Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   HP Laptop friert alle 3-5 Minuten für 20 Sekunden ein (https://www.trojaner-board.de/147815-hp-laptop-friert-alle-3-5-minuten-20-sekunden.html)

fantomas77 11.01.2014 21:56
HP Laptop friert alle 3-5 Minuten für 20 Sekunden ein
 
Hallo

Seit ein paar Wochen friert (keine Ahnung wie man dazu sagt) mein HP Laptop fast 3 Jahre alt alle paar Minuten ein. So macht gar nix mehr Spass. Ich würde mich sehr freuen wenn sich jemand mit meinem Problem beschäftigen könnte. Brauche aber eine Anleitung für deppen. Bin ned so fit mit PC Problemen. Im Task Manager geht die CPU Auslastung hin und her von 0-100. Habe es mit CCleaner (Tip von einem Freund) versucht jedoch ohne eine winzige Besserung. Anti Virus Programm ist Avast free.

Ich weiss leider nicht was sonst noch hilfreich sein könnte. Schreibt bitte was ihr wissen wollt.

Vielen Dank schon mal im voraus

LG
fantomas

schrauber 12.01.2014 07:14
hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


fantomas77 12.01.2014 10:36

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-01-2014 05
Ran by André (administrator) on FANTOMAS on 12-01-2014 10:18:47
Running from C:\Users\André\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\BCMWLTRY.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(SlimWare Utilities, Inc.) C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
() C:\Program Files (x86)\Brother\BRAdmin Professional 3\bratimer.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
() C:\ProgramData\InternetUpdater\InternetUpdaterService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
(Rocket Division Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\netzmanager.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realtek Semiconductor Corp.) C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
(Realtek Semiconductor Corp.) C:\Program Files\Realtek\RtVOsd\RtVOsd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [HPWirelessAssistant] - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-06-18] (Hewlett-Packard Company)
HKLM\...\Run: [Broadcom Wireless Manager UI] - C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.exe [7032320 2013-12-15] (Broadcom Corporation)
HKLM\...\Run: [IAStorIcon] - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-09-27] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7204568 2000-01-01] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2804976 2013-10-25] (Synaptics Incorporated)
HKLM-x32\...\Run: [Microsoft Default Manager] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [288088 2009-11-11] (Microsoft Corporation)
HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [577408 2012-02-15] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [DivXMediaServer] - C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-08-21] (DivX, LLC)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2013-12-29] (AVAST Software)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2013-12-12] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKCU\...\Run: [LightScribe Control Panel] - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2010-05-19] (Hewlett-Packard Company)
HKCU\...\Policies\system: [DisableLockWorkstation] 0
HKCU\...\Policies\system: [DisableChangePassword] 0
MountPoints2: H - H:\autorun.exe
MountPoints2: {310483ec-37c5-11e2-a009-efc511dc726f} - G:\DPFMate.exe
MountPoints2: {a852a746-5d96-11e2-9f12-8c7b7c992861} - G:\DPFMate.exe
MountPoints2: {a96af921-5b31-11e0-a438-f0f87735140f} - H:\autorun.exe autorun.hta
HKU\Default\...\Run: [HPAdvisorDock] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe [1712184 2010-02-09] ()
HKU\Default User\...\Run: [HPAdvisorDock] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe [1712184 2010-02-09] ()
HKU\Gast\...\Run: [HPAdvisorDock] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe [1712184 2010-02-09] ()
HKU\Gast\...\Run: [LightScribe Control Panel] - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2010-05-19] (Hewlett-Packard Company)
Startup: C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Netzmanager.lnk
ShortcutTarget: Netzmanager.lnk -> C:\Program Files\Netzmanager\netzmanager.exe (Deutsche Telekom AG)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com/?ctid=CT3317209&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP0AF63850-025A-4D02-AA18-98435BC1BD5B&SSPV=
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT/4
SearchScopes: HKLM - {031CBDA0-3054-4FC2-90F4-FE168D9B458C} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {DA0D4E32-33B8-4FEB-9089-48C2264A6E8F} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 - {031CBDA0-3054-4FC2-90F4-FE168D9B458C} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {DA0D4E32-33B8-4FEB-9089-48C2264A6E8F} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3317209&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP0AF63850-025A-4D02-AA18-98435BC1BD5B&q={searchTerms}&SSPV=
SearchScopes: HKCU - E80E963525BC4B03877DFD800C1F30BB URL = hxxp://www.google.de/search?q={searchTerms}
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3317209&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP0AF63850-025A-4D02-AA18-98435BC1BD5B&q={searchTerms}&SSPV=
SearchScopes: HKCU - {031CBDA0-3054-4FC2-90F4-FE168D9B458C} URL =
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=CC89C0CB383182B0&affID=119649&tt=070713_9124&tsp=4936
SearchScopes: HKCU - {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://securedsearch2.lavasoft.com/results.php?pr=vmn&id=adawaretb&v=3_4&hsimp=yhs-lavasoft&ent=ch&q={searchTerms}
SearchScopes: HKCU - {99ABBE7D-FBC8-4FDA-9A67-3C196D99A827} URL =
SearchScopes: HKCU - {DA0D4E32-33B8-4FEB-9089-48C2264A6E8F} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: No Name - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -  No File
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} -  No File
Toolbar: HKLM - No Name - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -  No File
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKCU - No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} -  No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
DPF: HKLM-x32 {5EA13312-8764-496F-B4AB-F7A872B51E14} hxxp://static-www3.cdn.oovoo.com/oovoomelink/oovoome/webvc/ooVooWeb.dll
DPF: HKLM-x32 {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: 74.208.10.249 gs.apple.com
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default
FF user.js: detected! => C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\user.js
FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_39.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_39.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: LSNPAPI - C:\Program Files (x86)\nplightshot\3.4.0.55\npLightshot.dll (Skillbrains)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF SearchPlugin: C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\searchplugins\daemon-search.xml
FF SearchPlugin: C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\searchplugins\Firefox.xml
FF SearchPlugin: C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\searchplugins\SweetIM Search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\adawaretb.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrchddr.xml
FF Extension: QuickFox Notes - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\amin.eft_bmnotes@gmail.com [2013-11-26]
FF Extension: DownloaD keepeR - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\bda-vebe@xyaabwng.edu [2013-10-13]
FF Extension: LastPass - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\support@lastpass.com [2013-12-29]
FF Extension: Search Assistant - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\{B3834E60-12A8-11E0-A289-939FDFD72085} [2011-10-18]
FF Extension: DownloadHelper - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2013-10-07]
FF Extension: FoxLingo - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66} [2012-12-30]
FF Extension: FTdownloader V3.0 - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\ftdownloader3@ftdownloader.com.xpi [2013-04-11]
FF Extension: HDvid Codec 3 - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\hdvc3@hdvidcodec.com.xpi [2013-06-30]
FF Extension: NewTabURL - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\newtaburl@sogame.cat.xpi [2011-09-08]
FF Extension: NoSquint - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\nosquint@urandom.ca.xpi [2011-09-08]
FF Extension: PlusWinks - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\pluswinks@PlusWinks.xpi [2013-08-15]
FF Extension: Free Hide IP - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\support@free-hideip.com.xpi [2013-08-25]
FF Extension: WEB.DE MailCheck - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\toolbar@web.de.xpi [2011-06-21]
FF Extension: Undo Closed Tabs Button - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\undoclosedtabsbutton@supernova00.biz.xpi [2011-09-08]
FF Extension: Image Zoom - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}.xpi [2011-09-08]
FF Extension: Save Link in Folder - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\{7a46f9fe-4818-4837-ae4a-39c53978ae99}.xpi [2011-09-08]
FF Extension: Showcase - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\{89506680-e3f4-484c-a2c0-ed711d481eda}.xpi [2011-09-08]
FF Extension: FlashResizer - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\{C6F77964-B0B5-4953-A144-93051184EC0C}.xpi [2011-11-25]
FF Extension: FlipClock - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\{cdd09450-7280-11de-8a39-0800200c9a66}.xpi [2011-09-08]
FF Extension: Adblock Plus - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-07-13]
FF Extension: Download Statusbar - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi [2011-05-05]
FF Extension: Tab Mix Plus - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2011-09-08]
FF Extension: DownThemAll! - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2011-05-05]
FF Extension: QuickJava - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi [2013-08-15]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-09-16]
FF HKLM-x32\...\Firefox\Extensions: [ocr@babylon.com] - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\ocr@babylon.com

Chrome:
=======
CHR HomePage:
CHR RestoreOnStartup: "hxxp://search.babylon.com/?babsrc=HP_ss_din2g&mntrId=CC89C0CB383182B0&affID=119649&tt=070713_9124&tsp=4936"
CHR DefaultSearchKeyword: mysearch.avg.com
CHR DefaultSearchProvider: mysearch.avg.com
CHR DefaultSearchURL: hxxp://mysearch.avg.com/search?cmpid=&q={searchTerms}&sap=hp&lang=de&mid=20d04bdf3a1847d3b2db72f74fe3d39c-c5ca61211faa258f3bdcf04f6ed1f7e966263d8e&cid=%7B04E31ECC-6E3F-49D4-A38F-6A6083897547%7D&v=15.4.0.5&ds=ts024&d=13.08.2013+12%3A18%3A03&pr=sa&snd=hp&sap_acp=1&pid=safeguard&sg=0
CHR DefaultNewTabURL:
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.270.7) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U27) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (WildTangent Games App V2 Presence Detector) - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll No File
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Lightshot) - C:\Program Files (x86)\nplightshot\3.4.0.55\npLightshot.dll (Skillbrains)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll No File
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Andr\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Extension: (DownloaD keepeR) - C:\Users\André\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbpgmmffhigkpbjfofgocgmmlgmfojch\1.6 [2013-10-12]
CHR Extension: () - C:\Users\André\AppData\Local\Google\Chrome\User Data\Default\Extensions\mocblcnaofikinigmceddfghppkkjbog\1.0.0.5_0 [2013-07-19]
CHR Extension: (Chrome In-App Payments service) - C:\Users\André\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0 [2013-09-12]
CHR HKLM-x32\...\Chrome\Extension: [bbffdhejhaoiflnpooogkckfdcmmjppn] - C:\Program Files (x86)\FTDownloader.com\FTDownloader10.crx [2013-09-12]
CHR HKLM-x32\...\Chrome\Extension: [mocblcnaofikinigmceddfghppkkjbog] - C:\Users\André\AppData\Roaming\PlusWinks\PlusWinks.crx [2013-06-11]
CHR HKLM-x32\...\Chrome\Extension: [oejkcgajlodefenbbjdnaiahmbnnoole] - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\chrome-newtab-search.crx [2013-06-11]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-12-29] (AVAST Software)
R2 BRA_Scheduler; C:\Program Files (x86)\Brother\BRAdmin Professional 3\bratimer.exe [65536 2010-09-15] ()
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-09-27] (Intel Corporation)
R2 InternetUpdater; C:\ProgramData\InternetUpdater\InternetUpdaterService.exe [40448 2013-12-06] ()
R2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [289496 2000-01-01] (Realtek Semiconductor)
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [275968 2007-05-28] (Rocket Division Software)
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11\bcmwltry.exe [5878272 2013-12-15] (Broadcom Corporation)
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE [48128 2013-12-15] (Broadcom Corporation)

==================== Drivers (Whitelisted) ====================

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2013-12-29] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-10-21] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-10-21] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1034464 2013-12-29] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [422216 2013-12-29] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [79672 2013-12-29] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2013-12-29] ()
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-09-13] (GFI Software)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-09-27] (Intel Corporation)
S3 jumi; C:\Windows\System32\DRIVERS\jumi.sys [15160 2010-06-03] (Windows (R) Codename Longhorn DDK provider)
S3 RSUSBSTOR; C:\Windows\SysWow64\Drivers\RtsUStor.sys [225280 2009-09-23] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2013-10-25] (Synaptics Incorporated)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [868848 2013-12-08] ()
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2014-01-12] ()
R3 TelekomNM6; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
U3 ar91njoh; C:\Windows\System32\Drivers\ar91njoh.sys [0 ] (Microsoft Corporation)
S3 CtClsFlt; system32\DRIVERS\CtClsFlt.sys [x]
S3 PAC7302; system32\DRIVERS\PAC7302.SYS [x]
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-12 10:18 - 2014-01-12 10:19 - 00029103 _____ C:\Users\André\Downloads\FRST.txt
2014-01-12 10:18 - 2014-01-12 10:18 - 00000000 ____D C:\FRST
2014-01-12 10:17 - 2014-01-12 10:18 - 02076672 _____ (Farbar) C:\Users\André\Downloads\FRST64.exe
2014-01-12 01:00 - 2014-01-12 10:10 - 00000056 _____ C:\Windows\setupact.log
2014-01-12 01:00 - 2014-01-12 01:00 - 00000000 _____ C:\Windows\setuperr.log
2014-01-11 00:35 - 2014-01-11 00:37 - 00000624 _____ C:\Users\André\AppData\Roaming\All CPU MeterV3_Settings.ini
2014-01-10 23:24 - 2014-01-10 23:24 - 00000000 ____D C:\Program Files\WinRAR
2014-01-10 23:16 - 2014-01-11 00:54 - 00000000 ____D C:\ProgramData\GlarySoft
2014-01-10 23:13 - 2014-01-11 00:54 - 00000000 ____D C:\Users\André\AppData\Roaming\GlarySoft
2014-01-09 18:12 - 2014-01-09 18:12 - 00000000 ____D C:\Users\André\AppData\Local\SearchProtect
2013-12-30 20:49 - 2013-12-30 20:49 - 00006532 _____ C:\Users\André\Desktop\Enigmatis.lnk
2013-12-29 18:35 - 2013-12-29 18:35 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2013-12-29 18:31 - 2013-12-29 18:31 - 00000000 ____D C:\ProgramData\Websteroids
2013-12-29 17:45 - 2013-12-29 17:45 - 00000000 ____D C:\Users\André\AppData\Roaming\Desktop_Gaming
2013-12-29 17:42 - 2013-12-29 17:42 - 00000000 ____D C:\ProgramData\DivoGames
2013-12-29 14:58 - 2013-12-29 14:58 - 00000000 ____D C:\ProgramData\InternetUpdater
2013-12-29 14:56 - 2013-12-29 14:56 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-12-29 14:47 - 2013-12-29 14:47 - 00000000 ____D C:\Users\Andr�\Downloads\Skype_TSV4OJCL
2013-12-29 14:47 - 2013-12-29 14:47 - 00000000 ____D C:\Users\Andr�
2013-12-28 23:09 - 2013-12-28 23:09 - 00001044 _____ C:\Users\Public\Desktop\PokerStars.eu.lnk
2013-12-28 20:42 - 2014-01-10 23:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-28 19:52 - 2013-12-28 19:52 - 00000000 ____D C:\ProgramData\Synaptics
2013-12-23 20:30 - 2013-12-29 17:41 - 00001312 _____ C:\Users\André\Downloads\LINKS GAMES.txt
2013-12-21 15:42 - 2013-12-30 20:51 - 00000000 ____D C:\Users\André\AppData\Roaming\Artifex Mundi
2013-12-21 07:33 - 2013-12-21 07:34 - 00000000 ____D C:\Users\André\AppData\Local\Farmington Tales 2 - Winter Crop
2013-12-15 19:23 - 2013-12-15 19:23 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2013-12-15 19:22 - 2000-01-01 01:00 - 38385664 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2013-12-15 19:22 - 2000-01-01 01:00 - 03707864 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2013-12-15 19:22 - 2000-01-01 01:00 - 02810072 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2013-12-15 19:22 - 2000-01-01 01:00 - 02587864 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2013-12-15 19:22 - 2000-01-01 01:00 - 01662024 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2013-12-15 19:22 - 2000-01-01 01:00 - 01286360 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2013-12-15 19:22 - 2000-01-01 01:00 - 01021656 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2013-12-15 19:22 - 2000-01-01 01:00 - 00681905 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2013-12-15 19:22 - 2000-01-01 01:00 - 00617176 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2013-12-15 19:22 - 2000-01-01 01:00 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2013-12-15 19:22 - 2000-01-01 01:00 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2013-12-15 19:22 - 2000-01-01 01:00 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2013-12-15 19:22 - 2000-01-01 01:00 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2013-12-15 19:22 - 2000-01-01 01:00 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2013-12-15 19:22 - 2000-01-01 01:00 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2013-12-15 19:22 - 2000-01-01 01:00 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2013-12-15 19:22 - 2000-01-01 01:00 - 00153304 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2013-12-15 19:22 - 2000-01-01 01:00 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2013-12-15 19:22 - 2000-01-01 01:00 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2013-12-15 19:22 - 2000-01-01 01:00 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2013-12-15 19:22 - 2000-01-01 01:00 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2013-12-15 19:19 - 2000-01-01 01:00 - 00209096 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2013-12-15 19:19 - 2000-01-01 01:00 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2013-12-15 19:19 - 2000-01-01 01:00 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2013-12-15 19:16 - 2013-12-15 19:16 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2013-12-15 19:16 - 2013-12-15 19:16 - 00000000 ____D C:\Users\André\AppData\Roaming\Synaptics
2013-12-15 19:15 - 2013-12-15 19:15 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2013-12-15 19:14 - 2000-01-01 01:00 - 00000092 _____ C:\Windows\system32\calibration.bin
2013-12-15 19:09 - 2013-12-15 19:09 - 00000000 ____D C:\ProgramData\Intel
2013-12-15 19:09 - 2013-12-15 19:09 - 00000000 ____D C:\Program Files\Intel
2013-12-15 19:08 - 2013-12-15 19:08 - 00000000 ____D C:\Users\André\Intel
2013-12-15 19:01 - 2013-12-15 19:01 - 00000000 ____D C:\Windows\System32\Tasks\FANTOMAS
2013-12-15 18:59 - 2013-12-15 18:58 - 07849472 _____ (Broadcom Corporation) C:\Windows\system32\BCMWLCPL.CPL
2013-12-15 18:59 - 2013-12-15 18:58 - 04961800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vcredist_x64.exe
2013-12-15 18:59 - 2013-12-15 18:58 - 04659200 _____ (Broadcom Corporation) C:\Windows\system32\bcmttls.dll
2013-12-15 18:59 - 2013-12-15 18:58 - 03161088 _____ (Microsoft Corporation) C:\Windows\system32\vcredist_x64.exe
2013-12-15 18:59 - 2013-12-15 18:58 - 01063936 _____ (Broadcom Corporation) C:\Windows\system32\BCMLogon.dll
2013-12-15 18:59 - 2013-12-15 18:58 - 00073216 _____ (Broadcom Corporation) C:\Windows\system32\wltrynt.dll
2013-12-15 18:59 - 2013-12-15 18:58 - 00035344 _____ (CACE Technologies, Inc.) C:\Windows\system32\Drivers\npf.sys
2013-12-15 18:59 - 2013-12-15 18:58 - 00023760 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\bcm42rly.sys
2013-12-15 18:59 - 2013-12-15 18:58 - 00000446 _____ C:\Windows\SysWOW64\vcredist_x64.bat
2013-12-15 18:59 - 2013-12-15 18:58 - 00000441 _____ C:\Windows\system32\vcredist_x64.bat
2013-12-15 18:47 - 2013-12-15 18:47 - 00002772 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-12-15 14:57 - 2013-12-15 14:57 - 00000000 ____D C:\Users\André\AppData\Roaming\Tap It Games
2013-12-13 11:21 - 2014-01-08 17:30 - 00003186 _____ C:\Windows\System32\Tasks\HPCeeScheduleForAndré
2013-12-13 11:21 - 2014-01-08 17:30 - 00000332 _____ C:\Windows\Tasks\HPCeeScheduleForAndré.job

==================== One Month Modified Files and Folders =======

2014-01-12 10:19 - 2014-01-12 10:18 - 00029103 _____ C:\Users\André\Downloads\FRST.txt
2014-01-12 10:18 - 2014-01-12 10:18 - 00000000 ____D C:\FRST
2014-01-12 10:18 - 2014-01-12 10:17 - 02076672 _____ (Farbar) C:\Users\André\Downloads\FRST64.exe
2014-01-12 10:18 - 2009-07-14 05:45 - 00023248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-12 10:18 - 2009-07-14 05:45 - 00023248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-12 10:14 - 2010-09-30 19:35 - 01276028 _____ C:\Windows\WindowsUpdate.log
2014-01-12 10:11 - 2013-05-14 19:07 - 00002836 _____ C:\Windows\System32\Tasks\SlimDrivers Startup
2014-01-12 10:11 - 2013-05-14 19:07 - 00000410 _____ C:\Windows\Tasks\SlimDrivers Startup.job
2014-01-12 10:10 - 2014-01-12 01:00 - 00000056 _____ C:\Windows\setupact.log
2014-01-12 10:10 - 2013-05-14 19:07 - 00016152 _____ C:\Windows\system32\Drivers\SWDUMon.sys
2014-01-12 10:10 - 2011-06-01 23:51 - 00000433 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2014-01-12 10:10 - 2011-02-01 21:21 - 00001104 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-12 10:10 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-12 07:11 - 2011-02-01 21:20 - 00000000 ____D C:\Users\André\AppData\Roaming\Skype
2014-01-12 06:30 - 2011-02-01 21:21 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-12 06:26 - 2012-09-13 12:07 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-12 05:59 - 2011-09-14 00:00 - 00000388 _____ C:\Windows\Tasks\update-sys.job
2014-01-12 05:52 - 2011-09-14 00:00 - 00000388 _____ C:\Windows\Tasks\update-S-1-5-21-1987948605-2304011684-557955469-1001.job
2014-01-12 01:00 - 2014-01-12 01:00 - 00000000 _____ C:\Windows\setuperr.log
2014-01-11 00:54 - 2014-01-10 23:16 - 00000000 ____D C:\ProgramData\GlarySoft
2014-01-11 00:54 - 2014-01-10 23:13 - 00000000 ____D C:\Users\André\AppData\Roaming\GlarySoft
2014-01-11 00:54 - 2010-07-17 10:19 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2014-01-11 00:52 - 2013-10-07 04:39 - 00000000 ____D C:\Program Files (x86)\ConvertHelper
2014-01-11 00:37 - 2014-01-11 00:35 - 00000624 _____ C:\Users\André\AppData\Roaming\All CPU MeterV3_Settings.ini
2014-01-10 23:31 - 2013-09-16 14:22 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2014-01-10 23:28 - 2012-09-17 19:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-10 23:25 - 2013-12-28 20:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-01-10 23:24 - 2014-01-10 23:24 - 00000000 ____D C:\Program Files\WinRAR
2014-01-10 23:24 - 2012-09-13 12:07 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-01-10 23:24 - 2012-09-13 12:06 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-10 23:24 - 2012-03-18 13:50 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-10 23:24 - 2011-01-23 14:35 - 00000000 ____D C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-01-10 23:20 - 2013-12-08 20:57 - 00000000 ____D C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Constance's mission
2014-01-10 23:20 - 2013-09-13 20:46 - 00000000 ____D C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HDPlayer
2014-01-09 18:12 - 2014-01-09 18:12 - 00000000 ____D C:\Users\André\AppData\Local\SearchProtect
2014-01-09 18:03 - 2011-06-02 14:46 - 00000000 ____D C:\swsetup
2014-01-09 17:01 - 2011-11-24 10:46 - 00000000 _____ C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-01-09 17:01 - 2010-12-23 20:23 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log
2014-01-08 17:34 - 2011-05-17 22:30 - 00000000 ____D C:\Program Files\CCleaner
2014-01-08 17:32 - 2013-08-04 16:22 - 00000000 ____D C:\Program Files (x86)\Full Tilt Poker.Eu
2014-01-08 17:30 - 2013-12-13 11:21 - 00003186 _____ C:\Windows\System32\Tasks\HPCeeScheduleForAndré
2014-01-08 17:30 - 2013-12-13 11:21 - 00000332 _____ C:\Windows\Tasks\HPCeeScheduleForAndré.job
2013-12-30 20:51 - 2013-12-21 15:42 - 00000000 ____D C:\Users\André\AppData\Roaming\Artifex Mundi
2013-12-30 20:49 - 2013-12-30 20:49 - 00006532 _____ C:\Users\André\Desktop\Enigmatis.lnk
2013-12-29 23:03 - 2013-12-09 18:24 - 00000000 ____D C:\Program Files (x86)\OXXOGames
2013-12-29 19:40 - 2012-09-05 11:40 - 00003218 _____ C:\Windows\System32\Tasks\HPCeeScheduleForFANTOMAS$
2013-12-29 19:40 - 2012-09-05 11:40 - 00000342 _____ C:\Windows\Tasks\HPCeeScheduleForFANTOMAS$.job
2013-12-29 18:40 - 2013-12-09 18:27 - 00000000 ____D C:\Program Files (x86)\DEUTSCHLAND SPIELT
2013-12-29 18:35 - 2013-12-29 18:35 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2013-12-29 18:35 - 2013-09-16 14:23 - 00422216 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2013-12-29 18:35 - 2013-09-16 14:23 - 00001966 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-12-29 18:35 - 2013-09-16 14:22 - 01034464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-12-29 18:35 - 2013-09-16 14:22 - 00207904 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-12-29 18:35 - 2013-09-16 14:22 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-12-29 18:35 - 2013-09-16 14:22 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-12-29 18:35 - 2011-06-29 07:10 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-12-29 18:31 - 2013-12-29 18:31 - 00000000 ____D C:\ProgramData\Websteroids
2013-12-29 17:45 - 2013-12-29 17:45 - 00000000 ____D C:\Users\André\AppData\Roaming\Desktop_Gaming
2013-12-29 17:42 - 2013-12-29 17:42 - 00000000 ____D C:\ProgramData\DivoGames
2013-12-29 17:41 - 2013-12-23 20:30 - 00001312 _____ C:\Users\André\Downloads\LINKS GAMES.txt
2013-12-29 14:58 - 2013-12-29 14:58 - 00000000 ____D C:\ProgramData\InternetUpdater
2013-12-29 14:56 - 2013-12-29 14:56 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-12-29 14:56 - 2011-02-01 21:20 - 00000000 ____D C:\ProgramData\Skype
2013-12-29 14:47 - 2013-12-29 14:47 - 00000000 ____D C:\Users\Andr�\Downloads\Skype_TSV4OJCL
2013-12-29 14:47 - 2013-12-29 14:47 - 00000000 ____D C:\Users\Andr�
2013-12-29 02:54 - 2012-09-13 12:23 - 00000000 ____D C:\Users\André\AppData\Local\PokerStars.EU
2013-12-28 23:17 - 2012-09-13 12:22 - 00000000 ____D C:\Program Files (x86)\PokerStars.EU
2013-12-28 23:09 - 2013-12-28 23:09 - 00001044 _____ C:\Users\Public\Desktop\PokerStars.eu.lnk
2013-12-28 22:09 - 2011-01-07 14:17 - 00000000 ____D C:\Users\André\AppData\Roaming\YoudaGames
2013-12-28 22:08 - 2010-07-17 19:47 - 00658964 _____ C:\Windows\system32\perfh007.dat
2013-12-28 22:08 - 2010-07-17 19:47 - 00131802 _____ C:\Windows\system32\perfc007.dat
2013-12-28 22:08 - 2009-07-14 06:13 - 01510900 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-28 19:52 - 2013-12-28 19:52 - 00000000 ____D C:\ProgramData\Synaptics
2013-12-21 16:08 - 2013-10-12 05:25 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-12-21 07:34 - 2013-12-21 07:33 - 00000000 ____D C:\Users\André\AppData\Local\Farmington Tales 2 - Winter Crop
2013-12-15 19:23 - 2013-12-15 19:23 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2013-12-15 19:19 - 2010-07-17 10:21 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-12-15 19:17 - 2010-09-30 19:37 - 00000000 ____D C:\Program Files (x86)\Intel
2013-12-15 19:16 - 2013-12-15 19:16 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2013-12-15 19:16 - 2013-12-15 19:16 - 00000000 ____D C:\Users\André\AppData\Roaming\Synaptics
2013-12-15 19:15 - 2013-12-15 19:15 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2013-12-15 19:10 - 2011-06-18 09:47 - 01536576 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-12-15 19:09 - 2013-12-15 19:09 - 00000000 ____D C:\ProgramData\Intel
2013-12-15 19:09 - 2013-12-15 19:09 - 00000000 ____D C:\Program Files\Intel
2013-12-15 19:08 - 2013-12-15 19:08 - 00000000 ____D C:\Users\André\Intel
2013-12-15 19:08 - 2010-12-22 17:08 - 00000000 ____D C:\Users\André
2013-12-15 19:01 - 2013-12-15 19:01 - 00000000 ____D C:\Windows\System32\Tasks\FANTOMAS
2013-12-15 19:01 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\zh-HK
2013-12-15 19:01 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\tr-TR
2013-12-15 19:01 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\th-TH
2013-12-15 19:01 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\sl-SI
2013-12-15 19:01 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\sk-SK
2013-12-15 19:01 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\ro-RO
2013-12-15 19:01 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\lv-LV
2013-12-15 19:01 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\lt-LT
2013-12-15 19:01 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\hr-HR
2013-12-15 19:01 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\he-IL
2013-12-15 19:01 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\et-EE
2013-12-15 19:01 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\bg-BG
2013-12-15 19:01 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\ar-SA
2013-12-15 19:01 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Help
2013-12-15 18:58 - 2013-12-15 18:59 - 07849472 _____ (Broadcom Corporation) C:\Windows\system32\BCMWLCPL.CPL
2013-12-15 18:58 - 2013-12-15 18:59 - 04961800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vcredist_x64.exe
2013-12-15 18:58 - 2013-12-15 18:59 - 04659200 _____ (Broadcom Corporation) C:\Windows\system32\bcmttls.dll
2013-12-15 18:58 - 2013-12-15 18:59 - 03161088 _____ (Microsoft Corporation) C:\Windows\system32\vcredist_x64.exe
2013-12-15 18:58 - 2013-12-15 18:59 - 01063936 _____ (Broadcom Corporation) C:\Windows\system32\BCMLogon.dll
2013-12-15 18:58 - 2013-12-15 18:59 - 00073216 _____ (Broadcom Corporation) C:\Windows\system32\wltrynt.dll
2013-12-15 18:58 - 2013-12-15 18:59 - 00035344 _____ (CACE Technologies, Inc.) C:\Windows\system32\Drivers\npf.sys
2013-12-15 18:58 - 2013-12-15 18:59 - 00023760 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\bcm42rly.sys
2013-12-15 18:58 - 2013-12-15 18:59 - 00000446 _____ C:\Windows\SysWOW64\vcredist_x64.bat
2013-12-15 18:58 - 2013-12-15 18:59 - 00000441 _____ C:\Windows\system32\vcredist_x64.bat
2013-12-15 18:57 - 2010-09-30 19:35 - 04749008 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\BCMWL664.SYS
2013-12-15 18:57 - 2010-09-30 19:35 - 03952640 _____ (Broadcom Corporation) C:\Windows\system32\bcmihvsrv64.dll
2013-12-15 18:57 - 2010-09-30 19:35 - 03617792 _____ (Broadcom Corporation) C:\Windows\system32\bcmihvui64.dll
2013-12-15 18:57 - 2010-09-30 19:35 - 00096560 _____ (Broadcom Corporation) C:\Windows\system32\bcmwlcoi.dll
2013-12-15 18:57 - 2010-09-30 19:35 - 00006656 _____ C:\Windows\system32\bcmwlrc.dll
2013-12-15 18:48 - 2011-04-07 16:55 - 00000000 ____D C:\Users\André\AppData\Local\CrashDumps
2013-12-15 18:48 - 2009-09-07 02:57 - 00000000 ____D C:\Windows\Panther
2013-12-15 18:47 - 2013-12-15 18:47 - 00002772 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-12-15 18:16 - 2013-08-14 11:59 - 00000000 ____D C:\Windows\system32\MRT
2013-12-15 18:14 - 2011-01-14 18:03 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-15 14:57 - 2013-12-15 14:57 - 00000000 ____D C:\Users\André\AppData\Roaming\Tap It Games
2013-12-15 01:41 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-12-14 07:59 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache

Files to move or delete:
====================
C:\ProgramData\dsgsdgdsgdsgw.pad


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-11 04:28

==================== End Of Log ============================
--- --- ---


Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-01-2014 05
Ran by André at 2014-01-12 10:19:47
Running from C:\Users\André\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

7-Zip 9.20 (x32 Version:  - )
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0 - Igor Pavlov)
ABBYY FineReader 9.0 Sprint (x32 Version: 9.01.513.58212 - ABBYY)
ABBYY FineReader 9.0 Sprint (x32 Version: 9.01.513.58212 - ABBYY) Hidden
Adobe Flash Player 12 ActiveX (x32 Version: 12.0.0.39 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.39 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.05) - Deutsch (x32 Version: 11.0.05 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (x32 Version: 11.5.7.609 - Adobe Systems, Inc)
Advanced Audio FX Engine (x32 Version: 1.12.05 - Creative Technology Ltd)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.95 - WildTangent) Hidden
ATI Catalyst Install Manager (Version: 3.0.790.0 - ATI Technologies, Inc.)
avast! Free Antivirus (x32 Version: 9.0.2011 - Avast Software)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
BRAdmin Professional 3 (x32 Version: 3.42.0007 - Brother)
Broadcom 802.11 Wireless LAN Adapter (Version: 5.100.82.148 - Broadcom Corporation)
Broadcom Wireless Utility (Version: 5.100.82.148 - Broadcom Corporation)
Call of Juarez (x32 Version: 1.1.1.0 - Ubisoft) Hidden
CCleaner (Version: 4.09 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DFX for Windows Media Player (x32 Version: 9.304.0.0 - Power Technology)
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
DivX-Setup (x32 Version: 2.6.1.84 - DivX, LLC)
Energy Star Digital Logo (x32 Version: 1.0.1 - Hewlett-Packard)
ESU for Microsoft Windows 7 (x32 Version: 1.0.0 - Hewlett-Packard)
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
Full Tilt Poker.Eu (x32 Version: 4.63.10.WIN.FullTilt.EU - )
Google Chrome (x32 Version: 31.0.1650.63 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Advisor (x32 Version: 3.4.10262.3295 - Hewlett-Packard)
HP Customer Experience Enhancements (x32 Version: 6.0.1.4 - Hewlett-Packard) Hidden
HP Games (x32 Version: 1.0.1.3 - WildTangent)
HP Power Manager (x32 Version: 1.4.7 - Hewlett-Packard Company)
HP Quick Launch (x32 Version: 2.6.3 - Hewlett-Packard Company)
HP Setup (x32 Version: 8.1.4186.3400 - Hewlett-Packard)
HP Software Framework (x32 Version: 4.1.13.1 - Hewlett-Packard Company)
HP Wireless Assistant (Version: 4.0.9.0 - Hewlett-Packard)
Insaniquarium Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Intel(R) Control Center (x32 Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Graphics Media Accelerator Driver (x32 Version: 8.15.10.2131 - Intel Corporation)
Intel(R) Management Engine Components (x32 Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 12.8.6.1000 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 12.8.6.1000 - Intel Corporation) Hidden
Internet Updater (x32 Version: 2.6.52 - Parallel Lines Development, LLC) <==== ATTENTION
Java 7 Update 45 (x32 Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 27 (x32 Version: 6.0.270 - Oracle)
Java(TM) 6 Update 29 (64-bit) (Version: 6.0.290 - Oracle)
Jewel Quest II (x32 Version: 2.2.0.95 - WildTangent) Hidden
Jewel Quest Solitaire (x32 Version: 2.2.0.95 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LightScribe System Software (x32 Version: 1.18.15.1 - LightScribe)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Default Manager (x32 Version: 2.1.55.0 - Microsoft Corporation) Hidden
Microsoft Mouse and Keyboard Center (Version: 2.1.177.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (Version: 2.1.177.0 - Microsoft Corporation) Hidden
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (x32 Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 27.0 (x86 en-US) (x32 Version: 27.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 27.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
Nero Multimedia Suite (x32 Version:  - )
Netzmanager (Version: 1.071 - Deutsche Telekom AG, Marmiko IT-Solutions GmbH) Hidden
Netzmanager (x32 Version: 1.071 - Deutsche Telekom AG)
nplightshot-3.4.0.55 (x32 Version:  - Skillbrains)
NVIDIA PhysX v8.10.29 (x32 Version: 8.10.29 - NVIDIA Corporation)
OpenAL (x32 Version:  - )
OpenOffice.org 3.3 (x32 Version: 3.3.9567 - OpenOffice.org)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden
PokerStars.eu (x32 Version:  - PokerStars.eu)
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Pure Pinball (x32 Version:  - )
Realtek Ethernet Controller Driver For Windows 7 (x32 Version: 7.21.531.2010 - Realtek)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.7083 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (x32 Version: 6.1.7600.30105 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.3023 - CyberLink Corp.) Hidden
RtVOsd (Version: 1.0.3 - Realtek Semiconductor Corp.)
Skype™ 6.11 (x32 Version: 6.11.102 - Skype Technologies S.A.)
SlimDrivers (x32 Version: 2.2.32705 - SlimWare Utilities, Inc.)
Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
SST - Screen Size Tool (HKCU Version:  - Opera widgets)
Synaptics Pointing Device Driver (Version: 17.0.18.8 - Synaptics Incorporated)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
Updater Service (x32 Version: 15,9,28,27 - ) <==== ATTENTION
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Virtual Villagers - The Secret City (x32 Version: 2.2.0.95 - WildTangent) Hidden
VLC media player 2.1.1 (x32 Version: 2.1.1 - VideoLAN)
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Family Safety (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX control for remote connections (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (x32 Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Media Encoder 9 Series (x32 Version:  - )
Windows Media Encoder 9 Series (x32 Version: 9.00.2980 - Microsoft Corporation) Hidden
WinRAR 5.00 (32-bit) (x32 Version: 5.00.0 - win.rar GmbH)
WinRAR 5.01 (64-bit) (Version: 5.01.0 - win.rar GmbH)
Xilisoft Video Converter Ultimate 6 (x32 Version: 6.0.7.0707 - Xilisoft)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

==================== Restore Points  =========================

27-12-2013 13:21:32 Windows Update
29-12-2013 17:33:28 avast! antivirus system restore point
31-12-2013 18:15:21 Windows Update
04-01-2014 14:19:38 Windows Update
09-01-2014 16:56:23 SlimDrivers Installing Drivers
09-01-2014 16:58:10 SlimDrivers Installing Drivers
10-01-2014 13:16:01 Windows Update
10-01-2014 23:52:37 Dark Arcana - Der Jahrmarkt Sammler wird entfernt
10-01-2014 23:54:08 Removed HP Documentation
10-01-2014 23:55:22 Removed Mobile Mouse Server.

==================== Hosts content: ==========================

2009-07-14 03:34 - 2013-10-04 04:24 - 00000850 ____A C:\Windows\system32\Drivers\etc\hosts
74.208.10.249 gs.apple.com

==================== Scheduled Tasks (whitelisted) =============

Task: {137C5AD4-CFDF-4332-991D-5C4D81A3F718} - System32\Tasks\HPCeeScheduleForAndré => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05] (Hewlett-Packard)
Task: {27F574CF-2236-4D2F-8703-E55D66798021} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2013-09-27] ()
Task: {376371D7-7FF5-4331-8FA6-816D035B496D} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2000-01-01] (Microsoft Corporation)
Task: {400B7D5C-97BE-4153-AEE0-E3C0FB3E0B3D} - System32\Tasks\Microsoft_Hardware_Launch_devicecenter_exe => c:\Program Files\Microsoft Device Center\devicecenter.exe
Task: {4358C55D-CB38-4D17-AE26-A299BAD8F8FB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {4A6DEC3C-E7CD-40CD-8D4D-865C27DBFDE5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-02-01] (Google Inc.)
Task: {51A533F3-F0C2-4BFD-A4BF-49A922C9CC47} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-12-29] (AVAST Software)
Task: {58C91E4A-82EA-472C-8A21-3AAEDBFCEB4F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-02-01] (Google Inc.)
Task: {65E80994-1F25-4DB2-8E84-A542F84266A2} - System32\Tasks\update-S-1-5-21-1987948605-2304011684-557955469-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2013-09-27] ()
Task: {6C5FF5E4-77DE-43D2-AB73-D50B63A28AA5} - System32\Tasks\SlimDrivers Startup => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe [2013-09-24] (SlimWare Utilities, Inc.)
Task: {734BDAD1-38E1-4AFE-90A2-BC97BC24028C} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2000-01-01] (Microsoft Corporation)
Task: {7784A14C-543A-4CB1-9169-C445387F694D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-10] (Adobe Systems Incorporated)
Task: {8306DCD1-62B1-4B00-9598-E75464B05FC6} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Device Center\ipoint.exe
Task: {8F9FC2E8-6C79-47E4-81F9-4C76FE02A729} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-05-25] ()
Task: {921C1862-DA8A-4457-8EB8-ABB3D5641D38} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-09-23] (Hewlett-Packard Company)
Task: {AA517CBC-8B53-4B4A-AB24-B33940D1E4A6} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Device Center\itype.exe
Task: {BDACD58A-461F-48F7-B9C7-D5B8E95EB2BF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-11-22] (Hewlett-Packard)
Task: {C7A097BC-BC1C-41E2-B1C0-B0CCF4EDF866} - System32\Tasks\HPCeeScheduleForFANTOMAS$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05] (Hewlett-Packard)
Task: {CC00B73A-3AE6-4C2F-B0E1-7781EFC7CC83} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd)
Task: {CEFC71B5-E5BA-47FC-AD47-53765BCB22E6} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-05-25] ()
Task: {CF5D9094-F72A-456F-9710-DFF59434A989} - System32\Tasks\FANTOMAS\André - Start WLAN Tray Applet => C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.EXE [2013-12-15] (Broadcom Corporation)
Task: {F8DF0752-8E1E-45E9-96C4-EDB98A9C9A70} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForAndré.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\HPCeeScheduleForFANTOMAS$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\SlimDrivers Startup.job => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
Task: C:\Windows\Tasks\update-S-1-5-21-1987948605-2304011684-557955469-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Loaded Modules (whitelisted) =============

2010-06-18 15:26 - 2010-06-18 15:26 - 00030264 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_LogicLayer.dll
2010-06-18 15:26 - 2010-06-18 15:26 - 00052280 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HardwareAccess.dll
2010-06-18 15:26 - 2010-06-18 15:26 - 00267832 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPCommon.XmlSerializers.dll
2014-01-11 20:55 - 2014-01-11 17:34 - 02153984 _____ () C:\Program Files\AVAST Software\Avast\defs\14011101\algo.dll
2010-05-19 09:05 - 2010-05-19 09:05 - 02121728 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
2010-05-19 09:05 - 2010-05-19 09:05 - 07745536 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
2010-05-19 09:05 - 2010-05-19 09:05 - 00135168 _____ () C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2013-10-21 08:02 - 2013-10-21 08:02 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-12-05 12:32 - 2013-12-04 03:47 - 00702416 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libglesv2.dll
2013-12-05 12:32 - 2013-12-04 03:47 - 00099792 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libegl.dll
2013-12-05 12:32 - 2013-12-04 03:48 - 04055504 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll
2013-12-05 12:32 - 2013-12-04 03:48 - 00399312 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
2013-12-05 12:32 - 2013-12-04 03:47 - 01619408 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1

==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============

Name: HP Webcam-101
Description: USB-Videogerät
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: usbvideo
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/10/2014 03:39:47 PM) (Source: Application Hang) (User: )
Description: Programm IEXPLORE.EXE, Version 11.0.9600.16428 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 12dc

Startzeit: 01cf0e107684c373

Endzeit: 7560

Anwendungspfad: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Berichts-ID:

Error: (01/09/2014 00:12:39 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Netzmanager_Service.exe, Version: 1.71.0.301, Zeitstempel: 0x50094873
Name des fehlerhaften Moduls: SoftplugLib.DLL_unloaded, Version: 0.0.0.0, Zeitstempel: 0x4cbd495f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000007fee8e394bc
ID des fehlerhaften Prozesses: 0xb48
Startzeit der fehlerhaften Anwendung: 0xNetzmanager_Service.exe0
Pfad der fehlerhaften Anwendung: Netzmanager_Service.exe1
Pfad des fehlerhaften Moduls: Netzmanager_Service.exe2
Berichtskennung: Netzmanager_Service.exe3

Error: (01/07/2014 07:33:48 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Netzmanager_Service.exe, Version: 1.71.0.301, Zeitstempel: 0x50094873
Name des fehlerhaften Moduls: SoftplugLib.DLL_unloaded, Version: 0.0.0.0, Zeitstempel: 0x4cbd495f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000007feed128f28
ID des fehlerhaften Prozesses: 0xb68
Startzeit der fehlerhaften Anwendung: 0xNetzmanager_Service.exe0
Pfad der fehlerhaften Anwendung: Netzmanager_Service.exe1
Pfad des fehlerhaften Moduls: Netzmanager_Service.exe2
Berichtskennung: Netzmanager_Service.exe3

Error: (12/22/2013 10:57:13 AM) (Source: Windows Search Service) (User: )
Description: Der Index kann nicht initialisiert werden.


Details:
        Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/22/2013 10:57:13 AM) (Source: Windows Search Service) (User: )
Description: Die Anwendung kann nicht initialisiert werden.

Kontext: Windows Anwendung


Details:
        Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/22/2013 10:57:13 AM) (Source: Windows Search Service) (User: )
Description: Das Gatherer-Objekt kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
        Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/22/2013 10:57:13 AM) (Source: Windows Search Service) (User: )
Description: Plug-In in <Search.TripoliIndexer> kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
        Element nicht gefunden.  (HRESULT : 0x80070490) (0x80070490)

Error: (12/22/2013 10:57:10 AM) (Source: Windows Search Service) (User: )
Description: Plug-In in <Search.JetPropStore> kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
        Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/22/2013 10:57:10 AM) (Source: Windows Search Service) (User: )
Description: Die Eigenschaftenspeicherdaten können von Windows Search nicht geladen werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
        Die Inhaltsindexdatenbank ist fehlerhaft.  (HRESULT : 0xc0041800) (0xc0041800)

Error: (12/22/2013 10:57:10 AM) (Source: Windows Search Service) (User: )
Description: Windows Search wird aufgrund eines Problems bei der Indizierung The catalog is corrupt beendet.


Details:
        Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)


System errors:
=============
Error: (01/10/2014 10:31:57 AM) (Source: ipnathlp) (User: )
Description: 0

Error: (01/10/2014 10:21:02 AM) (Source: ipnathlp) (User: )
Description:

Error: (01/10/2014 09:54:24 AM) (Source: DCOM) (User: )
Description: {ED1D0FDF-4414-470A-A56D-CFB68623FC58}

Error: (01/09/2014 00:13:24 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Netzmanager Infrastruktur Informationssystem Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/07/2014 01:25:04 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Netzmanager Infrastruktur Informationssystem Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/07/2014 07:35:02 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Netzmanager Infrastruktur Informationssystem Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/01/2014 01:40:44 AM) (Source: ipnathlp) (User: )
Description: 0

Error: (12/31/2013 10:24:20 PM) (Source: ipnathlp) (User: )
Description: 0

Error: (12/30/2013 02:51:03 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst HPWMISVC erreicht.

Error: (12/30/2013 02:50:21 AM) (Source: ipnathlp) (User: )
Description: 0


Microsoft Office Sessions:
=========================
Error: (01/10/2014 03:39:47 PM) (Source: Application Hang)(User: )
Description: IEXPLORE.EXE11.0.9600.1642812dc01cf0e107684c3737560C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Error: (01/09/2014 00:12:39 PM) (Source: Application Error)(User: )
Description: Netzmanager_Service.exe1.71.0.30150094873SoftplugLib.DLL_unloaded0.0.0.04cbd495fc0000005000007fee8e394bcb4801cf0d2b88dc31b8C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exeSoftplugLib.DLLf2df602f-791e-11e3-8d1d-da47a3c39464

Error: (01/07/2014 07:33:48 AM) (Source: Application Error)(User: )
Description: Netzmanager_Service.exe1.71.0.30150094873SoftplugLib.DLL_unloaded0.0.0.04cbd495fc0000005000007feed128f28b6801cf0b72208a2a66C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exeSoftplugLib.DLLa99f943d-7765-11e3-9a9a-a9fc63cbad65

Error: (12/22/2013 10:57:13 AM) (Source: Windows Search Service)(User: )
Description:
Details:
        Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/22/2013 10:57:13 AM) (Source: Windows Search Service)(User: )
Description: Kontext: Windows Anwendung


Details:
        Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/22/2013 10:57:13 AM) (Source: Windows Search Service)(User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
        Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/22/2013 10:57:13 AM) (Source: Windows Search Service)(User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
        Element nicht gefunden.  (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer

Error: (12/22/2013 10:57:10 AM) (Source: Windows Search Service)(User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
        Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)
Search.JetPropStore

Error: (12/22/2013 10:57:10 AM) (Source: Windows Search Service)(User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
        Die Inhaltsindexdatenbank ist fehlerhaft.  (HRESULT : 0xc0041800) (0xc0041800)

Error: (12/22/2013 10:57:10 AM) (Source: Windows Search Service)(User: )
Description:
Details:
        Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)
The catalog is corrupt


==================== Memory info ===========================

Percentage of memory in use: 48%
Total physical RAM: 3893.86 MB
Available physical RAM: 2009.86 MB
Total Pagefile: 7785.9 MB
Available Pagefile: 5353.46 MB
Total Virtual: 8192 MB
Available Virtual: 8191.79 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:282.08 GB) (Free:107.55 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:15.72 GB) (Free:2.23 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298 GB) (Disk ID: 91CA769B)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=282 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=16 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)

==================== End Of Log ============================

schrauber 13.01.2014 09:37
hi,

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

fantomas77 13.01.2014 17:30
alles klar schon gemacht

Code:
ComboFix 14-01-13.01 - André 13.01.2014  16:54:44.1.2 - x64
Microsoft Windows 7 Home Premium  6.1.7601.1.1252.49.1031.18.3894.2243 [GMT 1:00]
ausgeführt von:: c:\users\AndrÚ\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\END
C:\install.exe
c:\programdata\DownloAD Keeper
c:\programdata\dsgsdgdsgdsgw.pad
c:\programdata\windows
c:\windows\SysWow64\DEBUG.log
c:\windows\SysWow64\tmp11DA.tmp
c:\windows\SysWow64\tmp120A.tmp
c:\windows\wininit.ini
.
.
(((((((((((((((((((((((  Dateien erstellt von 2013-12-13 bis 2014-01-13  ))))))))))))))))))))))))))))))
.
.
2014-01-13 16:05 . 2014-01-13 16:05        --------        d-----w-        c:\users\Gast\AppData\Local\temp
2014-01-13 16:05 . 2014-01-13 16:05        --------        d-----w-        c:\users\Default\AppData\Local\temp
2014-01-12 09:18 . 2014-01-12 09:18        --------        d-----w-        C:\FRST
2014-01-10 22:24 . 2014-01-10 22:24        --------        d-----w-        c:\program files\WinRAR
2014-01-10 22:16 . 2014-01-10 23:54        --------        d-----w-        c:\programdata\GlarySoft
2014-01-10 22:13 . 2014-01-10 23:54        --------        d-----w-        c:\users\André\AppData\Roaming\GlarySoft
2014-01-10 13:17 . 2013-12-04 03:28        10315576        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{091FFB8D-6167-4A33-9978-BDC1322124BD}\mpengine.dll
2014-01-09 17:12 . 2014-01-09 17:12        --------        d-----w-        c:\users\André\AppData\Local\SearchProtect
2013-12-29 17:35 . 2013-12-29 17:35        79672        ----a-w-        c:\windows\system32\drivers\aswstm.sys
2013-12-29 17:31 . 2013-12-29 17:31        --------        d-----w-        c:\programdata\Websteroids
2013-12-29 16:45 . 2013-12-29 16:45        --------        d-----w-        c:\users\André\AppData\Roaming\Desktop_Gaming
2013-12-29 16:42 . 2013-12-29 16:42        --------        d-----w-        c:\programdata\DivoGames
2013-12-29 13:58 . 2013-12-29 13:58        --------        d-----w-        c:\programdata\InternetUpdater
2013-12-29 13:56 . 2013-12-29 13:56        --------        d-----w-        c:\program files (x86)\Common Files\Skype
2013-12-29 13:56 . 2013-12-29 13:56        --------        d-----r-        c:\program files (x86)\Skype
2013-12-29 13:47 . 2013-12-29 13:47        --------        d-----w-        c:\users\Andr?
2013-12-28 18:52 . 2013-12-28 18:52        --------        d-----w-        c:\programdata\Synaptics
2013-12-21 14:42 . 2013-12-30 19:51        --------        d-----w-        c:\users\André\AppData\Roaming\Artifex Mundi
2013-12-21 06:33 . 2013-12-21 06:34        --------        d-----w-        c:\users\André\AppData\Local\Farmington Tales 2 - Winter Crop
2013-12-15 18:23 . 2013-12-15 18:23        --------        d-----w-        c:\windows\SysWow64\RTCOM
2013-12-15 18:19 . 2000-01-01 00:00        113576        ----a-w-        c:\windows\system32\CONEQMSAPOGUILibrary.dll
2013-12-15 18:19 . 2000-01-01 00:00        209096        ----a-w-        c:\windows\system32\AERTAC64.dll
2013-12-15 18:19 . 2000-01-01 00:00        108640        ----a-w-        c:\windows\system32\AERTAR64.dll
2013-12-15 18:19 . 2006-02-07 14:44        65024        ----a-w-        c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\ISBEW64.exe
2013-12-15 18:19 . 2006-02-07 14:40        204800        ----a-w-        c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iuser.dll
2013-12-15 18:19 . 2006-02-07 14:40        69715        ----a-w-        c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\ctor.dll
2013-12-15 18:19 . 2006-02-07 14:40        274432        ----a-w-        c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iscript.dll
2013-12-15 18:19 . 2005-11-13 22:19        5632        ----a-w-        c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\DotNetInstaller.exe
2013-12-15 18:19 . 2006-02-07 14:45        757760        ----a-w-        c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iKernel.dll
2013-12-15 18:19 . 2013-12-15 18:19        200836        ----a-w-        c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iGdi.dll
2013-12-15 18:19 . 2013-12-15 18:19        331908        ----a-w-        c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\setup.dll
2013-12-15 18:16 . 2013-12-15 18:16        --------        d-----w-        c:\users\André\AppData\Roaming\Synaptics
2013-12-15 18:14 . 2000-01-01 00:00        92        ----a-w-        c:\windows\system32\calibration.bin
2013-12-15 18:11 . 2013-12-15 18:11        --------        d-----w-        c:\program files (x86)\Common Files\Intel Corporation
2013-12-15 18:09 . 2013-12-15 18:09        --------        d-----w-        c:\windows\SysWow64\config\systemprofile\Intel
2013-12-15 18:09 . 2013-12-15 18:09        --------        d-----w-        c:\programdata\Intel
2013-12-15 18:09 . 2013-12-15 18:09        --------        d-----w-        c:\program files\Intel
2013-12-15 18:08 . 2013-12-15 18:08        --------        d-----w-        c:\users\André\Intel
2013-12-15 18:04 . 2013-12-15 18:34        --------        d--h--w-        c:\program files (x86)\Temp
2013-12-15 17:59 . 2013-12-15 17:58        1063936        ----a-w-        c:\windows\system32\BCMLogon.dll
2013-12-15 17:59 . 2013-12-15 17:58        7849472        ----a-w-        c:\windows\system32\BCMWLCPL.CPL
2013-12-15 17:59 . 2013-12-15 17:58        73216        ----a-w-        c:\windows\system32\wltrynt.dll
2013-12-15 17:59 . 2013-12-15 17:58        4659200        ----a-w-        c:\windows\system32\bcmttls.dll
2013-12-15 17:59 . 2013-12-15 17:58        441        ----a-w-        c:\windows\system32\vcredist_x64.bat
2013-12-15 17:59 . 2013-12-15 17:58        35344        ----a-w-        c:\windows\system32\drivers\npf.sys
2013-12-15 17:59 . 2013-12-15 17:58        3161088        ----a-w-        c:\windows\system32\vcredist_x64.exe
2013-12-15 17:59 . 2013-12-15 17:58        23760        ----a-w-        c:\windows\system32\drivers\bcm42rly.sys
2013-12-15 17:59 . 2013-12-15 17:58        4961800        ----a-w-        c:\windows\SysWow64\vcredist_x64.exe
2013-12-15 17:59 . 2013-12-15 17:58        446        ----a-w-        c:\windows\SysWow64\vcredist_x64.bat
2013-12-15 13:57 . 2013-12-15 13:57        --------        d-----w-        c:\users\André\AppData\Roaming\Tap It Games
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-13 15:44 . 2013-05-14 18:07        16152        ----a-w-        c:\windows\system32\drivers\SWDUMon.sys
2014-01-13 09:59 . 2012-09-13 11:06        692616        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe
2014-01-13 09:59 . 2012-03-18 12:50        71048        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-29 17:35 . 2013-09-16 13:23        422216        ----a-w-        c:\windows\system32\drivers\aswsp.sys
2013-12-29 17:35 . 2013-09-16 13:22        207904        ----a-w-        c:\windows\system32\drivers\aswVmm.sys
2013-12-29 17:35 . 2013-09-16 13:22        1034464        ----a-w-        c:\windows\system32\drivers\aswSnx.sys
2013-12-29 17:35 . 2013-09-16 13:22        78648        ----a-w-        c:\windows\system32\drivers\aswMonFlt.sys
2013-12-29 17:35 . 2013-09-16 13:22        43152        ----a-w-        c:\windows\avastSS.scr
2013-12-29 17:35 . 2011-06-29 06:10        334136        ----a-w-        c:\windows\system32\aswBoot.exe
2013-12-15 17:57 . 2010-09-30 18:35        96560        ----a-w-        c:\windows\system32\bcmwlcoi.dll
2013-12-15 17:57 . 2010-09-30 18:35        6656        ----a-w-        c:\windows\system32\bcmwlrc.dll
2013-12-15 17:57 . 2010-09-30 18:35        4749008        ----a-w-        c:\windows\system32\drivers\BCMWL664.SYS
2013-12-15 17:57 . 2010-09-30 18:35        3952640        ----a-w-        c:\windows\system32\bcmihvsrv64.dll
2013-12-15 17:57 . 2010-09-30 18:35        3617792        ----a-w-        c:\windows\system32\bcmihvui64.dll
2013-12-15 17:14 . 2011-01-14 17:03        90708896        ----a-w-        c:\windows\system32\MRT.exe
2013-11-26 11:54 . 2013-12-12 10:16        23183360        ----a-w-        c:\windows\system32\mshtml.dll
2013-11-26 10:19 . 2013-12-12 10:16        2724864        ----a-w-        c:\windows\system32\mshtml.tlb
2013-11-26 10:18 . 2013-12-12 10:16        4096        ----a-w-        c:\windows\system32\ieetwcollectorres.dll
2013-11-26 09:48 . 2013-12-12 10:16        66048        ----a-w-        c:\windows\system32\iesetup.dll
2013-11-26 09:46 . 2013-12-12 10:16        48640        ----a-w-        c:\windows\system32\ieetwproxystub.dll
2013-11-26 09:41 . 2013-12-12 10:16        2764288        ----a-w-        c:\windows\system32\iertutil.dll
2013-11-26 09:29 . 2013-12-12 10:16        53760        ----a-w-        c:\windows\system32\jsproxy.dll
2013-11-26 09:27 . 2013-12-12 10:16        33792        ----a-w-        c:\windows\system32\iernonce.dll
2013-11-26 09:23 . 2013-12-12 10:16        2724864        ----a-w-        c:\windows\SysWow64\mshtml.tlb
2013-11-26 09:21 . 2013-12-12 10:16        574976        ----a-w-        c:\windows\system32\ieui.dll
2013-11-26 09:18 . 2013-12-12 10:16        139264        ----a-w-        c:\windows\system32\ieUnatt.exe
2013-11-26 09:18 . 2013-12-12 10:16        111616        ----a-w-        c:\windows\system32\ieetwcollector.exe
2013-11-26 09:16 . 2013-12-12 10:16        708608        ----a-w-        c:\windows\system32\jscript9diag.dll
2013-11-26 08:57 . 2013-12-12 10:16        218624        ----a-w-        c:\windows\system32\ie4uinit.exe
2013-11-26 08:35 . 2013-12-12 10:16        5769216        ----a-w-        c:\windows\system32\jscript9.dll
2013-11-26 08:28 . 2013-12-12 10:16        553472        ----a-w-        c:\windows\SysWow64\jscript9diag.dll
2013-11-26 08:16 . 2013-12-12 10:16        4243968        ----a-w-        c:\windows\SysWow64\jscript9.dll
2013-11-26 08:02 . 2013-12-12 10:16        1995264        ----a-w-        c:\windows\system32\inetcpl.cpl
2013-11-26 07:48 . 2013-12-12 10:16        12996608        ----a-w-        c:\windows\system32\ieframe.dll
2013-11-26 07:32 . 2013-12-12 10:16        1928192        ----a-w-        c:\windows\SysWow64\inetcpl.cpl
2013-11-26 07:07 . 2013-12-12 10:16        2334208        ----a-w-        c:\windows\system32\wininet.dll
2013-11-26 06:40 . 2013-12-12 10:16        1395200        ----a-w-        c:\windows\system32\urlmon.dll
2013-11-26 06:34 . 2013-12-12 10:16        817664        ----a-w-        c:\windows\system32\ieapfltr.dll
2013-11-26 06:33 . 2013-12-12 10:16        1820160        ----a-w-        c:\windows\SysWow64\wininet.dll
2013-11-25 17:22 . 2013-11-25 17:22        940032        ----a-w-        c:\windows\system32\MsSpellCheckingFacility.exe
2013-11-25 17:22 . 2013-11-25 17:22        194048        ----a-w-        c:\windows\SysWow64\elshyph.dll
2013-11-25 17:22 . 2013-11-25 17:22        942592        ----a-w-        c:\windows\system32\jsIntl.dll
2013-11-25 17:22 . 2013-11-25 17:22        90112        ----a-w-        c:\windows\system32\SetIEInstalledDate.exe
2013-11-25 17:22 . 2013-11-25 17:22        86016        ----a-w-        c:\windows\SysWow64\iesysprep.dll
2013-11-25 17:22 . 2013-11-25 17:22        86016        ----a-w-        c:\windows\system32\RegisterIEPKEYs.exe
2013-11-25 17:22 . 2013-11-25 17:22        84992        ----a-w-        c:\windows\system32\mshtmled.dll
2013-11-25 17:22 . 2013-11-25 17:22        83968        ----a-w-        c:\windows\system32\MshtmlDac.dll
2013-11-25 17:22 . 2013-11-25 17:22        81408        ----a-w-        c:\windows\system32\icardie.dll
2013-11-25 17:22 . 2013-11-25 17:22        774144        ----a-w-        c:\windows\system32\jscript.dll
2013-11-25 17:22 . 2013-11-25 17:22        77312        ----a-w-        c:\windows\system32\tdc.ocx
2013-11-25 17:22 . 2013-11-25 17:22        74240        ----a-w-        c:\windows\SysWow64\SetIEInstalledDate.exe
2013-11-25 17:22 . 2013-11-25 17:22        71680        ----a-w-        c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-11-25 17:22 . 2013-11-25 17:22        645120        ----a-w-        c:\windows\SysWow64\jsIntl.dll
2013-11-25 17:22 . 2013-11-25 17:22        626176        ----a-w-        c:\windows\system32\msfeeds.dll
2013-11-25 17:22 . 2013-11-25 17:22        62464        ----a-w-        c:\windows\SysWow64\tdc.ocx
2013-11-25 17:22 . 2013-11-25 17:22        62464        ----a-w-        c:\windows\system32\pngfilt.dll
2013-11-25 17:22 . 2013-11-25 17:22        61952        ----a-w-        c:\windows\SysWow64\MshtmlDac.dll
2013-11-25 17:22 . 2013-11-25 17:22        61952        ----a-w-        c:\windows\SysWow64\iesetup.dll
2013-11-25 17:22 . 2013-11-25 17:22        616104        ----a-w-        c:\windows\system32\ieapfltr.dat
2013-11-25 17:22 . 2013-11-25 17:22        548352        ----a-w-        c:\windows\system32\vbscript.dll
2013-11-25 17:22 . 2013-11-25 17:22        52224        ----a-w-        c:\windows\system32\msfeedsbs.dll
2013-11-25 17:22 . 2013-11-25 17:22        51200        ----a-w-        c:\windows\SysWow64\ieetwproxystub.dll
2013-11-25 17:22 . 2013-11-25 17:22        48640        ----a-w-        c:\windows\SysWow64\mshtmler.dll
2013-11-25 17:22 . 2013-11-25 17:22        48640        ----a-w-        c:\windows\system32\mshtmler.dll
2013-11-25 17:22 . 2013-11-25 17:22        48128        ----a-w-        c:\windows\system32\imgutil.dll
2013-11-25 17:22 . 2013-11-25 17:22        454656        ----a-w-        c:\windows\SysWow64\vbscript.dll
2013-11-25 17:22 . 2013-11-25 17:22        453120        ----a-w-        c:\windows\system32\dxtmsft.dll
2013-11-25 17:22 . 2013-11-25 17:22        413696        ----a-w-        c:\windows\system32\html.iec
2013-11-25 17:22 . 2013-11-25 17:22        40448        ----a-w-        c:\windows\system32\JavaScriptCollectionAgent.dll
2013-11-25 17:22 . 2013-11-25 17:22        36352        ----a-w-        c:\windows\SysWow64\imgutil.dll
2013-11-25 17:22 . 2013-11-25 17:22        34816        ----a-w-        c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2013-11-25 17:22 . 2013-11-25 17:22        337408        ----a-w-        c:\windows\SysWow64\html.iec
2013-11-25 17:22 . 2013-11-25 17:22        30208        ----a-w-        c:\windows\system32\licmgr10.dll
2013-11-25 17:22 . 2013-11-25 17:22        296960        ----a-w-        c:\windows\system32\dxtrans.dll
2013-11-25 17:22 . 2013-11-25 17:22        263376        ----a-w-        c:\windows\system32\iedkcs32.dll
2013-11-25 17:22 . 2013-11-25 17:22        247808        ----a-w-        c:\windows\system32\msls31.dll
2013-11-25 17:22 . 2013-11-25 17:22        24576        ----a-w-        c:\windows\SysWow64\licmgr10.dll
2013-11-25 17:22 . 2013-11-25 17:22        243200        ----a-w-        c:\windows\system32\webcheck.dll
2013-11-25 17:22 . 2013-11-25 17:22        235520        ----a-w-        c:\windows\system32\url.dll
2013-11-25 17:22 . 2013-11-25 17:22        235008        ----a-w-        c:\windows\system32\elshyph.dll
2013-11-25 17:22 . 2013-11-25 17:22        195584        ----a-w-        c:\windows\system32\msrating.dll
2013-11-25 17:22 . 2013-11-25 17:22        182272        ----a-w-        c:\windows\SysWow64\msls31.dll
2013-11-25 17:22 . 2013-11-25 17:22        167424        ----a-w-        c:\windows\system32\iexpress.exe
2013-11-25 17:22 . 2013-11-25 17:22        151552        ----a-w-        c:\windows\SysWow64\iexpress.exe
2013-11-25 17:22 . 2013-11-25 17:22        147968        ----a-w-        c:\windows\system32\occache.dll
2013-11-25 17:22 . 2013-11-25 17:22        143872        ----a-w-        c:\windows\system32\wextract.exe
2013-11-25 17:22 . 2013-11-25 17:22        139264        ----a-w-        c:\windows\SysWow64\wextract.exe
2013-11-25 17:22 . 2013-11-25 17:22        13824        ----a-w-        c:\windows\system32\mshta.exe
2013-11-25 17:22 . 2013-11-25 17:22        135680        ----a-w-        c:\windows\system32\iepeers.dll
2013-11-25 17:22 . 2013-11-25 17:22        13312        ----a-w-        c:\windows\SysWow64\mshta.exe
2013-11-25 17:22 . 2013-11-25 17:22        13312        ----a-w-        c:\windows\system32\msfeedssync.exe
2013-11-25 17:22 . 2013-11-25 17:22        131072        ----a-w-        c:\windows\system32\IEAdvpack.dll
2013-11-25 17:22 . 2013-11-25 17:22        1228800        ----a-w-        c:\windows\system32\mshtmlmedia.dll
2013-11-25 17:22 . 2013-11-25 17:22        112128        ----a-w-        c:\windows\SysWow64\ieUnatt.exe
2013-11-25 17:22 . 2013-11-25 17:22        111616        ----a-w-        c:\windows\SysWow64\IEAdvpack.dll
2013-11-25 17:22 . 2013-11-25 17:22        105984        ----a-w-        c:\windows\system32\iesysprep.dll
2013-11-25 17:22 . 2013-11-25 17:22        1051136        ----a-w-        c:\windows\SysWow64\mshtmlmedia.dll
2013-11-25 17:22 . 2013-11-25 17:22        101376        ----a-w-        c:\windows\system32\inseng.dll
2013-11-23 18:26 . 2013-12-12 06:48        417792        ----a-w-        c:\windows\SysWow64\WMPhoto.dll
2013-11-23 17:47 . 2013-12-12 06:48        465920        ----a-w-        c:\windows\system32\WMPhoto.dll
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2010-05-19 2736128]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-11-11 288088]
"HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2012-02-15 577408]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"DivXMediaServer"="c:\program files (x86)\DivX\DivX Media Server\DivXMediaServer.exe" [2013-08-21 450560]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-09-05 958576]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2013-12-29 3764024]
.
c:\users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Netzmanager.lnk - c:\program files\Netzmanager\netzmanager.exe /Autostart [2012-7-20 14134784]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-disabled]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
.
R2 BRA_Scheduler;Brother BRAdminPro Scheduler;c:\program files (x86)\Brother\BRAdmin Professional 3\bratimer.exe;c:\program files (x86)\Brother\BRAdmin Professional 3\bratimer.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 InternetUpdater;Internet Updater;c:\programdata\InternetUpdater\InternetUpdaterService.exe;c:\programdata\InternetUpdater\InternetUpdaterService.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R3 athur;Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athurx.sys;c:\windows\SYSNATIVE\DRIVERS\athurx.sys [x]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys;c:\windows\SYSNATIVE\DRIVERS\CtClsFlt.sys [x]
R3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 jumi;%Jumi%;c:\windows\system32\DRIVERS\jumi.sys;c:\windows\SYSNATIVE\DRIVERS\jumi.sys [x]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x]
R3 Point64;Microsoft Mouse and Keyboard Center Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys;c:\windows\SYSNATIVE\DRIVERS\SWDUMon.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 X6va011;X6va011;c:\windows\SysWOW64\Drivers\X6va011;c:\windows\SysWOW64\Drivers\X6va011 [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 gfibto;gfibto;c:\windows\system32\drivers\gfibto.sys;c:\windows\SYSNATIVE\drivers\gfibto.sys [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [x]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe;c:\windows\SYSNATIVE\ezSharedSvcHost.exe [x]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
S2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [x]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Netzmanager Service;Netzmanager Infrastruktur Informationssystem Dienst;c:\program files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe ;c:\program files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe  [x]
S2 RtkAudioService;Realtek Audio Service;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe [x]
S2 RtVOsdService;RtVOsdService Installer;c:\program files\Realtek\RtVOsd\RtVOsdService.exe;c:\program files\Realtek\RtVOsd\RtVOsdService.exe [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
S3 TelekomNM6;Telekom Netzmanager Packet Filter Driver;c:\program files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys;c:\program files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2010-05-19 08:36        451872        ----a-w-        c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-12-05 11:31        1210320        ----a-w-        c:\program files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-01-13 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-13 09:59]
.
2014-01-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-01 20:21]
.
2014-01-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-01 20:21]
.
2014-01-12 c:\windows\Tasks\HPCeeScheduleForAndré.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05 01:53]
.
2013-12-29 c:\windows\Tasks\HPCeeScheduleForFANTOMAS$.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05 01:53]
.
2014-01-13 c:\windows\Tasks\SlimDrivers Startup.job
- c:\program files (x86)\SlimDrivers\SlimDrivers.exe [2013-09-24 11:49]
.
2014-01-13 c:\windows\Tasks\update-S-1-5-21-1987948605-2304011684-557955469-1001.job
- c:\program files (x86)\Skillbrains\Updater\Updater.exe [2011-09-13 12:37]
.
2014-01-13 c:\windows\Tasks\update-sys.job
- c:\program files (x86)\Skillbrains\Updater\Updater.exe [2011-09-13 12:37]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-12-29 17:35        287280        ----a-w-        c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36        164016        ----a-w-        c:\users\André\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36        164016        ----a-w-        c:\users\André\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36        164016        ----a-w-        c:\users\André\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36        164016        ----a-w-        c:\users\André\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2010-06-18 8192]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 161304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 415256]
"Broadcom Wireless Manager UI"="c:\program files\Broadcom\Broadcom 802.11\WLTRAY.exe" [2013-12-15 7032320]
"IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2013-09-27 36352]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2000-01-01 7204568]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"="c:\program files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" [2013-12-12 21720]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://search.conduit.com/?ctid=CT3317209&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP0AF63850-025A-4D02-AA18-98435BC1BD5B&SSPV=
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearchAssistant = about:blank
IE: An OneNote s&enden - c:\progra~2\MICROS~3\Office14\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~3\Office14\EXCEL.EXE/3000
IE: {{07BA1DA9-F501-4796-8728-74D1B91A6CD5} - c:\program files (x86)\PokerStars.EU\PokerStarsUpdate.exe
TCP: DhcpNameServer = 192.168.2.1
DPF: {5EA13312-8764-496F-B4AB-F7A872B51E14} - hxxp://static-www3.cdn.oovoo.com/oovoomelink/oovoome/webvc/ooVooWeb.dll
DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
FF - ProfilePath - c:\users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\
FF - prefs.js: browser.search.selectedEngine -
FF - user.js: extensions.delta.tlbrSrchUrl -
FF - user.js: extensions.delta.id - cc897d78000000000000c0cb383182b0
FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
FF - user.js: extensions.delta.instlDay - 15893
FF - user.js: extensions.delta.vrsn - 1.8.21.5
FF - user.js: extensions.delta.vrsni - 1.8.21.5
FF - user.js: extensions.delta.vrsnTs - 1.8.21.521:52
FF - user.js: extensions.delta.prtnrId - delta
FF - user.js: extensions.delta.prdct - delta
FF - user.js: extensions.delta.aflt - babsst
FF - user.js: extensions.delta.smplGrp - none
FF - user.js: extensions.delta.tlbrId - base
FF - user.js: extensions.delta.instlRef - sst
FF - user.js: extensions.delta.dfltLng - de
FF - user.js: extensions.delta.excTlbr - false
FF - user.js: extensions.delta.ffxUnstlRst - true
FF - user.js: extensions.delta.admin - false
FF - user.js: extensions.delta_i.babTrack - affID=119649&tt=070713_9124&tsp=4936
FF - user.js: extensions.delta_i.babExt -
FF - user.js: extensions.delta_i.srcExt - ss
FF - user.js: extensions.delta.autoRvrt - false
FF - user.js: extensions.delta.rvrt - false
FF - user.js: extensions.delta.newTab - false
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Updater Service - c:\windows\system32\dmwu.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va011]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va011"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_29"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.0_03"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.0_04"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.0_05"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_01"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_01"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_02"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_02"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_03"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_03"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_04"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_04"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_05"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_05"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_06"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_06"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_07"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_07"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_08"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_08"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_09"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_09"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_10"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_10"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_11"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_11"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_12"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_12"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_13"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_13"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_14"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_14"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_15"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_15"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_16"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_16"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_17"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_17"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_18"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_18"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_19"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_19"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_20"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_20"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_21"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_21"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_22"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_22"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_23"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_23"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_24"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_24"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_25"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_25"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_26"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_26"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_27"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_27"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_28"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_28"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_29"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_29"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_30"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_30"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_01"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_01"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_02"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_02"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_03"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_03"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_04"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_04"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_01"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_01"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_02"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_02"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_03"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_03"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_04"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_04"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_05"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_05"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_06"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_06"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_07"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_07"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_01"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_01"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_02"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_02"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_03"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_03"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_04"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_04"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_05"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_05"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_06"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_06"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_07"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_07"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_08"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_08"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_09"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_09"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_10"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_10"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_11"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_11"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_12"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_12"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_13"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_13"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_14"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_14"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_15"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_15"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_16"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_16"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_17"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_17"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_18"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_18"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_19"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_19"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_20"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_20"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_21"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_21"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_22"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_22"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_23"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_23"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_24"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_24"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_25"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_25"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_26"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_26"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_27"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_27"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_28"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_28"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_29"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_29"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_30"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_30"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0014-0002-FFFF-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_01"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_01"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_01"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_02"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_02"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_02"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_03"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_03"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_03"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_04"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_04"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_04"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_05"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_05"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_05"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_06"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_06"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_06"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_07"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_07"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_07"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_08"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_08"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_08"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_09"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_09"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_09"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_10"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_10"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_10"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_11"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_11"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_11"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_12"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_12"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_12"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_13"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_13"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_13"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_14"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_14"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_14"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_15"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_15"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_15"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_16"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_16"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_16"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_17"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_17"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_17"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_18"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_18"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_18"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_19"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_19"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_19"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_20"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_20"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_20"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_21"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_21"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_21"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_22"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_22"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_22"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_23"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_23"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_23"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_24"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_24"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_24"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_25"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_25"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_25"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_26"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_26"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_26"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_27"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_27"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_27"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_28"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_28"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_28"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_29"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_29"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_29"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_30"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_30"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_30"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0015-0000-FFFF-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_01"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_01"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_01"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_02"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_02"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_02"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_03"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_03"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_03"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_04"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_04"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_04"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_05"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_05"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_05"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_06"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_06"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_06"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_07"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_07"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_07"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_08"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_08"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_08"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_09"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_09"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_09"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_10"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_10"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_10"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_11"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_11"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_11"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_12"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_12"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_12"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_13"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_13"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_13"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_14"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_14"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_14"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_15"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_15"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_15"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_16"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_16"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_16"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_17"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_17"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_17"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_18"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_18"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_18"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_19"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_19"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_19"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_20"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_20"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_20"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_21"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_21"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_21"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_22"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_22"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_22"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_23"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_23"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_23"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_24"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_24"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_24"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_25"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_25"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_25"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_26"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_26"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_26"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_27"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_27"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_27"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_28"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_28"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_28"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_29"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_29"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_29"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{CAFEEFAC-0016-0000-FFFF-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0"
.
[HKEY_USERS\S-1-5-21-1987948605-2304011684-557955469-1001_Classes\CLSID\{E19F9331-3110-11D4-991C-005004D3B3DB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.0_02"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-01-13  17:08:07
ComboFix-quarantined-files.txt  2014-01-13 16:08
.
Vor Suchlauf: 10 Verzeichnis(se), 117.888.745.472 Bytes frei
Nach Suchlauf: 16 Verzeichnis(se), 117.709.070.336 Bytes frei
.
- - End Of File - - F4AEEF97E76C9A0C69D2323D5C4FC014
74551108099367ECC2F9BBA8A20C449C

schrauber 14.01.2014 10:08
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

fantomas77 14.01.2014 18:50
Malwarebytes

Code:
Malwarebytes Anti-Malware (Test) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.01.14.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
André :: FANTOMAS [Administrator]

Schutz: Deaktiviert

14.01.2014 17:13:47
mbam-log-2014-01-14 (17-13-47).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 273442
Laufzeit: 5 Minute(n), 16 Sekunde(n)

Infizierte Speicherprozesse: 1
C:\ProgramData\InternetUpdater\InternetUpdaterService.exe (PUP.Optional.InternetUpdater.A) -> 2524 -> Löschen bei Neustart.

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 16
HKLM\SYSTEM\CurrentControlSet\Services\InternetUpdater (PUP.Optional.InternetUpdater.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\AppID\{0E4B2CAB-B859-4C57-B96E-63DDEC692BC4} (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C} (PUP.Optional.WebSteroids.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6} (PUP.Optional.DynConIE.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0af350d9-3916-454b-ac53-0b0b65f41301} (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199} (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48d2-9061-8BBD4899EB08} (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Updater Service (Adware.InstallBrain) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\InternetUpdater (PUP.Optional.InternetUpdater.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\Software\1ClickDownload (PUP.Optional.1ClickDownload.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Google\Chrome\Extensions\dnllcmllkjofnojidnaknldfehfhehoo (PUP.Optional.HDVidCodec.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\RealTime Gaming Software\Gold VIP Club Casino (Adware.Casino) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\Software\Iminent (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Registrierungswerte: 3
HKCU\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Daten: 92544951165356371 -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SYSTEM\CurrentControlSet\Services\InternetUpdater|ImagePath (PUP.Optional.InternetUpdater.A) -> Daten: "C:\ProgramData\InternetUpdater\InternetUpdaterService.exe" -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Daten: 92544951165356371 -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateiobjekte der Registrierung: 1
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.Conduit.A) -> Bösartig: (hxxp://search.conduit.com/?ctid=CT3317209&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP0AF63850-025A-4D02-AA18-98435BC1BD5B&SSPV=) Gut: (hxxp://www.google.com) -> Erfolgreich ersetzt und in Quarantäne gestellt.

Infizierte Verzeichnisse: 6
C:\ProgramData\InternetUpdater (PUP.Optional.InternetUpdater.A) -> Löschen bei Neustart.
C:\ProgramData\IBUpdaterService (Adware.InstallBrain) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\André\AppData\Roaming\SpeedAnalysis2 (PUP.Optional.SpeedAnalysis.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\André\Documents\Optimizer Pro (PUP.Optional.OptimizerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\André\AppData\Roaming\File Scout (PUP.Optional.FileScout.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\HDvidCodec.com (PUP.Optional.HDVidCodec.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateien: 16
C:\ProgramData\InternetUpdater\InternetUpdaterService.exe (PUP.Optional.InternetUpdater.A) -> Löschen bei Neustart.
C:\ProgramData\OptimizerPro1\OptimizerPro11.exe (Trojan.Dropper) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\André\AppData\Roaming\File Scout\filescout.exe (PUP.Optional.FileScout.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Windows\System32\dmwu.exe (Adware.InstallBrain) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\InternetUpdater\InternetUpdater.ico (PUP.Optional.InternetUpdater.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\InternetUpdater\app.dat (PUP.Optional.InternetUpdater.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\InternetUpdater\data.dat (PUP.Optional.InternetUpdater.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\InternetUpdater\InternetUpdaterService.exe.config (PUP.Optional.InternetUpdater.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\InternetUpdater\Uninstall.exe (PUP.Optional.InternetUpdater.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\IBUpdaterService\repository.xml (Adware.InstallBrain) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\André\AppData\Roaming\SpeedAnalysis2\speedanalysis.crx (PUP.Optional.SpeedAnalysis.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\André\AppData\Roaming\speedanalysis.ico (PUP.Optional.SpeedAnalysis2.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\André\Documents\Optimizer Pro\CookiesException.txt (PUP.Optional.OptimizerPro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\André\AppData\Roaming\File Scout\uninst.exe (PUP.Optional.FileScout.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\HDvidCodec.com\HDvidCodec10.crx (PUP.Optional.HDVidCodec.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\HDvidCodec.com\HDvidCodecIE.exe (PUP.Optional.HDVidCodec.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

AdwCleaner

Code:
# AdwCleaner v3.017 - Bericht erstellt am 14/01/2014 um 18:01:55
# Aktualisiert 12/01/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : André - FANTOMAS
# Gestartet von : C:\Users\André\Desktop\Trojaner Board\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Premium
Ordner Gelöscht : C:\ProgramData\Trymedia
Ordner Gelöscht : C:\ProgramData\AlawarWrapper
Ordner Gelöscht : C:\Program Files (x86)\MyPC Backup
Ordner Gelöscht : C:\Program Files\Babylon
Ordner Gelöscht : C:\Users\André\AppData\Local\PackageAware
Ordner Gelöscht : C:\Users\André\AppData\Local\Searchprotect
Ordner Gelöscht : C:\Users\André\AppData\Local\SwvUpdater
Ordner Gelöscht : C:\Users\André\AppData\LocalLow\boost_interprocess
Ordner Gelöscht : C:\Users\André\AppData\LocalLow\facemoods.com
Ordner Gelöscht : C:\Users\André\AppData\Roaming\PerformerSoft
Ordner Gelöscht : C:\Users\André\AppData\Roaming\pluswinks
Ordner Gelöscht : C:\Users\André\AppData\Roaming\SendSpace
Ordner Gelöscht : C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\amin.eft_bmnotes@gmail.com
Ordner Gelöscht : C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\bda-vebe@xyaabwng.edu
Ordner Gelöscht : C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\support@lastpass.com
Ordner Gelöscht : C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\{B3834E60-12A8-11E0-A289-939FDFD72085}
Ordner Gelöscht : C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
Ordner Gelöscht : C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66}
Ordner Gelöscht : C:\Users\André\AppData\Local\Google\Chrome\User Data\Default\Extensions\mocblcnaofikinigmceddfghppkkjbog
Datei Gelöscht : C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\hdvc3@hdvidcodec.com.xpi
Datei Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
Datei Gelöscht : C:\Windows\System32\roboot64.exe
Datei Gelöscht : C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\bProtector_extensions.rdf
Datei Gelöscht : C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\invalidprefs.js
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\adawaretb.xml
Datei Gelöscht : C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\searchplugins\daemon-search.xml
Datei Gelöscht : C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\searchplugins\delta.xml
Datei Gelöscht : C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\searchplugins\SweetIM Search.xml
Datei Gelöscht : C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\user.js
Datei Gelöscht : C:\Users\André\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
Datei Gelöscht : C:\Users\André\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.babylon.com_0.localstorage
Datei Gelöscht : C:\Users\André\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.babylon.com_0.localstorage-journal

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [ocr@babylon.com]
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\bbffdhejhaoiflnpooogkckfdcmmjppn
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\mocblcnaofikinigmceddfghppkkjbog
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\*\shell\filescout
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\BabylonHelper.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\FTDownloader
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\facemoodssrv_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\facemoodssrv_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\FTDownloader_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\FTDownloader_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Schlüssel Gelöscht : HKCU\Software\855d6d0b368eb49
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\dt soft\daemon tools toolbar
Schlüssel Gelöscht : HKCU\Software\filescout
Schlüssel Gelöscht : HKCU\Software\IM
Schlüssel Gelöscht : HKCU\Software\ImInstaller
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\DynConIE
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\Uniblue
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\DivX\Install\Setup\WizardLayout\ConduitToolbar
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v27.0 (en-US)

[ Datei : C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\prefs.js ]

Zeile gelöscht : user_pref("extensions.delta.admin", false);
Zeile gelöscht : user_pref("extensions.delta.aflt", "babsst");
Zeile gelöscht : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Zeile gelöscht : user_pref("extensions.delta.autoRvrt", "false");
Zeile gelöscht : user_pref("extensions.delta.dfltLng", "de");
Zeile gelöscht : user_pref("extensions.delta.excTlbr", false);
Zeile gelöscht : user_pref("extensions.delta.ffxUnstlRst", true);
Zeile gelöscht : user_pref("extensions.delta.id", "cc897d78000000000000c0cb383182b0");
Zeile gelöscht : user_pref("extensions.delta.instlDay", "15893");
Zeile gelöscht : user_pref("extensions.delta.instlRef", "sst");
Zeile gelöscht : user_pref("extensions.delta.newTab", false);
Zeile gelöscht : user_pref("extensions.delta.prdct", "delta");
Zeile gelöscht : user_pref("extensions.delta.prtnrId", "delta");
Zeile gelöscht : user_pref("extensions.delta.rvrt", "false");
Zeile gelöscht : user_pref("extensions.delta.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.delta.tlbrId", "base");
Zeile gelöscht : user_pref("extensions.delta.tlbrSrchUrl", "");
Zeile gelöscht : user_pref("extensions.delta.vrsn", "1.8.21.5");
Zeile gelöscht : user_pref("extensions.delta.vrsnTs", "1.8.21.521:52:02");
Zeile gelöscht : user_pref("extensions.delta.vrsni", "1.8.21.5");
Zeile gelöscht : user_pref("extensions.delta_i.babExt", "");
Zeile gelöscht : user_pref("extensions.delta_i.babTrack", "affID=119649&tt=070713_9124&tsp=4936");
Zeile gelöscht : user_pref("extensions.delta_i.srcExt", "ss");
Zeile gelöscht : user_pref("extensions.facemoods.aflt", "_#ddr");
Zeile gelöscht : user_pref("extensions.facemoods.firstRun", false);
Zeile gelöscht : user_pref("extensions.facemoods.lastActv", "15");
Zeile gelöscht : user_pref("extensions.ffxtlbr@delta.com.install-event-fired", true);
Zeile gelöscht : user_pref("extensions.kango.storage.CachedhxxpRequest.hxxp://ring-tools.info/addons/firefox/update.xml", "\"<?xml version=\\\"1.0\\\" encoding=\\\"utf-8\\\"?>\\n<update>\\n\\t<version>1.0.4</version>\[...]
Zeile gelöscht : user_pref("extensions.kango.storage.CachedhxxpRequest.hxxp://ring-tools.info/addons/firefox/update.xml.last_request", "\"Sun Dec 29 2013 14:25:15 GMT+0100\"");
Zeile gelöscht : user_pref("extensions.kango.storage.CachedhxxpRequest.hxxp://ring-tools.info/scripts/qa.php?product_id={B3834E60-12A8-11E0-A289-939FDFD72085}&product_version=1.0.4", "\"[]\"");
Zeile gelöscht : user_pref("extensions.kango.storage.CachedhxxpRequest.hxxp://ring-tools.info/scripts/qa.php?product_id={B3834E60-12A8-11E0-A289-939FDFD72085}&product_version=1.0.4.last_request", "\"Sun Dec 29 2013 14[...]
Zeile gelöscht : user_pref("extensions.kango.storage.script_loader.data", "\"[]\"");
Zeile gelöscht : user_pref("extensions.kango.storage.statistics.user_guid", "\"{E8B3116C-B6C1-4FBB-C5DA-2F5E02BAC81C}\"");
Zeile gelöscht : user_pref("extensions.kango.storage.statistics.user_stat_sent", "\"Sun Dec 29 2013 14:25:13 GMT+0100\"");

-\\ Google Chrome v31.0.1650.63

[ Datei : C:\Users\André\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht : urls_to_restore_on_startup

*************************

AdwCleaner[R0].txt - [21372 octets] - [14/01/2014 17:38:35]
AdwCleaner[S0].txt - [20329 octets] - [14/01/2014 18:01:55]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [20390 octets] ##########
Junkware

Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 7 Home Premium x64
Ran by Andr‚ on 14.01.2014 at 18:22:00,05
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1987948605-2304011684-557955469-1001\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\caphyon
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{DA0D4E32-33B8-4FEB-9089-48C2264A6E8F}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{DA0D4E32-33B8-4FEB-9089-48C2264A6E8F}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\optimizerpro1"



~~~ FireFox

Emptied folder: C:\Users\Andr‚\AppData\Roaming\mozilla\firefox\profiles\5a025z30.default\minidumps [18 files]



~~~ Chrome

Successfully deleted: [Folder] C:\Users\Andr‚\appdata\local\Google\Chrome\User Data\Default\Extensions\mocblcnaofikinigmceddfghppkkjbog



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 14.01.2014 at 18:31:23,16
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST


FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-01-2014
Ran by André (administrator) on FANTOMAS on 14-01-2014 18:36:28
Running from C:\Users\André\Desktop\Trojaner Board
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\BCMWLTRY.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(SlimWare Utilities, Inc.) C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
() C:\Program Files (x86)\Brother\BRAdmin Professional 3\bratimer.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
(Rocket Division Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\netzmanager.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realtek Semiconductor Corp.) C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
(Realtek Semiconductor Corp.) C:\Program Files\Realtek\RtVOsd\RtVOsd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [HPWirelessAssistant] - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-06-18] (Hewlett-Packard Company)
HKLM\...\Run: [Broadcom Wireless Manager UI] - C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.exe [7032320 2013-12-15] (Broadcom Corporation)
HKLM\...\Run: [IAStorIcon] - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-09-27] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7204568 2000-01-01] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2804976 2013-10-25] (Synaptics Incorporated)
HKLM-x32\...\Run: [Microsoft Default Manager] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [288088 2009-11-11] (Microsoft Corporation)
HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [577408 2012-02-15] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [DivXMediaServer] - C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-08-21] (DivX, LLC)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2013-12-29] (AVAST Software)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2013-12-12] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKCU\...\Run: [LightScribe Control Panel] - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2010-05-19] (Hewlett-Packard Company)
HKCU\...\Policies\system: [DisableLockWorkstation] 0
HKCU\...\Policies\system: [DisableChangePassword] 0
HKU\Default\...\Run: [HPAdvisorDock] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe [1712184 2010-02-09] ()
HKU\Default User\...\Run: [HPAdvisorDock] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe [1712184 2010-02-09] ()
HKU\Gast\...\Run: [HPAdvisorDock] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe [1712184 2010-02-09] ()
HKU\Gast\...\Run: [LightScribe Control Panel] - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2010-05-19] (Hewlett-Packard Company)
Startup: C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Netzmanager.lnk
ShortcutTarget: Netzmanager.lnk -> C:\Program Files\Netzmanager\netzmanager.exe (Deutsche Telekom AG)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {031CBDA0-3054-4FC2-90F4-FE168D9B458C} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {DA0D4E32-33B8-4FEB-9089-48C2264A6E8F} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 - {031CBDA0-3054-4FC2-90F4-FE168D9B458C} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKCU - E80E963525BC4B03877DFD800C1F30BB URL = hxxp://www.google.de/search?q={searchTerms}
SearchScopes: HKCU - {031CBDA0-3054-4FC2-90F4-FE168D9B458C} URL =
SearchScopes: HKCU - {99ABBE7D-FBC8-4FDA-9A67-3C196D99A827} URL =
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: No Name - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -  No File
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - No Name - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -  No File
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
DPF: HKLM-x32 {5EA13312-8764-496F-B4AB-F7A872B51E14} hxxp://static-www3.cdn.oovoo.com/oovoomelink/oovoome/webvc/ooVooWeb.dll
DPF: HKLM-x32 {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default
FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_39.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_39.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: LSNPAPI - C:\Program Files (x86)\nplightshot\3.4.0.55\npLightshot.dll (Skillbrains)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF SearchPlugin: C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\searchplugins\Firefox.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrchddr.xml
FF Extension: FTdownloader V3.0 - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\ftdownloader3@ftdownloader.com.xpi [2013-04-11]
FF Extension: NewTabURL - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\newtaburl@sogame.cat.xpi [2011-09-08]
FF Extension: NoSquint - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\nosquint@urandom.ca.xpi [2011-09-08]
FF Extension: PlusWinks - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\pluswinks@PlusWinks.xpi [2013-08-15]
FF Extension: Free Hide IP - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\support@free-hideip.com.xpi [2013-08-25]
FF Extension: WEB.DE MailCheck - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\toolbar@web.de.xpi [2011-06-21]
FF Extension: Undo Closed Tabs Button - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\undoclosedtabsbutton@supernova00.biz.xpi [2011-09-08]
FF Extension: Image Zoom - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}.xpi [2011-09-08]
FF Extension: Save Link in Folder - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\{7a46f9fe-4818-4837-ae4a-39c53978ae99}.xpi [2011-09-08]
FF Extension: Showcase - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\{89506680-e3f4-484c-a2c0-ed711d481eda}.xpi [2011-09-08]
FF Extension: FlashResizer - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\{C6F77964-B0B5-4953-A144-93051184EC0C}.xpi [2011-11-25]
FF Extension: FlipClock - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\{cdd09450-7280-11de-8a39-0800200c9a66}.xpi [2011-09-08]
FF Extension: Adblock Plus - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-07-13]
FF Extension: Download Statusbar - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi [2011-05-05]
FF Extension: Tab Mix Plus - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2011-09-08]
FF Extension: DownThemAll! - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2011-05-05]
FF Extension: QuickJava - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi [2013-08-15]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-09-16]

Chrome:
=======
CHR HomePage:
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR DefaultSearchKeyword: mysearch.avg.com
CHR DefaultSearchProvider: mysearch.avg.com
CHR DefaultSearchURL: hxxp://mysearch.avg.com/search?cmpid=&q={searchTerms}&sap=hp&lang=de&mid=20d04bdf3a1847d3b2db72f74fe3d39c-c5ca61211faa258f3bdcf04f6ed1f7e966263d8e&cid=%7B04E31ECC-6E3F-49D4-A38F-6A6083897547%7D&v=15.4.0.5&ds=ts024&d=13.08.2013+12%3A18%3A03&pr=sa&snd=hp&sap_acp=1&pid=safeguard&sg=0
CHR DefaultNewTabURL:
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.270.7) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U27) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (WildTangent Games App V2 Presence Detector) - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll No File
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Lightshot) - C:\Program Files (x86)\nplightshot\3.4.0.55\npLightshot.dll (Skillbrains)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll No File
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Andr\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Extension: (DownloaD keepeR) - C:\Users\André\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbpgmmffhigkpbjfofgocgmmlgmfojch\1.6 [2013-10-12]
CHR Extension: (Chrome In-App Payments service) - C:\Users\André\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0 [2013-09-12]
CHR HKLM-x32\...\Chrome\Extension: [oejkcgajlodefenbbjdnaiahmbnnoole] - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\chrome-newtab-search.crx [2013-09-12]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-12-29] (AVAST Software)
R2 BRA_Scheduler; C:\Program Files (x86)\Brother\BRAdmin Professional 3\bratimer.exe [65536 2010-09-15] ()
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-09-27] (Intel Corporation)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [289496 2000-01-01] (Realtek Semiconductor)
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [275968 2007-05-28] (Rocket Division Software)
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11\bcmwltry.exe [5878272 2013-12-15] (Broadcom Corporation)

==================== Drivers (Whitelisted) ====================

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2013-12-29] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-10-21] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-10-21] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1034464 2013-12-29] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [422216 2013-12-29] (AVAST Software)
S3 aswStm; C:\Windows\system32\drivers\aswStm.sys [79672 2013-12-29] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2013-12-29] ()
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-09-13] (GFI Software)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-09-27] (Intel Corporation)
S3 jumi; C:\Windows\System32\DRIVERS\jumi.sys [15160 2010-06-03] (Windows (R) Codename Longhorn DDK provider)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 RSUSBSTOR; C:\Windows\SysWOW64\Drivers\RtsUStor.sys [225280 2009-09-23] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2013-10-25] (Synaptics Incorporated)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [868848 2013-12-08] ()
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2014-01-14] ()
R3 TelekomNM6; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
U3 ao1r99gb; C:\Windows\System32\Drivers\ao1r99gb.sys [0 ] (Microsoft Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 CtClsFlt; system32\DRIVERS\CtClsFlt.sys [x]
S3 PAC7302; system32\DRIVERS\PAC7302.SYS [x]
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-14 18:31 - 2014-01-14 18:31 - 00001533 _____ C:\Users\André\Desktop\JRT.txt
2014-01-14 18:21 - 2014-01-14 18:21 - 00000000 ____D C:\Windows\ERUNT
2014-01-14 18:05 - 2014-01-14 18:05 - 00020675 _____ C:\Users\André\Desktop\AdwCleaner[S0].txt
2014-01-14 17:38 - 2014-01-14 18:02 - 00000000 ____D C:\AdwCleaner
2014-01-14 17:28 - 2014-01-14 17:28 - 00013632 _____ C:\Users\André\Desktop\malwarebytes.txt
2014-01-14 17:09 - 2014-01-14 17:09 - 00000000 ____D C:\Users\André\AppData\Roaming\Malwarebytes
2014-01-14 17:08 - 2014-01-14 17:08 - 00001069 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-01-14 17:08 - 2014-01-14 17:08 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-14 17:08 - 2014-01-14 17:08 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-14 17:08 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-13 17:19 - 2014-01-14 17:29 - 00005364 _____ C:\Windows\PFRO.log
2014-01-13 16:50 - 2014-01-13 17:08 - 00000000 ____D C:\Qoobox
2014-01-13 16:50 - 2014-01-13 17:06 - 00000000 ____D C:\Windows\erdnt
2014-01-13 16:50 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2014-01-13 16:50 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2014-01-13 16:50 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-01-13 16:50 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-01-13 16:50 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-01-13 16:50 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2014-01-13 16:50 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2014-01-13 16:50 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2014-01-12 20:24 - 2014-01-14 18:36 - 00000000 ____D C:\Users\André\Desktop\Trojaner Board
2014-01-12 10:18 - 2014-01-14 18:36 - 00000000 ____D C:\FRST
2014-01-12 01:00 - 2014-01-14 18:04 - 00001176 _____ C:\Windows\setupact.log
2014-01-12 01:00 - 2014-01-12 01:00 - 00000000 _____ C:\Windows\setuperr.log
2014-01-11 00:35 - 2014-01-11 00:37 - 00000624 _____ C:\Users\André\AppData\Roaming\All CPU MeterV3_Settings.ini
2014-01-10 23:24 - 2014-01-10 23:24 - 00000000 ____D C:\Program Files\WinRAR
2014-01-10 23:16 - 2014-01-11 00:54 - 00000000 ____D C:\ProgramData\GlarySoft
2014-01-10 23:13 - 2014-01-11 00:54 - 00000000 ____D C:\Users\André\AppData\Roaming\GlarySoft
2013-12-30 20:49 - 2013-12-30 20:49 - 00006532 _____ C:\Users\André\Desktop\Enigmatis.lnk
2013-12-29 18:35 - 2013-12-29 18:35 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2013-12-29 18:31 - 2013-12-29 18:31 - 00000000 ____D C:\ProgramData\Websteroids
2013-12-29 17:45 - 2013-12-29 17:45 - 00000000 ____D C:\Users\André\AppData\Roaming\Desktop_Gaming
2013-12-29 17:42 - 2013-12-29 17:42 - 00000000 ____D C:\ProgramData\DivoGames
2013-12-29 14:56 - 2013-12-29 14:56 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-12-29 14:47 - 2014-01-13 17:08 - 00000000 ____D C:\Users\Andr�
2013-12-29 14:47 - 2013-12-29 14:47 - 00000000 ____D C:\Users\Andr�\Downloads\Skype_TSV4OJCL
2013-12-28 23:09 - 2013-12-28 23:09 - 00001044 _____ C:\Users\Public\Desktop\PokerStars.eu.lnk
2013-12-28 20:42 - 2014-01-10 23:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-28 19:52 - 2013-12-28 19:52 - 00000000 ____D C:\ProgramData\Synaptics
2013-12-23 20:30 - 2013-12-29 17:41 - 00001312 _____ C:\Users\André\Downloads\LINKS GAMES.txt
2013-12-21 15:42 - 2013-12-30 20:51 - 00000000 ____D C:\Users\André\AppData\Roaming\Artifex Mundi
2013-12-21 07:33 - 2013-12-21 07:34 - 00000000 ____D C:\Users\André\AppData\Local\Farmington Tales 2 - Winter Crop
2013-12-15 19:23 - 2013-12-15 19:23 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2013-12-15 19:22 - 2000-01-01 01:00 - 38385664 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2013-12-15 19:22 - 2000-01-01 01:00 - 03707864 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2013-12-15 19:22 - 2000-01-01 01:00 - 02810072 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2013-12-15 19:22 - 2000-01-01 01:00 - 02587864 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2013-12-15 19:22 - 2000-01-01 01:00 - 01662024 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2013-12-15 19:22 - 2000-01-01 01:00 - 01286360 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2013-12-15 19:22 - 2000-01-01 01:00 - 01021656 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2013-12-15 19:22 - 2000-01-01 01:00 - 00681905 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2013-12-15 19:22 - 2000-01-01 01:00 - 00617176 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2013-12-15 19:22 - 2000-01-01 01:00 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2013-12-15 19:22 - 2000-01-01 01:00 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2013-12-15 19:22 - 2000-01-01 01:00 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2013-12-15 19:22 - 2000-01-01 01:00 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2013-12-15 19:22 - 2000-01-01 01:00 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2013-12-15 19:22 - 2000-01-01 01:00 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2013-12-15 19:22 - 2000-01-01 01:00 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2013-12-15 19:22 - 2000-01-01 01:00 - 00153304 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2013-12-15 19:22 - 2000-01-01 01:00 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2013-12-15 19:22 - 2000-01-01 01:00 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2013-12-15 19:22 - 2000-01-01 01:00 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2013-12-15 19:22 - 2000-01-01 01:00 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2013-12-15 19:19 - 2000-01-01 01:00 - 00209096 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2013-12-15 19:19 - 2000-01-01 01:00 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2013-12-15 19:19 - 2000-01-01 01:00 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2013-12-15 19:16 - 2013-12-15 19:16 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2013-12-15 19:16 - 2013-12-15 19:16 - 00000000 ____D C:\Users\André\AppData\Roaming\Synaptics
2013-12-15 19:15 - 2013-12-15 19:15 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2013-12-15 19:14 - 2000-01-01 01:00 - 00000092 _____ C:\Windows\system32\calibration.bin
2013-12-15 19:09 - 2013-12-15 19:09 - 00000000 ____D C:\ProgramData\Intel
2013-12-15 19:09 - 2013-12-15 19:09 - 00000000 ____D C:\Program Files\Intel
2013-12-15 19:08 - 2013-12-15 19:08 - 00000000 ____D C:\Users\André\Intel
2013-12-15 19:01 - 2013-12-15 19:01 - 00000000 ____D C:\Windows\System32\Tasks\FANTOMAS
2013-12-15 18:59 - 2013-12-15 18:58 - 07849472 _____ (Broadcom Corporation) C:\Windows\system32\BCMWLCPL.CPL
2013-12-15 18:59 - 2013-12-15 18:58 - 04961800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vcredist_x64.exe
2013-12-15 18:59 - 2013-12-15 18:58 - 04659200 _____ (Broadcom Corporation) C:\Windows\system32\bcmttls.dll
2013-12-15 18:59 - 2013-12-15 18:58 - 03161088 _____ (Microsoft Corporation) C:\Windows\system32\vcredist_x64.exe
2013-12-15 18:59 - 2013-12-15 18:58 - 01063936 _____ (Broadcom Corporation) C:\Windows\system32\BCMLogon.dll
2013-12-15 18:59 - 2013-12-15 18:58 - 00073216 _____ (Broadcom Corporation) C:\Windows\system32\wltrynt.dll
2013-12-15 18:59 - 2013-12-15 18:58 - 00035344 _____ (CACE Technologies, Inc.) C:\Windows\system32\Drivers\npf.sys
2013-12-15 18:59 - 2013-12-15 18:58 - 00023760 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\bcm42rly.sys
2013-12-15 18:59 - 2013-12-15 18:58 - 00000446 _____ C:\Windows\SysWOW64\vcredist_x64.bat
2013-12-15 18:59 - 2013-12-15 18:58 - 00000441 _____ C:\Windows\system32\vcredist_x64.bat
2013-12-15 18:47 - 2013-12-15 18:47 - 00002772 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-12-15 14:57 - 2013-12-15 14:57 - 00000000 ____D C:\Users\André\AppData\Roaming\Tap It Games

==================== One Month Modified Files and Folders =======

2014-01-14 18:36 - 2014-01-12 20:24 - 00000000 ____D C:\Users\André\Desktop\Trojaner Board
2014-01-14 18:36 - 2014-01-12 10:18 - 00000000 ____D C:\FRST
2014-01-14 18:32 - 2011-02-01 21:21 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-14 18:31 - 2014-01-14 18:31 - 00001533 _____ C:\Users\André\Desktop\JRT.txt
2014-01-14 18:26 - 2012-09-13 12:07 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-14 18:21 - 2014-01-14 18:21 - 00000000 ____D C:\Windows\ERUNT
2014-01-14 18:12 - 2009-07-14 05:45 - 00023248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-14 18:12 - 2009-07-14 05:45 - 00023248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-14 18:05 - 2014-01-14 18:05 - 00020675 _____ C:\Users\André\Desktop\AdwCleaner[S0].txt
2014-01-14 18:05 - 2013-05-14 19:07 - 00016152 _____ C:\Windows\system32\Drivers\SWDUMon.sys
2014-01-14 18:05 - 2013-05-14 19:07 - 00002836 _____ C:\Windows\System32\Tasks\SlimDrivers Startup
2014-01-14 18:05 - 2013-05-14 19:07 - 00000410 _____ C:\Windows\Tasks\SlimDrivers Startup.job
2014-01-14 18:05 - 2011-06-01 23:51 - 00000433 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2014-01-14 18:04 - 2014-01-12 01:00 - 00001176 _____ C:\Windows\setupact.log
2014-01-14 18:04 - 2011-02-01 21:21 - 00001104 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-14 18:04 - 2010-09-30 19:35 - 01418460 _____ C:\Windows\WindowsUpdate.log
2014-01-14 18:04 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-14 18:02 - 2014-01-14 17:38 - 00000000 ____D C:\AdwCleaner
2014-01-14 17:59 - 2011-09-14 00:00 - 00000388 _____ C:\Windows\Tasks\update-sys.job
2014-01-14 17:52 - 2011-09-14 00:00 - 00000388 _____ C:\Windows\Tasks\update-S-1-5-21-1987948605-2304011684-557955469-1001.job
2014-01-14 17:32 - 2013-09-16 14:22 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2014-01-14 17:29 - 2014-01-13 17:19 - 00005364 _____ C:\Windows\PFRO.log
2014-01-14 17:28 - 2014-01-14 17:28 - 00013632 _____ C:\Users\André\Desktop\malwarebytes.txt
2014-01-14 17:09 - 2014-01-14 17:09 - 00000000 ____D C:\Users\André\AppData\Roaming\Malwarebytes
2014-01-14 17:08 - 2014-01-14 17:08 - 00001069 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-01-14 17:08 - 2014-01-14 17:08 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-14 17:08 - 2014-01-14 17:08 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-14 10:44 - 2013-10-19 15:35 - 00000000 ____D C:\Users\André\AppData\Roaming\vlc
2014-01-13 17:08 - 2014-01-13 16:50 - 00000000 ____D C:\Qoobox
2014-01-13 17:08 - 2013-12-29 14:47 - 00000000 ____D C:\Users\Andr�
2014-01-13 17:06 - 2014-01-13 16:50 - 00000000 ____D C:\Windows\erdnt
2014-01-13 17:05 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2014-01-13 10:59 - 2012-09-13 12:07 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-01-13 10:59 - 2012-09-13 12:06 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-13 10:59 - 2012-03-18 13:50 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-13 10:59 - 2011-02-14 07:35 - 00000000 ____D C:\Users\André\AppData\Local\Adobe
2014-01-13 08:36 - 2011-04-07 16:55 - 00000000 ____D C:\Users\André\AppData\Local\CrashDumps
2014-01-12 17:30 - 2013-12-13 11:21 - 00003186 _____ C:\Windows\System32\Tasks\HPCeeScheduleForAndré
2014-01-12 17:30 - 2013-12-13 11:21 - 00000332 _____ C:\Windows\Tasks\HPCeeScheduleForAndré.job
2014-01-12 07:11 - 2011-02-01 21:20 - 00000000 ____D C:\Users\André\AppData\Roaming\Skype
2014-01-12 01:00 - 2014-01-12 01:00 - 00000000 _____ C:\Windows\setuperr.log
2014-01-11 00:54 - 2014-01-10 23:16 - 00000000 ____D C:\ProgramData\GlarySoft
2014-01-11 00:54 - 2014-01-10 23:13 - 00000000 ____D C:\Users\André\AppData\Roaming\GlarySoft
2014-01-11 00:54 - 2010-07-17 10:19 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2014-01-11 00:52 - 2013-10-07 04:39 - 00000000 ____D C:\Program Files (x86)\ConvertHelper
2014-01-11 00:37 - 2014-01-11 00:35 - 00000624 _____ C:\Users\André\AppData\Roaming\All CPU MeterV3_Settings.ini
2014-01-10 23:28 - 2012-09-17 19:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-10 23:25 - 2013-12-28 20:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-01-10 23:24 - 2014-01-10 23:24 - 00000000 ____D C:\Program Files\WinRAR
2014-01-10 23:24 - 2011-01-23 14:35 - 00000000 ____D C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-01-10 23:20 - 2013-12-08 20:57 - 00000000 ____D C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Constance's mission
2014-01-10 23:20 - 2013-09-13 20:46 - 00000000 ____D C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HDPlayer
2014-01-09 18:03 - 2011-06-02 14:46 - 00000000 ____D C:\swsetup
2014-01-09 17:01 - 2011-11-24 10:46 - 00000000 _____ C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-01-09 17:01 - 2010-12-23 20:23 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log
2014-01-08 17:34 - 2011-05-17 22:30 - 00000000 ____D C:\Program Files\CCleaner
2014-01-08 17:32 - 2013-08-04 16:22 - 00000000 ____D C:\Program Files (x86)\Full Tilt Poker.Eu
2013-12-30 20:51 - 2013-12-21 15:42 - 00000000 ____D C:\Users\André\AppData\Roaming\Artifex Mundi
2013-12-30 20:49 - 2013-12-30 20:49 - 00006532 _____ C:\Users\André\Desktop\Enigmatis.lnk
2013-12-29 23:03 - 2013-12-09 18:24 - 00000000 ____D C:\Program Files (x86)\OXXOGames
2013-12-29 19:40 - 2012-09-05 11:40 - 00003218 _____ C:\Windows\System32\Tasks\HPCeeScheduleForFANTOMAS$
2013-12-29 19:40 - 2012-09-05 11:40 - 00000342 _____ C:\Windows\Tasks\HPCeeScheduleForFANTOMAS$.job
2013-12-29 18:40 - 2013-12-09 18:27 - 00000000 ____D C:\Program Files (x86)\DEUTSCHLAND SPIELT
2013-12-29 18:35 - 2013-12-29 18:35 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2013-12-29 18:35 - 2013-09-16 14:23 - 00422216 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2013-12-29 18:35 - 2013-09-16 14:23 - 00001966 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-12-29 18:35 - 2013-09-16 14:22 - 01034464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-12-29 18:35 - 2013-09-16 14:22 - 00207904 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-12-29 18:35 - 2013-09-16 14:22 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-12-29 18:35 - 2013-09-16 14:22 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-12-29 18:35 - 2011-06-29 07:10 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-12-29 18:31 - 2013-12-29 18:31 - 00000000 ____D C:\ProgramData\Websteroids
2013-12-29 17:45 - 2013-12-29 17:45 - 00000000 ____D C:\Users\André\AppData\Roaming\Desktop_Gaming
2013-12-29 17:42 - 2013-12-29 17:42 - 00000000 ____D C:\ProgramData\DivoGames
2013-12-29 17:41 - 2013-12-23 20:30 - 00001312 _____ C:\Users\André\Downloads\LINKS GAMES.txt
2013-12-29 14:56 - 2013-12-29 14:56 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-12-29 14:56 - 2011-02-01 21:20 - 00000000 ____D C:\ProgramData\Skype
2013-12-29 14:47 - 2013-12-29 14:47 - 00000000 ____D C:\Users\Andr�\Downloads\Skype_TSV4OJCL
2013-12-29 02:54 - 2012-09-13 12:23 - 00000000 ____D C:\Users\André\AppData\Local\PokerStars.EU
2013-12-28 23:17 - 2012-09-13 12:22 - 00000000 ____D C:\Program Files (x86)\PokerStars.EU
2013-12-28 23:09 - 2013-12-28 23:09 - 00001044 _____ C:\Users\Public\Desktop\PokerStars.eu.lnk
2013-12-28 22:09 - 2011-01-07 14:17 - 00000000 ____D C:\Users\André\AppData\Roaming\YoudaGames
2013-12-28 22:08 - 2010-07-17 19:47 - 00658964 _____ C:\Windows\system32\perfh007.dat
2013-12-28 22:08 - 2010-07-17 19:47 - 00131802 _____ C:\Windows\system32\perfc007.dat
2013-12-28 22:08 - 2009-07-14 06:13 - 01510900 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-28 19:52 - 2013-12-28 19:52 - 00000000 ____D C:\ProgramData\Synaptics
2013-12-21 16:08 - 2013-10-12 05:25 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-12-21 07:34 - 2013-12-21 07:33 - 00000000 ____D C:\Users\André\AppData\Local\Farmington Tales 2 - Winter Crop
2013-12-15 19:23 - 2013-12-15 19:23 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2013-12-15 19:19 - 2010-07-17 10:21 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-12-15 19:17 - 2010-09-30 19:37 - 00000000 ____D C:\Program Files (x86)\Intel
2013-12-15 19:16 - 2013-12-15 19:16 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2013-12-15 19:16 - 2013-12-15 19:16 - 00000000 ____D C:\Users\André\AppData\Roaming\Synaptics
2013-12-15 19:15 - 2013-12-15 19:15 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2013-12-15 19:10 - 2011-06-18 09:47 - 01536576 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-12-15 19:09 - 2013-12-15 19:09 - 00000000 ____D C:\ProgramData\Intel
2013-12-15 19:09 - 2013-12-15 19:09 - 00000000 ____D C:\Program Files\Intel
2013-12-15 19:08 - 2013-12-15 19:08 - 00000000 ____D C:\Users\André\Intel
2013-12-15 19:08 - 2010-12-22 17:08 - 00000000 ____D C:\Users\André
2013-12-15 19:01 - 2013-12-15 19:01 - 00000000 ____D C:\Windows\System32\Tasks\FANTOMAS
2013-12-15 19:01 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\zh-HK
2013-12-15 19:01 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\tr-TR
2013-12-15 19:01 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\th-TH
2013-12-15 19:01 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\sl-SI
2013-12-15 19:01 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\sk-SK
2013-12-15 19:01 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\ro-RO
2013-12-15 19:01 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\lv-LV
2013-12-15 19:01 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\lt-LT
2013-12-15 19:01 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\hr-HR
2013-12-15 19:01 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\he-IL
2013-12-15 19:01 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\et-EE
2013-12-15 19:01 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\bg-BG
2013-12-15 19:01 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\ar-SA
2013-12-15 19:01 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Help
2013-12-15 18:58 - 2013-12-15 18:59 - 07849472 _____ (Broadcom Corporation) C:\Windows\system32\BCMWLCPL.CPL
2013-12-15 18:58 - 2013-12-15 18:59 - 04961800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vcredist_x64.exe
2013-12-15 18:58 - 2013-12-15 18:59 - 04659200 _____ (Broadcom Corporation) C:\Windows\system32\bcmttls.dll
2013-12-15 18:58 - 2013-12-15 18:59 - 03161088 _____ (Microsoft Corporation) C:\Windows\system32\vcredist_x64.exe
2013-12-15 18:58 - 2013-12-15 18:59 - 01063936 _____ (Broadcom Corporation) C:\Windows\system32\BCMLogon.dll
2013-12-15 18:58 - 2013-12-15 18:59 - 00073216 _____ (Broadcom Corporation) C:\Windows\system32\wltrynt.dll
2013-12-15 18:58 - 2013-12-15 18:59 - 00035344 _____ (CACE Technologies, Inc.) C:\Windows\system32\Drivers\npf.sys
2013-12-15 18:58 - 2013-12-15 18:59 - 00023760 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\bcm42rly.sys
2013-12-15 18:58 - 2013-12-15 18:59 - 00000446 _____ C:\Windows\SysWOW64\vcredist_x64.bat
2013-12-15 18:58 - 2013-12-15 18:59 - 00000441 _____ C:\Windows\system32\vcredist_x64.bat
2013-12-15 18:57 - 2010-09-30 19:35 - 04749008 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\BCMWL664.SYS
2013-12-15 18:57 - 2010-09-30 19:35 - 03952640 _____ (Broadcom Corporation) C:\Windows\system32\bcmihvsrv64.dll
2013-12-15 18:57 - 2010-09-30 19:35 - 03617792 _____ (Broadcom Corporation) C:\Windows\system32\bcmihvui64.dll
2013-12-15 18:57 - 2010-09-30 19:35 - 00096560 _____ (Broadcom Corporation) C:\Windows\system32\bcmwlcoi.dll
2013-12-15 18:57 - 2010-09-30 19:35 - 00006656 _____ C:\Windows\system32\bcmwlrc.dll
2013-12-15 18:48 - 2009-09-07 02:57 - 00000000 ____D C:\Windows\Panther
2013-12-15 18:47 - 2013-12-15 18:47 - 00002772 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-12-15 18:16 - 2013-08-14 11:59 - 00000000 ____D C:\Windows\system32\MRT
2013-12-15 18:14 - 2011-01-14 18:03 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-15 14:57 - 2013-12-15 14:57 - 00000000 ____D C:\Users\André\AppData\Roaming\Tap It Games
2013-12-15 01:41 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD

Some content of TEMP:
====================
C:\Users\André\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-11 04:28

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---

Noch zur Info bis jetzt keine Verbesserung

schrauber 15.01.2014 10:16

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

fantomas77 15.01.2014 19:59
Hallo Schrauber. Wie immer alles nach deiner Anleitung gemacht
Mein PC friert immer noch ein aber der Mauszeiger reagiert normal

Eset Smartinstaller

Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=a2b9ba313b289742bba139af8094b90c
# engine=16664
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-01-15 06:07:23
# local_time=2014-01-15 07:07:23 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=774 16777213 85 77 1470616 1470746 0 0
# compatibility_mode=5893 16776573 100 94 5847 142274293 0 0
# scanned=329789
# found=0
# cleaned=0
# scan_time=5444

Security Check

Code:
Results of screen317's Security Check version 0.99.78 
 Windows 7 Service Pack 1 x64 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
avast! Antivirus 
 Antivirus up to date!  (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
 Malwarebytes Anti-Malware Version 1.75.0.1300 
 Java(TM) 6 Update 27 
 Java 7 Update 51 
 Java version out of Date!
  Adobe Flash Player 12.0.0.39 Flash Player out of Date! 
 Adobe Reader XI 
 Mozilla Firefox (27.0)
 Google Chrome 31.0.1650.57 
 Google Chrome 31.0.1650.63 
````````Process Check: objlist.exe by Laurent```````` 
 AVAST Software Avast AvastSvc.exe 
 AVAST Software Avast AvastUI.exe 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 
````````````````````End of Log``````````````````````
FRST


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-01-2014 01
Ran by André (administrator) on FANTOMAS on 15-01-2014 19:30:37
Running from C:\Users\André\Desktop\Trojaner Board
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\BCMWLTRY.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
() C:\Program Files (x86)\Brother\BRAdmin Professional 3\bratimer.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
(Rocket Division Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(SlimWare Utilities, Inc.) C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\netzmanager.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realtek Semiconductor Corp.) C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
(Realtek Semiconductor Corp.) C:\Program Files\Realtek\RtVOsd\RtVOsd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [HPWirelessAssistant] - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-06-18] (Hewlett-Packard Company)
HKLM\...\Run: [Broadcom Wireless Manager UI] - C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.exe [7032320 2013-12-15] (Broadcom Corporation)
HKLM\...\Run: [IAStorIcon] - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-09-27] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7204568 2000-01-01] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2804976 2013-10-25] (Synaptics Incorporated)
HKLM-x32\...\Run: [Microsoft Default Manager] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [288088 2009-11-11] (Microsoft Corporation)
HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [577408 2012-02-15] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [DivXMediaServer] - C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-08-21] (DivX, LLC)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2013-12-29] (AVAST Software)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2013-12-12] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKCU\...\Run: [LightScribe Control Panel] - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2010-05-19] (Hewlett-Packard Company)
HKCU\...\Policies\system: [DisableLockWorkstation] 0
HKCU\...\Policies\system: [DisableChangePassword] 0
HKU\Default\...\Run: [HPAdvisorDock] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe [1712184 2010-02-09] ()
HKU\Default User\...\Run: [HPAdvisorDock] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe [1712184 2010-02-09] ()
HKU\Gast\...\Run: [HPAdvisorDock] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe [1712184 2010-02-09] ()
HKU\Gast\...\Run: [LightScribe Control Panel] - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2010-05-19] (Hewlett-Packard Company)
Startup: C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Netzmanager.lnk
ShortcutTarget: Netzmanager.lnk -> C:\Program Files\Netzmanager\netzmanager.exe (Deutsche Telekom AG)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {031CBDA0-3054-4FC2-90F4-FE168D9B458C} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {DA0D4E32-33B8-4FEB-9089-48C2264A6E8F} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 - {031CBDA0-3054-4FC2-90F4-FE168D9B458C} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKCU - E80E963525BC4B03877DFD800C1F30BB URL = hxxp://www.google.de/search?q={searchTerms}
SearchScopes: HKCU - {031CBDA0-3054-4FC2-90F4-FE168D9B458C} URL =
SearchScopes: HKCU - {99ABBE7D-FBC8-4FDA-9A67-3C196D99A827} URL =
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: No Name - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -  No File
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - No Name - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -  No File
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
DPF: HKLM-x32 {5EA13312-8764-496F-B4AB-F7A872B51E14} hxxp://static-www3.cdn.oovoo.com/oovoomelink/oovoome/webvc/ooVooWeb.dll
DPF: HKLM-x32 {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default
FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_39.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_39.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: LSNPAPI - C:\Program Files (x86)\nplightshot\3.4.0.55\npLightshot.dll (Skillbrains)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF SearchPlugin: C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\searchplugins\Firefox.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrchddr.xml
FF Extension: FTdownloader V3.0 - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\ftdownloader3@ftdownloader.com.xpi [2013-04-11]
FF Extension: NewTabURL - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\newtaburl@sogame.cat.xpi [2011-09-08]
FF Extension: NoSquint - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\nosquint@urandom.ca.xpi [2011-09-08]
FF Extension: PlusWinks - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\pluswinks@PlusWinks.xpi [2013-08-15]
FF Extension: Free Hide IP - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\support@free-hideip.com.xpi [2013-08-25]
FF Extension: WEB.DE MailCheck - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\toolbar@web.de.xpi [2011-06-21]
FF Extension: Undo Closed Tabs Button - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\undoclosedtabsbutton@supernova00.biz.xpi [2011-09-08]
FF Extension: Image Zoom - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}.xpi [2011-09-08]
FF Extension: Save Link in Folder - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\{7a46f9fe-4818-4837-ae4a-39c53978ae99}.xpi [2011-09-08]
FF Extension: Showcase - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\{89506680-e3f4-484c-a2c0-ed711d481eda}.xpi [2011-09-08]
FF Extension: FlashResizer - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\{C6F77964-B0B5-4953-A144-93051184EC0C}.xpi [2011-11-25]
FF Extension: FlipClock - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\{cdd09450-7280-11de-8a39-0800200c9a66}.xpi [2011-09-08]
FF Extension: Adblock Plus - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-07-13]
FF Extension: Download Statusbar - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi [2011-05-05]
FF Extension: Tab Mix Plus - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2011-09-08]
FF Extension: DownThemAll! - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2011-05-05]
FF Extension: QuickJava - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi [2013-08-15]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-09-16]

Chrome:
=======
CHR HomePage:
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR DefaultSearchKeyword: mysearch.avg.com
CHR DefaultSearchProvider: mysearch.avg.com
CHR DefaultSearchURL: hxxp://mysearch.avg.com/search?cmpid=&q={searchTerms}&sap=hp&lang=de&mid=20d04bdf3a1847d3b2db72f74fe3d39c-c5ca61211faa258f3bdcf04f6ed1f7e966263d8e&cid=%7B04E31ECC-6E3F-49D4-A38F-6A6083897547%7D&v=15.4.0.5&ds=ts024&d=13.08.2013+12%3A18%3A03&pr=sa&snd=hp&sap_acp=1&pid=safeguard&sg=0
CHR DefaultNewTabURL:
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.270.7) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U27) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (WildTangent Games App V2 Presence Detector) - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll No File
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Lightshot) - C:\Program Files (x86)\nplightshot\3.4.0.55\npLightshot.dll (Skillbrains)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll No File
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Andr\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Extension: (DownloaD keepeR) - C:\Users\André\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbpgmmffhigkpbjfofgocgmmlgmfojch\1.6 [2013-10-12]
CHR Extension: (Google Wallet) - C:\Users\André\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0 [2013-12-19]
CHR HKLM-x32\...\Chrome\Extension: [oejkcgajlodefenbbjdnaiahmbnnoole] - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\chrome-newtab-search.crx [2013-12-19]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-12-29] (AVAST Software)
R2 BRA_Scheduler; C:\Program Files (x86)\Brother\BRAdmin Professional 3\bratimer.exe [65536 2010-09-15] ()
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-09-27] (Intel Corporation)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [289496 2000-01-01] (Realtek Semiconductor)
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [275968 2007-05-28] (Rocket Division Software)
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11\bcmwltry.exe [5878272 2013-12-15] (Broadcom Corporation)

==================== Drivers (Whitelisted) ====================

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2013-12-29] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-10-21] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-10-21] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1034464 2013-12-29] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [422216 2013-12-29] (AVAST Software)
S3 aswStm; C:\Windows\system32\drivers\aswStm.sys [79672 2013-12-29] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2013-12-29] ()
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-09-13] (GFI Software)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-09-27] (Intel Corporation)
S3 jumi; C:\Windows\System32\DRIVERS\jumi.sys [15160 2010-06-03] (Windows (R) Codename Longhorn DDK provider)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 RSUSBSTOR; C:\Windows\SysWOW64\Drivers\RtsUStor.sys [225280 2009-09-23] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2013-10-25] (Synaptics Incorporated)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [868848 2013-12-08] ()
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2014-01-15] ()
R3 TelekomNM6; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
U3 ayuw5h0r; C:\Windows\System32\Drivers\ayuw5h0r.sys [0 ] (Microsoft Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 CtClsFlt; system32\DRIVERS\CtClsFlt.sys [x]
S3 PAC7302; system32\DRIVERS\PAC7302.SYS [x]
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-15 19:29 - 2014-01-15 19:29 - 00001008 _____ C:\Users\André\Desktop\checkup.txt
2014-01-15 17:33 - 2014-01-15 17:33 - 00005327 _____ C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-15 17:33 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-01-15 17:33 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-01-15 17:33 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-01-15 17:33 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-01-14 18:21 - 2014-01-14 18:21 - 00000000 ____D C:\Windows\ERUNT
2014-01-14 17:38 - 2014-01-14 18:02 - 00000000 ____D C:\AdwCleaner
2014-01-14 17:09 - 2014-01-14 17:09 - 00000000 ____D C:\Users\André\AppData\Roaming\Malwarebytes
2014-01-14 17:08 - 2014-01-14 17:08 - 00001069 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-01-14 17:08 - 2014-01-14 17:08 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-14 17:08 - 2014-01-14 17:08 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-14 17:08 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-13 17:19 - 2014-01-14 17:29 - 00005364 _____ C:\Windows\PFRO.log
2014-01-13 16:50 - 2014-01-13 17:08 - 00000000 ____D C:\Qoobox
2014-01-13 16:50 - 2014-01-13 17:06 - 00000000 ____D C:\Windows\erdnt
2014-01-13 16:50 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2014-01-13 16:50 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2014-01-13 16:50 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-01-13 16:50 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-01-13 16:50 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-01-13 16:50 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2014-01-13 16:50 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2014-01-13 16:50 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2014-01-12 20:24 - 2014-01-15 19:30 - 00000000 ____D C:\Users\André\Desktop\Trojaner Board
2014-01-12 10:18 - 2014-01-15 19:30 - 00000000 ____D C:\FRST
2014-01-12 01:00 - 2014-01-15 17:20 - 00001288 _____ C:\Windows\setupact.log
2014-01-12 01:00 - 2014-01-12 01:00 - 00000000 _____ C:\Windows\setuperr.log
2014-01-11 00:35 - 2014-01-11 00:37 - 00000624 _____ C:\Users\André\AppData\Roaming\All CPU MeterV3_Settings.ini
2014-01-10 23:24 - 2014-01-10 23:24 - 00000000 ____D C:\Program Files\WinRAR
2014-01-10 23:16 - 2014-01-11 00:54 - 00000000 ____D C:\ProgramData\GlarySoft
2014-01-10 23:13 - 2014-01-11 00:54 - 00000000 ____D C:\Users\André\AppData\Roaming\GlarySoft
2013-12-30 20:49 - 2013-12-30 20:49 - 00006532 _____ C:\Users\André\Desktop\Enigmatis.lnk
2013-12-29 18:35 - 2013-12-29 18:35 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2013-12-29 18:31 - 2013-12-29 18:31 - 00000000 ____D C:\ProgramData\Websteroids
2013-12-29 17:45 - 2013-12-29 17:45 - 00000000 ____D C:\Users\André\AppData\Roaming\Desktop_Gaming
2013-12-29 17:42 - 2013-12-29 17:42 - 00000000 ____D C:\ProgramData\DivoGames
2013-12-29 14:56 - 2013-12-29 14:56 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-12-29 14:47 - 2014-01-13 17:08 - 00000000 ____D C:\Users\Andr�
2013-12-29 14:47 - 2013-12-29 14:47 - 00000000 ____D C:\Users\Andr�\Downloads\Skype_TSV4OJCL
2013-12-28 23:09 - 2013-12-28 23:09 - 00001044 _____ C:\Users\Public\Desktop\PokerStars.eu.lnk
2013-12-28 20:42 - 2014-01-10 23:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-28 19:52 - 2013-12-28 19:52 - 00000000 ____D C:\ProgramData\Synaptics
2013-12-23 20:30 - 2013-12-29 17:41 - 00001312 _____ C:\Users\André\Downloads\LINKS GAMES.txt
2013-12-21 15:42 - 2013-12-30 20:51 - 00000000 ____D C:\Users\André\AppData\Roaming\Artifex Mundi
2013-12-21 07:33 - 2013-12-21 07:34 - 00000000 ____D C:\Users\André\AppData\Local\Farmington Tales 2 - Winter Crop

==================== One Month Modified Files and Folders =======

2014-01-15 19:30 - 2014-01-12 20:24 - 00000000 ____D C:\Users\André\Desktop\Trojaner Board
2014-01-15 19:30 - 2014-01-12 10:18 - 00000000 ____D C:\FRST
2014-01-15 19:30 - 2011-02-01 21:21 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-15 19:29 - 2014-01-15 19:29 - 00001008 _____ C:\Users\André\Desktop\checkup.txt
2014-01-15 19:26 - 2012-09-13 12:07 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-15 18:28 - 2010-09-30 19:35 - 01531102 _____ C:\Windows\WindowsUpdate.log
2014-01-15 17:59 - 2011-09-14 00:00 - 00000388 _____ C:\Windows\Tasks\update-sys.job
2014-01-15 17:52 - 2011-09-14 00:00 - 00000388 _____ C:\Windows\Tasks\update-S-1-5-21-1987948605-2304011684-557955469-1001.job
2014-01-15 17:33 - 2014-01-15 17:33 - 00005327 _____ C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-15 17:33 - 2013-10-04 02:22 - 00000000 ____D C:\ProgramData\Oracle
2014-01-15 17:33 - 2010-07-17 12:39 - 00000000 ____D C:\Program Files (x86)\Java
2014-01-15 17:28 - 2009-07-14 05:45 - 00023248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-15 17:28 - 2009-07-14 05:45 - 00023248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-15 17:21 - 2013-05-14 19:07 - 00016152 _____ C:\Windows\system32\Drivers\SWDUMon.sys
2014-01-15 17:21 - 2013-05-14 19:07 - 00002836 _____ C:\Windows\System32\Tasks\SlimDrivers Startup
2014-01-15 17:21 - 2013-05-14 19:07 - 00000410 _____ C:\Windows\Tasks\SlimDrivers Startup.job
2014-01-15 17:20 - 2014-01-12 01:00 - 00001288 _____ C:\Windows\setupact.log
2014-01-15 17:20 - 2011-06-01 23:51 - 00000433 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2014-01-15 17:20 - 2011-02-01 21:21 - 00001104 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-15 17:20 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-14 18:21 - 2014-01-14 18:21 - 00000000 ____D C:\Windows\ERUNT
2014-01-14 18:02 - 2014-01-14 17:38 - 00000000 ____D C:\AdwCleaner
2014-01-14 17:32 - 2013-09-16 14:22 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2014-01-14 17:29 - 2014-01-13 17:19 - 00005364 _____ C:\Windows\PFRO.log
2014-01-14 17:09 - 2014-01-14 17:09 - 00000000 ____D C:\Users\André\AppData\Roaming\Malwarebytes
2014-01-14 17:08 - 2014-01-14 17:08 - 00001069 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-01-14 17:08 - 2014-01-14 17:08 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-14 17:08 - 2014-01-14 17:08 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-14 10:44 - 2013-10-19 15:35 - 00000000 ____D C:\Users\André\AppData\Roaming\vlc
2014-01-13 17:08 - 2014-01-13 16:50 - 00000000 ____D C:\Qoobox
2014-01-13 17:08 - 2013-12-29 14:47 - 00000000 ____D C:\Users\Andr�
2014-01-13 17:06 - 2014-01-13 16:50 - 00000000 ____D C:\Windows\erdnt
2014-01-13 17:05 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2014-01-13 10:59 - 2012-09-13 12:07 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-01-13 10:59 - 2012-09-13 12:06 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-13 10:59 - 2012-03-18 13:50 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-13 10:59 - 2011-02-14 07:35 - 00000000 ____D C:\Users\André\AppData\Local\Adobe
2014-01-13 08:36 - 2011-04-07 16:55 - 00000000 ____D C:\Users\André\AppData\Local\CrashDumps
2014-01-12 17:30 - 2013-12-13 11:21 - 00003186 _____ C:\Windows\System32\Tasks\HPCeeScheduleForAndré
2014-01-12 17:30 - 2013-12-13 11:21 - 00000332 _____ C:\Windows\Tasks\HPCeeScheduleForAndré.job
2014-01-12 07:11 - 2011-02-01 21:20 - 00000000 ____D C:\Users\André\AppData\Roaming\Skype
2014-01-12 01:00 - 2014-01-12 01:00 - 00000000 _____ C:\Windows\setuperr.log
2014-01-11 00:54 - 2014-01-10 23:16 - 00000000 ____D C:\ProgramData\GlarySoft
2014-01-11 00:54 - 2014-01-10 23:13 - 00000000 ____D C:\Users\André\AppData\Roaming\GlarySoft
2014-01-11 00:54 - 2010-07-17 10:19 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2014-01-11 00:52 - 2013-10-07 04:39 - 00000000 ____D C:\Program Files (x86)\ConvertHelper
2014-01-11 00:37 - 2014-01-11 00:35 - 00000624 _____ C:\Users\André\AppData\Roaming\All CPU MeterV3_Settings.ini
2014-01-10 23:28 - 2012-09-17 19:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-10 23:25 - 2013-12-28 20:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-01-10 23:24 - 2014-01-10 23:24 - 00000000 ____D C:\Program Files\WinRAR
2014-01-10 23:24 - 2011-01-23 14:35 - 00000000 ____D C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-01-10 23:20 - 2013-12-08 20:57 - 00000000 ____D C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Constance's mission
2014-01-10 23:20 - 2013-09-13 20:46 - 00000000 ____D C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HDPlayer
2014-01-09 18:03 - 2011-06-02 14:46 - 00000000 ____D C:\swsetup
2014-01-09 17:01 - 2011-11-24 10:46 - 00000000 _____ C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-01-09 17:01 - 2010-12-23 20:23 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log
2014-01-08 17:34 - 2011-05-17 22:30 - 00000000 ____D C:\Program Files\CCleaner
2014-01-08 17:32 - 2013-08-04 16:22 - 00000000 ____D C:\Program Files (x86)\Full Tilt Poker.Eu
2013-12-30 20:51 - 2013-12-21 15:42 - 00000000 ____D C:\Users\André\AppData\Roaming\Artifex Mundi
2013-12-30 20:49 - 2013-12-30 20:49 - 00006532 _____ C:\Users\André\Desktop\Enigmatis.lnk
2013-12-29 23:03 - 2013-12-09 18:24 - 00000000 ____D C:\Program Files (x86)\OXXOGames
2013-12-29 19:40 - 2012-09-05 11:40 - 00003218 _____ C:\Windows\System32\Tasks\HPCeeScheduleForFANTOMAS$
2013-12-29 19:40 - 2012-09-05 11:40 - 00000342 _____ C:\Windows\Tasks\HPCeeScheduleForFANTOMAS$.job
2013-12-29 18:40 - 2013-12-09 18:27 - 00000000 ____D C:\Program Files (x86)\DEUTSCHLAND SPIELT
2013-12-29 18:35 - 2013-12-29 18:35 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2013-12-29 18:35 - 2013-09-16 14:23 - 00422216 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2013-12-29 18:35 - 2013-09-16 14:23 - 00001966 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-12-29 18:35 - 2013-09-16 14:22 - 01034464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-12-29 18:35 - 2013-09-16 14:22 - 00207904 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-12-29 18:35 - 2013-09-16 14:22 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-12-29 18:35 - 2013-09-16 14:22 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-12-29 18:35 - 2011-06-29 07:10 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-12-29 18:31 - 2013-12-29 18:31 - 00000000 ____D C:\ProgramData\Websteroids
2013-12-29 17:45 - 2013-12-29 17:45 - 00000000 ____D C:\Users\André\AppData\Roaming\Desktop_Gaming
2013-12-29 17:42 - 2013-12-29 17:42 - 00000000 ____D C:\ProgramData\DivoGames
2013-12-29 17:41 - 2013-12-23 20:30 - 00001312 _____ C:\Users\André\Downloads\LINKS GAMES.txt
2013-12-29 14:56 - 2013-12-29 14:56 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-12-29 14:56 - 2011-02-01 21:20 - 00000000 ____D C:\ProgramData\Skype
2013-12-29 14:47 - 2013-12-29 14:47 - 00000000 ____D C:\Users\Andr�\Downloads\Skype_TSV4OJCL
2013-12-29 02:54 - 2012-09-13 12:23 - 00000000 ____D C:\Users\André\AppData\Local\PokerStars.EU
2013-12-28 23:17 - 2012-09-13 12:22 - 00000000 ____D C:\Program Files (x86)\PokerStars.EU
2013-12-28 23:09 - 2013-12-28 23:09 - 00001044 _____ C:\Users\Public\Desktop\PokerStars.eu.lnk
2013-12-28 22:09 - 2011-01-07 14:17 - 00000000 ____D C:\Users\André\AppData\Roaming\YoudaGames
2013-12-28 22:08 - 2010-07-17 19:47 - 00658964 _____ C:\Windows\system32\perfh007.dat
2013-12-28 22:08 - 2010-07-17 19:47 - 00131802 _____ C:\Windows\system32\perfc007.dat
2013-12-28 22:08 - 2009-07-14 06:13 - 01510900 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-28 19:52 - 2013-12-28 19:52 - 00000000 ____D C:\ProgramData\Synaptics
2013-12-21 16:08 - 2013-10-12 05:25 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-12-21 07:34 - 2013-12-21 07:33 - 00000000 ____D C:\Users\André\AppData\Local\Farmington Tales 2 - Winter Crop
2013-12-18 21:09 - 2014-01-15 17:33 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-12-18 21:04 - 2014-01-15 17:33 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-12-18 21:04 - 2014-01-15 17:33 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-12-18 21:03 - 2014-01-15 17:33 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe

Some content of TEMP:
====================
C:\Users\André\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\André\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-11 04:28

==================== End Of Log ============================
--- --- ---


Wenn die ganzen Programme keine Verbesserung zeigen könnte es sein das es an der Hardware liegt? Ich kenne mich da leider gar nicht aus.

schrauber 16.01.2014 13:33
Öffne mal bitte FRST und setz nen Haken bei Additional und scanne, poste beide Logfiles. ich will mal was schauen.

fantomas77 16.01.2014 16:55
ok

FRST


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-01-2014 01
Ran by André (administrator) on FANTOMAS on 16-01-2014 16:48:59
Running from C:\Users\André\Desktop\Trojaner Board
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\BCMWLTRY.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
() C:\Program Files (x86)\Brother\BRAdmin Professional 3\bratimer.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
(Rocket Division Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\netzmanager.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(SlimWare Utilities, Inc.) C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realtek Semiconductor Corp.) C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
(Realtek Semiconductor Corp.) C:\Program Files\Realtek\RtVOsd\RtVOsd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [HPWirelessAssistant] - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-06-18] (Hewlett-Packard Company)
HKLM\...\Run: [Broadcom Wireless Manager UI] - C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.exe [7032320 2013-12-15] (Broadcom Corporation)
HKLM\...\Run: [IAStorIcon] - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-09-27] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7204568 2000-01-01] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2804976 2013-10-25] (Synaptics Incorporated)
HKLM-x32\...\Run: [Microsoft Default Manager] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [288088 2009-11-11] (Microsoft Corporation)
HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [577408 2012-02-15] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [DivXMediaServer] - C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-08-21] (DivX, LLC)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2013-12-29] (AVAST Software)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2013-12-12] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKCU\...\Run: [LightScribe Control Panel] - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2010-05-19] (Hewlett-Packard Company)
HKCU\...\Policies\system: [DisableLockWorkstation] 0
HKCU\...\Policies\system: [DisableChangePassword] 0
HKU\Default\...\Run: [HPAdvisorDock] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe [1712184 2010-02-09] ()
HKU\Default User\...\Run: [HPAdvisorDock] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe [1712184 2010-02-09] ()
HKU\Gast\...\Run: [HPAdvisorDock] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe [1712184 2010-02-09] ()
HKU\Gast\...\Run: [LightScribe Control Panel] - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2010-05-19] (Hewlett-Packard Company)
Startup: C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Netzmanager.lnk
ShortcutTarget: Netzmanager.lnk -> C:\Program Files\Netzmanager\netzmanager.exe (Deutsche Telekom AG)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {031CBDA0-3054-4FC2-90F4-FE168D9B458C} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {DA0D4E32-33B8-4FEB-9089-48C2264A6E8F} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 - {031CBDA0-3054-4FC2-90F4-FE168D9B458C} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKCU - E80E963525BC4B03877DFD800C1F30BB URL = hxxp://www.google.de/search?q={searchTerms}
SearchScopes: HKCU - {031CBDA0-3054-4FC2-90F4-FE168D9B458C} URL =
SearchScopes: HKCU - {99ABBE7D-FBC8-4FDA-9A67-3C196D99A827} URL =
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: No Name - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -  No File
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - No Name - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -  No File
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
DPF: HKLM-x32 {5EA13312-8764-496F-B4AB-F7A872B51E14} hxxp://static-www3.cdn.oovoo.com/oovoomelink/oovoome/webvc/ooVooWeb.dll
DPF: HKLM-x32 {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default
FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_39.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_39.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: LSNPAPI - C:\Program Files (x86)\nplightshot\3.4.0.55\npLightshot.dll (Skillbrains)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF SearchPlugin: C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\searchplugins\Firefox.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrchddr.xml
FF Extension: FTdownloader V3.0 - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\ftdownloader3@ftdownloader.com.xpi [2013-04-11]
FF Extension: NewTabURL - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\newtaburl@sogame.cat.xpi [2011-09-08]
FF Extension: NoSquint - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\nosquint@urandom.ca.xpi [2011-09-08]
FF Extension: PlusWinks - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\pluswinks@PlusWinks.xpi [2013-08-15]
FF Extension: Free Hide IP - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\support@free-hideip.com.xpi [2013-08-25]
FF Extension: WEB.DE MailCheck - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\toolbar@web.de.xpi [2011-06-21]
FF Extension: Undo Closed Tabs Button - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\undoclosedtabsbutton@supernova00.biz.xpi [2011-09-08]
FF Extension: Image Zoom - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}.xpi [2011-09-08]
FF Extension: Save Link in Folder - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\{7a46f9fe-4818-4837-ae4a-39c53978ae99}.xpi [2011-09-08]
FF Extension: Showcase - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\{89506680-e3f4-484c-a2c0-ed711d481eda}.xpi [2011-09-08]
FF Extension: FlashResizer - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\{C6F77964-B0B5-4953-A144-93051184EC0C}.xpi [2011-11-25]
FF Extension: FlipClock - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\{cdd09450-7280-11de-8a39-0800200c9a66}.xpi [2011-09-08]
FF Extension: Adblock Plus - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-07-13]
FF Extension: Download Statusbar - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi [2011-05-05]
FF Extension: Tab Mix Plus - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2011-09-08]
FF Extension: DownThemAll! - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2011-05-05]
FF Extension: QuickJava - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\5a025z30.default\Extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi [2013-08-15]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-09-16]

Chrome:
=======
CHR HomePage:
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR DefaultSearchKeyword: mysearch.avg.com
CHR DefaultSearchProvider: mysearch.avg.com
CHR DefaultSearchURL: hxxp://mysearch.avg.com/search?cmpid=&q={searchTerms}&sap=hp&lang=de&mid=20d04bdf3a1847d3b2db72f74fe3d39c-c5ca61211faa258f3bdcf04f6ed1f7e966263d8e&cid=%7B04E31ECC-6E3F-49D4-A38F-6A6083897547%7D&v=15.4.0.5&ds=ts024&d=13.08.2013+12%3A18%3A03&pr=sa&snd=hp&sap_acp=1&pid=safeguard&sg=0
CHR DefaultNewTabURL:
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.270.7) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U27) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (WildTangent Games App V2 Presence Detector) - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll No File
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Lightshot) - C:\Program Files (x86)\nplightshot\3.4.0.55\npLightshot.dll (Skillbrains)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll No File
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Andr\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Extension: (DownloaD keepeR) - C:\Users\André\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbpgmmffhigkpbjfofgocgmmlgmfojch\1.6 [2013-10-12]
CHR Extension: (Google Wallet) - C:\Users\André\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0 [2013-12-19]
CHR HKLM-x32\...\Chrome\Extension: [oejkcgajlodefenbbjdnaiahmbnnoole] - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\chrome-newtab-search.crx [2013-12-19]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-12-29] (AVAST Software)
R2 BRA_Scheduler; C:\Program Files (x86)\Brother\BRAdmin Professional 3\bratimer.exe [65536 2010-09-15] ()
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-09-27] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [289496 2000-01-01] (Realtek Semiconductor)
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [275968 2007-05-28] (Rocket Division Software)
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11\bcmwltry.exe [5878272 2013-12-15] (Broadcom Corporation)

==================== Drivers (Whitelisted) ====================

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2013-12-29] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-10-21] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-10-21] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1034464 2013-12-29] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [422216 2013-12-29] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [79672 2013-12-29] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2013-12-29] ()
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-09-13] (GFI Software)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-09-27] (Intel Corporation)
S3 jumi; C:\Windows\System32\DRIVERS\jumi.sys [15160 2010-06-03] (Windows (R) Codename Longhorn DDK provider)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 RSUSBSTOR; C:\Windows\SysWOW64\Drivers\RtsUStor.sys [225280 2009-09-23] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2013-10-25] (Synaptics Incorporated)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [868848 2013-12-08] ()
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2014-01-16] ()
R3 TelekomNM6; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
U3 agr1mk67; C:\Windows\System32\Drivers\agr1mk67.sys [0 ] (Microsoft Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 CtClsFlt; system32\DRIVERS\CtClsFlt.sys [x]
S3 PAC7302; system32\DRIVERS\PAC7302.SYS [x]
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-15 17:33 - 2014-01-15 17:33 - 00005327 _____ C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-15 17:33 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-01-15 17:33 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-01-15 17:33 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-01-15 17:33 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-01-15 17:30 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 17:30 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 17:30 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 17:30 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 17:30 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 17:30 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 17:30 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 17:30 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 17:30 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-14 18:21 - 2014-01-14 18:21 - 00000000 ____D C:\Windows\ERUNT
2014-01-14 17:38 - 2014-01-14 18:02 - 00000000 ____D C:\AdwCleaner
2014-01-14 17:09 - 2014-01-14 17:09 - 00000000 ____D C:\Users\André\AppData\Roaming\Malwarebytes
2014-01-14 17:08 - 2014-01-14 17:08 - 00001069 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-01-14 17:08 - 2014-01-14 17:08 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-14 17:08 - 2014-01-14 17:08 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-14 17:08 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-13 17:19 - 2014-01-16 16:41 - 00006198 _____ C:\Windows\PFRO.log
2014-01-13 16:50 - 2014-01-13 17:08 - 00000000 ____D C:\Qoobox
2014-01-13 16:50 - 2014-01-13 17:06 - 00000000 ____D C:\Windows\erdnt
2014-01-13 16:50 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2014-01-13 16:50 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2014-01-13 16:50 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-01-13 16:50 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-01-13 16:50 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-01-13 16:50 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2014-01-13 16:50 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2014-01-13 16:50 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2014-01-12 20:24 - 2014-01-16 16:48 - 00000000 ____D C:\Users\André\Desktop\Trojaner Board
2014-01-12 10:18 - 2014-01-15 19:30 - 00000000 ____D C:\FRST
2014-01-12 01:00 - 2014-01-16 16:45 - 00001400 _____ C:\Windows\setupact.log
2014-01-12 01:00 - 2014-01-12 01:00 - 00000000 _____ C:\Windows\setuperr.log
2014-01-11 00:35 - 2014-01-11 00:37 - 00000624 _____ C:\Users\André\AppData\Roaming\All CPU MeterV3_Settings.ini
2014-01-10 23:24 - 2014-01-10 23:24 - 00000000 ____D C:\Program Files\WinRAR
2014-01-10 23:16 - 2014-01-11 00:54 - 00000000 ____D C:\ProgramData\GlarySoft
2014-01-10 23:13 - 2014-01-11 00:54 - 00000000 ____D C:\Users\André\AppData\Roaming\GlarySoft
2013-12-30 20:49 - 2013-12-30 20:49 - 00006532 _____ C:\Users\André\Desktop\Enigmatis.lnk
2013-12-29 18:35 - 2013-12-29 18:35 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2013-12-29 18:31 - 2013-12-29 18:31 - 00000000 ____D C:\ProgramData\Websteroids
2013-12-29 17:45 - 2013-12-29 17:45 - 00000000 ____D C:\Users\André\AppData\Roaming\Desktop_Gaming
2013-12-29 17:42 - 2013-12-29 17:42 - 00000000 ____D C:\ProgramData\DivoGames
2013-12-29 14:56 - 2013-12-29 14:56 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-12-29 14:47 - 2014-01-13 17:08 - 00000000 ____D C:\Users\Andr�
2013-12-29 14:47 - 2013-12-29 14:47 - 00000000 ____D C:\Users\Andr�\Downloads\Skype_TSV4OJCL
2013-12-28 23:09 - 2013-12-28 23:09 - 00001044 _____ C:\Users\Public\Desktop\PokerStars.eu.lnk
2013-12-28 20:42 - 2014-01-10 23:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-28 19:52 - 2013-12-28 19:52 - 00000000 ____D C:\ProgramData\Synaptics
2013-12-23 20:30 - 2013-12-29 17:41 - 00001312 _____ C:\Users\André\Downloads\LINKS GAMES.txt
2013-12-21 15:42 - 2013-12-30 20:51 - 00000000 ____D C:\Users\André\AppData\Roaming\Artifex Mundi
2013-12-21 07:33 - 2013-12-21 07:34 - 00000000 ____D C:\Users\André\AppData\Local\Farmington Tales 2 - Winter Crop

==================== One Month Modified Files and Folders =======

2014-01-16 16:49 - 2010-09-30 19:35 - 02018610 _____ C:\Windows\WindowsUpdate.log
2014-01-16 16:48 - 2014-01-12 20:24 - 00000000 ____D C:\Users\André\Desktop\Trojaner Board
2014-01-16 16:48 - 2009-07-14 05:45 - 00023248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-16 16:48 - 2009-07-14 05:45 - 00023248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-16 16:47 - 2013-05-14 19:07 - 00002836 _____ C:\Windows\System32\Tasks\SlimDrivers Startup
2014-01-16 16:47 - 2013-05-14 19:07 - 00000410 _____ C:\Windows\Tasks\SlimDrivers Startup.job
2014-01-16 16:46 - 2013-05-14 19:07 - 00016152 _____ C:\Windows\system32\Drivers\SWDUMon.sys
2014-01-16 16:46 - 2011-02-01 21:21 - 00001104 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-16 16:45 - 2014-01-12 01:00 - 00001400 _____ C:\Windows\setupact.log
2014-01-16 16:45 - 2011-06-01 23:51 - 00000433 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2014-01-16 16:45 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-16 16:45 - 2009-07-14 05:45 - 00637400 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-16 16:41 - 2014-01-13 17:19 - 00006198 _____ C:\Windows\PFRO.log
2014-01-15 20:44 - 2013-08-14 11:59 - 00000000 ____D C:\Windows\system32\MRT
2014-01-15 20:42 - 2011-01-14 18:03 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-15 20:30 - 2011-02-01 21:21 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-15 20:26 - 2012-09-13 12:07 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-15 19:30 - 2014-01-12 10:18 - 00000000 ____D C:\FRST
2014-01-15 17:59 - 2011-09-14 00:00 - 00000388 _____ C:\Windows\Tasks\update-sys.job
2014-01-15 17:52 - 2011-09-14 00:00 - 00000388 _____ C:\Windows\Tasks\update-S-1-5-21-1987948605-2304011684-557955469-1001.job
2014-01-15 17:33 - 2014-01-15 17:33 - 00005327 _____ C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-15 17:33 - 2013-10-04 02:22 - 00000000 ____D C:\ProgramData\Oracle
2014-01-15 17:33 - 2010-07-17 12:39 - 00000000 ____D C:\Program Files (x86)\Java
2014-01-14 18:21 - 2014-01-14 18:21 - 00000000 ____D C:\Windows\ERUNT
2014-01-14 18:02 - 2014-01-14 17:38 - 00000000 ____D C:\AdwCleaner
2014-01-14 17:32 - 2013-09-16 14:22 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2014-01-14 17:09 - 2014-01-14 17:09 - 00000000 ____D C:\Users\André\AppData\Roaming\Malwarebytes
2014-01-14 17:08 - 2014-01-14 17:08 - 00001069 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-01-14 17:08 - 2014-01-14 17:08 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-14 17:08 - 2014-01-14 17:08 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-14 10:44 - 2013-10-19 15:35 - 00000000 ____D C:\Users\André\AppData\Roaming\vlc
2014-01-13 17:08 - 2014-01-13 16:50 - 00000000 ____D C:\Qoobox
2014-01-13 17:08 - 2013-12-29 14:47 - 00000000 ____D C:\Users\Andr�
2014-01-13 17:06 - 2014-01-13 16:50 - 00000000 ____D C:\Windows\erdnt
2014-01-13 17:05 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2014-01-13 10:59 - 2012-09-13 12:07 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-01-13 10:59 - 2012-09-13 12:06 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-13 10:59 - 2012-03-18 13:50 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-13 10:59 - 2011-02-14 07:35 - 00000000 ____D C:\Users\André\AppData\Local\Adobe
2014-01-13 08:36 - 2011-04-07 16:55 - 00000000 ____D C:\Users\André\AppData\Local\CrashDumps
2014-01-12 17:30 - 2013-12-13 11:21 - 00003186 _____ C:\Windows\System32\Tasks\HPCeeScheduleForAndré
2014-01-12 17:30 - 2013-12-13 11:21 - 00000332 _____ C:\Windows\Tasks\HPCeeScheduleForAndré.job
2014-01-12 07:11 - 2011-02-01 21:20 - 00000000 ____D C:\Users\André\AppData\Roaming\Skype
2014-01-12 01:00 - 2014-01-12 01:00 - 00000000 _____ C:\Windows\setuperr.log
2014-01-11 00:54 - 2014-01-10 23:16 - 00000000 ____D C:\ProgramData\GlarySoft
2014-01-11 00:54 - 2014-01-10 23:13 - 00000000 ____D C:\Users\André\AppData\Roaming\GlarySoft
2014-01-11 00:54 - 2010-07-17 10:19 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2014-01-11 00:52 - 2013-10-07 04:39 - 00000000 ____D C:\Program Files (x86)\ConvertHelper
2014-01-11 00:37 - 2014-01-11 00:35 - 00000624 _____ C:\Users\André\AppData\Roaming\All CPU MeterV3_Settings.ini
2014-01-10 23:28 - 2012-09-17 19:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-10 23:25 - 2013-12-28 20:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-01-10 23:24 - 2014-01-10 23:24 - 00000000 ____D C:\Program Files\WinRAR
2014-01-10 23:24 - 2011-01-23 14:35 - 00000000 ____D C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-01-10 23:20 - 2013-12-08 20:57 - 00000000 ____D C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Constance's mission
2014-01-10 23:20 - 2013-09-13 20:46 - 00000000 ____D C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HDPlayer
2014-01-09 18:03 - 2011-06-02 14:46 - 00000000 ____D C:\swsetup
2014-01-09 17:01 - 2011-11-24 10:46 - 00000000 _____ C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-01-09 17:01 - 2010-12-23 20:23 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log
2014-01-08 17:34 - 2011-05-17 22:30 - 00000000 ____D C:\Program Files\CCleaner
2014-01-08 17:32 - 2013-08-04 16:22 - 00000000 ____D C:\Program Files (x86)\Full Tilt Poker.Eu
2013-12-30 20:51 - 2013-12-21 15:42 - 00000000 ____D C:\Users\André\AppData\Roaming\Artifex Mundi
2013-12-30 20:49 - 2013-12-30 20:49 - 00006532 _____ C:\Users\André\Desktop\Enigmatis.lnk
2013-12-29 23:03 - 2013-12-09 18:24 - 00000000 ____D C:\Program Files (x86)\OXXOGames
2013-12-29 19:40 - 2012-09-05 11:40 - 00003218 _____ C:\Windows\System32\Tasks\HPCeeScheduleForFANTOMAS$
2013-12-29 19:40 - 2012-09-05 11:40 - 00000342 _____ C:\Windows\Tasks\HPCeeScheduleForFANTOMAS$.job
2013-12-29 18:40 - 2013-12-09 18:27 - 00000000 ____D C:\Program Files (x86)\DEUTSCHLAND SPIELT
2013-12-29 18:35 - 2013-12-29 18:35 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2013-12-29 18:35 - 2013-09-16 14:23 - 00422216 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2013-12-29 18:35 - 2013-09-16 14:23 - 00001966 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-12-29 18:35 - 2013-09-16 14:22 - 01034464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-12-29 18:35 - 2013-09-16 14:22 - 00207904 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-12-29 18:35 - 2013-09-16 14:22 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-12-29 18:35 - 2013-09-16 14:22 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-12-29 18:35 - 2011-06-29 07:10 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-12-29 18:31 - 2013-12-29 18:31 - 00000000 ____D C:\ProgramData\Websteroids
2013-12-29 17:45 - 2013-12-29 17:45 - 00000000 ____D C:\Users\André\AppData\Roaming\Desktop_Gaming
2013-12-29 17:42 - 2013-12-29 17:42 - 00000000 ____D C:\ProgramData\DivoGames
2013-12-29 17:41 - 2013-12-23 20:30 - 00001312 _____ C:\Users\André\Downloads\LINKS GAMES.txt
2013-12-29 14:56 - 2013-12-29 14:56 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-12-29 14:56 - 2011-02-01 21:20 - 00000000 ____D C:\ProgramData\Skype
2013-12-29 14:47 - 2013-12-29 14:47 - 00000000 ____D C:\Users\Andr�\Downloads\Skype_TSV4OJCL
2013-12-29 02:54 - 2012-09-13 12:23 - 00000000 ____D C:\Users\André\AppData\Local\PokerStars.EU
2013-12-28 23:17 - 2012-09-13 12:22 - 00000000 ____D C:\Program Files (x86)\PokerStars.EU
2013-12-28 23:09 - 2013-12-28 23:09 - 00001044 _____ C:\Users\Public\Desktop\PokerStars.eu.lnk
2013-12-28 22:09 - 2011-01-07 14:17 - 00000000 ____D C:\Users\André\AppData\Roaming\YoudaGames
2013-12-28 22:08 - 2010-07-17 19:47 - 00658964 _____ C:\Windows\system32\perfh007.dat
2013-12-28 22:08 - 2010-07-17 19:47 - 00131802 _____ C:\Windows\system32\perfc007.dat
2013-12-28 22:08 - 2009-07-14 06:13 - 01510900 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-28 19:52 - 2013-12-28 19:52 - 00000000 ____D C:\ProgramData\Synaptics
2013-12-21 16:08 - 2013-10-12 05:25 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-12-21 07:34 - 2013-12-21 07:33 - 00000000 ____D C:\Users\André\AppData\Local\Farmington Tales 2 - Winter Crop
2013-12-18 21:09 - 2014-01-15 17:33 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-12-18 21:04 - 2014-01-15 17:33 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-12-18 21:04 - 2014-01-15 17:33 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-12-18 21:03 - 2014-01-15 17:33 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe

Some content of TEMP:
====================
C:\Users\André\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\André\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-11 04:28

==================== End Of Log ============================
--- --- ---


Addition

Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-01-2014 01
Ran by André at 2014-01-16 16:50:04
Running from C:\Users\André\Desktop\Trojaner Board
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

7-Zip 9.20 (x32 Version:  - )
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0 - Igor Pavlov)
ABBYY FineReader 9.0 Sprint (x32 Version: 9.01.513.58212 - ABBYY)
ABBYY FineReader 9.0 Sprint (x32 Version: 9.01.513.58212 - ABBYY) Hidden
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.39 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (x32 Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (x32 Version: 11.5.7.609 - Adobe Systems, Inc)
Advanced Audio FX Engine (x32 Version: 1.12.05 - Creative Technology Ltd)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.95 - WildTangent) Hidden
ATI Catalyst Install Manager (Version: 3.0.790.0 - ATI Technologies, Inc.)
avast! Free Antivirus (x32 Version: 9.0.2011 - Avast Software)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
BRAdmin Professional 3 (x32 Version: 3.42.0007 - Brother)
Broadcom 802.11 Wireless LAN Adapter (Version: 5.100.82.148 - Broadcom Corporation)
Broadcom Wireless Utility (Version: 5.100.82.148 - Broadcom Corporation)
Call of Juarez (x32 Version: 1.1.1.0 - Ubisoft) Hidden
CCleaner (Version: 4.09 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DFX for Windows Media Player (x32 Version: 9.304.0.0 - Power Technology)
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
DivX-Setup (x32 Version: 2.6.1.84 - DivX, LLC)
Energy Star Digital Logo (x32 Version: 1.0.1 - Hewlett-Packard)
ESU for Microsoft Windows 7 (x32 Version: 1.0.0 - Hewlett-Packard)
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
Full Tilt Poker.Eu (x32 Version: 4.63.10.WIN.FullTilt.EU - )
Google Chrome (x32 Version: 31.0.1650.63 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Advisor (x32 Version: 3.4.10262.3295 - Hewlett-Packard)
HP Customer Experience Enhancements (x32 Version: 6.0.1.4 - Hewlett-Packard) Hidden
HP Games (x32 Version: 1.0.1.3 - WildTangent)
HP Power Manager (x32 Version: 1.4.7 - Hewlett-Packard Company)
HP Quick Launch (x32 Version: 2.6.3 - Hewlett-Packard Company)
HP Setup (x32 Version: 8.1.4186.3400 - Hewlett-Packard)
HP Software Framework (x32 Version: 4.1.13.1 - Hewlett-Packard Company)
HP Wireless Assistant (Version: 4.0.9.0 - Hewlett-Packard)
Insaniquarium Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Intel(R) Control Center (x32 Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Graphics Media Accelerator Driver (x32 Version: 8.15.10.2131 - Intel Corporation)
Intel(R) Management Engine Components (x32 Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 12.8.6.1000 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 12.8.6.1000 - Intel Corporation) Hidden
Java 7 Update 51 (x32 Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 27 (x32 Version: 6.0.270 - Oracle)
Java(TM) 6 Update 29 (64-bit) (Version: 6.0.290 - Oracle)
Jewel Quest II (x32 Version: 2.2.0.95 - WildTangent) Hidden
Jewel Quest Solitaire (x32 Version: 2.2.0.95 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LightScribe System Software (x32 Version: 1.18.15.1 - LightScribe)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Default Manager (x32 Version: 2.1.55.0 - Microsoft Corporation) Hidden
Microsoft Mouse and Keyboard Center (Version: 2.1.177.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (Version: 2.1.177.0 - Microsoft Corporation) Hidden
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (x32 Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 27.0 (x86 en-US) (x32 Version: 27.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 27.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
Nero Multimedia Suite (x32 Version:  - )
Netzmanager (Version: 1.071 - Deutsche Telekom AG, Marmiko IT-Solutions GmbH) Hidden
Netzmanager (x32 Version: 1.071 - Deutsche Telekom AG)
nplightshot-3.4.0.55 (x32 Version:  - Skillbrains)
NVIDIA PhysX v8.10.29 (x32 Version: 8.10.29 - NVIDIA Corporation)
OpenAL (x32 Version:  - )
OpenOffice.org 3.3 (x32 Version: 3.3.9567 - OpenOffice.org)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden
PokerStars.eu (x32 Version:  - PokerStars.eu)
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Pure Pinball (x32 Version:  - )
Realtek Ethernet Controller Driver For Windows 7 (x32 Version: 7.21.531.2010 - Realtek)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.7083 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (x32 Version: 6.1.7600.30105 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.3023 - CyberLink Corp.) Hidden
RtVOsd (Version: 1.0.3 - Realtek Semiconductor Corp.)
Skype™ 6.11 (x32 Version: 6.11.102 - Skype Technologies S.A.)
SlimDrivers (x32 Version: 2.2.32705 - SlimWare Utilities, Inc.)
Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
SST - Screen Size Tool (HKCU Version:  - Opera widgets)
Synaptics Pointing Device Driver (Version: 17.0.18.8 - Synaptics Incorporated)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Virtual Villagers - The Secret City (x32 Version: 2.2.0.95 - WildTangent) Hidden
VLC media player 2.1.1 (x32 Version: 2.1.1 - VideoLAN)
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Family Safety (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX control for remote connections (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (x32 Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Media Encoder 9 Series (x32 Version:  - )
Windows Media Encoder 9 Series (x32 Version: 9.00.2980 - Microsoft Corporation) Hidden
WinRAR 5.00 (32-bit) (x32 Version: 5.00.0 - win.rar GmbH)
WinRAR 5.01 (64-bit) (Version: 5.01.0 - win.rar GmbH)
Xilisoft Video Converter Ultimate 6 (x32 Version: 6.0.7.0707 - Xilisoft)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

==================== Restore Points  =========================

09-01-2014 16:56:23 SlimDrivers Installing Drivers
09-01-2014 16:58:10 SlimDrivers Installing Drivers
10-01-2014 13:16:01 Windows Update
10-01-2014 23:52:37 Dark Arcana - Der Jahrmarkt Sammler wird entfernt
10-01-2014 23:54:08 Removed HP Documentation
10-01-2014 23:55:22 Removed Mobile Mouse Server.
13-01-2014 15:50:57 ComboFix created restore point
15-01-2014 16:24:36 Windows Update
15-01-2014 16:32:35 Installed Java 7 Update 51
15-01-2014 19:42:00 Windows Update

==================== Hosts content: ==========================

2009-07-14 03:34 - 2014-01-13 17:05 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1      localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {137C5AD4-CFDF-4332-991D-5C4D81A3F718} - System32\Tasks\HPCeeScheduleForAndré => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05] (Hewlett-Packard)
Task: {27F574CF-2236-4D2F-8703-E55D66798021} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2013-09-27] ()
Task: {376371D7-7FF5-4331-8FA6-816D035B496D} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2000-01-01] (Microsoft Corporation)
Task: {400B7D5C-97BE-4153-AEE0-E3C0FB3E0B3D} - System32\Tasks\Microsoft_Hardware_Launch_devicecenter_exe => c:\Program Files\Microsoft Device Center\devicecenter.exe
Task: {4358C55D-CB38-4D17-AE26-A299BAD8F8FB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {4A6DEC3C-E7CD-40CD-8D4D-865C27DBFDE5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-02-01] (Google Inc.)
Task: {51A533F3-F0C2-4BFD-A4BF-49A922C9CC47} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-12-29] (AVAST Software)
Task: {58C91E4A-82EA-472C-8A21-3AAEDBFCEB4F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-02-01] (Google Inc.)
Task: {65E80994-1F25-4DB2-8E84-A542F84266A2} - System32\Tasks\update-S-1-5-21-1987948605-2304011684-557955469-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2013-09-27] ()
Task: {6C5FF5E4-77DE-43D2-AB73-D50B63A28AA5} - System32\Tasks\SlimDrivers Startup => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe [2013-09-24] (SlimWare Utilities, Inc.)
Task: {734BDAD1-38E1-4AFE-90A2-BC97BC24028C} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2000-01-01] (Microsoft Corporation)
Task: {7784A14C-543A-4CB1-9169-C445387F694D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-13] (Adobe Systems Incorporated)
Task: {8306DCD1-62B1-4B00-9598-E75464B05FC6} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Device Center\ipoint.exe
Task: {8F9FC2E8-6C79-47E4-81F9-4C76FE02A729} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-05-25] ()
Task: {921C1862-DA8A-4457-8EB8-ABB3D5641D38} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-09-23] (Hewlett-Packard Company)
Task: {AA517CBC-8B53-4B4A-AB24-B33940D1E4A6} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Device Center\itype.exe
Task: {BDACD58A-461F-48F7-B9C7-D5B8E95EB2BF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-11-22] (Hewlett-Packard)
Task: {C7A097BC-BC1C-41E2-B1C0-B0CCF4EDF866} - System32\Tasks\HPCeeScheduleForFANTOMAS$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05] (Hewlett-Packard)
Task: {CC00B73A-3AE6-4C2F-B0E1-7781EFC7CC83} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd)
Task: {CEFC71B5-E5BA-47FC-AD47-53765BCB22E6} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-05-25] ()
Task: {CF5D9094-F72A-456F-9710-DFF59434A989} - System32\Tasks\FANTOMAS\André - Start WLAN Tray Applet => C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.EXE [2013-12-15] (Broadcom Corporation)
Task: {F8DF0752-8E1E-45E9-96C4-EDB98A9C9A70} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForAndré.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\HPCeeScheduleForFANTOMAS$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\SlimDrivers Startup.job => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
Task: C:\Windows\Tasks\update-S-1-5-21-1987948605-2304011684-557955469-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Loaded Modules (whitelisted) =============

2010-06-18 15:26 - 2010-06-18 15:26 - 00030264 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_LogicLayer.dll
2010-06-18 15:26 - 2010-06-18 15:26 - 00052280 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HardwareAccess.dll
2010-06-18 15:26 - 2010-06-18 15:26 - 00267832 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPCommon.XmlSerializers.dll
2014-01-16 16:43 - 2014-01-16 12:10 - 02155008 _____ () C:\Program Files\AVAST Software\Avast\defs\14011600\algo.dll
2010-05-19 09:05 - 2010-05-19 09:05 - 02121728 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
2010-05-19 09:05 - 2010-05-19 09:05 - 07745536 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
2010-05-19 09:05 - 2010-05-19 09:05 - 00135168 _____ () C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2013-10-21 08:02 - 2013-10-21 08:02 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-12-05 12:32 - 2013-12-04 03:47 - 00702416 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libglesv2.dll
2013-12-05 12:32 - 2013-12-04 03:47 - 00099792 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libegl.dll
2013-12-05 12:32 - 2013-12-04 03:48 - 04055504 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll
2013-12-05 12:32 - 2013-12-04 03:48 - 00399312 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
2013-12-05 12:32 - 2013-12-04 03:47 - 01619408 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1

==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============

Name: HP Webcam-101
Description: USB-Videogerät
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: usbvideo
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/15/2014 07:30:22 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/15/2014 07:25:02 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/15/2014 05:35:17 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/15/2014 05:35:14 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/15/2014 05:35:13 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/15/2014 05:27:04 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/15/2014 05:26:58 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/15/2014 05:23:00 PM) (Source: MsiInstaller) (User: FANTOMAS)
Description: Produkt: Adobe Reader XI - Deutsch - Update "{AC76BA86-7AD7-0000-2550-7A8C40011006}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127

Error: (01/14/2014 11:36:18 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Netzmanager_Service.exe, Version: 1.71.0.301, Zeitstempel: 0x50094873
Name des fehlerhaften Moduls: SoftplugLib.DLL_unloaded, Version: 0.0.0.0, Zeitstempel: 0x4cbd495f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000007feef108ce0
ID des fehlerhaften Prozesses: 0x99c
Startzeit der fehlerhaften Anwendung: 0xNetzmanager_Service.exe0
Pfad der fehlerhaften Anwendung: Netzmanager_Service.exe1
Pfad des fehlerhaften Moduls: Netzmanager_Service.exe2
Berichtskennung: Netzmanager_Service.exe3


System errors:
=============
Error: (01/14/2014 11:36:21 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Netzmanager Infrastruktur Informationssystem Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.


Microsoft Office Sessions:
=========================
Error: (01/15/2014 07:30:22 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\André\Desktop\Trojaner Board\esetsmartinstaller_enu.exe

Error: (01/15/2014 07:25:02 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (01/15/2014 05:35:17 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\André\Desktop\esetsmartinstaller_enu.exe

Error: (01/15/2014 05:35:14 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\André\Desktop\esetsmartinstaller_enu.exe

Error: (01/15/2014 05:35:13 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\André\Desktop\esetsmartinstaller_enu.exe

Error: (01/15/2014 05:27:04 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\André\Desktop\esetsmartinstaller_enu.exe

Error: (01/15/2014 05:26:58 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\André\Downloads\esetsmartinstaller_enu.exe

Error: (01/15/2014 05:23:00 PM) (Source: MsiInstaller)(User: FANTOMAS)
Description: Adobe Reader XI - Deutsch{AC76BA86-7AD7-0000-2550-7A8C40011006}1625(NULL)(NULL)(NULL)

Error: (01/14/2014 11:36:18 PM) (Source: Application Error)(User: )
Description: Netzmanager_Service.exe1.71.0.30150094873SoftplugLib.DLL_unloaded0.0.0.04cbd495fc0000005000007feef108ce099c01cf115152f78ed9C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exeSoftplugLib.DLL487a59e0-7d6c-11e3-9c03-a5acaef15262


CodeIntegrity Errors:
===================================
  Date: 2014-01-13 17:04:29.064
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-01-13 17:04:28.783
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info ===========================

Percentage of memory in use: 64%
Total physical RAM: 3893.86 MB
Available physical RAM: 1390.62 MB
Total Pagefile: 7785.9 MB
Available Pagefile: 4804.86 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:282.08 GB) (Free:108.61 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:15.72 GB) (Free:2.23 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298 GB) (Disk ID: 91CA769B)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=282 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=16 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)

==================== End Of Log ============================

schrauber 17.01.2014 12:46
How to perform a clean boot in Windows

Teste nochmal. Besser?

fantomas77 17.01.2014 16:42
leider immer noch das gleiche Problem

schrauber 18.01.2014 07:53
Hardware. Sonst fällt mir leider nix mehr ein.

fantomas77 18.01.2014 10:12
Trotzdem herzlichen dank für deine hilfe


Alle Zeitangaben in WEZ +1. Es ist jetzt 16:53 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19