome\ehSSO.dll
C:\Windows\ehome\ehSSO.dll
26112 bytes
Created:  14.07.2009 01:24
Modified: 14.07.2009 02:40
Company:  Microsoft Corporation
----------
CLSID: {7007ACCF-3202-11D1-AAD2-00805FC1270E}
File: %SystemRoot%\System32\netshell.dll
C:\Windows\System32\netshell.dll
2652160 bytes
Created:  27.04.2011 21:52
Modified: 20.11.2010 14:27
Company:  Microsoft Corporation
----------
CLSID: {900c0763-5cad-4a34-bc1f-40cd513679d5}
File: %SystemRoot%\System32\hcproviders.dll
C:\Windows\System32\hcproviders.dll
31232 bytes
Created:  14.07.2009 00:56
Modified: 14.07.2009 02:40
Company:  Microsoft Corporation
----------
CLSID: {A1607060-5D4C-467a-B711-2B59A6F25957}
File: %SystemRoot%\System32\AltTab.dll
C:\Windows\System32\AltTab.dll
53248 bytes
Created:  14.07.2009 00:55
Modified: 14.07.2009 02:40
Company:  Microsoft Corporation
----------
CLSID: {AAA288BA-9A4C-45B0-95D7-94D524869DB5}
File: %SystemRoot%\system32\wpdshserviceobj.dll
C:\Windows\System32\wpdshserviceobj.dll
115200 bytes
Created:  27.04.2011 21:51
Modified: 20.11.2010 14:27
Company:  Microsoft Corporation
----------
CLSID: {C2796011-81BA-4148-8FCA-C6643245113F}
File: %SystemRoot%\System32\pnidui.dll
C:\Windows\System32\pnidui.dll
1808384 bytes
Created:  27.04.2011 21:51
Modified: 20.11.2010 14:27
Company:  Microsoft Corporation
----------
CLSID: {DA67B8AD-E81B-4c70-9B91-B417B5E33527}
File: %SystemRoot%\System32\srchadmin.dll
C:\Windows\System32\srchadmin.dll
340992 bytes
Created:  27.04.2011 21:51
Modified: 20.11.2010 14:27
Company:  Microsoft Corporation
----------
CLSID: {EF4D1E1A-1C87-4AA8-8934-E68E4367468D}
File: C:\Windows\system32\shdocvw.dll
C:\Windows\System32\shdocvw.dll
197120 bytes
Created:  12.09.2013 17:16
Modified: 26.07.2013 03:24
Company:  Microsoft Corporation
----------
CLSID: {F08C5AC2-E722-4116-ADB7-CE41B527994B}
File: C:\Windows\System32\bthprops.cpl
C:\Windows\System32\bthprops.cpl
721408 bytes
Created:  27.04.2011 21:51
Modified: 20.11.2010 14:24
Company:  Microsoft Corporation
----------
CLSID: {F20487CC-FC04-4B1E-863F-D9801796130B}
File: %SystemRoot%\System32\SyncCenter.dll
C:\Windows\System32\SyncCenter.dll
2262528 bytes
Created:  27.04.2011 21:51
Modified: 20.11.2010 14:27
Company:  Microsoft Corporation
----------
CLSID: {F56F6FDD-AA9D-4618-A949-C1B91AF43B1A}
File: %SystemRoot%\System32\Actioncenter.dll
C:\Windows\System32\Actioncenter.dll
780800 bytes
Created:  27.04.2011 21:51
Modified: 20.11.2010 14:25
Company:  Microsoft Corporation
----------
CLSID: {ff363bfe-4941-4179-a81c-f3f1ca72d820}
File: %SystemRoot%\System32\hgcpl.dll
C:\Windows\System32\hgcpl.dll
332288 bytes
Created:  27.04.2011 21:51
Modified: 20.11.2010 14:26
Company:  Microsoft Corporation
----------

************************************************************
14:54:00: Scanning ----- SHAREDTASKSCHEDULER ENTRIES -----
No SharedTaskScheduler entries found to scan

************************************************************
14:54:00: Scanning ----- IMAGEFILE DEBUGGERS -----
No "Debugger" entries found.

************************************************************
14:54:00: Scanning ----- APPINIT_DLLS -----
The AppInit_DLLs value is blank or does not exist

************************************************************
14:54:00: Scanning ----- SECURITY PROVIDER DLLS -----

************************************************************
14:54:00: Scanning ------ COMMON STARTUP GROUP ------
[C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup]
The Common Startup Group attempts to load the following file(s) at boot time:
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-HS- 174 bytes
Created:  14.07.2009 05:54
Modified: 14.07.2009 05:54
Company:  [no info]
--------------------

************************************************************
14:54:00: Scanning ----- USER STARTUP GROUPS -----
Checking Startup Group for: sauterch
[C:\Users\sauterch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup]
C:\Users\sauterch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-HS- 174 bytes
Created:  30.12.2010 21:36
Modified: 15.09.2013 20:53
Company:  [no info]
----------
--------------------

************************************************************
14:54:00: Scanning ----- SCHEDULED TASKS -----
Taskname:      {00713CB9-7ED8-4245-BF9E-CC03CC38DF87}
File:          d:\mozilla firefox\firefox.exe
d:\mozilla firefox\firefox.exe
275568 bytes
Created:  30.12.2013 16:33
Modified: 30.12.2013 16:33
Company:  Mozilla Corporation
Parameters:    hxxp://ui.skype.com/ui/0/5.1.0.112/en/abandoninstall?page=tsMain&installinfo=google-toolbar:notoffered;ienotdefaultbrowser2,google-chrome:notoffered;alreadyoffered
Schedule:      At task creation/modification
Next Run Time:
Status:        Ready
Creator:      SkypeSetup
Comments:     
----------
Taskname:      {055FCA50-8DE4-4486-B42F-147BF36C5FC7}
File:          d:\mozilla firefox\firefox.exe
d:\mozilla firefox\firefox.exe
275568 bytes
Created:  30.12.2013 16:33
Modified: 30.12.2013 16:33
Company:  Mozilla Corporation
Parameters:    hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Schedule:      At task creation/modification
Next Run Time:
Status:        Ready
Creator:      SkypeSetup
Comments:     
----------
Taskname:      {400197BC-65DC-41D5-945A-2EF9298838F1}
File:          d:\mozilla firefox\firefox.exe
d:\mozilla firefox\firefox.exe
275568 bytes
Created:  30.12.2013 16:33
Modified: 30.12.2013 16:33
Company:  Mozilla Corporation
Parameters:    hxxp://ui.skype.com/ui/0/5.10.0.115/de/go/help.faq.installer?LastError=1603
Schedule:      At task creation/modification
Next Run Time:
Status:        Ready
Creator:      SkypeSetup
Comments:     
----------
Taskname:      {5C00BB8D-3F7F-4CA2-8BC1-AD073F5AD5FD}
File:          C:\Program Files (x86)\Skype\Phone\Skype.exe
Schedule:      At task creation/modification
Next Run Time:
Status:        Ready
Creator:      SkypeSetup
Comments:     
C:\Program Files (x86)\Skype\Phone\Skype.exe - [file not found to scan]
----------
Taskname:      {5DB2831F-AD6A-4A83-9274-E33CF6B93952}
File:          d:\mozilla firefox\firefox.exe
d:\mozilla firefox\firefox.exe
275568 bytes
Created:  30.12.2013 16:33
Modified: 30.12.2013 16:33
Company:  Mozilla Corporation
Parameters:    hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?source=lightinstaller&LastError=1603
Schedule:      At task creation/modification
Next Run Time:
Status:        Ready
Creator:      SkypeSetupLight
Comments:     
----------
Taskname:      {8356B895-1E2D-4985-90C0-600205F330C9}
File:          C:\Program Files (x86)\Common Files\Roxio Shared\10.0\Roxio Central36\Main\Roxio_Central36.exe
C:\Program Files (x86)\Common Files\Roxio Shared\10.0\Roxio Central36\Main\Roxio_Central36.exe
2677232 bytes
Created:  22.06.2009 11:36
Modified: 22.06.2009 11:36
Company: 
Schedule:      At task creation/modification
Next Run Time:
Status:        Ready
Creator:     
Comments:     
----------
Taskname:      {DD5500C3-E770-42ED-99DC-084BABEC91FA}
File:          d:\mozilla firefox\firefox.exe
d:\mozilla firefox\firefox.exe
275568 bytes
Created:  30.12.2013 16:33
Modified: 30.12.2013 16:33
Company:  Mozilla Corporation
Parameters:    hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Schedule:      At task creation/modification
Next Run Time:
Status:        Ready
Creator:      SkypeSetup
Comments:     
----------
Taskname:      {E41299EE-6113-4D8D-BDEC-716F782CDE0E}
File:          d:\mozilla firefox\firefox.exe
d:\mozilla firefox\firefox.exe
275568 bytes
Created:  30.12.2013 16:33
Modified: 30.12.2013 16:33
Company:  Mozilla Corporation
Parameters:    hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Schedule:      At task creation/modification
Next Run Time:
Status:        Ready
Creator:      SkypeSetup
Comments:     
----------
Taskname:      Adobe Flash Player Updater
File:          C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
257928 bytes
Created:  07.03.2013 16:27
Modified: 18.01.2014 16:22
Company:  Adobe Systems Incorporated
Schedule:      At 01:25:00 every day
Next Run Time: 02.02.2014 15:25:00
Status:        Ready
Creator:      Adobe Systems Incorporated
Comments:      Mit diesem Task ist Ihre Flash Player-Installation immer aktuell und verwendet die neuesten Verbesserungen und Sicherheits-Fixes. Wenn dieser Task deaktiviert oder entfernt wird, kann Adobe Flash Player Ihren Computer nicht automatisch mit den neuesten Sicherheits-Fixes sichern.
----------
Taskname:      CCleanerSkipUAC
File:          D:\CCleaner\CCleaner.exe
D:\CCleaner\CCleaner.exe
4324120 bytes
Created:  22.11.2013 14:42
Modified: 22.11.2013 14:42
Company:  Piriform Ltd
Parameters:    $(Arg0)
Schedule:      Task not scheduled
Next Run Time:
Status:        Ready
Creator:      Piriform Ltd
Comments:     
----------
Taskname:      Divx-Online-Aktualisierungsprogramm
File:          C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
Parameters:    /CHECKNOW
Schedule:      At 10:00:00 every Montag of every week, starting 01.01.2009
Next Run Time: 03.02.2014 10:00:00
Status:        Ready
Creator:      TuneUp
Comments:      tuident:2123EDB4
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe - [file not found to scan]
----------
Taskname:      DriverScanner
File:          D:\DriverScanner\DriverScanner\dsmonitor.exe
D:\DriverScanner\DriverScanner\dsmonitor.exe
25464 bytes
Created:  17.11.2011 22:11
Modified: 05.09.2011 16:20
Company:  Uniblue Systems Limited
Schedule:      At logon
Next Run Time:
Status:        Ready
Creator:      sauterch
Comments:     
----------
Taskname:      Java Update Scheduler
File:          C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
254336 bytes
Created:  02.07.2013 08:16
Modified: 02.07.2013 08:16
Company:  Oracle Corporation
Schedule:      At 10:00:00 every Montag of every week, starting 01.01.2009
Next Run Time: 03.02.2014 10:00:00
Status:        Ready
Creator:      TuneUp
Comments:      tuident:78C4302E
----------
Taskname:      SidebarExecute
File:          C:\Program Files (x86)\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Windows Sidebar\sidebar.exe
1174016 bytes
Created:  27.04.2011 21:52
Modified: 20.11.2010 13:17
Company:  Microsoft Corporation
Schedule:      At task creation/modification
Next Run Time:
Status:        Ready
Creator:     
Comments:     
----------
Taskname:      TuneUpUtilities_Task_BkGndMaintenance2011
File:          D:\TuneUp Utilities 2011\OneClick.exe
D:\TuneUp Utilities 2011\OneClick.exe
603968 bytes
Created:  13.12.2011 09:37
Modified: 13.12.2011 09:37
Company:  TuneUp Software
Parameters:    $(Arg0)
Schedule:      Task not scheduled
Next Run Time:
Status:        Ready
Creator:     
Comments:     
----------
Taskname:      User_Feed_Synchronization-{E65FAF42-D005-4209-8259-34AE0371B7A1}
File:          C:\Windows\Sysnative\msfeedssync.exe
C:\Windows\System32\msfeedssync.exe
13312 bytes
Created:  31.12.2013 09:43
Modified: 31.12.2013 09:43
Company:  Microsoft Corporation
Parameters:    sync
Schedule:      At 16:54:22 every day
Next Run Time: 02.02.2014 17:54:22
Status:        Ready
Creator:      sauterch-PC\sauterch
Comments:      Aktualisiert veraltete Systemfeeds.
----------

************************************************************

sauterch 30.07.2014 20:11
Trojan Remover Logfiles

Code:
************************************************************
14:54:03: Scanning ----- SHELLICONOVERLAYIDENTIFIERS -----
Key:  SharingPrivate
CLSID: {08244EE6-92F0-47f2-9FC9-929BAA2E7235}
File:  %SystemRoot%\system32\ntshrui.dll
C:\Windows\SysWoW64\ntshrui.dll
442880 bytes
Created:  18.02.2012 10:28
Modified: 04.01.2012 09:58
Company:  Microsoft Corporation
----------

************************************************************
14:54:03: Scanning ----- DEVICE DRIVER ENTRIES -----
Value: vidc.i420
File:  lvcodec2.dll
C:\Windows\SysWoW64\lvcodec2.dll
416280 bytes
Created:  26.07.2008 15:23
Modified: 26.07.2008 15:23
Company:  Logitech Inc.
----------
Value: msacm.l3acm
File:  C:\Windows\SysWOW64\l3codeca.acm
C:\Windows\SysWOW64\l3codeca.acm
64000 bytes
Created:  14.07.2009 01:07
Modified: 14.07.2009 02:14
Company:  Fraunhofer Institut Integrierte Schaltungen IIS
----------

************************************************************
14:54:03: ----- ADDITIONAL CHECKS -----
Heuristic checks for hidden files/drivers completed
----------
Layered Service Provider entries checks completed
----------
Windows Explorer Policies checks completed
----------
Desktop Wallpaper: C:\Users\sauterch\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
C:\Users\sauterch\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
144595 bytes
Created:  30.12.2010 21:36
Modified: 30.08.2013 20:04
Company:  [no info]
----------
Web Desktop Wallpaper entry is blank
----------
Checks for rogue DNS NameServers completed
----------
Checks for Backdoor.ZeroAccess completed
----------
Safe Mode checks completed
----------
Additional checks completed

************************************************************
14:54:04: Scanning ----- RUNNING PROCESSES -----

C:\Windows\System32\smss.exe
112640 bytes
Created:  12.09.2013 17:17
Modified: 02.08.2013 01:59
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\csrss.exe
7680 bytes
Created:  14.07.2009 00:19
Modified: 14.07.2009 02:39
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\wininit.exe
129024 bytes
Created:  14.07.2009 00:52
Modified: 14.07.2009 02:39
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\services.exe
328704 bytes
Created:  14.07.2009 00:19
Modified: 14.07.2009 02:39
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\lsass.exe
30720 bytes
Created:  14.11.2013 22:15
Modified: 25.09.2013 02:03
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\lsm.exe
343040 bytes
Created:  27.04.2011 21:52
Modified: 20.11.2010 14:24
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\winlogon.exe
390656 bytes
Created:  27.04.2011 21:52
Modified: 20.11.2010 14:25
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\svchost.exe
27136 bytes
Created:  14.07.2009 00:31
Modified: 14.07.2009 02:39
Company:  Microsoft Corporation
--------------------
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
1137440 bytes
Created:  09.09.2013 21:29
Modified: 09.08.2013 21:07
Company:  NVIDIA Corporation
--------------------
C:\Windows\System32\spoolsv.exe
559104 bytes
Created:  16.08.2012 19:51
Modified: 11.02.2012 07:36
Company:  Microsoft Corporation
--------------------
C:\Program Files\Bonjour\mDNSResponder.exe
462184 bytes
Created:  30.08.2011 22:05
Modified: 30.08.2011 22:05
Company:  Apple Inc.
--------------------
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
223488 bytes
Created:  17.07.2012 14:14
Modified: 17.07.2012 14:14
Company:  Microsoft Corp.
--------------------
C:\Windows\System32\WUDFHost.exe
229888 bytes
Created:  17.11.2012 00:28
Modified: 26.07.2012 04:08
Company:  Microsoft Corporation
--------------------
C:\Program Files (x86)\Common Files\G Data\AVKProxy\AvkBap64.exe
283640 bytes
Created:  28.07.2011 02:59
Modified: 27.01.2012 04:49
Company:  G Data Software AG
--------------------
C:\Windows\System32\SearchIndexer.exe
591872 bytes
Created:  30.06.2011 16:55
Modified: 04.05.2011 06:19
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\taskhost.exe
68608 bytes
Created:  09.01.2013 19:53
Modified: 23.11.2012 04:13
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\conhost.exe
338432 bytes
Created:  12.09.2013 17:16
Modified: 02.08.2013 02:09
Company:  Microsoft Corporation
--------------------
D:\TuneUp Utilities 2011\TuneUpUtilitiesApp64.exe
786240 bytes
Created:  13.12.2011 09:34
Modified: 13.12.2011 09:34
Company:  TuneUp Software
--------------------
C:\Windows\System32\dwm.exe
120320 bytes
Created:  14.07.2009 00:37
Modified: 14.07.2009 02:39
Company:  Microsoft Corporation
--------------------
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
1028896 bytes
Created:  09.09.2013 21:30
Modified: 27.08.2013 22:16
Company:  NVIDIA Corporation
--------------------
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
231704 bytes
Created:  27.09.2011 20:05
Modified: 27.09.2011 20:05
Company:  Logitech, Inc.
--------------------
D:\Kies\Kies\Kies.exe
1564528 bytes
Created:  29.11.2011 20:58
Modified: 06.11.2013 02:55
Company:  Samsung
--------------------
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
59720 bytes
Created:  20.11.2013 15:43
Modified: 20.11.2013 15:43
Company:  Apple Inc.
--------------------
C:\Users\sauterch\AppData\Local\Apps\2.0\N7JC67JJ.28D\EXZ09BGP.07J\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\fritzbox-usb-fernanschluss.exe
333152 bytes
Created:  30.12.2013 19:34
Modified: 30.12.2013 19:34
Company:  AVM Berlin
--------------------
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
2450208 bytes
Created:  09.09.2013 21:29
Modified: 09.08.2013 21:07
Company:  NVIDIA Corporation
--------------------
D:\Mozilla Firefox\plugin-container.exe
18544 bytes
Created:  30.12.2013 16:33
Modified: 30.12.2013 16:33
Company:  Mozilla Corporation
--------------------
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe
1863048 bytes
Created:  18.01.2014 16:22
Modified: 18.01.2014 16:22
Company:  Adobe Systems, Inc.
--------------------
C:\Windows\System32\msiexec.exe
128000 bytes
Created:  27.04.2011 21:51
Modified: 20.11.2010 14:24
Company:  Microsoft Corporation
--------------------
D:\Garmin\Express\Express.exe
2549080 bytes
Created:  30.12.2013 09:05
Modified: 30.12.2013 09:05
Company:  Garmin
--------------------
C:\Windows\servicing\TrustedInstaller.exe
194048 bytes
Created:  27.04.2011 21:51
Modified: 20.11.2010 14:25
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\SearchProtocolHost.exe
249856 bytes
Created:  30.06.2011 16:55
Modified: 04.05.2011 06:19
Company:  Microsoft Corporation
--------------------
D:\Trojan Remover\Rmvtrjan.exe
FileSize:          5512440
[This is a Trojan Remover component]
--------------------
--------------------
C:\Windows\System32\wbem\WmiPrvSE.exe
372736 bytes
Created:  27.04.2011 21:52
Modified: 20.11.2010 14:25
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\SearchFilterHost.exe
113664 bytes
Created:  30.06.2011 16:55
Modified: 04.05.2011 06:19
Company:  Microsoft Corporation
--------------------

************************************************************
14:54:08: Checking HOSTS file
No malicious entries were found in the HOSTS file

************************************************************
------ INTERNET EXPLORER HOME/START/SEARCH SETTINGS ------
HKLM\Software\Microsoft\Internet Explorer\Main\"Start Page":
hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Microsoft\Internet Explorer\Main\"Local Page":
C:\Windows\SysWOW64\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main\"Search Page":
hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Microsoft\Internet Explorer\Main\"Default_Page_URL":
hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Microsoft\Internet Explorer\Main\"Default_Search_URL":
hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKCU\Software\Microsoft\Internet Explorer\Main\"Start Page":
hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main\"Local Page":
C:\Windows\system32\blank.htm
HKCU\Software\Microsoft\Internet Explorer\Main\"Search Page":
hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=DE&userid=8ff9e2c0-c955-4d2e-a461-0606362ab29b&affid=113129&searchtype=ds&babsrc=lnkry&q={searchTerms}

************************************************************
=== NO CHANGES HAVE BEEN MADE TO YOUR SYSTEM FILES ===
Scan completed at: 14:54:08 02 Feb 2014
Total Scan time: 00:00:34
************************************************************


***** NORMAL SCAN FOR ACTIVE MALWARE *****
Trojan Remover Ver 6.8.8.2622. For information, email support@simplysup.com
[Registered to: sauterch@yahoo.de]
Scan started at: 12:13:56 08 Sep 2013
Using Database v8207
Operating System:  Windows 7 x64 Home Premium (SP1) [Build: 6.1.7601] [in Compatibility Mode]
True Operating System: Windows 8 x64
File System:      NTFS
User Account Control is Enabled
[Secure Desktop Prompt is DISABLED]
UserData directory: C:\Users\sauterch\AppData\Roaming\Simply Super Software\Trojan Remover\
Database directory: C:\ProgramData\Simply Super Software\Trojan Remover\Data\
Logfile directory:  C:\Users\sauterch\Documents\Simply Super Software\Trojan Remover Logfiles\
Program directory:  D:\Trojan Remover\
Running with Administrator privileges

************************************************************
12:13:57: ----- Checking Default File Associations -----
No modified default file associations detected

************************************************************
12:13:57: ----- SCANNING FOR ROOTKIT SERVICES -----
No hidden Services were detected.

************************************************************
12:13:57: Scanning ----- Windows Registry -----
--------------------
Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
This key's "Shell" value calls the following program(s):
Key value: [explorer.exe]
File: C:\Windows\Explorer.exe
C:\Windows\Explorer.exe
2871808 bytes
Created:  27.04.2011 18:56
Modified: 25.02.2011 08:19
Company:  Microsoft Corporation
----------
This key's "Userinit" value calls the following program(s):
Key value: [C:\Windows\system32\userinit.exe,]
File: C:\Windows\system32\userinit.exe
C:\Windows\System32\userinit.exe
30720 bytes
Created:  27.04.2011 22:51
Modified: 20.11.2010 15:25
Company:  Microsoft Corporation
----------
--------------------
Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value Name: [G Data AntiVirus Tray Application]
Value Data: [D:\GData\AVKTray\AVKTray.exe]
D:\GData\AVKTray\AVKTray.exe
1035216 bytes
Created:  22.02.2013 23:08
Modified: 09.01.2013 14:01
Company:  G Data Software AG
--------------------
Value Name: [GDFirewallTray]
Value Data: [D:\GData\Firewall\GDFirewallTray.exe]
D:\GData\Firewall\GDFirewallTray.exe
1475096 bytes
Created:  08.01.2013 13:21
Modified: 29.11.2012 06:20
Company:  G Data Software AG
--------------------
Value Name: [TrojanScanner]
Value Data: [D:\Trojan Remover\Trjscan.exe /boot]
D:\Trojan Remover\Trjscan.exe
1655568 bytes
Created:  25.08.2013 20:52
Modified: 19.07.2013 17:42
Company:  Simply Super Software
--------------------
Value Name: [SunJavaUpdateSched]
Value Data: ["C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
253816 bytes
Created:  12.03.2013 07:32
Modified: 12.03.2013 07:32
Company:  Oracle Corporation
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
This Registry key appears to be empty
--------------------
Checking HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Value Name: [Sidebar]
Value Data: [C:\Program Files\Windows Sidebar\sidebar.exe /autoRun]
C:\Program Files\Windows Sidebar\sidebar.exe
1475584 bytes
Created:  27.04.2011 22:52
Modified: 20.11.2010 15:25
Company:  Microsoft Corporation
--------------------
Value Name: [ctfmon.exe]
Value Data: ["C:\Windows\system32\ctfmon.exe"]
C:\Windows\System32\ctfmon.exe
9728 bytes
Created:  14.07.2009 01:39
Modified: 14.07.2009 03:39
Company:  Microsoft Corporation
--------------------
Value Name: [AVMUSBFernanschluss]
Value Data: ["C:\Users\sauterch\AppData\Local\Apps\2.0\N7JC67JJ.28D\EXZ09BGP.07J\frit..tion_1acae14e4778b8d2_0002.0003_7c9366a34786c7f9\AVMAutoStart.exe"]
C:\Users\sauterch\AppData\Local\Apps\2.0\N7JC67JJ.28D\EXZ09BGP.07J\frit..tion_1acae14e4778b8d2_0002.0003_7c9366a34786c7f9\AVMAutoStart.exe
139264 bytes
Created:  20.08.2013 18:15
Modified: 20.08.2013 18:15
Company:  AVM Berlin
--------------------
Checking HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
Value Name: [Uninstall C:\Users\sauterch\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64]
Value Data: [C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\sauterch\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64"]
C:\Windows\System32\cmd.exe
345088 bytes
Created:  27.04.2011 22:52
Modified: 20.11.2010 15:24
Company:  Microsoft Corporation

************************************************************
12:13:59: Scanning ----- Windows 64-Bit Registry -----
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value Name: [Acronis Scheduler2 Service]
Value Data: ["C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"]
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
391240 bytes
Created:  06.12.2010 07:55
Modified: 06.12.2010 07:55
Company:  Acronis
--------------------
Value Name: [EvtMgr6]
Value Data: [D:\Logitech\SetPointP\SetPoint.exe /launchGaming]
D:\Logitech\SetPointP\SetPoint.exe
1744152 bytes
Created:  07.10.2011 11:38
Modified: 07.10.2011 11:38
Company:  Logitech, Inc.
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
This Registry key appears to be empty

************************************************************
12:13:59: Scanning -----SHELLEXECUTEHOOKS-----
ShellExecuteHooks key is empty

************************************************************
12:13:59: Scanning -----HIDDEN REGISTRY ENTRIES-----
Taskdir check completed
----------
No Hidden File-loading Registry Entries found
----------

************************************************************
12:13:59: Scanning -----ACTIVE SCREENSAVER-----
No active ScreenSaver found to scan.

************************************************************
12:13:59: Scanning ----- REGISTRY ACTIVE SETUP KEYS -----
Key:  {2D46B6DC-2207-486B-B523-A557E6D54B47}
Path: C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
C:\Windows\System32\cmd.exe
345088 bytes
Created:  27.04.2011 22:52
Modified: 20.11.2010 15:24
Company:  Microsoft Corporation
----------
Key:  {44BBA840-CC51-11CF-AAFA-00AA00B6015C}
Path: "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
C:\Program Files (x86)\Windows Mail\WinMail.exe

************************************************************
12:13:59: Scanning ----- SERVICEDLL REGISTRY KEYS -----
Key:  UxTuneUp
Path: %SystemRoot%\System32\uxtuneup.dll
C:\Windows\System32\uxtuneup.dll
36160 bytes
Created:  15.01.2011 17:11
Modified: 13.12.2011 10:29
Company:  TuneUp Software
--------------------
Key:  wuauserv
Path: C:\Windows\system32\wuaueng.dll
C:\Windows\System32\wuaueng.dll
2428952 bytes
Created:  22.06.2012 18:39
Modified: 03.06.2012 00:19
Company:  Microsoft Corporation
--------------------

************************************************************
12:14:00: Scanning ----- SERVICES REGISTRY KEYS -----
Key:      AAV UpdateService
ImagePath: D:\Steuer-Spar-Erklaerung\AAVUpdateManager\aavus.exe
D:\Steuer-Spar-Erklaerung\AAVUpdateManager\aavus.exe
128296 bytes
Created:  24.10.2008 16:35
Modified: 24.10.2008 16:35
Company: 
----------
Key:      AcrSch2Svc
ImagePath: "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe"
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
1112744 bytes
Created:  06.12.2010 07:55
Modified: 06.12.2010 07:55
Company:  Acronis
----------
Key:      afcdp
ImagePath: system32\DRIVERS\afcdp.sys
C:\Windows\System32\DRIVERS\afcdp.sys
285280 bytes
Created:  06.03.2012 11:59
Modified: 06.03.2012 11:59
Company:  Acronis
----------
Key:      afcdpsrv
ImagePath: C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
3246040 bytes
Created:  06.03.2012 11:59
Modified: 06.03.2012 11:59
Company:  Acronis
----------
Key:      amdsata
ImagePath: \SystemRoot\system32\drivers\amdsata.sys
C:\Windows\System32\drivers\amdsata.sys
107904 bytes
Created:  27.04.2011 18:56
Modified: 11.03.2011 08:41
Company:  Advanced Micro Devices
----------
Key:      Apple Mobile Device
ImagePath: "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
57008 bytes
Created:  21.12.2012 17:27
Modified: 21.12.2012 17:27
Company:  Apple Inc.
----------
Key:      atapi
ImagePath: system32\drivers\atapi.sys
C:\Windows\System32\drivers\atapi.sys
24128 bytes
Created:  14.07.2009 01:19
Modified: 14.07.2009 03:52
Company:  Microsoft Corporation
----------
Key:      AVKProxy
ImagePath: "C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe"
C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
1548312 bytes
Created:  08.01.2013 13:21
Modified: 29.11.2012 05:49
Company:  G Data Software AG
----------
Key:      AVKService
ImagePath: "D:\GData\AVK\AVKService.exe"
D:\GData\AVK\AVKService.exe
469016 bytes
Created:  08.01.2013 13:21
Modified: 29.11.2012 05:47
Company:  G Data Software AG
----------
Key:      AVKWCtl
ImagePath: "D:\GData\AVK\AVKWCtlX64.exe"
D:\GData\AVK\AVKWCtlX64.exe
2012592 bytes
Created:  08.01.2013 13:21
Modified: 29.11.2012 06:08
Company:  G Data Software AG
----------
Key:      avmaudio
ImagePath: system32\DRIVERS\avmaudio.sys
C:\Windows\System32\DRIVERS\avmaudio.sys
116096 bytes
Created:  08.01.2011 21:23
Modified: 08.01.2011 21:23
Company:  AVM Berlin
----------
Key:      avmaura
ImagePath: system32\DRIVERS\avmaura.sys
C:\Windows\System32\DRIVERS\avmaura.sys
116480 bytes
Created:  22.12.2012 11:27
Modified: 22.12.2012 11:26
Company:  AVM Berlin
----------
Key:      b06bdrv
ImagePath: \SystemRoot\system32\DRIVERS\bxvbda.sys
C:\Windows\System32\DRIVERS\bxvbda.sys
468480 bytes
Created:  10.06.2009 22:34
Modified: 10.06.2009 22:34
Company:  Broadcom Corporation
----------
Key:      b57nd60a
ImagePath: system32\DRIVERS\b57nd60a.sys
C:\Windows\System32\DRIVERS\b57nd60a.sys
270848 bytes
Created:  10.06.2009 22:34
Modified: 10.06.2009 22:34
Company:  Broadcom Corporation
----------
Key:      CLKMSVC10_C19A2874
ImagePath: "D:\Cyberlink PowerDVD\PowerDVD9\NavFilter\kmsvc.exe" /svc
D:\Cyberlink PowerDVD\PowerDVD9\NavFilter\kmsvc.exe
232944 bytes
Created:  26.04.2010 19:10
Modified: 26.04.2010 19:10
Company:  CyberLink
----------
Key:      clr_optimization_v2.0.50727_64
ImagePath: %systemroot%\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
89920 bytes
Created:  13.07.2009 22:37
Modified: 10.06.2009 22:39
Company:  Microsoft Corporation
----------
Key:      clr_optimization_v4.0.30319_32
ImagePath: C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
130384 bytes
Created:  18.03.2010 14:16
Modified: 18.03.2010 14:16
Company:  Microsoft Corporation
----------
Key:      clr_optimization_v4.0.30319_64
ImagePath: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
138576 bytes
Created:  18.03.2010 15:27
Modified: 18.03.2010 15:27
Company:  Microsoft Corporation
----------
Key:      CompositeBus
ImagePath: \SystemRoot\system32\drivers\CompositeBus.sys
C:\Windows\System32\drivers\CompositeBus.sys
38912 bytes
Created:  27.04.2011 22:51
Modified: 20.11.2010 12:33
Company:  Microsoft Corporation
----------
Key:      cvhsvc
ImagePath: "C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
822624 bytes
Created:  04.01.2012 15:22
Modified: 04.01.2012 15:22
Company:  Microsoft Corporation
----------
Key:      dg_ssudbus
ImagePath: system32\DRIVERS\ssudbus.sys
C:\Windows\System32\DRIVERS\ssudbus.sys
103448 bytes
Created:  08.08.2013 23:04
Modified: 21.06.2013 02:07
Company:  DEVGURU Co., LTD.(www.devguru.co.kr)
----------
Key:      ebdrv
ImagePath: \SystemRoot\system32\DRIVERS\evbda.sys
C:\Windows\System32\DRIVERS\evbda.sys
3286016 bytes
Created:  10.06.2009 22:34
Modified: 10.06.2009 22:34
Company:  Broadcom Corporation
----------
Key:      FLEXnet Licensing Service
ImagePath: "C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe"
C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
1045256 bytes
Created:  06.01.2011 13:00
Modified: 06.01.2011 13:00
Company:  Acresso Software Inc.
----------
Key:      FontCache3.0.0.0
ImagePath: %systemroot%\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
42856 bytes
Created:  27.04.2011 22:51
Modified: 05.11.2010 03:53
Company:  Microsoft Corporation
----------
Key:      FsUsbExDisk
ImagePath: \??\C:\Windows\SysWOW64\FsUsbExDisk.SYS
C:\Windows\SysWOW64\FsUsbExDisk.SYS
37344 bytes
Created:  22.02.2013 23:17
Modified: 05.02.2013 10:54
Company:  [no info]
----------
Key:      Garmin Core Update Service
ImagePath: "D:\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe"
D:\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
220504 bytes
Created:  22.08.2013 14:00
Modified: 22.08.2013 14:00
Company:  Garmin Ltd or its subsidiaries
----------
Key:      GDBehave
ImagePath: system32\drivers\GDBehave.sys
C:\Windows\System32\drivers\GDBehave.sys
54176 bytes
Created:  31.12.2010 12:25
Modified: 08.01.2013 13:21
Company:  G Data Software AG
----------
Key:      GDFwSvc
ImagePath: "D:\GData\Firewall\GDFwSvcx64.exe"
D:\GData\Firewall\GDFwSvcx64.exe
2377736 bytes
Created:  08.01.2013 13:21
Modified: 29.11.2012 06:14
Company:  G Data Software AG
----------
Key:      GDMnIcpt
ImagePath: \??\C:\Windows\system32\drivers\MiniIcpt.sys
C:\Windows\System32\drivers\MiniIcpt.sys
126880 bytes
Created:  31.12.2010 12:24
Modified: 08.01.2013 13:21
Company:  G Data Software AG
----------
Key:      GdNetMon
ImagePath: \??\C:\Windows\system32\drivers\GdNetMon64.sys
C:\Windows\System32\drivers\GdNetMon64.sys
31608 bytes
Created:  31.10.2011 23:38
Modified: 31.10.2011 23:38
Company:  G Data Software AG
----------
Key:      GDPkIcpt
ImagePath: \??\C:\Windows\system32\drivers\PktIcpt.sys
C:\Windows\System32\drivers\PktIcpt.sys
62368 bytes
Created:  31.12.2010 12:25
Modified: 08.01.2013 13:23
Company:  G Data Software AG
----------
Key:      GDScan
ImagePath: "C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe"
C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
470008 bytes
Created:  17.08.2012 16:29
Modified: 29.03.2012 04:42
Company:  G Data Software AG
----------
Key:      gdwfpcd
ImagePath: system32\drivers\gdwfpcd64.sys
C:\Windows\System32\drivers\gdwfpcd64.sys
65008 bytes
Created:  31.12.2010 12:24
Modified: 22.02.2013 23:08
Company:  G Data Software AG
----------
Key:      GRD
ImagePath: \??\C:\Windows\system32\drivers\GRD.sys
C:\Windows\System32\drivers\GRD.sys
106648 bytes
Created:  31.12.2010 13:21
Modified: 01.09.2012 13:15
Company:  G Data Software
----------
Key:      gusvc
ImagePath: "C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe"
C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
136120 bytes
Created:  04.01.2011 22:06
Modified: 11.06.2010 02:40
Company:  Google
----------
Key:      HECIx64
ImagePath: system32\DRIVERS\HECIx64.sys
C:\Windows\System32\DRIVERS\HECIx64.sys
56344 bytes
Created:  31.12.2010 12:37
Modified: 17.09.2009 13:54
Company:  Intel Corporation
----------
Key:      HookCentre
ImagePath: \??\C:\Windows\system32\drivers\HookCentre.sys
C:\Windows\System32\drivers\HookCentre.sys
64416 bytes
Created:  31.10.2011 23:38
Modified: 22.02.2013 23:08
Company:  G Data Software AG
----------
Key:      iaStorV
ImagePath: \SystemRoot\system32\drivers\iaStorV.sys
C:\Windows\System32\drivers\iaStorV.sys
410496 bytes
Created:  27.04.2011 18:56
Modified: 11.03.2011 08:41
Company:  Intel Corporation
----------
Key:      idsvc
ImagePath: "%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe"
C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
856400 bytes
Created:  27.04.2011 22:51
Modified: 05.11.2010 03:52
Company:  Microsoft Corporation
----------
Key:      IGDCTRL
ImagePath: "C:\Program Files\FRITZ!DSL\IGDCTRL.EXE"
C:\Program Files\FRITZ!DSL\IGDCTRL.EXE
88888 bytes
Created:  28.07.2009 17:10
Modified: 28.07.2009 17:10
Company:  AVM Berlin
----------
Key:      IntcAzAudAddService
ImagePath: system32\drivers\RTKVHD64.sys
C:\Windows\System32\drivers\RTKVHD64.sys
2009376 bytes
Created:  27.08.2013 20:41
Modified: 06.10.2009 19:51
Company:  Realtek Semiconductor Corp.
----------
Key:      k57nd60a
ImagePath: system32\DRIVERS\k57nd60a.sys
C:\Windows\System32\DRIVERS\k57nd60a.sys
321064 bytes
Created:  16.10.2009 03:32
Modified: 16.10.2009 03:32
Company:  Broadcom Corporation
----------
Key:      ksthunk
ImagePath: \SystemRoot\system32\drivers\ksthunk.sys
C:\Windows\System32\drivers\ksthunk.sys
20992 bytes
Created:  14.07.2009 02:00
Modified: 14.07.2009 02:00
Company:  Microsoft Corporation
----------
Key:      LBTServ
ImagePath: C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
359192 bytes
Created:  27.09.2011 21:04
Modified: 27.09.2011 21:04
Company:  Logitech, Inc.
----------
Key:      LMS
ImagePath: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
268824 bytes
Created:  31.12.2010 12:38
Modified: 30.09.2009 20:02
Company:  Intel Corporation
----------
Key:      LUsbFilt
ImagePath: System32\Drivers\LUsbFilt.Sys
C:\Windows\System32\Drivers\LUsbFilt.Sys
42776 bytes
Created:  02.09.2011 08:30
Modified: 02.09.2011 08:30
Company:  Logitech, Inc.
----------
Key:      lvpepf64
ImagePath: system32\DRIVERS\lv302a64.sys
C:\Windows\System32\DRIVERS\lv302a64.sys
15768 bytes
Created:  26.07.2008 16:22
Modified: 26.07.2008 16:22
Company:  Logitech Inc.
----------
Key:      LVRS64
ImagePath: system32\DRIVERS\lvrs64.sys
C:\Windows\System32\DRIVERS\lvrs64.sys
790424 bytes
Created:  26.07.2008 16:25
Modified: 26.07.2008 16:25
Company:  Logitech Inc.
----------
Key:      LVUSBS64
ImagePath: system32\drivers\LVUSBS64.sys
C:\Windows\System32\drivers\LVUSBS64.sys
50072 bytes
Created:  26.07.2008 16:26
Modified: 26.07.2008 16:26
Company:  Logitech Inc.
----------
Key:      MozillaMaintenance
ImagePath: "C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe"
C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
117656 bytes
Created:  22.08.2013 19:50
Modified: 14.08.2013 19:55
Company:  Mozilla Foundation
----------
Key:      mssmbios
ImagePath: \SystemRoot\system32\drivers\mssmbios.sys
C:\Windows\System32\drivers\mssmbios.sys
32320 bytes
Created:  14.07.2009 01:31
Modified: 14.07.2009 03:48
Company:  Microsoft Corporation
----------
Key:      NVHDA
ImagePath: system32\drivers\nvhda64v.sys
C:\Windows\System32\drivers\nvhda64v.sys
194488 bytes
Created:  09.03.2013 22:46
Modified: 19.12.2012 07:41
Company:  NVIDIA Corporation
----------
Key:      nvsvc
ImagePath: "C:\Windows\system32\nvvsvc.exe"
C:\Windows\System32\nvvsvc.exe
893728 bytes
Created:  03.09.2013 16:19
Modified: 09.08.2013 22:07
Company:  NVIDIA Corporation
----------
Key:      nvUpdatusService
ImagePath: "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
1364256 bytes
Created:  03.09.2013 16:20
Modified: 27.08.2013 07:53
Company:  NVIDIA Corporation
----------
Key:      nvvad_WaveExtensible
ImagePath: system32\drivers\nvvad64v.sys
C:\Windows\System32\drivers\nvvad64v.sys - [file not found to scan]
----------
Key:      ose
ImagePath: "C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE"
C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
149352 bytes
Created:  09.01.2010 22:18
Modified: 09.01.2010 22:18
Company:  Microsoft Corporation
----------
Key:      osppsvc
ImagePath: "C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
4925184 bytes
Created:  09.01.2010 22:34
Modified: 09.01.2010 22:34
Company:  Microsoft Corporation
----------
Key:      PerfHost
ImagePath: %SystemRoot%\SysWow64\perfhost.exe
C:\Windows\SysWow64\perfhost.exe
20992 bytes
Created:  14.07.2009 01:11
Modified: 14.07.2009 03:14
Company:  Microsoft Corporation
----------
Key:      PID_PEPI
ImagePath: system32\DRIVERS\LV302V64.SYS
C:\Windows\System32\DRIVERS\LV302V64.SYS
2624408 bytes
Created:  26.07.2008 16:22
Modified: 26.07.2008 16:22
Company:  Logitech Inc.
----------
Key:      PxHlpa64
ImagePath: System32\Drivers\PxHlpa64.sys
C:\Windows\System32\Drivers\PxHlpa64.sys
55856 bytes
Created:  06.01.2011 13:58
Modified: 04.03.2011 21:44
Company:  Sonic Solutions
----------
Key:      rdpbus
ImagePath: \SystemRoot\system32\DRIVERS\rdpbus.sys
C:\Windows\System32\DRIVERS\rdpbus.sys
24064 bytes
Created:  14.07.2009 02:17
Modified: 14.07.2009 02:17
Company:  Microsoft Corporation
----------
Key:      RdpVideoMiniport
ImagePath: System32\drivers\rdpvideominiport.sys
C:\Windows\System32\drivers\rdpvideominiport.sys
19456 bytes
Created:  15.12.2012 02:23
Modified: 23.08.2012 16:10
Company:  Microsoft Corporation
----------
Key:      RoxMediaDB10
ImagePath: "C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe"
C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
1124848 bytes
Created:  26.06.2009 12:19
Modified: 26.06.2009 12:19
Company:  Sonic Solutions
----------
Key:      RxFilter
ImagePath: system32\DRIVERS\RxFilter.sys
C:\Windows\System32\DRIVERS\RxFilter.sys - [file not found to scan]
----------
Key:      Serenum
ImagePath: \SystemRoot\system32\DRIVERS\serenum.sys
C:\Windows\System32\DRIVERS\serenum.sys
23552 bytes
Created:  14.07.2009 02:00
Modified: 14.07.2009 02:00
Company:  Microsoft Corporation
----------
Key:      Serial
ImagePath: \SystemRoot\system32\DRIVERS\serial.sys
C:\Windows\System32\DRIVERS\serial.sys
94208 bytes
Created:  14.07.2009 02:00
Modified: 14.07.2009 02:00
Company:  Brother Industries Ltd.
----------
Key:      SessionLauncher
ImagePath: C:\Users\sauterch\AppData\Local\Temp\DX9\SessionLauncher.exe
C:\Users\sauterch\AppData\Local\Temp\DX9\SessionLauncher.exe - [file not found to scan]
----------
Key:      Sftfs
ImagePath: system32\DRIVERS\Sftfslh.sys
C:\Windows\System32\DRIVERS\Sftfslh.sys
764264 bytes
Created:  01.10.2011 09:30
Modified: 01.10.2011 09:30
Company:  Microsoft Corporation
----------
Key:      sftlist
ImagePath: "C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
508776 bytes
Created:  01.10.2011 09:30
Modified: 01.10.2011 09:30
Company:  Microsoft Corporation
----------
Key:      Sftplay
ImagePath: system32\DRIVERS\Sftplaylh.sys
C:\Windows\System32\DRIVERS\Sftplaylh.sys
268648 bytes
Created:  01.10.2011 09:30
Modified: 01.10.2011 09:30
Company:  Microsoft Corporation
----------
Key:      Sftredir
ImagePath: system32\DRIVERS\Sftredirlh.sys
C:\Windows\System32\DRIVERS\Sftredirlh.sys
25960 bytes
Created:  01.10.2011 09:30
Modified: 01.10.2011 09:30
Company:  Microsoft Corporation
----------
Key:      Sftvol
ImagePath: system32\DRIVERS\Sftvollh.sys
C:\Windows\System32\DRIVERS\Sftvollh.sys
22376 bytes
Created:  01.10.2011 09:30
Modified: 01.10.2011 09:30
Company:  Microsoft Corporation
----------
Key:      sftvsa
ImagePath: "C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
219496 bytes
Created:  01.10.2011 09:30
Modified: 01.10.2011 09:30
Company:  Microsoft Corporation
----------
Key:      SkypeUpdate
ImagePath: D:\Skype\Updater\Updater.exe
D:\Skype\Updater\Updater.exe
-R- 161384 bytes
Created:  07.02.2013 14:10
Modified: 07.02.2013 14:10
Company:  Skype Technologies
----------
Key:      ssudmdm
ImagePath: system32\DRIVERS\ssudmdm.sys
C:\Windows\System32\DRIVERS\ssudmdm.sys
203672 bytes
Created:  08.08.2013 23:04
Modified: 21.06.2013 02:07
Company:  DEVGURU Co., LTD.(www.devguru.co.kr)
----------
Key:      Stereo Service
ImagePath: "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
413472 bytes
Created:  09.08.2013 15:37
Modified: 09.08.2013 15:37
Company:  NVIDIA Corporation
----------
Key:      stllssvr
ImagePath: "C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe"
C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
-R- 74392 bytes
Created:  30.04.2009 13:59
Modified: 30.04.2009 13:59
Company:  MicroVision Development, Inc.
----------
Key:      swenum
ImagePath: \SystemRoot\system32\drivers\swenum.sys
C:\Windows\System32\drivers\swenum.sys
12496 bytes
Created:  14.07.2009 02:00
Modified: 14.07.2009 03:45
Company:  Microsoft Corporation
----------
Key:      tdrpman273
ImagePath: system32\DRIVERS\tdrpm273.sys
C:\Windows\System32\DRIVERS\tdrpm273.sys
1263200 bytes
Created:  23.01.2011 15:27
Modified: 06.03.2012 11:59
Company:  Acronis
----------
Key:      TermDD
ImagePath: \SystemRoot\system32\drivers\termdd.sys
C:\Windows\System32\drivers\termdd.sys
63360 bytes
Created:  27.04.2011 22:51
Modified: 20.11.2010 15:33
Company:  Microsoft Corporation
----------
Key:      TsUsbFlt
ImagePath: system32\drivers\tsusbflt.sys
C:\Windows\System32\drivers\tsusbflt.sys
57856 bytes
Created:  15.12.2012 02:23
Modified: 23.08.2012 16:07
Company:  Microsoft Corporation
----------
Key:      TuneUp.UtilitiesSvc
ImagePath: "D:\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe"
D:\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe
2028864 bytes
Created:  13.12.2011 10:34
Modified: 13.12.2011 10:34
Company:  TuneUp Software
----------
Key:      TuneUpUtilitiesDrv
ImagePath: \??\D:\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys
D:\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys
11856 bytes
Created:  29.11.2010 20:27
Modified: 29.11.2010 20:27
Company:  TuneUp Software
----------
Key:      UNS
ImagePath: "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
2320920 bytes
Created:  31.12.2010 12:38
Modified: 30.09.2009 20:02
Company:  Intel Corporation
----------
Key:      USBAAPL64
ImagePath: System32\Drivers\usbaapl64.sys
C:\Windows\System32\Drivers\usbaapl64.sys
54784 bytes
Created:  13.12.2012 14:50
Modified: 13.12.2012 14:50
Company:  Apple, Inc.
----------
Key:      WinUsb
ImagePath: system32\DRIVERS\WinUSB.SYS
C:\Windows\System32\DRIVERS\WinUSB.SYS
41984 bytes
Created:  27.04.2011 22:51
Modified: 20.11.2010 12:43
Company:  Microsoft Corporation
----------
Key:      wlidsvc
ImagePath: "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
2292480 bytes
Created:  17.07.2012 15:14
Modified: 17.07.2012 15:14
Company:  Microsoft Corp.
----------

************************************************************
12:14:10: Scanning -----VXD ENTRIES-----

************************************************************
12:14:10: Scanning ----- WINLOGON\NOTIFY DLLS -----
No WINLOGON\NOTIFY DLLs found to scan
Rootkit scan of Winlogon\Notify key not possible [key may not exist]

************************************************************
12:14:10: Scanning ----- ContextMenuHandlers -----
Key:  7-Zip
CLSID: {23170F69-40C1-278A-1000-000100020000}
Path:  D:\7_Zip\7-Zip\7-zip.dll
D:\7_Zip\7-Zip\7-zip.dll
55808 bytes
Created:  18.11.2010 18:08
Modified: 18.11.2010 18:08
Company:  Igor Pavlov
----------
Key:  TuneUp Shredder Shell Extension
CLSID: {4858E7D9-8E12-45a3-B6A3-1CD128C9D403}
Path:  D:\TuneUp Utilities 2011\SDShelEx-win32.dll
D:\TuneUp Utilities 2011\SDShelEx-win32.dll
30016 bytes
Created:  13.12.2011 10:29
Modified: 13.12.2011 10:29
Company:  TuneUp Software
----------
Key:  VersionsPageShellExt
CLSID: {9E42900A-85F9-4E67-9778-575FBBA0A81C}
Path:  D:\Acronis True Image_2011\versions_page.dll
D:\Acronis True Image_2011\versions_page.dll
128352 bytes
Created:  22.09.2011 23:22
Modified: 22.09.2011 23:22
Company:  Acronis
----------
Key:  {C539A15A-3AF9-4c92-B771-50CB78F5C751}
Path:  D:\Acronis True Image_2011\tishell.dll
D:\Acronis True Image_2011\tishell.dll
1030536 bytes
Created:  22.09.2011 23:21
Modified: 22.09.2011 23:21
Company:  Acronis
----------

************************************************************
12:14:11: Scanning ----- Folder\ColumnHandlers -----
No Folder\ColumnHandler entries found to scan

************************************************************
12:14:11: Scanning ----- 64-Bit ContextMenuHandlers -----
Key:  AVK9CM
CLSID: {CAF4C320-32F5-11D3-A222-004095200FF2}
Path:  D:\GData\AVK\ShellExt64.dll
D:\GData\AVK\ShellExt64.dll
333848 bytes
Created:  17.08.2011 16:00
Modified: 21.05.2012 05:35
Company:  G Data Software AG
----------
Key:  RXDCExtSvr
CLSID: {0FB82570-BB2D-23D3-8D3B-AC2F34F1FA3C}
Path:  C:\Program Files\Roxio\Virtual Drive 10\DC_ShellExt64.dll
C:\Program Files\Roxio\Virtual Drive 10\DC_ShellExt64.dll
145904 bytes
Created:  26.06.2009 12:31
Modified: 26.06.2009 12:31
Company:  Sonic Solutions
----------
Key:  TuneUp Shredder Shell Extension
CLSID: {4858E7D9-8E12-45a3-B6A3-1CD128C9D403}
Path:  D:\TuneUp Utilities 2011\SDShelEx-x64.dll
D:\TuneUp Utilities 2011\SDShelEx-x64.dll
28480 bytes
Created:  13.12.2011 10:29
Modified: 13.12.2011 10:29
Company:  TuneUp Software
----------
Key:  VersionsPageShellExt
CLSID: {9E42900A-85F9-4E67-9778-575FBBA0A81C}
Path:  D:\Acronis True Image_2011\x64\versions_page.dll
D:\Acronis True Image_2011\x64\versions_page.dll
142176 bytes
Created:  22.09.2011 23:22
Modified: 22.09.2011 23:22
Company:  Acronis
----------
Key:  {C539A15A-3AF9-4c92-B771-50CB78F5C751}
Path:  D:\Acronis True Image_2011\tishell64.dll
D:\Acronis True Image_2011\tishell64.dll
1246088 bytes
Created:  22.09.2011 23:22
Modified: 22.09.2011 23:22
Company:  Acronis
----------

************************************************************
12:14:11: Scanning ----- 64-Bit Folder\ColumnHandlers -----
No Folder\ColumnHandler entries found to scan

************************************************************
12:14:11: Scanning ----- Browser Helper Objects -----
Key: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
BHO: D:\Java\bin\ssv.dll
D:\Java\bin\ssv.dll
463272 bytes
Created:  09.03.2013 22:44
Modified: 03.09.2013 19:07
Company:  Oracle Corporation
----------
Key: {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC}
BHO: C:\Program Files (x86)\Common Files\G DATA\AVKProxy\BanksafeBHO.dll
C:\Program Files (x86)\Common Files\G DATA\AVKProxy\BanksafeBHO.dll
52728 bytes
Created:  10.08.2011 17:31
Modified: 27.01.2012 15:40
Company:  G Data Software AG
----------
Key: {DBC80044-A445-435b-BC74-9C25C1C588A9}
BHO: D:\Java\bin\jp2ssv.dll
D:\Java\bin\jp2ssv.dll
171944 bytes
Created:  09.03.2013 22:44
Modified: 03.09.2013 19:07
Company:  Oracle Corporation
----------

************************************************************
12:14:11: Scanning ----- 64-Bit Browser Helper Objects -----
Key: {9030D464-4C02-4ABF-8ECC-5164760863C6}
BHO: C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
529664 bytes
Created:  17.07.2012 15:17
Modified: 17.07.2012 15:17
Company:  Microsoft Corp.
----------

************************************************************
12:14:12: Scanning ----- ShellServiceObjectDelayLoad Entries

************************************************************
12:14:12: Scanning ----- 64-Bit ShellServiceObjectDelayLoad Entries

************************************************************
12:14:12: Scanning ----- ShellServiceObjects

************************************************************
12:14:12: Scanning ----- 64-Bit ShellServiceObjects

************************************************************
12:14:12: Scanning ----- SHAREDTASKSCHEDULER ENTRIES -----
No SharedTaskScheduler entries found to scan

************************************************************
12:14:12: Scanning ----- IMAGEFILE DEBUGGERS -----
Key = creator10.exe
Image File Debugger details:
D:\TuneUp Utilities 2011\TUAutoReactivator64.exe
113472 bytes
Created:  13.12.2011 10:35
Modified: 13.12.2011 10:35
Company:  TuneUp Software
"D:\TuneUp Utilities 2011\TUAutoReactivator64.exe" - Debugger entry has been excluded from scanning
----------
Key = driverscanner.exe
Image File Debugger details:
D:\TuneUp Utilities 2011\TUAutoReactivator64.exe
113472 bytes
Created:  13.12.2011 10:35
Modified: 13.12.2011 10:35
Company:  TuneUp Software
"D:\TuneUp Utilities 2011\TUAutoReactivator64.exe" - Debugger entry has been excluded from scanning
----------
Key = itunes.exe
Image File Debugger details:
D:\TuneUp Utilities 2011\TUAutoReactivator64.exe
113472 bytes
Created:  13.12.2011 10:35
Modified: 13.12.2011 10:35
Company:  TuneUp Software
"D:\TuneUp Utilities 2011\TUAutoReactivator64.exe" - Debugger entry has been excluded from scanning
----------
Key = musicdisccreator10.exe
Image File Debugger details:
D:\TuneUp Utilities 2011\TUAutoReactivator64.exe
113472 bytes
Created:  13.12.2011 10:35
Modified: 13.12.2011 10:35
Company:  TuneUp Software
"D:\TuneUp Utilities 2011\TUAutoReactivator64.exe" - Debugger entry has been excluded from scanning
----------
Key = nvstlink.exe
Image File Debugger details:
D:\TuneUp Utilities 2011\TUAutoReactivator64.exe
113472 bytes
Created:  13.12.2011 10:35
Modified: 13.12.2011 10:35
Company:  TuneUp Software
"D:\TuneUp Utilities 2011\TUAutoReactivator64.exe" - Debugger entry has been excluded from scanning
----------
Key = nvstview.exe
Image File Debugger details:
D:\TuneUp Utilities 2011\TUAutoReactivator64.exe
113472 bytes
Created:  13.12.2011 10:35
Modified: 13.12.2011 10:35
Company:  TuneUp Software
"D:\TuneUp Utilities 2011\TUAutoReactivator64.exe" - Debugger entry has been excluded from scanning
----------
Key = photosuite10.exe
Image File Debugger details:
D:\TuneUp Utilities 2011\TUAutoReactivator64.exe
113472 bytes
Created:  13.12.2011 10:35
Modified: 13.12.2011 10:35
Company:  TuneUp Software
"D:\TuneUp Utilities 2011\TUAutoReactivator64.exe" - Debugger entry has been excluded from scanning
----------
Key = powerdvd9.exe
Image File Debugger details:
D:\TuneUp Utilities 2011\TUAutoReactivator64.exe
113472 bytes
Created:  13.12.2011 10:35
Modified: 13.12.2011 10:35
Company:  TuneUp Software
"D:\TuneUp Utilities 2011\TUAutoReactivator64.exe" - Debugger entry has been excluded from scanning
----------
Key = retrieve10.exe
Image File Debugger details:
D:\TuneUp Utilities 2011\TUAutoReactivator64.exe
113472 bytes
Created:  13.12.2011 10:35
Modified: 13.12.2011 10:35
Company:  TuneUp Software
"D:\TuneUp Utilities 2011\TUAutoReactivator64.exe" - Debugger entry has been excluded from scanning
----------
Key = roxwizardlauncher10.exe
Image File Debugger details:
D:\TuneUp Utilities 2011\TUAutoReactivator64.exe
113472 bytes
Created:  13.12.2011 10:35
Modified: 13.12.2011 10:35
Company:  TuneUp Software
"D:\TuneUp Utilities 2011\TUAutoReactivator64.exe" - Debugger entry has been excluded from scanning
----------
Key = skype.exe
Image File Debugger details:
D:\TuneUp Utilities 2011\TUAutoReactivator64.exe
113472 bytes
Created:  13.12.2011 10:35
Modified: 13.12.2011 10:35
Company:  TuneUp Software
"D:\TuneUp Utilities 2011\TUAutoReactivator64.exe" - Debugger entry has been excluded from scanning
----------
Key = soundedit10.exe
Image File Debugger details:
D:\TuneUp Utilities 2011\TUAutoReactivator64.exe
113472 bytes
Created:  13.12.2011 10:35
Modified: 13.12.2011 10:35
Company:  TuneUp Software
"D:\TuneUp Utilities 2011\TUAutoReactivator64.exe" - Debugger entry has been excluded from scanning
----------
Key = stax.exe
Image File Debugger details:
D:\TuneUp Utilities 2011\TUAutoReactivator64.exe
113472 bytes
Created:  13.12.2011 10:35
Modified: 13.12.2011 10:35
Company:  TuneUp Software
"D:\TuneUp Utilities 2011\TUAutoReactivator64.exe" - Debugger entry has been excluded from scanning
----------
Key = unins000.exe
Image File Debugger details:
D:\TuneUp Utilities 2011\TUAutoReactivator64.exe
113472 bytes
Created:  13.12.2011 10:35
Modified: 13.12.2011 10:35
Company:  TuneUp Software
"D:\TuneUp Utilities 2011\TUAutoReactivator64.exe" - Debugger entry has been excluded from scanning
----------

************************************************************
12:15:07: Scanning ----- APPINIT_DLLS -----
The AppInit_DLLs value is blank or does not exist

************************************************************
12:15:07: Scanning ----- SECURITY PROVIDER DLLS -----

************************************************************
12:15:07: Scanning ------ COMMON STARTUP GROUP ------
[C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup]
The Common Startup Group attempts to load the following file(s) at boot time:
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-HS- 174 bytes
Created:  14.07.2009 06:54
Modified: 14.07.2009 06:54
Company:  [no info]
--------------------

************************************************************
12:15:07: Scanning ----- USER STARTUP GROUPS -----
Checking Startup Group for: sauterch
[C:\Users\sauterch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup]
C:\Users\sauterch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-HS- 174 bytes
Created:  30.12.2010 22:36
Modified: 08.08.2013 22:23
Company:  [no info]
----------
--------------------

************************************************************
12:15:07: Scanning ----- SCHEDULED TASKS -----
Taskname:      {00713CB9-7ED8-4245-BF9E-CC03CC38DF87}
File:          d:\mozilla firefox\firefox.exe
d:\mozilla firefox\firefox.exe
276376 bytes
Created:  19.08.2013 06:40
Modified: 14.08.2013 19:55
Company:  Mozilla Corporation
Parameters:    hxxp://ui.skype.com/ui/0/5.1.0.112/en/abandoninstall?page=tsMain&installinfo=google-toolbar:notoffered;ienotdefaultbrowser2,google-chrome:notoffered;alreadyoffered
Schedule:      At task creation/modification
Next Run Time:
Status:        Ready
Creator:      SkypeSetup
Comments:     
----------
Taskname:      {055FCA50-8DE4-4486-B42F-147BF36C5FC7}
File:          d:\mozilla firefox\firefox.exe
d:\mozilla firefox\firefox.exe
276376 bytes
Created:  19.08.2013 06:40
Modified: 14.08.2013 19:55
Company:  Mozilla Corporation
Parameters:    hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Schedule:      At task creation/modification
Next Run Time:
Status:        Ready
Creator:      SkypeSetup
Comments:     
----------
Taskname:      {400197BC-65DC-41D5-945A-2EF9298838F1}
File:          d:\mozilla firefox\firefox.exe
d:\mozilla firefox\firefox.exe
276376 bytes
Created:  19.08.2013 06:40
Modified: 14.08.2013 19:55
Company:  Mozilla Corporation
Parameters:    hxxp://ui.skype.com/ui/0/5.10.0.115/de/go/help.faq.installer?LastError=1603
Schedule:      At task creation/modification
Next Run Time:
Status:        Ready
Creator:      SkypeSetup
Comments:     
----------
Taskname:      {5C00BB8D-3F7F-4CA2-8BC1-AD073F5AD5FD}
File:          C:\Program Files (x86)\Skype\Phone\Skype.exe
Schedule:      At task creation/modification
Next Run Time:
Status:        Ready
Creator:      SkypeSetup
Comments:     
C:\Program Files (x86)\Skype\Phone\Skype.exe - [file not found to scan]
----------
Taskname:      {5DB2831F-AD6A-4A83-9274-E33CF6B93952}
File:          d:\mozilla firefox\firefox.exe
d:\mozilla firefox\firefox.exe
276376 bytes
Created:  19.08.2013 06:40
Modified: 14.08.2013 19:55
Company:  Mozilla Corporation
Parameters:    hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?source=lightinstaller&LastError=1603
Schedule:      At task creation/modification
Next Run Time:
Status:        Ready
Creator:      SkypeSetupLight
Comments:     
----------
Taskname:      {8356B895-1E2D-4985-90C0-600205F330C9}
File:          C:\Program Files (x86)\Common Files\Roxio Shared\10.0\Roxio Central36\Main\Roxio_Central36.exe
C:\Program Files (x86)\Common Files\Roxio Shared\10.0\Roxio Central36\Main\Roxio_Central36.exe
2677232 bytes
Created:  22.06.2009 12:36
Modified: 22.06.2009 12:36
Company: 
Schedule:      At task creation/modification
Next Run Time:
Status:        Disabled
Creator:     
Comments:     
----------
Taskname:      {DD5500C3-E770-42ED-99DC-084BABEC91FA}
File:          d:\mozilla firefox\firefox.exe
d:\mozilla firefox\firefox.exe
276376 bytes
Created:  19.08.2013 06:40
Modified: 14.08.2013 19:55
Company:  Mozilla Corporation
Parameters:    hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Schedule:      At task creation/modification
Next Run Time:
Status:        Ready
Creator:      SkypeSetup
Comments:     
----------
Taskname:      {E41299EE-6113-4D8D-BDEC-716F782CDE0E}
File:          d:\mozilla firefox\firefox.exe
d:\mozilla firefox\firefox.exe
276376 bytes
Created:  19.08.2013 06:40
Modified: 14.08.2013 19:55
Company:  Mozilla Corporation
Parameters:    hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Schedule:      At task creation/modification
Next Run Time:
Status:        Ready
Creator:      SkypeSetup
Comments:     
----------
Taskname:      CCleanerSkipUAC
File:          D:\CCleaner\CCleaner.exe
D:\CCleaner\CCleaner.exe
3676952 bytes
Created:  21.08.2013 20:22
Modified: 21.08.2013 20:22
Company:  Piriform Ltd
Parameters:    $(Arg0)
Schedule:      Task not scheduled
Next Run Time:
Status:        Ready
Creator:      Piriform Ltd
Comments:     
----------
Taskname:      Divx-Online-Aktualisierungsprogramm
File:          C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
Parameters:    /CHECKNOW
Schedule:      At 10:00:00 every Montag of every week, starting 01.01.2009
Next Run Time: 09.09.2013 10:00:00
Status:        Ready
Creator:      TuneUp
Comments:      tuident:2123EDB4
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe - [file not found to scan]
----------
Taskname:      DriverScanner
File:          D:\DriverScanner\DriverScanner\dsmonitor.exe
D:\DriverScanner\DriverScanner\dsmonitor.exe
25464 bytes
Created:  17.11.2011 23:11
Modified: 05.09.2011 17:20
Company:  Uniblue Systems Limited
Schedule:      At logon
Next Run Time:
Status:        Disabled
Creator:      sauterch
Comments:     
----------
Taskname:      Java Update Scheduler
File:          C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
253816 bytes
Created:  12.03.2013 07:32
Modified: 12.03.2013 07:32
Company:  Oracle Corporation
Schedule:      At 10:00:00 every Montag of every week, starting 01.01.2009
Next Run Time: 09.09.2013 10:00:00
Status:        Ready
Creator:      TuneUp
Comments:      tuident:78C4302E
----------
Taskname:      SidebarExecute
File:          C:\Program Files (x86)\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Windows Sidebar\sidebar.exe
1174016 bytes
Created:  27.04.2011 22:52
Modified: 20.11.2010 14:17
Company:  Microsoft Corporation
Schedule:      At task creation/modification
Next Run Time:
Status:        Ready
Creator:     
Comments:     
----------
Taskname:      TuneUpUtilities_Task_BkGndMaintenance2011
File:          D:\TuneUp Utilities 2011\OneClick.exe
D:\TuneUp Utilities 2011\OneClick.exe
603968 bytes
Created:  13.12.2011 10:37
Modified: 13.12.2011 10:37
Company:  TuneUp Software
Parameters:    $(Arg0)
Schedule:      Task not scheduled
Next Run Time:
Status:        Ready
Creator:     
Comments:     
----------
Taskname:      User_Feed_Synchronization-{E65FAF42-D005-4209-8259-34AE0371B7A1}
File:          C:\Windows\Sysnative\msfeedssync.exe
C:\Windows\System32\msfeedssync.exe
12800 bytes
Created:  23.03.2013 00:21
Modified: 23.03.2013 00:21
Company:  Microsoft Corporation
Parameters:    sync
Schedule:      At 17:00:42 every day
Next Run Time: 08.09.2013 19:00:42
Status:        Ready
Creator:      sauterch-PC\sauterch
Comments:      Aktualisiert veraltete Systemfeeds.
----------

************************************************************
12:15:09: Scanning ----- SHELLICONOVERLAYIDENTIFIERS -----
Key:  SharingPrivate
CLSID: {08244EE6-92F0-47f2-9FC9-929BAA2E7235}
File:  %SystemRoot%\system32\ntshrui.dll
C:\Windows\System32\ntshrui.dll
509952 bytes
Created:  18.02.2012 11:28
Modified: 04.01.2012 12:44
Company:  Microsoft Corporation
----------

************************************************************
12:15:10: Scanning ----- DEVICE DRIVER ENTRIES -----
Value: vidc.i420
File:  lvcodec2.dll
lvcodec2.dll - [file not found to scan]
----------
Value: msacm.l3acm
File:  C:\Windows\SysWOW64\l3codeca.acm
C:\Windows\SysWOW64\l3codeca.acm
64000 bytes
Created:  14.07.2009 02:07
Modified: 14.07.2009 03:14
Company:  Fraunhofer Institut Integrierte Schaltungen IIS
----------
Value: vidc.cvid
File:  iccvid.dll
iccvid.dll - [file not found to scan]
----------

************************************************************
12:15:10: ----- ADDITIONAL CHECKS -----
Heuristic checks for hidden files/drivers completed
----------
Layered Service Provider entries checks completed
----------
Windows Explorer Policies checks completed
----------
Desktop Wallpaper: C:\Users\sauterch\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
C:\Users\sauterch\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
144595 bytes
Created:  30.12.2010 22:36
Modified: 30.08.2013 21:04
Company:  [no info]
----------
Web Desktop Wallpaper entry is blank
----------
Checks for rogue DNS NameServers completed
----------
Checks for Backdoor.ZeroAccess completed
----------
Safe Mode checks completed
----------
Additional checks completed

************************************************************
12:15:10: Scanning ----- RUNNING PROCESSES -----

C:\Windows\System32\smss.exe
112640 bytes
Created:  11.04.2013 17:58
Modified: 19.03.2013 05:06
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\csrss.exe
7680 bytes
Created:  14.07.2009 01:19
Modified: 14.07.2009 03:39
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\wininit.exe
129024 bytes
Created:  14.07.2009 01:52
Modified: 14.07.2009 03:39
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\services.exe
328704 bytes
Created:  14.07.2009 01:19
Modified: 14.07.2009 03:39
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\lsass.exe
31232 bytes
Created:  31.01.2012 20:14
Modified: 17.11.2011 08:33
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\lsm.exe
343040 bytes
Created:  27.04.2011 22:52
Modified: 20.11.2010 15:24
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\winlogon.exe
390656 bytes
Created:  27.04.2011 22:52
Modified: 20.11.2010 15:25
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\svchost.exe
27136 bytes
Created:  14.07.2009 01:31
Modified: 14.07.2009 03:39
Company:  Microsoft Corporation
--------------------
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
1137440 bytes
Created:  03.09.2013 16:19
Modified: 09.08.2013 22:07
Company:  NVIDIA Corporation
--------------------
C:\Windows\System32\spoolsv.exe
559104 bytes
Created:  16.08.2012 20:51
Modified: 11.02.2012 08:36
Company:  Microsoft Corporation
--------------------
C:\Program Files\Bonjour\mDNSResponder.exe
462184 bytes
Created:  30.08.2011 23:05
Modified: 30.08.2011 23:05
Company:  Apple Inc.
--------------------
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
223488 bytes
Created:  17.07.2012 15:14
Modified: 17.07.2012 15:14
Company:  Microsoft Corp.
--------------------
C:\Windows\System32\WUDFHost.exe
229888 bytes
Created:  17.11.2012 01:28
Modified: 26.07.2012 05:08
Company:  Microsoft Corporation
--------------------
C:\Program Files (x86)\Common Files\G Data\AVKProxy\AvkBap64.exe
283640 bytes
Created:  28.07.2011 03:59
Modified: 27.01.2012 05:49
Company:  G Data Software AG
--------------------
C:\Windows\System32\SearchIndexer.exe
591872 bytes
Created:  30.06.2011 17:55
Modified: 04.05.2011 07:19
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\taskhost.exe
68608 bytes
Created:  09.01.2013 20:53
Modified: 23.11.2012 05:13
Company:  Microsoft Corporation
--------------------
D:\TuneUp Utilities 2011\TuneUpUtilitiesApp64.exe
786240 bytes
Created:  13.12.2011 10:34
Modified: 13.12.2011 10:34
Company:  TuneUp Software
--------------------
C:\Windows\System32\dwm.exe
120320 bytes
Created:  14.07.2009 01:37
Modified: 14.07.2009 03:39
Company:  Microsoft Corporation
--------------------
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
231704 bytes
Created:  27.09.2011 21:05
Modified: 27.09.2011 21:05
Company:  Logitech, Inc.
--------------------
C:\Users\sauterch\AppData\Local\Apps\2.0\N7JC67JJ.28D\EXZ09BGP.07J\frit..tion_1acae14e4778b8d2_0002.0003_7c9366a34786c7f9\fritzbox-usb-fernanschluss.exe
327520 bytes
Created:  20.08.2013 18:15
Modified: 20.08.2013 18:15
Company:  AVM Berlin
--------------------
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
2450208 bytes
Created:  09.03.2013 22:48
Modified: 09.08.2013 22:07
Company:  NVIDIA Corporation
--------------------
C:\Windows\System32\taskeng.exe
464384 bytes
Created:  27.04.2011 22:52
Modified: 20.11.2010 15:25
Company:  Microsoft Corporation
--------------------
D:\Trojan Remover\Rmvtrjan.exe
FileSize:          5078264
[This is a Trojan Remover component]
--------------------
--------------------
C:\Windows\System32\wbem\WmiPrvSE.exe
372736 bytes
Created:  27.04.2011 22:52
Modified: 20.11.2010 15:25
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\SearchProtocolHost.exe
249856 bytes
Created:  30.06.2011 17:55
Modified: 04.05.2011 07:19
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\SearchFilterHost.exe
113664 bytes
Created:  30.06.2011 17:55
Modified: 04.05.2011 07:19
Company:  Microsoft Corporation
--------------------

************************************************************
12:15:13: Checking HOSTS file
No malicious entries were found in the HOSTS file

************************************************************
------ INTERNET EXPLORER HOME/START/SEARCH SETTINGS ------
HKLM\Software\Microsoft\Internet Explorer\Main\"Start Page":
hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Microsoft\Internet Explorer\Main\"Local Page":
C:\Windows\SysWOW64\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main\"Search Page":
hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Microsoft\Internet Explorer\Main\"Default_Page_URL":
hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Microsoft\Internet Explorer\Main\"Default_Search_URL":
hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKCU\Software\Microsoft\Internet Explorer\Main\"Start Page":
hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main\"Local Page":
C:\Windows\system32\blank.htm
HKCU\Software\Microsoft\Internet Explorer\Main\"Search Page":
hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=DE&userid=8ff9e2c0-c955-4d2e-a461-0606362ab29b&affid=113129&searchtype=ds&babsrc=lnkry&q={searchTerms}

************************************************************
=== NO CHANGES HAVE BEEN MADE TO YOUR SYSTEM FILES ===
Scan completed at: 12:15:13 08 Sep 2013
Total Scan time: 00:01:16
************************************************************


***** THE SYSTEM HAS BEEN RESTARTED *****
25.08.2013 21:27:47: Trojan Remover has been restarted
C:\PROGRA~2\NVIDIA~1\NVSTRE~1\rxinput.dll has been deleted (if it existed)
Unable to rename C:\PROGRA~2\NVIDIA~1\NVSTRE~1\rxinput.dll to C:\PROGRA~2\NVIDIA~1\NVSTRE~1\rxinput.dll.vir
(C:\PROGRA~2\NVIDIA~1\NVSTRE~1\rxinput.dll does not appear to exist)
25.08.2013 21:27:47: Trojan Remover closed
************************************************************


***** NORMAL SCAN FOR ACTIVE MALWARE *****
Trojan Remover Ver 6.8.8.2622. For information, email support@simplysup.com
[Registered to: sauterch@yahoo.de]
Scan started at: 21:25:00 25 Aug 2013
Using Database v8203
Operating System:  Windows 7 x64 Home Premium (SP1) [Build: 6.1.7601] [in Compatibility Mode]
True Operating System: Windows 8 x64
File System:      NTFS
User Account Control is Enabled
[Secure Desktop Prompt is DISABLED]
UserData directory: C:\Users\sauterch\AppData\Roaming\Simply Super Software\Trojan Remover\
Database directory: C:\ProgramData\Simply Super Software\Trojan Remover\Data\
Logfile directory:  C:\Users\sauterch\Documents\Simply Super Software\Trojan Remover Logfiles\
Program directory:  D:\Trojan Remover\
Running with Administrator privileges

************************************************************
PC appears to be in SAFE MODE with Network Support.

************************************************************

21:25:01: ----- Checking Default File Associations -----
No modified default file associations detected

************************************************************
21:25:01: ----- SCANNING FOR ROOTKIT SERVICES -----
No hidden Services were detected.

************************************************************
21:25:01: Scanning ----- Windows Registry -----
--------------------
Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
This key's "Shell" value calls the following program(s):
Key value: [explorer.exe]
File: C:\Windows\Explorer.exe
C:\Windows\Explorer.exe
2871808 bytes
Created:  27.04.2011 18:56
Modified: 25.02.2011 08:19
Company:  Microsoft Corporation
----------
This key's "Userinit" value calls the following program(s):
Key value: [C:\Windows\system32\userinit.exe,]
File: C:\Windows\system32\userinit.exe
C:\Windows\System32\userinit.exe
30720 bytes
Created:  27.04.2011 22:51
Modified: 20.11.2010 15:25
Company:  Microsoft Corporation
----------
--------------------
Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value Name: [G Data AntiVirus Tray Application]
Value Data: [D:\GData\AVKTray\AVKTray.exe]
D:\GData\AVKTray\AVKTray.exe
1035216 bytes
Created:  22.02.2013 23:08
Modified: 09.01.2013 14:01
Company:  G Data Software AG
--------------------
Value Name: [GDFirewallTray]
Value Data: [D:\GData\Firewall\GDFirewallTray.exe]
D:\GData\Firewall\GDFirewallTray.exe
1475096 bytes
Created:  08.01.2013 13:21
Modified: 29.11.2012 06:20
Company:  G Data Software AG
--------------------
Value Name: [TrojanScanner]
Value Data: [D:\Trojan Remover\Trjscan.exe /boot]
D:\Trojan Remover\Trjscan.exe
1655568 bytes
Created:  25.08.2013 20:52
Modified: 19.07.2013 17:42
Company:  Simply Super Software
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
This Registry key appears to be empty
--------------------
Checking HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Value Name: [Sidebar]
Value Data: [C:\Program Files\Windows Sidebar\sidebar.exe /autoRun]
C:\Program Files\Windows Sidebar\sidebar.exe
1475584 bytes
Created:  27.04.2011 22:52
Modified: 20.11.2010 15:25
Company:  Microsoft Corporation
--------------------
Value Name: [ctfmon.exe]
Value Data: ["C:\Windows\system32\ctfmon.exe"]
C:\Windows\System32\ctfmon.exe
9728 bytes
Created:  14.07.2009 01:39
Modified: 14.07.2009 03:39
Company:  Microsoft Corporation
--------------------
Value Name: [AVMUSBFernanschluss]
Value Data: ["C:\Users\sauterch\AppData\Local\Apps\2.0\N7JC67JJ.28D\EXZ09BGP.07J\frit..tion_1acae14e4778b8d2_0002.0003_7c9366a34786c7f9\AVMAutoStart.exe"]
C:\Users\sauterch\AppData\Local\Apps\2.0\N7JC67JJ.28D\EXZ09BGP.07J\frit..tion_1acae14e4778b8d2_0002.0003_7c9366a34786c7f9\AVMAutoStart.exe
139264 bytes
Created:  20.08.2013 18:15
Modified: 20.08.2013 18:15
Company:  AVM Berlin
--------------------
Checking HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
Value Name: [Uninstall C:\Users\sauterch\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64]
Value Data: [C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\sauterch\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64"]
C:\Windows\System32\cmd.exe
345088 bytes
Created:  27.04.2011 22:52
Modified: 20.11.2010 15:24
Company:  Microsoft Corporation

************************************************************
21:25:03: Scanning ----- Windows 64-Bit Registry -----
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value Name: [Acronis Scheduler2 Service]
Value Data: ["C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"]
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
391240 bytes
Created:  06.12.2010 07:55
Modified: 06.12.2010 07:55
Company:  Acronis
--------------------
Value Name: [EvtMgr6]
Value Data: [D:\Logitech\SetPointP\SetPoint.exe /launchGaming]
D:\Logitech\SetPointP\SetPoint.exe
1744152 bytes
Created:  07.10.2011 11:38
Modified: 07.10.2011 11:38
Company:  Logitech, Inc.
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
This Registry key appears to be empty

************************************************************
21:25:03: Scanning -----SHELLEXECUTEHOOKS-----
ShellExecuteHooks key is empty

************************************************************
21:25:03: Scanning -----HIDDEN REGISTRY ENTRIES-----
Taskdir check completed
----------
No Hidden File-loading Registry Entries found
----------

************************************************************
21:25:03: Scanning -----ACTIVE SCREENSAVER-----
No active ScreenSaver found to scan.

************************************************************
21:25:03: Scanning ----- REGISTRY ACTIVE SETUP KEYS -----
Key:  {2D46B6DC-2207-486B-B523-A557E6D54B47}
Path: C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
C:\Windows\System32\cmd.exe
345088 bytes
Created:  27.04.2011 22:52
Modified: 20.11.2010 15:24
Company:  Microsoft Corporation
----------
Key:  {44BBA840-CC51-11CF-AAFA-00AA00B6015C}
Path: "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
C:\Program Files (x86)\Windows Mail\WinMail.exe

************************************************************
21:25:04: Scanning ----- SERVICEDLL REGISTRY KEYS -----
Key:  UxTuneUp
Path: %SystemRoot%\System32\uxtuneup.dll
C:\Windows\System32\uxtuneup.dll
36160 bytes
Created:  15.01.2011 17:11
Modified: 13.12.2011 10:29
Company:  TuneUp Software
--------------------
Key:  wuauserv
Path: C:\Windows\system32\wuaueng.dll
C:\Windows\System32\wuaueng.dll
2428952 bytes
Created:  22.06.2012 18:39
Modified: 03.06.2012 00:19
Company:  Microsoft Corporation
--------------------

************************************************************
21:25:06: Scanning ----- SERVICES REGISTRY KEYS -----
-----
-----
-----
Key:      AAV UpdateService
ImagePath: D:\Steuer-Spar-Erklaerung\AAVUpdateManager\aavus.exe
D:\Steuer-Spar-Erklaerung\AAVUpdateManager\aavus.exe
128296 bytes
Created:  24.10.2008 16:35
Modified: 24.10.2008 16:35
Company: 
----------
Key:      AcrSch2Svc
ImagePath: "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe"
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
1112744 bytes
Created:  06.12.2010 07:55
Modified: 06.12.2010 07:55
Company:  Acronis
----------
Key:      afcdp
ImagePath: system32\DRIVERS\afcdp.sys
C:\Windows\System32\DRIVERS\afcdp.sys
285280 bytes
Created:  06.03.2012 11:59
Modified: 06.03.2012 11:59
Company:  Acronis
----------
Key:      afcdpsrv
ImagePath: C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
3246040 bytes
Created:  06.03.2012 11:59
Modified: 06.03.2012 11:59
Company:  Acronis
----------
Key:      amdsata
ImagePath: \SystemRoot\system32\drivers\amdsata.sys
C:\Windows\System32\drivers\amdsata.sys
107904 bytes
Created:  27.04.2011 18:56
Modified: 11.03.2011 08:41
Company:  Advanced Micro Devices
----------
Key:      Apple Mobile Device
ImagePath: "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
57008 bytes
Created:  21.12.2012 17:27
Modified: 21.12.2012 17:27
Company:  Apple Inc.
----------
Key:      atapi
ImagePath: system32\drivers\atapi.sys
C:\Windows\System32\drivers\atapi.sys
24128 bytes
Created:  14.07.2009 01:19
Modified: 14.07.2009 03:52
Company:  Microsoft Corporation
----------
Key:      AVKProxy
ImagePath: "C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe"
C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
1548312 bytes
Created:  08.01.2013 13:21
Modified: 29.11.2012 05:49
Company:  G Data Software AG
----------
Key:      AVKService
ImagePath: "D:\GData\AVK\AVKService.exe"
D:\GData\AVK\AVKService.exe
469016 bytes
Created:  08.01.2013 13:21
Modified: 29.11.2012 05:47
Company:  G Data Software AG
----------
Key:      AVKWCtl
ImagePath: "D:\GData\AVK\AVKWCtlX64.exe"
D:\GData\AVK\AVKWCtlX64.exe
2012592 bytes
Created:  08.01.2013 13:21
Modified: 29.11.2012 06:08
Company:  G Data Software AG
----------
Key:      avmaudio
ImagePath: system32\DRIVERS\avmaudio.sys
C:\Windows\System32\DRIVERS\avmaudio.sys
116096 bytes
Created:  08.01.2011 21:23
Modified: 08.01.2011 21:23
Company:  AVM Berlin
----------
Key:      avmaura
ImagePath: system32\DRIVERS\avmaura.sys
C:\Windows\System32\DRIVERS\avmaura.sys
116480 bytes
Created:  22.12.2012 11:27
Modified: 22.12.2012 11:26
Company:  AVM Berlin
----------
Key:      b06bdrv
ImagePath: \SystemRoot\system32\DRIVERS\bxvbda.sys
C:\Windows\System32\DRIVERS\bxvbda.sys
468480 bytes
Created:  10.06.2009 22:34
Modified: 10.06.2009 22:34
Company:  Broadcom Corporation
----------
Key:      b57nd60a
ImagePath: system32\DRIVERS\b57nd60a.sys
C:\Windows\System32\DRIVERS\b57nd60a.sys
270848 bytes
Created:  10.06.2009 22:34
Modified: 10.06.2009 22:34
Company:  Broadcom Corporation
----------
Key:      CLKMSVC10_C19A2874
ImagePath: "D:\Cyberlink PowerDVD\PowerDVD9\NavFilter\kmsvc.exe" /svc
D:\Cyberlink PowerDVD\PowerDVD9\NavFilter\kmsvc.exe
232944 bytes
Created:  26.04.2010 19:10
Modified: 26.04.2010 19:10
Company:  CyberLink
----------
Key:      clr_optimization_v2.0.50727_64
ImagePath: %systemroot%\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
89920 bytes
Created:  13.07.2009 22:37
Modified: 10.06.2009 22:39
Company:  Microsoft Corporation
----------
Key:      clr_optimization_v4.0.30319_32
ImagePath: C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
130384 bytes
Created:  18.03.2010 14:16
Modified: 18.03.2010 14:16
Company:  Microsoft Corporation
----------
Key:      clr_optimization_v4.0.30319_64
ImagePath: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
138576 bytes
Created:  18.03.2010 15:27
Modified: 18.03.2010 15:27
Company:  Microsoft Corporation
----------
Key:      CompositeBus
ImagePath: \SystemRoot\system32\drivers\CompositeBus.sys
C:\Windows\System32\drivers\CompositeBus.sys
38912 bytes
Created:  27.04.2011 22:51
Modified: 20.11.2010 12:33
Company:  Microsoft Corporation
----------
Key:      cvhsvc
ImagePath: "C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
822624 bytes
Created:  04.01.2012 15:22
Modified: 04.01.2012 15:22
Company:  Microsoft Corporation
----------
Key:      dg_ssudbus
ImagePath: system32\DRIVERS\ssudbus.sys
C:\Windows\System32\DRIVERS\ssudbus.sys
103448 bytes
Created:  08.08.2013 23:04
Modified: 21.06.2013 02:07
Company:  DEVGURU Co., LTD.(www.devguru.co.kr)
----------
Key:      ebdrv
ImagePath: \SystemRoot\system32\DRIVERS\evbda.sys
C:\Windows\System32\DRIVERS\evbda.sys
3286016 bytes
Created:  10.06.2009 22:34
Modified: 10.06.2009 22:34
Company:  Broadcom Corporation
----------
Key:      FLEXnet Licensing Service
ImagePath: "C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe"
C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
1045256 bytes
Created:  06.01.2011 13:00
Modified: 06.01.2011 13:00
Company:  Acresso Software Inc.
----------
Key:      FontCache3.0.0.0
ImagePath: %systemroot%\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
42856 bytes
Created:  27.04.2011 22:51
Modified: 05.11.2010 03:53
Company:  Microsoft Corporation
----------
Key:      FsUsbExDisk
ImagePath: \??\C:\Windows\SysWOW64\FsUsbExDisk.SYS
C:\Windows\SysWOW64\FsUsbExDisk.SYS
37344 bytes
Created:  22.02.2013 23:17
Modified: 05.02.2013 10:54
Company:  [no info]
----------
Key:      Garmin Core Update Service
ImagePath: "D:\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe"
D:\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
219480 bytes
Created:  22.07.2013 10:22
Modified: 22.07.2013 10:22
Company:  Garmin Ltd or its subsidiaries
----------
Key:      GDBehave
ImagePath: system32\drivers\GDBehave.sys
C:\Windows\System32\drivers\GDBehave.sys
54176 bytes
Created:  31.12.2010 12:25
Modified: 08.01.2013 13:21
Company:  G Data Software AG
----------
Key:      GDFwSvc
ImagePath: "D:\GData\Firewall\GDFwSvcx64.exe"
D:\GData\Firewall\GDFwSvcx64.exe
2377736 bytes
Created:  08.01.2013 13:21
Modified: 29.11.2012 06:14
Company:  G Data Software AG
----------
Key:      GDMnIcpt
ImagePath: \??\C:\Windows\system32\drivers\MiniIcpt.sys
C:\Windows\System32\drivers\MiniIcpt.sys
126880 bytes
Created:  31.12.2010 12:24
Modified: 08.01.2013 13:21
Company:  G Data Software AG
----------
Key:      GdNetMon
ImagePath: \??\C:\Windows\system32\drivers\GdNetMon64.sys
C:\Windows\System32\drivers\GdNetMon64.sys
31608 bytes
Created:  31.10.2011 23:38
Modified: 31.10.2011 23:38
Company:  G Data Software AG
----------
Key:      GDPkIcpt
ImagePath: \??\C:\Windows\system32\drivers\PktIcpt.sys
C:\Windows\System32\drivers\PktIcpt.sys
62368 bytes
Created:  31.12.2010 12:25
Modified: 08.01.2013 13:23
Company:  G Data Software AG
----------
Key:      GDScan
ImagePath: "C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe"
C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
470008 bytes
Created:  17.08.2012 16:29
Modified: 29.03.2012 04:42
Company:  G Data Software AG
----------
Key:      gdwfpcd
ImagePath: system32\drivers\gdwfpcd64.sys
C:\Windows\System32\drivers\gdwfpcd64.sys
65008 bytes
Created:  31.12.2010 12:24
Modified: 22.02.2013 23:08
Company:  G Data Software AG
----------
Key:      GRD
ImagePath: \??\C:\Windows\system32\drivers\GRD.sys
C:\Windows\System32\drivers\GRD.sys
106648 bytes
Created:  31.12.2010 13:21
Modified: 01.09.2012 13:15
Company:  G Data Software
----------
Key:      gusvc
ImagePath: "C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe"
C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
136120 bytes
Created:  04.01.2011 22:06
Modified: 11.06.2010 02:40
Company:  Google
----------
Key:      HECIx64
ImagePath: system32\DRIVERS\HECIx64.sys
C:\Windows\System32\DRIVERS\HECIx64.sys
56344 bytes
Created:  31.12.2010 12:37
Modified: 17.09.2009 13:54
Company:  Intel Corporation
----------
Key:      HookCentre
ImagePath: \??\C:\Windows\system32\drivers\HookCentre.sys
C:\Windows\System32\drivers\HookCentre.sys
64416 bytes
Created:  31.10.2011 23:38
Modified: 22.02.2013 23:08
Company:  G Data Software AG
----------
Key:      iaStorV
ImagePath: \SystemRoot\system32\drivers\iaStorV.sys
C:\Windows\System32\drivers\iaStorV.sys
410496 bytes
Created:  27.04.2011 18:56
Modified: 11.03.2011 08:41
Company:  Intel Corporation
----------
Key:      idsvc
ImagePath: "%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe"
C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
856400 bytes
Created:  27.04.2011 22:51
Modified: 05.11.2010 03:52
Company:  Microsoft Corporation
----------
Key:      IGDCTRL
ImagePath: "C:\Program Files\FRITZ!DSL\IGDCTRL.EXE"
C:\Program Files\FRITZ!DSL\IGDCTRL.EXE
88888 bytes
Created:  28.07.2009 17:10
Modified: 28.07.2009 17:10
Company:  AVM Berlin
----------
Key:      IntcAzAudAddService
ImagePath: system32\drivers\RTKVHD64.sys
C:\Windows\System32\drivers\RTKVHD64.sys - [file not found to scan]
----------
Key:      k57nd60a
ImagePath: system32\DRIVERS\k57nd60a.sys
C:\Windows\System32\DRIVERS\k57nd60a.sys
321064 bytes
Created:  16.10.2009 03:32
Modified: 16.10.2009 03:32
Company:  Broadcom Corporation
----------
Key:      ksthunk
ImagePath: \SystemRoot\system32\drivers\ksthunk.sys
C:\Windows\System32\drivers\ksthunk.sys
20992 bytes
Created:  14.07.2009 02:00
Modified: 14.07.2009 02:00
Company:  Microsoft Corporation
----------
Key:      LBTServ
ImagePath: C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
359192 bytes
Created:  27.09.2011 21:04
Modified: 27.09.2011 21:04
Company:  Logitech, Inc.
----------
Key:      LMS
ImagePath: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
268824 bytes
Created:  31.12.2010 12:38
Modified: 30.09.2009 21:02
Company:  Intel Corporation
----------
Key:      LUsbFilt
ImagePath: System32\Drivers\LUsbFilt.Sys
C:\Windows\System32\Drivers\LUsbFilt.Sys
42776 bytes
Created:  02.09.2011 08:30
Modified: 02.09.2011 08:30
Company:  Logitech, Inc.
----------
Key:      lvpepf64
ImagePath: system32\DRIVERS\lv302a64.sys
C:\Windows\System32\DRIVERS\lv302a64.sys
15768 bytes
Created:  26.07.2008 16:22
Modified: 26.07.2008 16:22
Company:  Logitech Inc.
----------
Key:      LVRS64
ImagePath: system32\DRIVERS\lvrs64.sys
C:\Windows\System32\DRIVERS\lvrs64.sys
790424 bytes
Created:  26.07.2008 16:25
Modified: 26.07.2008 16:25
Company:  Logitech Inc.
----------
Key:      LVUSBS64
ImagePath: system32\drivers\LVUSBS64.sys
C:\Windows\System32\drivers\LVUSBS64.sys
50072 bytes
Created:  26.07.2008 16:26
Modified: 26.07.2008 16:26
Company:  Logitech Inc.
----------
Key:      MozillaMaintenance
ImagePath: "C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe"
C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
117656 bytes
Created:  22.08.2013 19:50
Modified: 14.08.2013 19:55
Company:  Mozilla Foundation
----------
Key:      mssmbios
ImagePath: \SystemRoot\system32\drivers\mssmbios.sys
C:\Windows\System32\drivers\mssmbios.sys
32320 bytes
Created:  14.07.2009 01:31
Modified: 14.07.2009 03:48
Company:  Microsoft Corporation
----------
Key:      NVHDA
ImagePath: system32\drivers\nvhda64v.sys
C:\Windows\System32\drivers\nvhda64v.sys
194848 bytes
Created:  08.08.2013 22:36
Modified: 25.02.2013 07:27
Company:  NVIDIA Corporation
----------
Key:      nvsvc
ImagePath: "C:\Windows\system32\nvvsvc.exe"
C:\Windows\System32\nvvsvc.exe
884512 bytes
Created:  14.06.2010 01:04
Modified: 21.06.2013 12:23
Company:  NVIDIA Corporation
----------
Key:      nvvad_WaveExtensible
ImagePath: system32\drivers\nvvad64v.sys
C:\Windows\System32\drivers\nvvad64v.sys - [file not found to scan]
----------
Key:      ose
ImagePath: "C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE"
C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
149352 bytes
Created:  09.01.2010 22:18
Modified: 09.01.2010 22:18
Company:  Microsoft Corporation
----------
Key:      osppsvc
ImagePath: "C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
4925184 bytes
Created:  09.01.2010 22:34
Modified: 09.01.2010 22:34
Company:  Microsoft Corporation
----------
Key:      PerfHost
ImagePath: %SystemRoot%\SysWow64\perfhost.exe
C:\Windows\SysWow64\perfhost.exe
20992 bytes
Created:  14.07.2009 01:11
Modified: 14.07.2009 03:14
Company:  Microsoft Corporation
----------
Key:      PID_PEPI
ImagePath: system32\DRIVERS\LV302V64.SYS
C:\Windows\System32\DRIVERS\LV302V64.SYS
2624408 bytes
Created:  26.07.2008 16:22
Modified: 26.07.2008 16:22
Company:  Logitech Inc.
----------
Key:      PxHlpa64
ImagePath: System32\Drivers\PxHlpa64.sys
C:\Windows\System32\Drivers\PxHlpa64.sys
55856 bytes
Created:  06.01.2011 13:58
Modified: 04.03.2011 21:44
Company:  Sonic Solutions
----------
Key:      rdpbus
ImagePath: \SystemRoot\system32\DRIVERS\rdpbus.sys
C:\Windows\System32\DRIVERS\rdpbus.sys
24064 bytes
Created:  14.07.2009 02:17
Modified: 14.07.2009 02:17
Company:  Microsoft Corporation
----------
Key:      RdpVideoMiniport
ImagePath: System32\drivers\rdpvideominiport.sys
C:\Windows\System32\drivers\rdpvideominiport.sys
19456 bytes
Created:  15.12.2012 02:23
Modified: 23.08.2012 16:10
Company:  Microsoft Corporation
----------
Key:      RoxMediaDB10
ImagePath: "C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe"
C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
1124848 bytes
Created:  26.06.2009 12:19
Modified: 26.06.2009 12:19
Company:  Sonic Solutions
----------
Key:      RxFilter
ImagePath: system32\DRIVERS\RxFilter.sys
C:\Windows\System32\DRIVERS\RxFilter.sys - [file not found to scan]
----------
Key:      Serenum
ImagePath: \SystemRoot\system32\DRIVERS\serenum.sys
C:\Windows\System32\DRIVERS\serenum.sys
23552 bytes
Created:  14.07.2009 02:00
Modified: 14.07.2009 02:00
Company:  Microsoft Corporation
----------
Key:      Serial
ImagePath: \SystemRoot\system32\DRIVERS\serial.sys
C:\Windows\System32\DRIVERS\serial.sys
94208 bytes
Created:  14.07.2009 02:00
Modified: 14.07.2009 02:00
Company:  Microsoft Corporation
----------
Key:      SessionLauncher
ImagePath: C:\Users\sauterch\AppData\Local\Temp\DX9\SessionLauncher.exe
C:\Users\sauterch\AppData\Local\Temp\DX9\SessionLauncher.exe - [file not found to scan]
----------
Key:      Sftfs
ImagePath: system32\DRIVERS\Sftfslh.sys
C:\Windows\System32\DRIVERS\Sftfslh.sys
764264 bytes
Created:  01.10.2011 09:30
Modified: 01.10.2011 09:30
Company:  Microsoft Corporation
----------
Key:      sftlist
ImagePath: "C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
508776 bytes
Created:  01.10.2011 09:30
Modified: 01.10.2011 09:30
Company:  Microsoft Corporation
----------
Key:      Sftplay
ImagePath: system32\DRIVERS\Sftplaylh.sys
C:\Windows\System32\DRIVERS\Sftplaylh.sys
268648 bytes
Created:  01.10.2011 09:30
Modified: 01.10.2011 09:30
Company:  Microsoft Corporation
----------
Key:      Sftredir
ImagePath: system32\DRIVERS\Sftredirlh.sys
C:\Windows\System32\DRIVERS\Sftredirlh.sys
25960 bytes
Created:  01.10.2011 09:30
Modified: 01.10.2011 09:30
Company:  Microsoft Corporation
----------
Key:      Sftvol
ImagePath: system32\DRIVERS\Sftvollh.sys
C:\Windows\System32\DRIVERS\Sftvollh.sys
22376 bytes
Created:  01.10.2011 09:30
Modified: 01.10.2011 09:30
Company:  Microsoft Corporation
----------
Key:      sftvsa
ImagePath: "C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
219496 bytes
Created:  01.10.2011 09:30
Modified: 01.10.2011 09:30
Company:  Microsoft Corporation
----------
Key:      SkypeUpdate
ImagePath: D:\Skype\Updater\Updater.exe
D:\Skype\Updater\Updater.exe
-R- 161384 bytes
Created:  07.02.2013 14:10
Modified: 07.02.2013 14:10
Company:  Skype Technologies
----------
Key:      ssudmdm
ImagePath: system32\DRIVERS\ssudmdm.sys
C:\Windows\System32\DRIVERS\ssudmdm.sys
203672 bytes
Created:  08.08.2013 23:04
Modified: 21.06.2013 02:07
Company:  DEVGURU Co., LTD.(www.devguru.co.kr)
----------
Key:      Stereo Service
ImagePath: "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
413472 bytes
Created:  21.06.2013 05:15
Modified: 21.06.2013 05:15
Company:  NVIDIA Corporation
----------
Key:      stllssvr
ImagePath: "C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe"
C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
-R- 74392 bytes
Created:  30.04.2009 13:59
Modified: 30.04.2009 13:59
Company:  MicroVision Development, Inc.
----------
Key:      swenum
ImagePath: \SystemRoot\system32\drivers\swenum.sys
C:\Windows\System32\drivers\swenum.sys
12496 bytes
Created:  14.07.2009 02:00
Modified: 14.07.2009 03:45
Company:  Microsoft Corporation
----------
Key:      tdrpman273
ImagePath: system32\DRIVERS\tdrpm273.sys
C:\Windows\System32\DRIVERS\tdrpm273.sys
1263200 bytes
Created:  23.01.2011 15:27
Modified: 06.03.2012 11:59
Company:  Acronis
----------
Key:      TermDD
ImagePath: \SystemRoot\system32\drivers\termdd.sys
C:\Windows\System32\drivers\termdd.sys
63360 bytes
Created:  27.04.2011 22:51
Modified: 20.11.2010 15:33
Company:  Microsoft Corporation
----------
Key:      TsUsbFlt
ImagePath: system32\drivers\tsusbflt.sys
C:\Windows\System32\drivers\tsusbflt.sys
57856 bytes
Created:  15.12.2012 02:23
Modified: 23.08.2012 16:07
Company:  Microsoft Corporation
----------
Key:      TuneUp.UtilitiesSvc
ImagePath: "D:\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe"
D:\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe
2028864 bytes
Created:  13.12.2011 10:34
Modified: 13.12.2011 10:34
Company:  TuneUp Software
----------
Key:      UNS
ImagePath: "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
2320920 bytes
Created:  31.12.2010 12:38
Modified: 30.09.2009 21:02
Company:  Intel Corporation
----------
Key:      USBAAPL64
ImagePath: System32\Drivers\usbaapl64.sys
C:\Windows\System32\Drivers\usbaapl64.sys
54784 bytes
Created:  13.12.2012 14:50
Modified: 13.12.2012 14:50
Company:  Apple, Inc.
----------
Key:      WinUsb
ImagePath: system32\DRIVERS\WinUSB.SYS
C:\Windows\System32\DRIVERS\WinUSB.SYS
41984 bytes
Created:  27.04.2011 22:51
Modified: 20.11.2010 12:43
Company:  Microsoft Corporation
----------
Key:      wlidsvc
ImagePath: "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
2292480 bytes
Created:  17.07.2012 15:14
Modified: 17.07.2012 15:14
Company:  Microsoft Corp.
----------

************************************************************
21:25:46: Scanning -----VXD ENTRIES-----

************************************************************
21:25:46: Scanning ----- WINLOGON\NOTIFY DLLS -----
No WINLOGON\NOTIFY DLLs found to scan
Rootkit scan of Winlogon\Notify key not possible [key may not exist]

************************************************************
21:25:46: Scanning ----- ContextMenuHandlers -----
Key:  7-Zip
CLSID: {23170F69-40C1-278A-1000-000100020000}
Path:  D:\7_Zip\7-Zip\7-zip.dll
D:\7_Zip\7-Zip\7-zip.dll
55808 bytes
Created:  18.11.2010 18:08
Modified: 18.11.2010 18:08
Company:  Igor Pavlov
----------
Key:  TuneUp Shredder Shell Extension
CLSID: {4858E7D9-8E12-45a3-B6A3-1CD128C9D403}
Path:  D:\TuneUp Utilities 2011\SDShelEx-win32.dll
D:\TuneUp Utilities 2011\SDShelEx-win32.dll
30016 bytes
Created:  13.12.2011 10:29
Modified: 13.12.2011 10:29
Company:  TuneUp Software
----------
Key:  VersionsPageShellExt
CLSID: {9E42900A-85F9-4E67-9778-575FBBA0A81C}
Path:  D:\Acronis True Image_2011\versions_page.dll
D:\Acronis True Image_2011\versions_page.dll
128352 bytes
Created:  22.09.2011 23:22
Modified: 22.09.2011 23:22
Company:  Acronis
----------
Key:  {C539A15A-3AF9-4c92-B771-50CB78F5C751}
Path:  D:\Acronis True Image_2011\tishell.dll
D:\Acronis True Image_2011\tishell.dll
1030536 bytes
Created:  22.09.2011 23:21
Modified: 22.09.2011 23:21
Company:  Acronis
----------

************************************************************
21:25:47: Scanning ----- Folder\ColumnHandlers -----
No Folder\ColumnHandler entries found to scan

************************************************************
21:25:47: Scanning ----- 64-Bit ContextMenuHandlers -----
Key:  AVK9CM
CLSID: {CAF4C320-32F5-11D3-A222-004095200FF2}
Path:  D:\GData\AVK\ShellExt64.dll
D:\GData\AVK\ShellExt64.dll
333848 bytes
Created:  17.08.2011 16:00
Modified: 21.05.2012 05:35
Company:  G Data Software AG
----------
Key:  RXDCExtSvr
CLSID: {0FB82570-BB2D-23D3-8D3B-AC2F34F1FA3C}
Path:  C:\Program Files\Roxio\Virtual Drive 10\DC_ShellExt64.dll
C:\Program Files\Roxio\Virtual Drive 10\DC_ShellExt64.dll
145904 bytes
Created:  26.06.2009 12:31
Modified: 26.06.2009 12:31
Company:  Sonic Solutions
----------
Key:  TuneUp Shredder Shell Extension
CLSID: {4858E7D9-8E12-45a3-B6A3-1CD128C9D403}
Path:  D:\TuneUp Utilities 2011\SDShelEx-x64.dll
D:\TuneUp Utilities 2011\SDShelEx-x64.dll
28480 bytes
Created:  13.12.2011 10:29
Modified: 13.12.2011 10:29
Company:  TuneUp Software
----------
Key:  VersionsPageShellExt
CLSID: {9E42900A-85F9-4E67-9778-575FBBA0A81C}
Path:  D:\Acronis True Image_2011\x64\versions_page.dll
D:\Acronis True Image_2011\x64\versions_page.dll
142176 bytes
Created:  22.09.2011 23:22
Modified: 22.09.2011 23:22
Company:  Acronis
----------
Key:  {C539A15A-3AF9-4c92-B771-50CB78F5C751}
Path:  D:\Acronis True Image_2011\tishell64.dll
D:\Acronis True Image_2011\tishell64.dll
1246088 bytes
Created:  22.09.2011 23:22
Modified: 22.09.2011 23:22
Company:  Acronis
----------

************************************************************
21:25:47: Scanning ----- 64-Bit Folder\ColumnHandlers -----
No Folder\ColumnHandler entries found to scan

************************************************************
21:25:47: Scanning ----- Browser Helper Objects -----
Key: {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC}
BHO: C:\Program Files (x86)\Common Files\G DATA\AVKProxy\BanksafeBHO.dll
C:\Program Files (x86)\Common Files\G DATA\AVKProxy\BanksafeBHO.dll
52728 bytes
Created:  10.08.2011 17:31
Modified: 27.01.2012 15:40
Company:  G Data Software AG
----------

************************************************************
21:25:47: Scanning ----- 64-Bit Browser Helper Objects -----
Key: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
BHO: D:\Java\bin\ssv.dll
D:\Java\bin\ssv.dll
551840 bytes
Created:  09.03.2013 22:44
Modified: 09.03.2013 22:44
Company:  Oracle Corporation
----------
Key: {9030D464-4C02-4ABF-8ECC-5164760863C6}
BHO: C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
529664 bytes
Created:  17.07.2012 15:17
Modified: 17.07.2012 15:17
Company:  Microsoft Corp.
----------
Key: {DBC80044-A445-435b-BC74-9C25C1C588A9}
BHO: D:\Java\bin\jp2ssv.dll
D:\Java\bin\jp2ssv.dll
209824 bytes
Created:  09.03.2013 22:44
Modified: 09.03.2013 22:44
Company:  Oracle Corporation
----------

************************************************************
21:25:48: Scanning ----- ShellServiceObjectDelayLoad Entries

************************************************************
21:25:48: Scanning ----- 64-Bit ShellServiceObjectDelayLoad Entries

************************************************************
21:25:48: Scanning ----- ShellServiceObjects

************************************************************
21:25:48: Scanning ----- 64-Bit ShellServiceObjects

************************************************************
21:25:48: Scanning ----- SHAREDTASKSCHEDULER ENTRIES -----
No SharedTaskScheduler entries found to scan

************************************************************
21:25:48: Scanning ----- IMAGEFILE DEBUGGERS -----
No "Debugger" entries found.

************************************************************
21:25:48: Scanning ----- APPINIT_DLLS -----
AppInitDLLs entry = [C:\PROGRA~2\NVIDIA~1\NVSTRE~1\rxinput.dll]
C:\PROGRA~2\NVIDIA~1\NVSTRE~1\rxinput.dll - this reference will be removed
C:\PROGRA~2\NVIDIA~1\NVSTRE~1\rxinput.dll - could not take ownership: Der Vorgang wurde erfolgreich beendet
[driver loading error driver loading error read file error: C:\PROGRA~2\NVIDIA~1\NVSTRE~1\rxinput.dll, Das Handle ist ungültig.
]
[driver loading error driver loading error read file error: C:\PROGRA~2\NVIDIA~1\NVSTRE~1\rxinput.dll, Das Handle ist ungültig.
]
C:\PROGRA~2\NVIDIA~1\NVSTRE~1\rxinput.dll - file could not be neutralised
[driver loading error kill file error: C:\PROGRA~2\NVIDIA~1\NVSTRE~1\rxinput.dll, Das Handle ist ungültig.
]
C:\PROGRA~2\NVIDIA~1\NVSTRE~1\rxinput.dll - marked for renaming when the PC is restarted (if it exists)
----------

************************************************************
21:26:11: Scanning ----- SECURITY PROVIDER DLLS -----

************************************************************
21:26:11: Scanning ------ COMMON STARTUP GROUP ------
[C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup]
The Common Startup Group attempts to load the following file(s) at boot time:
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-HS- 174 bytes
Created:  14.07.2009 06:54
Modified: 14.07.2009 06:54
Company:  [no info]
--------------------

************************************************************
21:26:12: Scanning ----- USER STARTUP GROUPS -----
Checking Startup Group for: sauterch
[C:\Users\sauterch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup]
C:\Users\sauterch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-HS- 174 bytes
Created:  30.12.2010 22:36
Modified: 08.08.2013 22:23
Company:  [no info]
----------
--------------------

************************************************************
21:26:12: Scanning ----- SCHEDULED TASKS -----
Scheduled Tasks not scanned: running in Safe Mode so Task Scheduler service not running

************************************************************
21:26:12: Scanning ----- SHELLICONOVERLAYIDENTIFIERS -----
Key:  SharingPrivate
CLSID: {08244EE6-92F0-47f2-9FC9-929BAA2E7235}
File:  %SystemRoot%\system32\ntshrui.dll
C:\Windows\System32\ntshrui.dll
509952 bytes
Created:  18.02.2012 11:28
Modified: 04.01.2012 12:44
Company:  Microsoft Corporation
----------

************************************************************
21:26:12: Scanning ----- DEVICE DRIVER ENTRIES -----
Value: vidc.i420
File:  lvcodec2.dll
lvcodec2.dll - [file not found to scan]
----------
Value: msacm.l3acm
File:  C:\Windows\SysWOW64\l3codeca.acm
C:\Windows\SysWOW64\l3codeca.acm
64000 bytes
Created:  14.07.2009 02:07
Modified: 14.07.2009 03:14
Company:  Fraunhofer Institut Integrierte Schaltungen IIS
----------
Value: vidc.cvid
File:  iccvid.dll
iccvid.dll - [file not found to scan]
----------

************************************************************
21:26:12: ----- ADDITIONAL CHECKS -----
Heuristic checks for hidden files/drivers completed
----------
Layered Service Provider entries checks completed
----------
Windows Explorer Policies checks completed
----------
Desktop Wallpaper: C:\Users\sauterch\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
C:\Users\sauterch\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
57120 bytes
Created:  30.12.2010 22:36
Modified: 13.08.2013 21:38
Company:  [no info]
----------
Web Desktop Wallpaper entry is blank
----------
Checks for rogue DNS NameServers completed
----------
Checks for Backdoor.ZeroAccess completed
----------
Safe Mode checks completed
----------
Additional checks completed

************************************************************
21:26:13: Scanning ----- RUNNING PROCESSES -----

C:\Windows\System32\smss.exe
112640 bytes
Created:  11.04.2013 17:58
Modified: 19.03.2013 05:06
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\csrss.exe
7680 bytes
Created:  14.07.2009 01:19
Modified: 14.07.2009 03:39
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\wininit.exe
129024 bytes
Created:  14.07.2009 01:52
Modified: 14.07.2009 03:39
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\services.exe
328704 bytes
Created:  14.07.2009 01:19
Modified: 14.07.2009 03:39
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\lsass.exe
31232 bytes
Created:  31.01.2012 20:14
Modified: 17.11.2011 08:33
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\lsm.exe
343040 bytes
Created:  27.04.2011 22:52
Modified: 20.11.2010 15:24
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\winlogon.exe
390656 bytes
Created:  27.04.2011 22:52
Modified: 20.11.2010 15:25
Company:  Microsoft Corporation
--------------------
C:\Windows\System32\svchost.exe
27136 bytes
Created:  14.07.2009 01:31
Modified: 14.07.2009 03:39
Company:  Microsoft Corporation
--------------------
D:\Mozilla Firefox\firefox.exe
276376 bytes
Created:  19.08.2013 06:40
Modified: 14.08.2013 19:55
Company:  Mozilla Corporation
--------------------
D:\Trojan Remover\Rmvtrjan.exe
FileSize:          5078264
[This is a Trojan Remover component]
--------------------
--------------------
D:\Mozilla Firefox\plugin-container.exe
17304 bytes
Created:  19.08.2013 06:40
Modified: 14.08.2013 19:55
Company:  Mozilla Corporation
--------------------
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
1861512 bytes
Created:  08.08.2013 22:32
Modified: 08.08.2013 22:32
Company:  Adobe Systems, Inc.
--------------------

************************************************************
21:26:14: Checking HOSTS file
No malicious entries were found in the HOSTS file

************************************************************
------ INTERNET EXPLORER HOME/START/SEARCH SETTINGS ------
HKLM\Software\Microsoft\Internet Explorer\Main\"Start Page":
hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Microsoft\Internet Explorer\Main\"Local Page":
C:\Windows\SysWOW64\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main\"Search Page":
hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Microsoft\Internet Explorer\Main\"Default_Page_URL":
hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Microsoft\Internet Explorer\Main\"Default_Search_URL":
hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKCU\Software\Microsoft\Internet Explorer\Main\"Start Page":
hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p24_serp_ie_de_display?ie=UTF8&tagbase=bds-p24&tbrId=v1_abb-channel-24_4bd9705f7ce34286b66d3eda149032da_39_1007_20130820_DE_ie_sp_
HKCU\Software\Microsoft\Internet Explorer\Main\"Local Page":
C:\Windows\system32\blank.htm
HKCU\Software\Microsoft\Internet Explorer\Main\"Search Page":
hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=DE&userid=8ff9e2c0-c955-4d2e-a461-0606362ab29b&affid=113129&searchtype=ds&babsrc=lnkry&q={searchTerms}

************************************************************
=== CHANGES WERE MADE TO THE WINDOWS REGISTRY ===
Scan completed at: 21:26:14 25 Aug 2013
Total Scan time: 00:01:14
-------------------------------------------------------------------------
Trojan Remover needs to restart the system to complete operations
25.08.2013 21:26:18: restart commenced
************************************************************

cosinus 30.07.2014 23:13
Hmpf

So wirklich schlau werde ich darauf nicht. TrojanRemover zeigt ne ganze Menge unnützes Zeugs an, ich hatte eigentlich an eine Zusammenfassung gedacht was er an Zeug gefunden und entfernt hat, nicht was er alles durchsucht hat :stirn:

MBAM hat jedenfalls nur Junkware gefunden, die ist nur lästig aber nicht destruktiv

Läuft dein PC im normalen nur langsam oder so gut wie garnicht?

sauterch 31.07.2014 05:56
Der Rechner läuft so gut wie gar nicht. Es ist unmöglich darauf zu arbeiten. Ich habe auch keine internetverbindung mehr. Viele Dinge sind auch blockiert z.B. Kann ich den eventlog nicht aktivieren weshalb ich auch dachte ich habe einen Virus oder sowas eingefangen

cosinus 31.07.2014 08:14
Windows-DVD zur Hand? Was anderes als Reparatur oder Neuinstallation sehe ich hier nämlich nicht

sauterch 31.07.2014 08:41
ohh nein, dass wollte ich eigentlich vermeiden. Windows DVD habe ich zur Hand.
Wie kann ich eine Windows Reparatur durchführen? Hat bisher nicht geklappt. Windows sagt ich habe eine aktuellere Version bereits installiert. Eigentlich völliger Quatsch da ich ja eine Reparatur durchführen möchte.
Ich habe mein System auf einer separaten Partition installiert. Die Programme sowie diverse Daten sind auch auf einer separaten Partition.
Kann ich nun einfach Windows 7 neuinstallieren ohne die anderen Partition zu beeinflussen bzw zu überschreiben?

cosinus 31.07.2014 09:36
Zitat:
Kann ich nun einfach Windows 7 neuinstallieren ohne die anderen Partition zu beeinflussen bzw zu überschreiben?
Tolle Idee! Ein kleiner Fehler im Setup, versehentlich die falsche Partition formatiert oder gelöscht oder oder oder und schon kommst du an deine Daten nicht mehr ran!

Man sichert daher sinnigerweise seine Daten auf ein externes Medium und klemmt dieses dann auch ab wenn es an die Neuinstallation geht.


Alle Zeitangaben in WEZ +1. Es ist jetzt 03:43 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19