| |
| |||||||
Log-Analyse und Auswertung: Vista: iexplorer.exe startet eigenständig und belastet den PCWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
19.08.2014, 15:40
| #1 |
 |  Vista: iexplorer.exe startet eigenständig und belastet den PC Hallo Virenjäger, vor zwei Tagen öffnete sich immer wieder das Windows-Fenster, das von mir eine Bestätigung möchte, dass ein Programm ausgeführt werden darf. Diese Meldung tauchte immer wieder auf, der Name des Programms war UpdateFlashPlayer_[xxx].exe, wobei [xxx] bei jedem Aufpoppen der Meldung eine andere Kombination aus Buchstaben und Zahlen war. Nachdem ich mich letztendlich einmal verklickt und auf "zulassen" geklickt habe, startete mein Computer neu und seitdem zeigt sich folgendes Verhalten: Direkt nach dem Start taucht die Fehlermeldung mit dem Titel "RegSvr32" auf: Das Modul "" kann nicht geladen werden. (Ich hab auch nen Screenshot davon, falls der hilft ^^) Sobald eine Internetverbindung besteht, startet automatisch eine iexplorer.exe, deren Speicherverbrauch immer mehr ansteigt. Mit der Zeit starten auch neue Prozesse mit dem gleichen Namen. Ich bin dazu übergegangen, die Prozesse immer sofort zu beenden, aber hiervon einen Screenshot nachzuliefern wäre kein Problem. Sobald keine Internetverbindung mehr besteht, starten auch keine neuen Prozesse. Warum ich erst jetzt zu euch komme: Vorgestern habe ich Avira durchlaufen lassen (Log siehe unten) und gestern habe ich HouseCall von Trend Micro durchlaufen lassen. Von Letzterem gibt es allerdings kein Log, da sich nach etwa 14h Suchzeit das Programm mitsamt meinem PC aufgehangen hat. Doch nun zu den Logs. defogger_disable: Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 14:55 on 19/08/2014 (Basti)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
Unable to read sptd.sys
SPTD -> Disabled (Service running -> reboot required)
-=E.O.F=-
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:17-08-2014 01
Ran by Basti (administrator) on SEBASTIAN on 19-08-2014 16:03:16
Running from C:\Users\Basti\Desktop
Platform: Microsoft® Windows Vista™ Ultimate Service Pack 2 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Microsoft Corporation) C:\Windows\System32\wpcumi.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
(AMD) C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe
(Akamai Technologies, Inc.) C:\Users\Basti\AppData\Local\Akamai\netsession_win.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Akamai Technologies, Inc.) C:\Users\Basti\AppData\Local\Akamai\netsession_win.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(HP) C:\Windows\System32\HPSIsvc.exe
() D:\Basti\Andere Progs\3ds Max 2013\NVIDIA\raysat_3dsmax2013_32server.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
() C:\Program Files\CDBurnerXP\NMSAccessU.exe
(NVIDIA) C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(VMware, Inc.) C:\Windows\System32\vmnat.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
(VMware, Inc.) E:\Progs\VMware\vmware-authd.exe
(VMware, Inc.) C:\Windows\System32\vmnetdhcp.exe
(VMware, Inc.) C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
(NVIDIA) C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Flexera Software LLC) E:\Steffi\License10.2\bin\lmgrd.exe
(Flexera Software LLC) E:\Steffi\License10.2\bin\lmgrd.exe
(ESRI) E:\Steffi\License10.2\bin\ARCGIS.exe
(Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-2381145205-3011512156-3281773795-1000\...\Run: [Messenger (Yahoo!)] => C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [6497592 2012-01-04] (Yahoo! Inc.)
HKU\S-1-5-21-2381145205-3011512156-3281773795-1000\...\Run: [HydraVisionDesktopManager] => C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe [389120 2013-02-15] (AMD)
HKU\S-1-5-21-2381145205-3011512156-3281773795-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [21650016 2014-07-24] (Skype Technologies S.A.)
HKU\S-1-5-21-2381145205-3011512156-3281773795-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Basti\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2381145205-3011512156-3281773795-1000\...\Run: [AdubNotz] => regsvr32.exe "
HKU\S-1-5-21-2381145205-3011512156-3281773795-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2381145205-3011512156-3281773795-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-2381145205-3011512156-3281773795-1000\...\MountPoints2: {d2d18f97-3296-11df-bf4d-001a4d4d0150} - W:\autorun.exe -auto
HKU\S-1-5-21-2381145205-3011512156-3281773795-1000\...0c966feabec1\InprocServer32: [Default-shell32] ATTENTION! ====> ZeroAccess?
HKU\S-1-5-21-2381145205-3011512156-3281773795-1000\...A8F59079A8D5}\localserver32: <==== ATTENTION!
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Basti\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Basti\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Basti\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xE99003D041BFCA01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
BHO: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {EF0D1A14-1033-41A2-A589-240C01EDC078} hxxp://dl.pplive.com/PluginSetup.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Winsock: Catalog9 01 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 02 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 03 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 04 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 05 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 06 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 07 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 08 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 19 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\7v4tfamq.default
FF DefaultSearchEngine: Ask.com
FF SearchEngineOrder.1: Ask.com
FF SelectedSearchEngine: Ask.com
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)
FF Plugin: @Citrix.com/npican -> C:\Program Files\Citrix\ICA Client\npicaN.dll (Citrix Systems, Inc.)
FF Plugin: @java.com/JavaPlugin,version=10.5.1 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin: @real.com/nppl3260;version=6.0.12.448 -> C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @octoshape.com/Octoshape Streaming Services,version=1.0 -> C:\Users\Basti\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1101262-0-npoctoshape.dll (Octoshape ApS)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Basti\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF user.js: detected! => C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\7v4tfamq.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Basti\AppData\Roaming\mozilla\plugins\npoctoshape.dll (Octoshape ApS)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: ExHentai Easy - C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\7v4tfamq.default\Extensions\jid0-db0owQRjcx0mRj5LBNH2MHAwEkc@jetpack [2012-08-12]
FF Extension: Greasemonkey - C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\7v4tfamq.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2012-02-13]
FF Extension: Firebug - C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\7v4tfamq.default\Extensions\firebug@software.joehewitt.com.xpi [2012-02-15]
FF Extension: ProxTube - C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\7v4tfamq.default\Extensions\ich@maltegoetz.de.xpi [2014-08-16]
FF Extension: Status-4-Evar - C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\7v4tfamq.default\Extensions\status4evar@caligonstudios.com.xpi [2012-02-15]
FF Extension: YouTube quality manager - C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\7v4tfamq.default\Extensions\youtubequality@rzll.xpi [2012-03-10]
FF Extension: NoScript - C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\7v4tfamq.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2012-02-15]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-08-16]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-03-07]
Chrome:
=======
CHR HomePage: hxxp://www.google.de/
CHR DefaultSearchURL: {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR DefaultSuggestURL: {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Basti\AppData\Local\Google\Chrome\Application\20.0.1132.47\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Basti\AppData\Local\Google\Chrome\Application\20.0.1132.47\pdf.dll No File
CHR Plugin: (Shockwave Flash) - C:\Users\Basti\AppData\Local\Google\Chrome\Application\20.0.1132.47\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (Octoshape Streaming Services) - C:\Users\Basti\AppData\Roaming\Mozilla\plugins\npoctoshape.dll (Octoshape ApS)
CHR Plugin: (Octoshape Streaming Services) - C:\Users\Basti\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1101262-0-npoctoshape.dll (Octoshape ApS)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\4.0.51204.0\npctrl.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll No File
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U5) - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.50.255) - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Pando Web Plugin) - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
CHR Plugin: (Unity Player) - C:\Users\Basti\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Google Update) - C:\Users\Basti\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Presentation Foundation) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (YouTube) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-07-09]
CHR Extension: (Google-Suche) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-07-09]
CHR Extension: (Google Mail) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-07-09]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 ArcGIS License Manager; E:\Steffi\License10.2\bin\lmgrd.exe [1452408 2013-11-13] (Flexera Software LLC)
R2 Avira.OE.ServiceHost; C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe [141392 2014-07-24] (Avira Operations GmbH & Co. KG)
R3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1074480 2014-07-24] (Flexera Software LLC)
R2 mi-raysat_3dsmax2013_32; D:\Basti\Andere Progs\3ds Max 2013\NVIDIA\raysat_3dsmax2013_32server.exe [86016 2011-09-15] () [File not signed]
S3 MySQL; E:\Uni\Datenbanken\my.ini [8934 2011-12-12] () [File not signed]
R2 NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [71096 2009-11-12] ()
R2 nTuneService; C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe [192832 2011-09-19] (NVIDIA)
R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000 2012-10-02] (Skype Technologies S.A.)
R2 VMAuthdService; E:\Progs\VMware\vmware-authd.exe [79872 2012-08-15] (VMware, Inc.) [File not signed]
R2 VMnetDHCP; C:\Windows\system32\vmnetdhcp.exe [357016 2012-08-15] (VMware, Inc.)
R2 VMUSBArbService; C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe [719512 2012-08-01] (VMware, Inc.)
R2 VMware NAT Service; C:\Windows\system32\vmnat.exe [435864 2012-08-15] (VMware, Inc.)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdLH3.sys [75776 2013-01-14] (Advanced Micro Devices)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [281760 2013-02-20] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [97648 2014-07-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-11-25] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [218688 2011-03-08] (DT Soft Ltd)
R2 hcmon; C:\Windows\system32\drivers\hcmon.sys [41496 2012-08-01] (VMware, Inc.)
R3 LGBusEnum; C:\Windows\System32\drivers\LGBusEnum.sys [19720 2009-11-24] (Logitech Inc.)
R3 LGPBTDD; C:\Windows\System32\Drivers\LGPBTDD.sys [23432 2009-07-01] (Logitech Inc.)
R3 LGVirHid; C:\Windows\System32\drivers\LGVirHid.sys [14856 2009-11-24] (Logitech Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2013-02-20] ()
S3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [570880 2007-12-14] (Ralink Technology Corp.)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2010-03-18] (Duplex Secure Ltd.)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-03-24] (Avira GmbH)
S3 StarOpen; C:\Windows\system32\Drivers\StarOpen.sys [7168 2009-11-12] () [File not signed]
R3 vmkbd; C:\Windows\system32\drivers\VMkbd.sys [25624 2012-08-15] (VMware, Inc.)
R3 VMnetAdapter; C:\Windows\System32\DRIVERS\vmnetadapter.sys [16664 2012-08-15] (VMware, Inc.)
R2 VMnetBridge; C:\Windows\System32\DRIVERS\vmnetbridge.sys [37016 2012-08-15] (VMware, Inc.)
R2 VMnetuserif; C:\Windows\system32\drivers\vmnetuserif.sys [25752 2012-08-15] (VMware, Inc.)
R2 VMparport; C:\Windows\system32\Drivers\VMparport.sys [23832 2012-08-15] (VMware, Inc.)
S3 vmusb; C:\Windows\System32\Drivers\vmusb.sys [31280 2012-08-01] (VMware, Inc.)
R2 vmx86; C:\Windows\system32\Drivers\vmx86.sys [61848 2012-08-15] (VMware, Inc.)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [61296 2012-07-06] (VMware, Inc.)
S3 xnacc; C:\Windows\System32\DRIVERS\xnacc.sys [521216 2008-01-19] (Microsoft Corporation)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S4 nvlddmkm; system32\DRIVERS\nvlddmkm.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
U3 kglyapow; \??\C:\Users\Basti\AppData\Local\Temp\kglyapow.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-19 15:56 - 2014-08-19 15:56 - 00013987 _____ () C:\Users\Basti\Desktop\Gmer.log
2014-08-19 15:06 - 2014-08-19 16:03 - 00024518 _____ () C:\Users\Basti\Desktop\FRST.txt
2014-08-19 15:05 - 2014-08-19 14:55 - 00000632 _____ () C:\Users\Basti\Desktop\defogger_disable.log
2014-08-19 15:05 - 2014-08-19 14:53 - 01093632 _____ (Farbar) C:\Users\Basti\Desktop\FRST.exe
2014-08-19 15:05 - 2014-08-19 14:53 - 00380416 _____ () C:\Users\Basti\Desktop\Gmer-19357.exe
2014-08-19 15:05 - 2014-08-19 14:52 - 00050477 _____ () C:\Users\Basti\Desktop\Defogger.exe
2014-08-19 15:01 - 2014-08-19 16:03 - 00000000 ____D () C:\FRST
2014-08-19 14:55 - 2014-08-19 14:55 - 00000020 _____ () C:\Users\Basti\defogger_reenable
2014-08-18 15:26 - 2014-08-18 15:26 - 00000036 _____ () C:\Users\Basti\AppData\Local\housecall.guid.cache
2014-08-18 15:26 - 2011-06-21 06:09 - 00200976 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmcomm.sys
2014-08-18 15:19 - 2014-08-18 15:19 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\QuickScan
2014-08-17 14:13 - 2014-08-17 14:13 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Real
2014-08-17 14:01 - 2014-08-17 14:02 - 00000000 ____D () C:\ProgramData\AdubNotz
2014-08-17 14:01 - 2014-08-17 14:01 - 00000000 ____D () C:\ProgramData\Windows Genuine Advantage
2014-08-17 09:21 - 2014-08-17 09:21 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-08-16 22:02 - 2014-08-16 22:03 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-08-14 06:24 - 2014-06-27 00:17 - 00619664 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-14 06:24 - 2014-06-27 00:17 - 00099480 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-14 06:24 - 2014-06-27 00:17 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-14 06:24 - 2014-06-06 06:28 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-14 06:09 - 2014-07-24 20:07 - 12356608 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-14 06:09 - 2014-07-24 19:58 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-14 06:09 - 2014-07-24 19:52 - 01137664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-14 06:09 - 2014-07-24 19:51 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-14 06:09 - 2014-07-24 19:51 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-14 06:09 - 2014-07-24 19:50 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-14 06:09 - 2014-07-24 19:49 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-08-14 06:09 - 2014-07-24 19:49 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-14 06:09 - 2014-07-24 19:49 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-14 06:09 - 2014-07-24 19:48 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-14 06:09 - 2014-07-24 19:48 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-14 06:09 - 2014-07-24 19:48 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-14 06:09 - 2014-07-24 19:48 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-14 06:09 - 2014-07-24 19:48 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-08-14 06:09 - 2014-07-24 19:48 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-08-14 06:09 - 2014-07-24 19:48 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-08-14 06:09 - 2014-07-24 19:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-14 06:08 - 2014-07-24 19:57 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-14 06:08 - 2014-07-24 19:50 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-08-14 06:08 - 2014-07-24 19:49 - 01802240 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-14 06:08 - 2014-07-24 19:49 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-14 06:08 - 2014-07-08 02:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-14 06:08 - 2014-06-14 02:44 - 00638400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-14 06:08 - 2014-06-14 02:33 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-08-14 06:08 - 2014-06-02 12:31 - 02263552 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-14 06:08 - 2014-06-02 12:31 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-14 06:08 - 2014-06-02 12:30 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-14 06:08 - 2014-06-02 12:30 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-08-14 06:08 - 2014-06-02 10:56 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-14 06:05 - 2014-07-25 06:26 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-14 06:05 - 2014-07-25 04:53 - 02054656 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-29 12:48 - 2014-07-29 12:52 - 00000000 ____D () C:\Users\Basti\AppData\Local\Autodesk
2014-07-26 16:40 - 2014-07-26 16:40 - 00000000 ____D () C:\Users\Basti\.idlerc
2014-07-26 15:51 - 2014-07-26 15:51 - 00000000 ____D () C:\Users\Basti\AppData\Local\ArcGISRuntime
2014-07-26 12:26 - 2014-07-26 12:26 - 00000000 ____D () C:\Users\Basti\Documents\Inventor Server x86 3dsMax
2014-07-26 12:24 - 2014-07-26 12:24 - 00000000 ____D () C:\Users\Basti\Documents\Inventor Server x86 Direct Connect
2014-07-26 12:15 - 2014-07-26 12:18 - 00000000 ____D () C:\Program Files\Autodesk
2014-07-26 12:14 - 2014-07-26 12:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2014-07-26 12:06 - 2014-07-29 16:43 - 00000000 ____D () C:\Users\Basti\Documents\3dsMax
2014-07-26 11:48 - 2014-07-26 12:33 - 00000000 ____D () C:\Program Files\Common Files\Autodesk Shared
2014-07-26 11:43 - 2014-07-29 12:55 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Autodesk
2014-07-26 11:43 - 2014-07-29 12:50 - 00000000 ____D () C:\ProgramData\Autodesk
2014-07-26 11:42 - 2014-07-26 11:42 - 00000000 ____D () C:\Users\Basti\AppData\Local\Akamai
2014-07-26 11:36 - 2014-07-26 11:42 - 00000000 ____D () C:\Autodesk
2014-07-25 17:07 - 2014-07-26 16:30 - 00000000 ____D () C:\Users\Basti\Documents\ArcGIS
2014-07-25 17:07 - 2014-07-26 15:51 - 00000000 ____D () C:\Users\Basti\AppData\Local\ESRI
2014-07-24 22:05 - 2014-07-24 22:05 - 00000000 ____D () C:\ProgramData\FNP
2014-07-24 21:14 - 2014-07-24 22:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcGIS
2014-07-24 21:11 - 2014-07-26 15:59 - 00000000 ____D () C:\Program Files\Common Files\AnswerWorks 4.0
2014-07-24 21:09 - 2014-07-24 21:09 - 00000000 ____D () C:\Program Files\Common Files\Data Dynamics
2014-07-24 21:08 - 2014-07-24 21:13 - 00000000 ____D () C:\Program Files\Common Files\ArcGIS
2014-07-24 21:08 - 2014-07-24 21:08 - 00000000 ____D () C:\Program Files\Common Files\Tom Sawyer Software
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-19 16:03 - 2014-08-19 15:06 - 00024518 _____ () C:\Users\Basti\Desktop\FRST.txt
2014-08-19 16:03 - 2014-08-19 15:01 - 00000000 ____D () C:\FRST
2014-08-19 15:56 - 2014-08-19 15:56 - 00013987 _____ () C:\Users\Basti\Desktop\Gmer.log
2014-08-19 15:07 - 2006-11-02 14:51 - 02026855 _____ () C:\Windows\WindowsUpdate.log
2014-08-19 15:03 - 2012-07-29 18:33 - 00466766 _____ () C:\Windows\system32\perfh011.dat
2014-08-19 15:03 - 2012-07-29 18:33 - 00145430 _____ () C:\Windows\system32\perfc011.dat
2014-08-19 15:03 - 2006-11-02 12:33 - 02371800 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-19 14:58 - 2010-03-18 15:22 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Skype
2014-08-19 14:57 - 2012-11-01 20:45 - 00000000 ____D () C:\ProgramData\VMware
2014-08-19 14:57 - 2006-11-02 15:00 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-19 14:57 - 2006-11-02 14:46 - 00004048 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-19 14:57 - 2006-11-02 14:46 - 00004048 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-19 14:55 - 2014-08-19 15:05 - 00000632 _____ () C:\Users\Basti\Desktop\defogger_disable.log
2014-08-19 14:55 - 2014-08-19 14:55 - 00000020 _____ () C:\Users\Basti\defogger_reenable
2014-08-19 14:55 - 2010-03-07 19:47 - 00000000 ____D () C:\Users\Basti
2014-08-19 14:55 - 2006-11-02 15:00 - 00032530 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-08-19 14:53 - 2014-08-19 15:05 - 01093632 _____ (Farbar) C:\Users\Basti\Desktop\FRST.exe
2014-08-19 14:53 - 2014-08-19 15:05 - 00380416 _____ () C:\Users\Basti\Desktop\Gmer-19357.exe
2014-08-19 14:52 - 2014-08-19 15:05 - 00050477 _____ () C:\Users\Basti\Desktop\Defogger.exe
2014-08-19 14:38 - 2006-11-02 14:46 - 00328504 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-18 15:26 - 2014-08-18 15:26 - 00000036 _____ () C:\Users\Basti\AppData\Local\housecall.guid.cache
2014-08-18 15:19 - 2014-08-18 15:19 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\QuickScan
2014-08-18 15:08 - 2013-07-04 13:05 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\.purple
2014-08-17 19:38 - 2014-03-13 17:49 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-17 19:15 - 2010-03-07 19:47 - 00002032 _____ () C:\Users\Basti\AppData\Local\d3d9caps.dat
2014-08-17 14:13 - 2014-08-17 14:13 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Real
2014-08-17 14:04 - 2010-04-21 11:52 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\mIRC
2014-08-17 14:02 - 2014-08-17 14:01 - 00000000 ____D () C:\ProgramData\AdubNotz
2014-08-17 14:01 - 2014-08-17 14:01 - 00000000 ____D () C:\ProgramData\Windows Genuine Advantage
2014-08-17 09:21 - 2014-08-17 09:21 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-08-17 09:21 - 2010-03-18 15:19 - 00000000 ____D () C:\ProgramData\Skype
2014-08-17 09:15 - 2014-04-13 21:12 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-08-16 22:03 - 2014-08-16 22:02 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-08-16 17:25 - 2010-09-27 10:10 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Dropbox
2014-08-16 17:24 - 2010-09-27 10:10 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-08-16 17:03 - 2013-07-04 13:16 - 00000000 ____D () C:\Users\Basti\AppData\Local\gtk-2.0
2014-08-14 22:15 - 2014-02-21 20:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-14 22:15 - 2013-03-24 10:19 - 00000000 ____D () C:\Program Files\Avira
2014-08-14 22:09 - 2013-03-24 10:19 - 00000000 ____D () C:\ProgramData\Avira
2014-08-14 18:32 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-08-14 15:12 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\rescache
2014-08-14 06:33 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\ja-JP
2014-08-14 06:33 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\de-DE
2014-08-14 06:32 - 2010-03-18 16:10 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-14 06:31 - 2013-07-17 14:12 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-14 06:26 - 2006-11-02 12:24 - 96303304 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-08-08 13:40 - 2010-03-18 15:02 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\ICQ
2014-08-04 21:20 - 2013-10-21 23:50 - 00000000 ____D () C:\Users\Basti\AppData\Local\Battle.net
2014-07-29 16:43 - 2014-07-26 12:06 - 00000000 ____D () C:\Users\Basti\Documents\3dsMax
2014-07-29 15:01 - 2010-03-13 12:39 - 00000000 ____D () C:\Program Files\Common Files\Blizzard Entertainment
2014-07-29 12:55 - 2014-07-26 11:43 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Autodesk
2014-07-29 12:52 - 2014-07-29 12:48 - 00000000 ____D () C:\Users\Basti\AppData\Local\Autodesk
2014-07-29 12:50 - 2014-07-26 11:43 - 00000000 ____D () C:\ProgramData\Autodesk
2014-07-29 12:48 - 2012-04-12 00:19 - 00000000 ____D () C:\ProgramData\FLEXnet
2014-07-26 16:40 - 2014-07-26 16:40 - 00000000 ____D () C:\Users\Basti\.idlerc
2014-07-26 16:30 - 2014-07-25 17:07 - 00000000 ____D () C:\Users\Basti\Documents\ArcGIS
2014-07-26 15:59 - 2014-07-24 21:11 - 00000000 ____D () C:\Program Files\Common Files\AnswerWorks 4.0
2014-07-26 15:51 - 2014-07-26 15:51 - 00000000 ____D () C:\Users\Basti\AppData\Local\ArcGISRuntime
2014-07-26 15:51 - 2014-07-25 17:07 - 00000000 ____D () C:\Users\Basti\AppData\Local\ESRI
2014-07-26 12:33 - 2014-07-26 11:48 - 00000000 ____D () C:\Program Files\Common Files\Autodesk Shared
2014-07-26 12:26 - 2014-07-26 12:26 - 00000000 ____D () C:\Users\Basti\Documents\Inventor Server x86 3dsMax
2014-07-26 12:24 - 2014-07-26 12:24 - 00000000 ____D () C:\Users\Basti\Documents\Inventor Server x86 Direct Connect
2014-07-26 12:18 - 2014-07-26 12:15 - 00000000 ____D () C:\Program Files\Autodesk
2014-07-26 12:18 - 2014-07-26 12:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2014-07-26 12:04 - 2006-11-02 12:23 - 00017363 _____ () C:\Windows\system32\Drivers\etc\services
2014-07-26 11:42 - 2014-07-26 11:42 - 00000000 ____D () C:\Users\Basti\AppData\Local\Akamai
2014-07-26 11:42 - 2014-07-26 11:36 - 00000000 ____D () C:\Autodesk
2014-07-25 06:26 - 2014-08-14 06:05 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-07-25 04:53 - 2014-08-14 06:05 - 02054656 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-24 22:05 - 2014-07-24 22:05 - 00000000 ____D () C:\ProgramData\FNP
2014-07-24 22:00 - 2014-07-24 21:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcGIS
2014-07-24 21:13 - 2014-07-24 21:08 - 00000000 ____D () C:\Program Files\Common Files\ArcGIS
2014-07-24 21:09 - 2014-07-24 21:09 - 00000000 ____D () C:\Program Files\Common Files\Data Dynamics
2014-07-24 21:08 - 2014-07-24 21:08 - 00000000 ____D () C:\Program Files\Common Files\Tom Sawyer Software
2014-07-24 20:07 - 2014-08-14 06:09 - 12356608 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-24 19:58 - 2014-08-14 06:09 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-24 19:57 - 2014-08-14 06:08 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-24 19:52 - 2014-08-14 06:09 - 01137664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-24 19:51 - 2014-08-14 06:09 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-24 19:51 - 2014-08-14 06:09 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-24 19:50 - 2014-08-14 06:09 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-24 19:50 - 2014-08-14 06:08 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-07-24 19:49 - 2014-08-14 06:09 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-07-24 19:49 - 2014-08-14 06:09 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-24 19:49 - 2014-08-14 06:09 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-24 19:49 - 2014-08-14 06:08 - 01802240 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-24 19:49 - 2014-08-14 06:08 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-24 19:48 - 2014-08-14 06:09 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-24 19:48 - 2014-08-14 06:09 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-24 19:48 - 2014-08-14 06:09 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-24 19:48 - 2014-08-14 06:09 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-24 19:48 - 2014-08-14 06:09 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-07-24 19:48 - 2014-08-14 06:09 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-07-24 19:48 - 2014-08-14 06:09 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-07-24 19:47 - 2014-08-14 06:09 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-24 06:02 - 2011-01-17 16:17 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-24 00:55 - 2011-01-17 16:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-21 01:33 - 2012-05-29 17:20 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Audacity
Some content of TEMP:
====================
C:\Users\Basti\AppData\Local\Temp\0a50e25a83046228c11dcaa7eeed09bb.exe
C:\Users\Basti\AppData\Local\Temp\AcDeltree.exe
C:\Users\Basti\AppData\Local\Temp\AskSLib.dll
C:\Users\Basti\AppData\Local\Temp\avgnt.exe
C:\Users\Basti\AppData\Local\Temp\ConfigurationWizard.exe
C:\Users\Basti\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzfdrft.dll
C:\Users\Basti\AppData\Local\Temp\EhQf.dll
C:\Users\Basti\AppData\Local\Temp\IcqUpdater.exe
C:\Users\Basti\AppData\Local\Temp\PIU8.dll
C:\Users\Basti\AppData\Local\Temp\proxy_vole7565623799385755510.dll
C:\Users\Basti\AppData\Local\Temp\setup.exe
C:\Users\Basti\AppData\Local\Temp\Shockwave_Installer_FF.exe
C:\Users\Basti\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Basti\AppData\Local\Temp\st_delete_2216493.exe
C:\Users\Basti\AppData\Local\Temp\utt2B96.tmp.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-08-19 15:04
==================== End Of Log ============================
Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-08-19 15:56:04
Windows 6.0.6002 Service Pack 2 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-3 Hitachi_HDT725050VLA380 rev.V56OA7EA 465,76GB
Running: Gmer-19357.exe; Driver: C:\Users\Basti\AppData\Local\Temp\kglyapow.sys
---- System - GMER 2.1 ----
SSDT 90DED656 ZwCreateSection
SSDT 90DED660 ZwRequestWaitReplyPort
SSDT 90DED65B ZwSetContextThread
SSDT 90DED665 ZwSetSecurityObject
SSDT 90DED66A ZwSystemDebugControl
SSDT 90DED5F7 ZwTerminateProcess
---- Kernel code sections - GMER 2.1 ----
.text ntkrnlpa.exe!KeSetEvent + 215 824C2860 4 Bytes [56, D6, DE, 90]
.text ntkrnlpa.exe!KeSetEvent + 539 824C2B84 4 Bytes [60, D6, DE, 90]
.text ntkrnlpa.exe!KeSetEvent + 56D 824C2BB8 4 Bytes [5B, D6, DE, 90]
.text ntkrnlpa.exe!KeSetEvent + 5D1 824C2C1C 4 Bytes [65, D6, DE, 90]
.text ntkrnlpa.exe!KeSetEvent + 619 824C2C64 4 Bytes [6A, D6, DE, 90]
.text ...
.text C:\Windows\system32\DRIVERS\atikmdag.sys section is writeable [0x8F20A000, 0x153F4A, 0xE8000020]
.text C:\Windows\system32\DRIVERS\atksgt.sys section is writeable [0xA6343300, 0x3B6D8, 0xE8000020]
.text C:\Windows\system32\DRIVERS\lirsgt.sys section is writeable [0xA6386300, 0x1BEE, 0xE8000020]
---- Devices - GMER 2.1 ----
AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 VMkbd.sys
Device \Driver\usbuhci \Device\USBPDO-0 hcmon.sys
Device \Driver\usbuhci \Device\USBPDO-1 hcmon.sys
Device \Driver\usbuhci \Device\USBPDO-2 hcmon.sys
Device \Driver\usbehci \Device\USBPDO-3 hcmon.sys
Device \Driver\usbuhci \Device\USBPDO-4 hcmon.sys
Device \Driver\usbuhci \Device\USBPDO-5 hcmon.sys
Device \Driver\usbuhci \Device\USBPDO-6 hcmon.sys
Device \Driver\usbehci \Device\USBPDO-7 hcmon.sys
Device \Driver\usbhub \Device\USBPDO-9 hcmon.sys
Device \Driver\usbhub \Device\USBPDO-10 hcmon.sys
Device \Driver\usbhub \Device\00000068 hcmon.sys
Device \Driver\usbhub \Device\USBPDO-11 hcmon.sys
Device \Driver\usbhub \Device\00000076 hcmon.sys
Device \Driver\usbhub \Device\00000069 hcmon.sys
Device \Driver\usbhub \Device\0000006a hcmon.sys
Device \Driver\usbhub \Device\0000006b hcmon.sys
Device \Driver\usbuhci \Device\USBFDO-0 hcmon.sys
Device \Driver\usbhub \Device\0000006c hcmon.sys
Device \Driver\usbuhci \Device\USBFDO-1 hcmon.sys
Device \Driver\usbhub \Device\0000006d hcmon.sys
Device \Driver\usbuhci \Device\USBFDO-2 hcmon.sys
Device \Driver\usbhub \Device\0000006e hcmon.sys
Device \Driver\usbehci \Device\USBFDO-3 hcmon.sys
Device \Driver\usbhub \Device\0000006f hcmon.sys
Device \Driver\usbuhci \Device\USBFDO-4 hcmon.sys
Device \Driver\usbuhci \Device\USBFDO-5 hcmon.sys
Device \Driver\usbuhci \Device\USBFDO-6 hcmon.sys
Device \Driver\usbehci \Device\USBFDO-7 hcmon.sys
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 D:\Basti\Andere Progs\Tools\DAEMON Tools\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xDE 0xDF 0x20 0xCD ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xA5 0xD6 0x24 0x9F ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x5E 0xC4 0x7A 0x35 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 D:\Basti\Andere Progs\Tools\DAEMON Tools\
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xDE 0xDF 0x20 0xCD ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xA5 0xD6 0x24 0x9F ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x5E 0xC4 0x7A 0x35 ...
Reg HKLM\SOFTWARE\Microsoft\Windows Search\CatalogNames\Windows\SystemIndex@pkm:catalog:LastCatalogCrawlId 2782
Reg HKLM\SOFTWARE\Microsoft\Windows Search\CatalogNames\Windows\SystemIndex@pkm:catalog:LastCatalogCrawlModified 148
Reg HKLM\SOFTWARE\Microsoft\Windows Search\CatalogNames\Windows\SystemIndex@pkm:catalog:LastCatalogCrawlErrors 0
Reg HKLM\SOFTWARE\Microsoft\Windows Search\CatalogNames\Windows\SystemIndex@pkm:catalog:LastCatalogCrawlExcludes 0
Reg HKLM\SOFTWARE\Microsoft\Windows Search\CatalogNames\Windows\SystemIndex@pkm:catalog:LastCatalogCrawlKBytes 0
Reg HKLM\SOFTWARE\Microsoft\Windows Search\CatalogNames\Windows\SystemIndex@pkm:catalog:LastCatalogCrawlRetries 0
Reg HKLM\SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex@CheckPointNumber 0
Reg HKLM\SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex\Crawls\2781
Reg HKLM\SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex\Crawls\2781@CrawlType 3
Reg HKLM\SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex\Crawls\2781@InProgress 1
Reg HKLM\SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex\Crawls\2781@DoneAddingCrawlSeeds 1
Reg HKLM\SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex\Crawls\2781@LogName C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Crwl2781.gthr
Reg HKLM\SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex\Crawls\2781@CheckPoint 0xE2 0x12 0x56 0x00 ...
Reg HKLM\SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex\Crawls\2781@IsCatalogLevel 0
Reg HKLM\SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex\Crawls\2781@LogStartAddId -1
Reg HKLM\SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex\Crawls\2781@SuccessfulTransactions 1
Reg HKLM\SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex\Crawls\2781@ErrorTransactions 194
Reg HKLM\SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex\Crawls\2781@WarningTransactions 0
Reg HKLM\SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex\Crawls\2781@ExcludedTransactions 182
Reg HKLM\SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex\Crawls\2781@RetryTransactions 0
Reg HKLM\SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex\Crawls\2781@KilobytesCrawled 4
Reg HKLM\SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex\Crawls\2781@Modified 2598
Reg HKLM\SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex\Crawls\2781@UnvisitedItems 82
Reg HKLM\SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex\Crawls\2781@ForcedFullCrawl 0
Reg HKLM\SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex\StartPages\0@CrawlNumberInProgress 2781
Reg HKLM\SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex\StartPages\0@LastCrawlType 5
Reg HKLM\SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex\StartPages\1@CrawlNumberInProgress 2781
Reg HKLM\SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex\StartPages\1@LastCrawlType 5
---- EOF - GMER 2.1 ----
Code:
ATTFilter
Avira Free Antivirus
Erstellungsdatum der Reportdatei: Sonntag, 17. August 2014 19:39
Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.
Lizenznehmer : Avira Antivirus Free
Seriennummer : 0000149996-AVHOE-0000001
Plattform : Windows Vista (TM) Ultimate
Windowsversion : (Service Pack 2) [6.0.6002]
Boot Modus : Abgesicherter Modus
Benutzername : Basti
Computername : SEBASTIAN
Versionsinformationen:
BUILD.DAT : 14.0.6.552 92022 Bytes 23.07.2014 13:29:00
AVSCAN.EXE : 14.0.6.548 1046608 Bytes 14.08.2014 20:04:57
AVSCANRC.DLL : 14.0.6.522 62544 Bytes 14.08.2014 20:04:57
LUKE.DLL : 14.0.6.522 57936 Bytes 14.08.2014 20:05:09
AVSCPLR.DLL : 14.0.6.548 92752 Bytes 14.08.2014 20:04:57
AVREG.DLL : 14.0.6.522 262224 Bytes 14.08.2014 20:04:56
avlode.dll : 14.0.6.526 603728 Bytes 14.08.2014 20:04:56
avlode.rdf : 14.0.4.42 65114 Bytes 17.07.2014 16:06:32
XBV00009.VDF : 8.11.165.190 2048 Bytes 07.08.2014 21:29:37
XBV00010.VDF : 8.11.165.190 2048 Bytes 07.08.2014 21:29:37
XBV00011.VDF : 8.11.165.190 2048 Bytes 07.08.2014 21:29:37
XBV00012.VDF : 8.11.165.190 2048 Bytes 07.08.2014 21:29:37
XBV00013.VDF : 8.11.165.190 2048 Bytes 07.08.2014 21:29:37
XBV00014.VDF : 8.11.165.190 2048 Bytes 07.08.2014 21:29:37
XBV00015.VDF : 8.11.165.190 2048 Bytes 07.08.2014 21:29:37
XBV00016.VDF : 8.11.165.190 2048 Bytes 07.08.2014 21:29:37
XBV00017.VDF : 8.11.165.190 2048 Bytes 07.08.2014 21:29:37
XBV00018.VDF : 8.11.165.190 2048 Bytes 07.08.2014 21:29:37
XBV00019.VDF : 8.11.165.190 2048 Bytes 07.08.2014 21:29:37
XBV00020.VDF : 8.11.165.190 2048 Bytes 07.08.2014 21:29:37
XBV00021.VDF : 8.11.165.190 2048 Bytes 07.08.2014 21:29:37
XBV00022.VDF : 8.11.165.190 2048 Bytes 07.08.2014 21:29:37
XBV00023.VDF : 8.11.165.190 2048 Bytes 07.08.2014 21:29:37
XBV00024.VDF : 8.11.165.190 2048 Bytes 07.08.2014 21:29:37
XBV00025.VDF : 8.11.165.190 2048 Bytes 07.08.2014 21:29:37
XBV00026.VDF : 8.11.165.190 2048 Bytes 07.08.2014 21:29:37
XBV00027.VDF : 8.11.165.190 2048 Bytes 07.08.2014 21:29:37
XBV00028.VDF : 8.11.165.190 2048 Bytes 07.08.2014 21:29:37
XBV00029.VDF : 8.11.165.190 2048 Bytes 07.08.2014 21:29:37
XBV00030.VDF : 8.11.165.190 2048 Bytes 07.08.2014 21:29:37
XBV00031.VDF : 8.11.165.190 2048 Bytes 07.08.2014 21:29:37
XBV00032.VDF : 8.11.165.190 2048 Bytes 07.08.2014 21:29:37
XBV00033.VDF : 8.11.165.190 2048 Bytes 07.08.2014 21:29:37
XBV00034.VDF : 8.11.165.190 2048 Bytes 07.08.2014 21:29:37
XBV00035.VDF : 8.11.165.190 2048 Bytes 07.08.2014 21:29:37
XBV00036.VDF : 8.11.165.190 2048 Bytes 07.08.2014 21:29:37
XBV00037.VDF : 8.11.165.190 2048 Bytes 07.08.2014 21:29:38
XBV00038.VDF : 8.11.165.190 2048 Bytes 07.08.2014 21:29:38
XBV00039.VDF : 8.11.165.190 2048 Bytes 07.08.2014 21:29:38
XBV00040.VDF : 8.11.165.190 2048 Bytes 07.08.2014 21:29:38
XBV00041.VDF : 8.11.165.190 2048 Bytes 07.08.2014 21:29:38
XBV00108.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:40
XBV00109.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:40
XBV00110.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:40
XBV00111.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:40
XBV00112.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:40
XBV00113.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:40
XBV00114.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:40
XBV00115.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:40
XBV00116.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:40
XBV00117.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:40
XBV00118.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:40
XBV00119.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:40
XBV00120.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:40
XBV00121.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:40
XBV00122.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:40
XBV00123.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:40
XBV00124.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:40
XBV00125.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:40
XBV00126.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:40
XBV00127.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:40
XBV00128.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:40
XBV00129.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:40
XBV00130.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:40
XBV00131.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:40
XBV00132.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:40
XBV00133.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:40
XBV00134.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:40
XBV00135.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:40
XBV00136.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:40
XBV00137.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:40
XBV00138.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:40
XBV00139.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:41
XBV00140.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:41
XBV00141.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:41
XBV00142.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:41
XBV00143.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:41
XBV00144.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:41
XBV00145.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:41
XBV00146.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:41
XBV00147.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:41
XBV00148.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:41
XBV00149.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:41
XBV00150.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:41
XBV00151.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:41
XBV00152.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:41
XBV00153.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:41
XBV00154.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:41
XBV00155.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:41
XBV00156.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:41
XBV00157.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:41
XBV00158.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:41
XBV00159.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:41
XBV00160.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:41
XBV00161.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:41
XBV00162.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:41
XBV00163.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:41
XBV00164.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:41
XBV00165.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:41
XBV00166.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:41
XBV00167.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:41
XBV00168.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:41
XBV00169.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:41
XBV00170.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:41
XBV00171.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:41
XBV00172.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:41
XBV00173.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:41
XBV00174.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:41
XBV00175.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:41
XBV00176.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:42
XBV00177.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:42
XBV00178.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:42
XBV00179.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:42
XBV00180.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:42
XBV00181.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:42
XBV00182.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:42
XBV00183.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:42
XBV00184.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:42
XBV00185.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:42
XBV00186.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:42
XBV00187.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:42
XBV00188.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:42
XBV00189.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:42
XBV00190.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:42
XBV00191.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:42
XBV00192.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:42
XBV00193.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:42
XBV00194.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:42
XBV00195.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:42
XBV00196.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:42
XBV00197.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:42
XBV00198.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:42
XBV00199.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:42
XBV00200.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:42
XBV00201.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:42
XBV00202.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:42
XBV00203.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:42
XBV00204.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:42
XBV00205.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:42
XBV00206.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:42
XBV00207.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:42
XBV00208.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:42
XBV00209.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:42
XBV00210.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:42
XBV00211.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:42
XBV00212.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:42
XBV00213.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:42
XBV00214.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:42
XBV00215.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:42
XBV00216.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:42
XBV00217.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:43
XBV00218.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:43
XBV00219.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:43
XBV00220.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:43
XBV00221.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:43
XBV00222.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:43
XBV00223.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:43
XBV00224.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:43
XBV00225.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:43
XBV00226.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:43
XBV00227.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:43
XBV00228.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:43
XBV00229.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:43
XBV00230.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:43
XBV00231.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:43
XBV00232.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:43
XBV00233.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:43
XBV00234.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:43
XBV00235.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:43
XBV00236.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:43
XBV00237.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:43
XBV00238.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:43
XBV00239.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:43
XBV00240.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:43
XBV00241.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:43
XBV00242.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:43
XBV00243.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:43
XBV00244.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:43
XBV00245.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:43
XBV00246.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:43
XBV00247.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:43
XBV00248.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:43
XBV00249.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:43
XBV00250.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:43
XBV00251.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:43
XBV00252.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:43
XBV00253.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:43
XBV00254.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:43
XBV00255.VDF : 8.11.165.192 2048 Bytes 07.08.2014 21:29:44
XBV00000.VDF : 7.11.70.0 66736640 Bytes 04.04.2013 14:01:42
XBV00001.VDF : 7.11.74.226 2201600 Bytes 30.04.2013 10:38:50
XBV00002.VDF : 7.11.80.60 2751488 Bytes 28.05.2013 10:07:53
XBV00003.VDF : 7.11.85.214 2162688 Bytes 21.06.2013 09:39:36
XBV00004.VDF : 7.11.91.176 3903488 Bytes 23.07.2013 11:44:24
XBV00005.VDF : 7.11.98.186 6822912 Bytes 29.08.2013 11:12:36
XBV00006.VDF : 7.11.139.38 15708672 Bytes 27.03.2014 15:30:53
XBV00007.VDF : 7.11.152.100 4193792 Bytes 02.06.2014 13:00:19
XBV00008.VDF : 8.11.165.192 4251136 Bytes 07.08.2014 21:29:37
XBV00042.VDF : 8.11.165.218 217600 Bytes 07.08.2014 21:29:38
XBV00043.VDF : 8.11.165.246 262656 Bytes 07.08.2014 21:29:38
XBV00044.VDF : 8.11.165.250 20480 Bytes 07.08.2014 21:29:38
XBV00045.VDF : 8.11.165.252 2048 Bytes 07.08.2014 21:29:38
XBV00046.VDF : 8.11.165.254 7168 Bytes 07.08.2014 10:58:32
XBV00047.VDF : 8.11.166.4 5120 Bytes 08.08.2014 10:58:32
XBV00048.VDF : 8.11.166.16 6144 Bytes 08.08.2014 10:58:32
XBV00049.VDF : 8.11.166.20 28160 Bytes 08.08.2014 10:58:32
XBV00050.VDF : 8.11.166.22 2048 Bytes 08.08.2014 10:58:32
XBV00051.VDF : 8.11.166.24 20480 Bytes 08.08.2014 10:58:32
XBV00052.VDF : 8.11.166.28 33280 Bytes 08.08.2014 10:58:32
XBV00053.VDF : 8.11.166.32 214016 Bytes 08.08.2014 10:58:32
XBV00054.VDF : 8.11.166.34 5120 Bytes 08.08.2014 10:58:32
XBV00055.VDF : 8.11.166.58 216576 Bytes 09.08.2014 10:58:33
XBV00056.VDF : 8.11.166.78 15872 Bytes 09.08.2014 10:58:33
XBV00057.VDF : 8.11.166.98 37888 Bytes 10.08.2014 10:58:33
XBV00058.VDF : 8.11.166.100 2048 Bytes 10.08.2014 10:58:33
XBV00059.VDF : 8.11.166.102 45568 Bytes 10.08.2014 10:58:33
XBV00060.VDF : 8.11.166.104 2048 Bytes 10.08.2014 10:58:33
XBV00061.VDF : 8.11.166.106 16384 Bytes 11.08.2014 10:58:33
XBV00062.VDF : 8.11.166.108 3072 Bytes 11.08.2014 10:58:33
XBV00063.VDF : 8.11.166.110 8192 Bytes 11.08.2014 12:45:16
XBV00064.VDF : 8.11.166.112 10240 Bytes 11.08.2014 12:45:16
XBV00065.VDF : 8.11.166.114 24576 Bytes 11.08.2014 12:45:16
XBV00066.VDF : 8.11.166.118 215552 Bytes 11.08.2014 12:45:16
XBV00067.VDF : 8.11.166.138 2048 Bytes 11.08.2014 12:45:16
XBV00068.VDF : 8.11.166.158 2048 Bytes 11.08.2014 12:45:16
XBV00069.VDF : 8.11.166.180 8704 Bytes 11.08.2014 12:45:16
XBV00070.VDF : 8.11.166.202 11264 Bytes 12.08.2014 12:45:16
XBV00071.VDF : 8.11.166.206 4096 Bytes 12.08.2014 12:45:16
XBV00072.VDF : 8.11.166.208 5632 Bytes 12.08.2014 12:45:16
XBV00073.VDF : 8.11.166.210 6656 Bytes 12.08.2014 20:04:46
XBV00074.VDF : 8.11.166.212 215040 Bytes 12.08.2014 20:04:46
XBV00075.VDF : 8.11.166.216 29184 Bytes 12.08.2014 20:04:46
XBV00076.VDF : 8.11.166.222 22528 Bytes 12.08.2014 20:04:46
XBV00077.VDF : 8.11.166.226 10752 Bytes 13.08.2014 20:04:46
XBV00078.VDF : 8.11.166.228 2048 Bytes 13.08.2014 20:04:46
XBV00079.VDF : 8.11.166.230 12288 Bytes 13.08.2014 20:04:46
XBV00080.VDF : 8.11.166.232 223232 Bytes 13.08.2014 20:04:46
XBV00081.VDF : 8.11.166.234 10752 Bytes 13.08.2014 20:04:46
XBV00082.VDF : 8.11.166.236 2048 Bytes 13.08.2014 20:04:46
XBV00083.VDF : 8.11.166.238 224256 Bytes 13.08.2014 20:04:46
XBV00084.VDF : 8.11.166.240 11264 Bytes 13.08.2014 20:04:46
XBV00085.VDF : 8.11.166.242 2048 Bytes 13.08.2014 20:04:46
XBV00086.VDF : 8.11.166.244 41472 Bytes 13.08.2014 20:04:46
XBV00087.VDF : 8.11.166.250 8704 Bytes 13.08.2014 20:05:12
XBV00088.VDF : 8.11.167.16 209920 Bytes 14.08.2014 20:05:12
XBV00089.VDF : 8.11.167.34 203776 Bytes 14.08.2014 20:05:12
XBV00090.VDF : 8.11.167.54 5632 Bytes 14.08.2014 20:05:12
XBV00091.VDF : 8.11.167.76 2048 Bytes 14.08.2014 20:05:12
XBV00092.VDF : 8.11.167.96 35840 Bytes 14.08.2014 20:05:12
XBV00093.VDF : 8.11.167.98 204800 Bytes 14.08.2014 20:05:12
XBV00094.VDF : 8.11.167.100 2048 Bytes 14.08.2014 20:05:12
XBV00095.VDF : 8.11.167.102 2048 Bytes 14.08.2014 20:05:12
XBV00096.VDF : 8.11.167.106 19456 Bytes 14.08.2014 22:02:04
XBV00097.VDF : 8.11.167.108 2048 Bytes 14.08.2014 22:02:04
XBV00098.VDF : 8.11.167.110 2048 Bytes 14.08.2014 22:02:04
XBV00099.VDF : 8.11.167.116 207360 Bytes 15.08.2014 22:02:05
XBV00100.VDF : 8.11.167.118 13312 Bytes 15.08.2014 22:02:05
XBV00101.VDF : 8.11.167.120 28672 Bytes 15.08.2014 22:02:05
XBV00102.VDF : 8.11.167.122 2048 Bytes 15.08.2014 22:02:05
XBV00103.VDF : 8.11.167.124 2048 Bytes 15.08.2014 22:02:05
XBV00104.VDF : 8.11.167.126 2048 Bytes 15.08.2014 22:02:05
XBV00105.VDF : 8.11.167.130 251904 Bytes 15.08.2014 22:02:05
XBV00106.VDF : 8.11.167.132 20992 Bytes 16.08.2014 22:01:56
XBV00107.VDF : 8.11.167.154 33792 Bytes 16.08.2014 22:01:56
LOCAL000.VDF : 8.11.167.154 108706816 Bytes 16.08.2014 22:02:21
Engineversion : 8.3.24.12
AEVDF.DLL : 8.3.1.4 133992 Bytes 14.08.2014 20:04:55
AESCRIPT.DLL : 8.2.0.16 428912 Bytes 14.08.2014 20:04:55
AESCN.DLL : 8.3.2.2 139456 Bytes 21.07.2014 21:35:46
AESBX.DLL : 8.2.20.24 1409224 Bytes 08.05.2014 15:11:34
AERDL.DLL : 8.2.0.138 704888 Bytes 02.12.2013 16:25:30
AEPACK.DLL : 8.4.0.50 792488 Bytes 07.08.2014 21:29:34
AEOFFICE.DLL : 8.3.0.20 216104 Bytes 14.08.2014 20:04:54
AEHEUR.DLL : 8.1.4.1226 7388016 Bytes 14.08.2014 20:04:54
AEHELP.DLL : 8.3.1.0 278728 Bytes 29.05.2014 08:59:11
AEGEN.DLL : 8.1.7.28 450752 Bytes 06.06.2014 12:58:54
AEEXP.DLL : 8.4.2.22 244584 Bytes 01.08.2014 21:02:17
AEEMU.DLL : 8.1.3.4 399264 Bytes 07.08.2014 21:29:32
AEDROID.DLL : 8.4.2.24 442568 Bytes 04.06.2014 21:29:13
AECORE.DLL : 8.3.2.6 243712 Bytes 07.08.2014 21:29:32
AEBB.DLL : 8.1.2.0 60448 Bytes 07.08.2014 21:29:32
AVWINLL.DLL : 14.0.6.522 24144 Bytes 14.08.2014 20:04:52
AVPREF.DLL : 14.0.6.522 50256 Bytes 14.08.2014 20:04:56
AVREP.DLL : 14.0.6.522 219216 Bytes 14.08.2014 20:04:57
AVARKT.DLL : 14.0.5.368 226384 Bytes 01.07.2014 13:12:58
AVEVTLOG.DLL : 14.0.6.522 182352 Bytes 14.08.2014 20:04:56
SQLITE3.DLL : 14.0.6.522 452176 Bytes 14.08.2014 20:05:11
AVSMTP.DLL : 14.0.6.522 76368 Bytes 14.08.2014 20:04:58
NETNT.DLL : 14.0.6.522 13392 Bytes 14.08.2014 20:05:10
RCIMAGE.DLL : 14.0.6.544 4863568 Bytes 14.08.2014 20:04:52
RCTEXT.DLL : 14.0.6.536 74320 Bytes 14.08.2014 20:04:52
Konfiguration für den aktuellen Suchlauf:
Job Name..............................: Vollständige Systemprüfung
Konfigurationsdatei...................: C:\Program Files\Avira\AntiVir Desktop\sysscan.avp
Protokollierung.......................: standard
Primäre Aktion........................: Reparieren
Sekundäre Aktion......................: Löschen
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Bootsektoren..........................: C:, D:, E:,
Durchsuche aktive Programme...........: ein
Laufende Programme erweitert..........: ein
Durchsuche Registrierung..............: ein
Suche nach Rootkits...................: ein
Integritätsprüfung von Systemdateien..: aus
Prüfe alle Dateien....................: Alle Dateien
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: erweitert
Beginn des Suchlaufs: Sonntag, 17. August 2014 19:39
Der Suchlauf über die Bootsektoren wird begonnen:
Bootsektor 'HDD0(C:, D:, E:)'
[INFO] Es wurde kein Virus gefunden!
Der Suchlauf nach versteckten Objekten wird begonnen.
Der Treiber konnte nicht initialisiert werden.
Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'avscan.exe' - '91' Modul(e) wurden durchsucht
Durchsuche Prozess 'avcenter.exe' - '97' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskmgr.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'Explorer.EXE' - '170' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '48' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '53' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '49' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '39' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsm.exe' - '22' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsass.exe' - '59' Modul(e) wurden durchsucht
Durchsuche Prozess 'winlogon.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'services.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'wininit.exe' - '18' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '14' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '14' Modul(e) wurden durchsucht
Durchsuche Prozess 'smss.exe' - '2' Modul(e) wurden durchsucht
Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:
Die Registry wurde durchsucht ( '16729' Dateien ).
Der Suchlauf über die ausgewählten Dateien wird begonnen:
Beginne mit der Suche in 'C:\'
C:\Users\Basti\AppData\Local\Temp\nyegISa6.exe.part
[FUND] Enthält Erkennungsmuster der Anwendung APPL/Downloader.Gen
[HINWEIS] Eine Sicherungskopie wurde unter dem Namen 579870a3.qua erstellt ( QUARANTÄNE )
[HINWEIS] Die Datei wurde gelöscht.
C:\Users\Basti\AppData\Local\Temp\OCS\ocs_v71a.exe
[FUND] Enthält Erkennungsmuster der Anwendung APPL/Downloader.Gen
[HINWEIS] Eine Sicherungskopie wurde unter dem Namen 4f395be5.qua erstellt ( QUARANTÄNE )
[HINWEIS] Die Datei wurde gelöscht.
Beginne mit der Suche in 'D:\' <Daten1>
Beginne mit der Suche in 'E:\' <Daten2>
Ende des Suchlaufs: Montag, 18. August 2014 00:49
Benötigte Zeit: 5:10:05 Stunde(n)
Der Suchlauf wurde vollständig durchgeführt.
93032 Verzeichnisse wurden überprüft
2734698 Dateien wurden geprüft
2 Viren bzw. unerwünschte Programme wurden gefunden
0 Dateien wurden als verdächtig eingestuft
2 Dateien wurden gelöscht
0 Viren bzw. unerwünschte Programme wurden repariert
2 Dateien wurden in die Quarantäne verschoben
0 Dateien wurden umbenannt
0 Dateien konnten nicht durchsucht werden
2734696 Dateien ohne Befall
21728 Archive wurden durchsucht
0 Warnungen
2 Hinweise
MfG |
|
19.08.2014, 15:41
| #2 |
| /// the machine /// TB-Ausbilder    | Vista: iexplorer.exe startet eigenständig und belastet den PC Hi,
__________________Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen. Ich kann auf Arbeit keine Anhänge öffnen, danke.  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
19.08.2014, 15:47
| #3 |
| | Vista: iexplorer.exe startet eigenständig und belastet den PC Addition.txt (Teil 1):
__________________Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version:17-08-2014 01
Ran by Basti at 2014-08-19 16:03:53
Running from C:\Users\Basti\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
‚à‚µ‚à“§–¾lŠÔ‚ɂȂꂽ‚È‚ç (HKLM\...\‚à‚µ‚à“§–¾lŠÔ‚É‚È‚ê‚é‚È‚ç) (Version: - )
µTorrent (HKCU\...\uTorrent) (Version: 3.4.1.31395 - BitTorrent Inc.)
7-Zip 9.20 (HKLM\...\7-Zip) (Version: - )
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.3.0.3670 - Adobe Systems Incorporated)
Adobe AIR (Version: 3.3.0.3670 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.5.502.135 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-A95000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.)
Akamai NetSession Interface (HKCU\...\Akamai) (Version: - Akamai Technologies, Inc)
AMD APP SDK Runtime (Version: 10.0.1124.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{BC3053AC-FC4E-2073-FE89-A3C68ABFB134}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AP Tuner 3.08 (HKLM\...\AP Tuner 3.08) (Version: - )
Apple Application Support (HKLM\...\{F5266D28-E0B2-4130-BFC5-EE155AD514DC}) (Version: 2.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcGIS 10.2.1 for Desktop - Sprachpaket Deutsch (HKLM\...\ArcGIS 10.2.1 for Desktop - Sprachpaket Deutsch) (Version: 10.2.3497 - Environmental Systems Research Institute, Inc.)
ArcGIS 10.2.1 for Desktop - Sprachpaket Deutsch (Version: 10.2.3497 - Environmental Systems Research Institute, Inc.) Hidden
ArcGIS 10.2.1 for Desktop (HKLM\...\ArcGIS 10.2.1 for Desktop) (Version: 10.2.3497 - Environmental Systems Research Institute, Inc.)
ArcGIS 10.2.1 for Desktop (Version: 10.2.3497 - Environmental Systems Research Institute, Inc.) Hidden
ArcGIS 10.2.1 License Manager (HKLM\...\ArcGIS 10.2.1 License Manager) (Version: 10.2.3497 - Environmental Systems Research Institute, Inc.)
ArcGIS 10.2.1 License Manager (Version: 10.2.3497 - Environmental Systems Research Institute, Inc.) Hidden
ArgoUML 0.34 (HKLM\...\ArgoUML) (Version: 0.34 - )
ASIO4ALL (HKLM\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
ASUS Product Register Program (HKLM\...\{9D29D67C-315D-46A1-A3A9-3CAF24871578}) (Version: 1.0.021 - ASUSTek Computer Inc.)
Audacity 2.0 (HKLM\...\Audacity_is1) (Version: - Audacity Team)
Autodesk 3ds Max 2013 32-bit (HKLM\...\Autodesk 3ds Max 2013 32-bit) (Version: 15.0.0.347 - Autodesk)
Autodesk 3ds Max 2013 32-bit (Version: 15.0.0.347 - Autodesk) Hidden
Autodesk Backburner 2013.0.0 (HKLM\...\{3D347E6D-5A03-4342-B5BA-6A771885F379}) (Version: 2013.0.0 - Autodesk, Inc.)
Autodesk DirectConnect 2013 32-bit (HKLM\...\Autodesk DirectConnect 2013 32-bit) (Version: 7.0.28.0 - Autodesk)
Autodesk DirectConnect 2013 32-bit (Version: 7.0.28.0 - Autodesk) Hidden
Autodesk Essential Skills Movies for 3ds Max 2013 32-bit (HKLM\...\{5061ACBA-7A0A-42FE-93FF-403B2099D200}) (Version: 1.0.0.1 - Autodesk)
Autodesk FBX Plug-in 2013.1 - 3ds Max 2013 (HKLM\...\Autodesk FBX Plug-in 2013.1 - 3ds Max 2013) (Version: - Autodesk)
Autodesk Inventor Server Engine for 3ds Max 2013 32-bit (HKLM\...\{696BB53C-28E6-1632-974E-D42FFF5B8E04}) (Version: 15.0 - Autodesk)
Autodesk Material Library 2013 (HKLM\...\{117EBEEB-5DB0-43C8-9FD6-DD583DB152DD}) (Version: 3.0.13 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2013 (HKLM\...\{606E12B9-641F-4644-A22A-FF38AE980AFD}) (Version: 3.0.13 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2013 (HKLM\...\{58760EEC-8B6A-43F4-81AA-696E381DFADD}) (Version: 3.0.13 - Autodesk)
Autodesk Revit Interoperability for 3ds Max and 3ds Max Design 2013 32-bit (HKLM\...\{06E18300-BB64-1632-8E6A-2593FC67BB74}) (Version: 1.0.0.1 - Autodesk)
Avira (HKLM\...\{9590977b-7b6f-467e-a11a-efa1fae804da}) (Version: 1.1.18.30000 - Avira Operations GmbH & Co. KG)
Avira (Version: 1.1.18.30000 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.6.552 - Avira)
Battle.net (HKLM\...\Battle.net) (Version: - Blizzard Entertainment)
Catalyst Control Center - Branding (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (Version: 2013.0314.338.4633 - Ihr Firmenname) Hidden
Catalyst Control Center Graphics Previews Common (Version: 2013.0314.338.4633 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (Version: 2013.0314.338.4633 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (Version: 2013.0314.0337.4633 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (Version: 2013.0314.0337.4633 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (Version: 2013.0314.0337.4633 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (Version: 2013.0314.0337.4633 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (Version: 2013.0314.0337.4633 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (Version: 2013.0314.0337.4633 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (Version: 2013.0314.0337.4633 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (Version: 2013.0314.0337.4633 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (Version: 2013.0314.0337.4633 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (Version: 2013.0314.0337.4633 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (Version: 2013.0314.0337.4633 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (Version: 2013.0314.0337.4633 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (Version: 2013.0314.0337.4633 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (Version: 2013.0314.0337.4633 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (Version: 2013.0314.0337.4633 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (Version: 2013.0314.0337.4633 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (Version: 2013.0314.0337.4633 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (Version: 2013.0314.0337.4633 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (Version: 2013.0314.0337.4633 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (Version: 2013.0314.0337.4633 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (Version: 2013.0314.0337.4633 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (Version: 2013.0314.0337.4633 - Advanced Micro Devices, Inc.) Hidden
ccc-utility (Version: 2013.0314.338.4633 - Advanced Micro Devices, Inc.) Hidden
CD Wave Editor 1.98 (HKLM\...\CD Wave Editor_is1) (Version: 1.9.8.1 - MiLo Software)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.2.7.1893 - CDBurnerXP)
CDex - Open Source Digital Audio CD Extractor (HKLM\...\CDex) (Version: 1.70.4.2009 - Georgy Berdyshev)
Citrix Authentication Manager (Version: 3.0.0.47031 - Citrix Systems, Inc.) Hidden
Citrix Receiver (DV) (Version: 13.3.0.55 - Citrix Systems, Inc.) Hidden
Citrix Receiver (HDX Flash-Umleitung) (Version: 13.3.0.55 - Citrix Systems, Inc.) Hidden
Citrix Receiver (HKLM\...\CitrixOnlinePluginPackWeb) (Version: 13.3.0.55 - Citrix Systems, Inc.)
Citrix Receiver (USB) (Version: 13.3.0.55 - Citrix Systems, Inc.) Hidden
Citrix Receiver Inside (Version: 3.3.0.17208 - Citrix Systems, Inc.) Hidden
Citrix Receiver Updater (Version: 3.3.0.17207 - Citrix Systems, Inc.) Hidden
Citrix Receiver(Aero) (Version: 13.3.0.55 - Citrix Systems, Inc.) Hidden
CMake 2.8, a cross-platform, open-source build system (HKLM\...\CMake 2.8.7) (Version: 2.8.7 - Kitware)
Combined Community Codec Pack 2013-04-20 (HKLM\...\Combined Community Codec Pack_is1) (Version: 2013.04.20.0 - CCCP Project)
Composite 2013 (HKLM\...\{92203FA0-7C43-429F-857C-0AE197D8199C}) (Version: 8.0.0 - Autodesk)
Crystal Reports for Visual Studio (Version: 12.51.0.240 - SAP) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.40.2.0131 - DT Soft Ltd)
Dark Souls Prepare to Die Edition (HKLM\...\GFWL_{4E4D0FA1-F880-4CCB-999A-501000008200}) (Version: 1.0.0000.130 - NAMCO BANDAI Games Europe S.A.S.)
Dark Souls Prepare to Die Edition (Version: 1.0.0000.130 - NAMCO BANDAI Games Europe S.A.S.) Hidden
Dotfuscator Software Services - Community Edition - DEU (HKLM\...\{CE9BAD6E-60FC-46CC-82A2-5B0F2B1A0E36}) (Version: 5.0.2300.0 - PreEmptive Solutions)
Dotfuscator Software Services - Community Edition (HKLM\...\{1AA5BD63-6614-44B2-88A7-605191EDB835}) (Version: 5.0.2500.0 - PreEmptive Solutions)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.28 - Dropbox, Inc.)
DSA Satinavs Ketten (HKLM\...\DSA Satinavs Ketten_is1) (Version: - )
Dxtory version 2.0.114 (HKLM\...\Dxtory2.0_is1) (Version: 2.0.114 - Dxtory Software)
Dysfunctional Systems - Episode 1 (HKLM\...\Dysfunctional_Systems_Ep1) (Version: - Dischan)
EASy68K 5.9.0 (HKLM\...\EASy68K) (Version: 5.9.0 - Professor Kelly)
ffdshow [rev 3154] [2009-12-09] (HKLM\...\ffdshow_is1) (Version: 1.0 - )
FLV Player 2.0 (build 25) (HKLM\...\FLV Player) (Version: 2.0 (build 25) - Martijn de Visser)
Free JavaScript Editor 4.7 (HKLM\...\{EA5B4DB8-BF9A-4E23-B7FB-0A387A3A0E8F}) (Version: 4.7.2.7 - Yaldex Software)
Free Video to MP3 Converter version 5.0.4.1228 (HKLM\...\Free Video to MP3 Converter_is1) (Version: - DVDVideoSoft Ltd.)
GIMP 2.8.2 (HKLM\...\GIMP-2_is1) (Version: 2.8.2 - The GIMP Team)
GoldWave v5.58 (HKLM\...\GoldWave v5.58) (Version: - )
GOM Player (HKLM\...\GOM Player) (Version: 2.1.40.5106 - Gretech Corporation)
GOMTV Streamer (HKLM\...\GomTVStreamer) (Version: 1.0.0.25 - Gretech Corporation)
GSmartControl (HKLM\...\GSmartControl) (Version: 0.8.5 - Alexander Shaduri)
Haskell Platform 2013.2.0.0 (HKLM\...\HaskellPlatform-2013.2.0.0) (Version: - Haskell.org)
Hearthstone (HKLM\...\Hearthstone) (Version: - Blizzard Entertainment)
Hotfix für Microsoft Team Foundation Server 2010-Objektmodell - DEU (KB2890573) (HKLM\...\{929F5BFC-60F0-34EC-A50B-2001AAC03D56}.KB2890573) (Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual Studio 2010 Professional - DEU (KB2529927) (HKLM\...\{CAD6AA29-9CA1-384D-8034-566261CFCC9B}.KB2529927) (Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual Studio 2010 Professional - DEU (KB2548139) (HKLM\...\{CAD6AA29-9CA1-384D-8034-566261CFCC9B}.KB2548139) (Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual Studio 2010 Professional - DEU (KB2549864) (HKLM\...\{CAD6AA29-9CA1-384D-8034-566261CFCC9B}.KB2549864) (Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual Studio 2010 Professional - DEU (KB2635973) (HKLM\...\{CAD6AA29-9CA1-384D-8034-566261CFCC9B}.KB2635973) (Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual Studio 2010 Professional - DEU (KB2890573) (HKLM\...\{CAD6AA29-9CA1-384D-8034-566261CFCC9B}.KB2890573) (Version: 1 - Microsoft Corporation)
HP LaserJet Professional P1100-P1560-P1600 Series (HKLM\...\HP LaserJet Professional P1100-P1560-P1600 Series) (Version: - )
HydraVision (Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden
ICQ 7.2 Build #3525 Banner Remover 1.0 (HKLM\...\{0A35B15C-9CCD-4C0C-BD5B-34ABF8C95813}_is1) (Version: - murb.com)
ICQ7 (HKLM\...\{88EB38EF-4D2C-436D-ABD3-56B232674062}) (Version: 7.0 - ICQ)
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.27 - Irfan Skiljan)
Java 7 Update 11 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217007FF}) (Version: 7.0.110 - Oracle)
Java Auto Updater (Version: 2.1.9.0 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 29 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216019FF}) (Version: 6.0.290 - Sun Microsystems, Inc.)
JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
JDownloader 0.9 (HKLM\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Katawa Shoujo (HKLM\...\Katawa Shoujo) (Version: - )
Kyodai Mahjongg 2006 v1.42 (HKLM\...\Kyodai Mahjongg 2006_is1) (Version: - Rene-Gilles Deberdt)
Logitech Gaming Software (Version: 8.20.74 - Logitech Inc.) Hidden
Logitech Gaming Software 8.20 (HKLM\...\Logitech Gaming Software) (Version: 8.20.74 - Logitech Inc.)
Mass Effect - English 2 German Patch v.1.0 (HKLM\...\{6C37FA93-10B5-4F55-A672-954ECEDA221B}_is1) (Version: - Revan)
MATLAB R2011a (HKLM\...\MatlabR2011a) (Version: 7.12 - The MathWorks, Inc.)
Microsoft .NET Framework 3.5 Language Pack - jpn (Version: 3.5.21022 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 Language Pack - 日本語 (HKLM\...\Microsoft .NET Framework 3.5 Language Pack - jpn) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft AppLocale (HKLM\...\{394BE3D9-7F57-4638-A8D1-1D88671913B7}) (Version: 1.0.0 - MS)
Microsoft ASP.NET MVC 2 - DEU (HKLM\...\{E4E9CBC9-1CF5-48E3-AF6F-1AB44A856346}) (Version: 2.0.50331.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools - DEU (HKLM\...\{31C3C6EA-E991-405F-A3AA-2C070CCCC47C}) (Version: 2.0.50331.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools (HKLM\...\{40416836-56CC-4C0E-A6AF-5C34BADCE483}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 (HKLM\...\{1803A630-3C38-4D2B-9B9A-0CB37243539C}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (Version: 1.1.40219 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.1 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.1 Language Pack - DEU) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 Language Pack - DEU (Version: 1.1.40219 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Silverlight 3 SDK - Deutsch (HKLM\...\{91F54E1D-804A-46D8-A56C-53EA9C4B3177}) (Version: 3.0.40818.0 - Microsoft Corporation)
Microsoft Silverlight 4 SDK - Deutsch (HKLM\...\{803910CC-3A39-45E3-A594-0D5512A60A86}) (Version: 4.0.50826.0 - Microsoft Corporation)
Microsoft SQL Server 2008 (HKLM\...\Microsoft SQL Server 10 Release) (Version: - Microsoft Corporation)
Microsoft SQL Server 2008 (Version: - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Browser (HKLM\...\{4AF2248C-B3DF-46FB-9596-87F5DB193689}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Common Files (Version: 10.0.1600.22 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Common Files (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Services (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Shared (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Native Client (HKLM\...\{1C2B3CEA-482E-4453-B3E2-C9731337828A}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM\...\{E9089B6A-1FDE-47F3-8D29-175F5B7A0722}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Transact-SQL-Sprachdienst (HKLM\...\{BB1E119E-CF4B-4183-910E-A8C2B379F2C6}) (Version: 10.50.1752.9 - Microsoft Corporation)
Microsoft SQL Server 2008 R2-Datenebenenanwendungs-Framework (HKLM\...\{919E5477-D20B-4F64-AE8B-8199469F7817}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 R2-Datenebenenanwendungs-Projekt (HKLM\...\{103A5E44-DD5B-46D5-AD1E-9DF2260CA023}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 RsFx Driver (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Database Publishing Wizard 1.4 (HKLM\...\{ACE28263-76A4-4BF5-B6F4-8BD719595969}) (Version: 10.1.2512.8 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM\...\{C668416A-9213-4058-B7F2-01A42D85559D}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{D074DC76-F6C9-440E-A1D0-1DE958417FDB}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft Sync Framework Runtime v1.0 SP1 (x86) de (HKLM\...\{DB0AF767-7CC7-4E4D-B6BE-A200F20A2FB1}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework SDK v1.0 SP1 de (HKLM\...\{03A4C6A1-26E9-4DDB-81D9-B332E5BB10AD}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework Services v1.0 SP1 (x86) de (HKLM\...\{EAF7B35C-DCBE-4032-9ABF-C35C43D07124}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x86) de (HKLM\...\{D6A6CFAD-CD86-482B-90D1-6FCC4E252ACD}) (Version: 2.0.3010.0 - Microsoft Corporation)
Microsoft Team Foundation Server 2010 Object Model - DEU (Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Team Foundation Server 2010-Objektmodell - DEU (HKLM\...\Microsoft Team Foundation Server 2010 Object Model - DEU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ Compilers 2010 Standard - enu - x86 (Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (HKLM\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual F# 2.0 Runtime (HKLM\...\{85467CBC-7A39-33C9-8940-D72D9269B84F}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime Language Pack - DEU (HKLM\...\{681F4E9F-34E0-36BD-BF2C-100554E403A5}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM\...\{616C6F39-4CE1-3434-A665-2F6A04C09A7F}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Office Developer Tools (x86) (Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Office Developer Tools (x86) Language Pack - DEU (Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Professional - DEU (HKLM\...\Microsoft Visual Studio 2010 Professional - DEU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Professional - DEU (Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Service Pack 1 (HKLM\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 SharePoint Developer Tools (Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50701 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (Version: 10.0.50706 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU (Version: 10.0.50701 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU) (Version: 10.0.50701 - Microsoft Corporation)
Microsoft Visual Studio Macro Tools - DEU Language Pack (HKLM\...\Microsoft Visual Studio Macro Tools - DEU Language Pack) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Macro Tools - DEU Language Pack (Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual Studio Macro Tools (HKLM\...\Microsoft Visual Studio Macro Tools) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Macro Tools (Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Windows Application Compatibility Database (HKLM\...\{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb) (Version: - )
Microsoft XNA Framework Redistributable 4.0 (HKLM\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft XNA Game Studio 4.0 (ARP entry) (Version: 4.0.20823.0 - Microsoft Corporation) Hidden
Microsoft XNA Game Studio 4.0 (HKLM\...\XNA Game Studio 4.0) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft XNA Game Studio 4.0 (Redists) (Version: 4.0.20823.0 - Microsoft Corporation) Hidden
Microsoft XNA Game Studio 4.0 (Shared Components) (Version: 4.0.20823.0 - Microsoft Corporation) Hidden
Microsoft XNA Game Studio 4.0 (Visual Studio) (Version: 4.0.20823.0 - Microsoft Corporation) Hidden
Microsoft XNA Game Studio 4.0 (XnaLiveProxy) (Version: 4.0.20823.0 - Microsoft Corporation) Hidden
Microsoft XNA Game Studio 4.0 Documentation (Version: 4.0.20823.0 - Microsoft Corporation) Hidden
Microsoft XNA Game Studio Platform Tools (HKLM\...\{0666E46E-A860-4353-BE6D-13AA72FABB57}) (Version: 1.3.0.0 - Microsoft Corporation)
mIRC (HKLM\...\mIRC) (Version: 7.14 - mIRC Co. Ltd.)
Mozilla Firefox 31.0 (x86 de) (HKLM\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MySQL Server 5.5 (HKLM\...\{DF3A1F25-DD98-4DCA-986D-BB7DC372A856}) (Version: 5.5.19 - Oracle Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.108.688 - NVIDIA Corporation) Hidden
NVIDIA Performance (HKLM\...\InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}) (Version: 6.5 - NVIDIA Corporation)
NVIDIA Performance (Version: 6.5 - NVIDIA Corporation) Hidden
NVIDIA System Monitor (HKLM\...\InstallShield_{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}) (Version: 6.5 - NVIDIA Corporation)
NVIDIA System Monitor (Version: 6.5 - NVIDIA Corporation) Hidden
Octoshape add-in for Adobe Flash Player (HKCU\...\Octoshape add-in for Adobe Flash Player) (Version: - )
Octoshape Streaming Services (HKCU\...\Octoshape Streaming Services) (Version: - )
Online Plug-in (Version: 13.3.0.55 - Citrix Systems, Inc.) Hidden
Pale Moon 24.4.2 (x86 en-US) (HKLM\...\Pale Moon 24.4.2 (x86 en-US)) (Version: 24.4.2 - Mozilla)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.207.0 - Tracker Software Products Ltd)
Pidgin (HKLM\...\Pidgin) (Version: 2.10.7 - )
pidgin-otr 4.0.0-1 (HKLM\...\pidgin-otr) (Version: 4.0.0-1 - Cypherpunks CA)
PitchPerfect Musical Instrument Tuner (HKLM\...\PitchPerfect) (Version: 2.09 - NCH Software)
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
QuickTime (HKLM\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)
Racket v6.0.1 (i386) (HKLM\...\Racket-i386-6.0.1) (Version: 6.0.1 - PLT Design Inc.)
RapidMiner 5 (HKCU\...\RapidMiner 5) (Version: 5.1 - )
RGSS-RTP Standard (HKLM\...\RGSS-RTP Standard_is1) (Version: 1.03 - Enterbrain)
Rosetta Stone Version 3 (HKLM\...\{99011A6E-5200-11DE-BDB8-7ACD56D89593}) (Version: 3.4.5.0 - Rosetta Stone Ltd.)
RPG MAKER VX Ace RTP (HKLM\...\RPGVXAce_RTP_is1) (Version: 1.00 - Enterbrain)
RPG Maker VX RTP (HKLM\...\RPG Maker VX RTP_is1) (Version: 1.02 - Enterbrain)
RPG Maker XP (HKLM\...\RPG Maker XP_is1) (Version: 1.04 - Enterbrain)
Self-Service Plug-in (Version: 3.3.0.27839 - Citrix Systems, Inc.) Hidden
Service Pack 1 für SQL Server 2008 (KB 968369) (HKLM\...\KB968369) (Version: 10.1.2531.0 - Microsoft Corporation)
Sicherheitsupdate für Microsoft Visual Studio 2010 Professional - DEU (KB2645410) (HKLM\...\{CAD6AA29-9CA1-384D-8034-566261CFCC9B}.KB2645410) (Version: 1 - Microsoft Corporation)
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.3.11079 - Skype Technologies S.A.)
Skype™ 6.18 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Sothink SWF Decompiler (HKLM\...\{BCDB856C-D247-4DEE-9132-89C02F4D6B8C}_is1) (Version: 7.1 - SourceTec Software Co., LTD)
Spotify (HKCU\...\Spotify) (Version: 0.8.2.610.g090a06f8 - Spotify AB)
Sql Server Customer Experience Improvement Program (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
SSH Secure Shell (HKLM\...\{74E2CD0C-D4A2-11D3-95A6-0000E86CFDE5}) (Version: - )
Steam (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
SWF Opener (HKLM\...\{01386D1F-ADE7-43B4-A4E9-312FC5BC726F}_is1) (Version: 1.3 - UnH Solutions)
SWFPlayer 2.6.2.0 (HKLM\...\SWFPlayer_is1) (Version: 2.6.2.0 - Michael Faust, Alpha Interactive)
SWI-Prolog (remove only) (HKLM\...\SWI-Prolog) (Version: - )
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab (HKLM\...\{92482FB3-C05B-41C6-89E7-75D985602A6E}) (Version: 4.1.72.0 - Husdawg, LLC)
System Requirements Lab for Intel (HKLM\...\{F7FC9307-374E-4017-8E9D-DE1154780480}) (Version: 4.1.66.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.9.2 - TeamSpeak Systems GmbH)
Tintin Au Tibet (HKLM\...\Tintin Au Tibet_is1) (Version: - GameFabrique)
Unity (HKLM\...\Unity) (Version: - Unity Technologies ApS)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Unterstützungsdateien für Microsoft SQL Server 2008-Setup (HKLM\...\{9AA2D735-3375-42D4-9A61-3FFEF82599D6}) (Version: 10.1.2731.0 - Microsoft Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2883097) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{B2260BC9-D561-46EE-B33D-739CF760A2A9}) (Version: - Microsoft)
Vista Codec Package (HKLM\...\{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}) (Version: 5.7.8 - Shark007)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (HKLM\...\{CFCB8616-A5D1-4281-80E8-389F685BFAE2}) (Version: 4.0.8080.0 - Microsoft Corporation)
VMware Player (HKLM\...\VMware_Player) (Version: 5.0.0 - VMware, Inc)
VMwarePlayer_x86 (Version: 5.0.0 - VMware, Inc.) Hidden
WCF RIA Services V1.0 SP1 (HKLM\...\{D9E6001A-5DC3-4620-AF7A-80B6CD48645D}) (Version: 4.1.60114.0 - Microsoft Corporation)
Web Deployment Tool (HKLM\...\{0F37D969-1260-419E-B308-EF7D29ABDE20}) (Version: 1.1.0618 - Microsoft Corporation)
Wichtiges Update für Microsoft Visual Studio 2010 Professional - DEU (KB2938807) (HKLM\...\{CAD6AA29-9CA1-384D-8034-566261CFCC9B}.KB2938807) (Version: 1 - Microsoft Corporation)
Windows Media Encoder 9-Reihe (HKLM\...\Windows Media Encoder 9) (Version: - )
Windows Media Encoder 9-Reihe (Version: 9.00.3374 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR (HKLM\...\WinRAR archiver) (Version: - )
WinSCP 4.3.2 (HKLM\...\winscp3_is1) (Version: 4.3.2 - Martin Prikryl)
XSplit (HKLM\...\{15C49338-59E5-472E-94F7-D5AE15EE23C9}) (Version: 1.0.1206.0203 - SplitMediaLabs)
Yahoo! Messenger (HKLM\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)
|
|
19.08.2014, 15:48
| #4 |
| | Vista: iexplorer.exe startet eigenständig und belastet den PC Addition.txt (Teil 2): Code:
ATTFilter ==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Basti\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Basti\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{7D4733C0-C43B-4A81-AF43-F9B20D1F8348}\InprocServer32 -> C:\Users\Basti\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1101262-0-apoctoshape.dll (Octoshape ApS)
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{C90250F3-4D7D-4991-9B69-A5C5BC1C2AE6}\InprocServer32 -> C:\Windows\system32\ACTXPRXY.DLL (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0032-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0032-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0033-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0033-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0035-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0035-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0036-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0036-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0037-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0037-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0038-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0038-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0039-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0039-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0040-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0040-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0014-0002-FFFF-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0015-0000-FFFF-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0016-0000-FFFF-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-0017-0000-FFFF-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{E19F9331-3110-11D4-991C-005004D3B3DB}\InprocServer32 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Basti\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Basti\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Basti\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Basti\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Basti\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Basti\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Basti\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2381145205-3011512156-3281773795-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Basti\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
==================== Restore Points =========================
17-08-2014 11:01:45 Geplanter Prüfpunkt
19-08-2014 07:12:11 Geplanter Prüfpunkt
19-08-2014 14:02:17 対魔聖甲アリスDL版 を削除しました
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2006-11-02 12:23 - 2014-08-19 15:58 - 00000759 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {075F7B0C-8858-426A-81EA-5161F4D13E82} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {2EF1A2C3-210D-4AFD-BEB7-E51E7FD69C0C} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {3A950610-5351-4CF3-89BD-526A7E64AA8B} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2010-03-07] ()
Task: {4E025D71-5DFF-4412-9EB6-D8642ED8B0EF} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {53AFA856-77F5-4045-A42D-FE0534387EBB} - System32\Tasks\{1A4FBB69-1F33-488D-AE1E-F30F49EB5884} => C:\Program Files\Skype\Phone\Skype.exe [2014-07-24] (Skype Technologies S.A.)
Task: {5A6D9831-D95C-4713-B4E9-F03D1644498F} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-19] (Microsoft Corporation)
Task: {6BA74276-B0AD-48CF-B6F6-2C02F13F881D} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {D7159F95-121B-4CE4-AB4E-7D3C1A2F4FC3} - System32\Tasks\Microsoft\Windows\PLA\System\ConvertLogEntries => Rundll32.exe %windir%\system32\pla.dll,PlaConvertLogEntries
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Loaded Modules (whitelisted) =============
2013-08-15 19:49 - 2012-08-21 16:06 - 00151552 _____ () C:\Windows\System32\HP1100LM.DLL
2013-08-15 19:49 - 2012-08-21 16:06 - 00069632 _____ () C:\Windows\system32\spool\PRTPROCS\W32X86\HP1100PP.DLL
2013-02-15 09:35 - 2013-12-06 22:18 - 00037376 _____ () C:\Windows\system32\atitmpxx.dll
2010-03-18 16:24 - 2010-03-15 12:28 - 00141824 _____ () C:\Program Files\WinRAR\rarext.dll
2014-08-14 22:09 - 2014-07-24 11:50 - 00049744 _____ () C:\Users\Basti\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2014-07-24 11:50 - 2014-07-24 11:50 - 00137296 _____ () C:\Program Files\Avira\My Avira\Avira.OE.NativeCore.dll
2011-09-15 06:19 - 2011-09-15 06:19 - 00086016 _____ () D:\Basti\Andere Progs\3ds Max 2013\NVIDIA\raysat_3dsmax2013_32server.exe
2010-03-13 17:10 - 2009-11-12 14:48 - 00071096 _____ () C:\Program Files\CDBurnerXP\NMSAccessU.exe
2014-07-24 11:49 - 2014-07-24 11:49 - 00065104 _____ () C:\Program Files\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2012-08-15 16:18 - 2012-08-15 16:18 - 01229464 _____ () E:\Progs\VMware\libxml2.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: CitrixReceiver => "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix\Receiver Updater.lnk"
MSCONFIG\startupreg: ConnectionCenter => "C:\Program Files\Citrix\ICA Client\concentr.exe" /startup
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (08/19/2014 03:41:03 PM) (Source: Perflib) (EventID: 1010) (User: )
Description: EmdCacheC:\Windows\system32\emdmgmt.dll4
Error: (08/19/2014 07:21:50 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlerhafte Anwendung housecall.bin, Version 1.50.0.1154, Zeitstempel 0x4e1d0ae1, fehlerhaftes Modul mshtml.dll, Version 9.0.8112.16563, Zeitstempel 0x53d14b1d, Ausnahmecode 0xc0000005, Fehleroffset 0x00432349,
Prozess-ID 0x11bc, Anwendungsstartzeit housecall.bin0.
Error: (08/18/2014 11:11:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlerhafte Anwendung NVMonitor.exe, Version 6.5.27.5, Zeitstempel 0x4cae4414, fehlerhaftes Modul NVMonitor.exe, Version 6.5.27.5, Zeitstempel 0x4cae4414, Ausnahmecode 0xc0000005, Fehleroffset 0x00030882,
Prozess-ID 0x14dc, Anwendungsstartzeit NVMonitor.exe0.
Error: (08/18/2014 04:21:10 PM) (Source: VSS) (EventID: 12298) (User: )
Description: Volumeschattenkopie-Dienstfehler: Die E/A-Schreibvorgänge können während des Schattenkopie-Erstellungszeitraums auf Volume "C:\" nicht gespeichert werden.
Der Volumeindex im Schattenkopiesatz ist 0. Fehlerdetails: Offen[0x00000000], Leerung[0x00000000], Freigabe[0x80042314], Ausführung[0x00000000].
Vorgang:
Asynchroner Vorgang wird ausgeführt
Kontext:
Aktueller Status: DoSnapshotSet
Error: (08/18/2014 04:21:10 PM) (Source: VSS) (EventID: 12310) (User: )
Description: Volumeschattenkopie-Dienstfehler: Die Schattenkopie kann nicht zugesichert werden - Vorgang hat das Zeitlimit überschritten.
Fehlerkontext: DeviceIoControl(\\?\Volume{6c20520d-2a10-11df-9755-806e6f6e6963} - 00000158,0x0053c010,00A20858,0,00A1F850,4096,[0]).
Vorgang:
Schattenkopien werden übertragen
Kontext:
Ausführungskontext: System Provider
Error: (08/18/2014 04:17:39 PM) (Source: VSS) (EventID: 12298) (User: )
Description: Volumeschattenkopie-Dienstfehler: Die E/A-Schreibvorgänge können während des Schattenkopie-Erstellungszeitraums auf Volume "C:\" nicht gespeichert werden.
Der Volumeindex im Schattenkopiesatz ist 0. Fehlerdetails: Offen[0x00000000], Leerung[0x00000000], Freigabe[0x80042314], Ausführung[0x00000000].
Vorgang:
Asynchroner Vorgang wird ausgeführt
Kontext:
Aktueller Status: DoSnapshotSet
Error: (08/18/2014 04:17:39 PM) (Source: VSS) (EventID: 12310) (User: )
Description: Volumeschattenkopie-Dienstfehler: Die Schattenkopie kann nicht zugesichert werden - Vorgang hat das Zeitlimit überschritten.
Fehlerkontext: DeviceIoControl(\\?\Volume{6c20520d-2a10-11df-9755-806e6f6e6963} - 00000158,0x0053c010,00A20858,0,00A1F850,4096,[0]).
Vorgang:
Schattenkopien werden übertragen
Kontext:
Ausführungskontext: System Provider
Error: (08/18/2014 04:16:07 PM) (Source: VSS) (EventID: 12298) (User: )
Description: Volumeschattenkopie-Dienstfehler: Die E/A-Schreibvorgänge können während des Schattenkopie-Erstellungszeitraums auf Volume "C:\" nicht gespeichert werden.
Der Volumeindex im Schattenkopiesatz ist 0. Fehlerdetails: Offen[0x00000000], Leerung[0x00000000], Freigabe[0x80042314], Ausführung[0x00000000].
Vorgang:
Asynchroner Vorgang wird ausgeführt
Kontext:
Aktueller Status: DoSnapshotSet
Error: (08/18/2014 04:16:06 PM) (Source: VSS) (EventID: 12310) (User: )
Description: Volumeschattenkopie-Dienstfehler: Die Schattenkopie kann nicht zugesichert werden - Vorgang hat das Zeitlimit überschritten.
Fehlerkontext: DeviceIoControl(\\?\Volume{6c20520d-2a10-11df-9755-806e6f6e6963} - 00000168,0x0053c010,00A20858,0,00A1F850,4096,[0]).
Vorgang:
Schattenkopien werden übertragen
Kontext:
Ausführungskontext: System Provider
Error: (08/18/2014 04:15:33 PM) (Source: VSS) (EventID: 12298) (User: )
Description: Volumeschattenkopie-Dienstfehler: Die E/A-Schreibvorgänge können während des Schattenkopie-Erstellungszeitraums auf Volume "C:\" nicht gespeichert werden.
Der Volumeindex im Schattenkopiesatz ist 0. Fehlerdetails: Offen[0x00000000], Leerung[0x00000000], Freigabe[0x80042314], Ausführung[0x00000000].
Vorgang:
Asynchroner Vorgang wird ausgeführt
Kontext:
Aktueller Status: DoSnapshotSet
System errors:
=============
Error: (08/19/2014 02:58:44 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: i8042prt
Error: (08/19/2014 02:58:18 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (08/19/2014 02:56:39 PM) (Source: disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk0\DR0 gefunden.
Error: (08/19/2014 02:56:39 PM) (Source: disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk0\DR0 gefunden.
Error: (08/19/2014 02:56:39 PM) (Source: disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk0\DR0 gefunden.
Error: (08/19/2014 02:56:39 PM) (Source: disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk0\DR0 gefunden.
Error: (08/19/2014 02:56:39 PM) (Source: disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk0\DR0 gefunden.
Error: (08/19/2014 02:56:39 PM) (Source: disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk0\DR0 gefunden.
Error: (08/19/2014 02:56:39 PM) (Source: disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk0\DR0 gefunden.
Error: (08/19/2014 02:56:39 PM) (Source: disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk0\DR0 gefunden.
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2014-08-19 02:39:44.283
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-19 02:39:43.965
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-19 02:39:43.644
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-19 02:39:43.328
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-19 02:39:42.137
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-19 02:39:41.820
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-19 02:39:41.502
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-19 02:39:41.183
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-19 02:39:40.025
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_b36309477fb64a54\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-19 02:39:39.706
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_b36309477fb64a54\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz
Percentage of memory in use: 37%
Total physical RAM: 3325.58 MB
Available physical RAM: 2087.58 MB
Total Pagefile: 6888.17 MB
Available Pagefile: 5409.31 MB
Total Virtual: 2047.88 MB
Available Virtual: 1903.58 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:84.9 GB) (Free:8.22 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Daten1) (Fixed) (Total:195.31 GB) (Free:13.37 GB) NTFS
Drive e: (Daten2) (Fixed) (Total:185.54 GB) (Free:27.68 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: 17FD49D3)
Partition 1: (Active) - (Size=84.9 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=195.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=185.5 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
20.08.2014, 09:21
| #5 |
| /// the machine /// TB-Ausbilder | Vista: iexplorer.exe startet eigenständig und belastet den PC hi, Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
20.08.2014, 23:08
| #6 |
| | Vista: iexplorer.exe startet eigenständig und belastet den PC Nach dem Neustart, den Combofix angeleiert hat, ist Avira wieder automatisch mit angegangen und hat folgendes Problem aufgezeigt: Objekt: C:\ProgammData\Windows Genuine Advantage\{F03B9E85-4357-4011-8620-638091B5CE5A}\framebuff30.dll Befund: TR/Crypt.ZPACK.72675 Combofix.txt: Code:
ATTFilter ComboFix 14-08-19.01 - Basti 20.08.2014 23:33:26.1.4 - x86
Microsoft® Windows Vista™ Ultimate 6.0.6002.2.1252.49.1031.18.3326.1994 [GMT 2:00]
ausgeführt von:: c:\users\Basti\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Basti\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
c:\users\Basti\AppData\Local\TempDIR
c:\users\Basti\AppData\Roaming\BDL+D
c:\users\Basti\AppData\Roaming\BDL+D\MANGAGAMER.COM\39FD8254-8737-4AFF-9C31-D593D385AFD3\____.hld
c:\users\Basti\AppData\Roaming\BDL+D\MANGAGAMER.COM\39FD8254-8737-4AFF-9C31-D593D385AFD3\____.sys
c:\users\Basti\AppData\Roaming\BDL+D\MANGAGAMER.COM\5BC75871-007C-4ACB-B1E2-E3A60BC54823\____.hld
c:\users\Basti\AppData\Roaming\BDL+D\MANGAGAMER.COM\5BC75871-007C-4ACB-B1E2-E3A60BC54823\____.sys
c:\users\Basti\AppData\Roaming\BDL+D\MANGAGAMER.COM\activation_log.dat
c:\users\Basti\AppData\Roaming\BDL+D\MANGAGAMER.COM\activation_log.dat.1
c:\windows\apppatch\AppLoc.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2014-07-20 bis 2014-08-20 ))))))))))))))))))))))))))))))
.
.
2014-08-20 21:43 . 2014-08-20 21:48 -------- d-----w- c:\users\Basti\AppData\Local\temp
2014-08-20 21:43 . 2014-08-20 21:43 -------- d-----w- c:\users\hedev\AppData\Local\temp
2014-08-20 21:43 . 2014-08-20 21:43 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-08-20 21:43 . 2014-08-20 21:43 -------- d-----w- c:\users\Gast\AppData\Local\temp
2014-08-19 13:01 . 2014-08-19 14:04 -------- d-----w- C:\FRST
2014-08-18 15:15 . 2014-08-18 15:15 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{BA8E1436-877A-4E22-A62F-8E22291DFF62}\offreg.dll
2014-08-18 13:26 . 2011-06-21 04:09 200976 ----a-w- c:\windows\system32\drivers\tmcomm.sys
2014-08-18 13:19 . 2014-08-18 13:19 -------- d-----w- c:\users\Basti\AppData\Roaming\QuickScan
2014-08-17 12:01 . 2014-08-17 12:02 -------- d-----w- c:\programdata\AdubNotz
2014-08-17 07:21 . 2014-08-17 07:21 -------- d-----w- c:\program files\Common Files\Skype
2014-08-15 11:48 . 2014-07-02 03:11 8217224 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{BA8E1436-877A-4E22-A62F-8E22291DFF62}\mpengine.dll
2014-08-14 04:24 . 2014-06-26 22:17 99480 ----a-w- c:\windows\system32\infocardapi.dll
2014-08-14 04:24 . 2014-06-26 22:17 8856 ----a-w- c:\windows\system32\icardres.dll
2014-08-14 04:24 . 2014-06-26 22:17 619664 ----a-w- c:\windows\system32\icardagt.exe
2014-08-14 04:24 . 2014-06-06 04:28 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe
2014-08-14 04:08 . 2014-07-24 18:11 757976 ----a-w- c:\program files\Internet Explorer\iexplore.exe
2014-08-14 04:05 . 2014-07-25 04:26 297984 ----a-w- c:\windows\system32\gdi32.dll
2014-08-14 04:05 . 2014-07-25 02:53 2054656 ----a-w- c:\windows\system32\win32k.sys
2014-07-29 10:48 . 2014-07-29 10:52 -------- d-----w- c:\users\Basti\AppData\Local\Autodesk
2014-07-26 14:40 . 2014-07-26 14:40 -------- d-----w- c:\users\Basti\.idlerc
2014-07-26 13:51 . 2014-07-26 13:51 -------- d-----w- c:\users\Basti\AppData\Local\ArcGISRuntime
2014-07-26 10:15 . 2014-07-26 10:18 -------- d-----w- c:\program files\Autodesk
2014-07-26 09:48 . 2014-07-26 10:33 -------- d-----w- c:\program files\Common Files\Autodesk Shared
2014-07-26 09:43 . 2014-07-29 10:55 -------- d-----w- c:\users\Basti\AppData\Roaming\Autodesk
2014-07-26 09:43 . 2014-07-29 10:50 -------- d-----w- c:\programdata\Autodesk
2014-07-26 09:42 . 2014-07-26 09:42 -------- d-----w- c:\users\Basti\AppData\Local\Akamai
2014-07-26 09:36 . 2014-07-26 09:42 -------- d-----w- C:\Autodesk
2014-07-25 15:07 . 2014-07-26 13:51 -------- d-----w- c:\users\Basti\AppData\Local\ESRI
2014-07-24 20:05 . 2014-07-24 20:05 -------- d-----w- c:\programdata\FNP
2014-07-24 19:11 . 2014-07-26 13:59 -------- d-----w- c:\program files\Common Files\AnswerWorks 4.0
2014-07-24 19:09 . 2014-07-24 19:09 -------- d-----w- c:\program files\Common Files\Data Dynamics
2014-07-24 19:08 . 2014-07-24 19:08 -------- d-----w- c:\program files\Common Files\Tom Sawyer Software
2014-07-24 19:08 . 2014-07-24 19:13 -------- d-----w- c:\program files\Common Files\ArcGIS
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-07-01 13:12 . 2013-03-24 08:19 97648 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2014-06-06 08:59 . 2014-07-10 23:47 506880 ----a-w- c:\windows\system32\qedit.dll
2014-05-30 06:53 . 2014-07-10 23:47 273408 ----a-w- c:\windows\system32\drivers\afd.sys
2014-05-27 11:26 . 2013-03-24 08:19 136216 ----a-w- c:\windows\system32\drivers\avipbb.sys
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Basti\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Basti\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Basti\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Messenger (Yahoo!)"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2012-01-04 6497592]
"HydraVisionDesktopManager"="c:\program files\ATI Technologies\HydraVision\HydraDM.exe" [2013-02-15 389120]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2014-07-24 21650016]
"Akamai NetSession Interface"="c:\users\Basti\AppData\Local\Akamai\netsession_win.exe" [2014-04-17 4672920]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2011-12-07 4375320]
"WPCUMI"="c:\windows\system32\WpcUmi.exe" [2006-11-02 176128]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2014-08-14 751184]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2013-03-14 642656]
"Avira Systray"="c:\program files\Avira\My Avira\Avira.OE.Systray.exe" [2014-07-24 190032]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2013-04-04 21:06 958576 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2013-05-08 21:20 41056 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2012-10-11 20:56 59280 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ConnectionCenter]
2012-07-27 02:05 380088 ----a-w- c:\program files\Citrix\ICA Client\concentr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2012-10-25 02:12 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-07-03 07:04 252848 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = about:blank
uInternet Settings,ProxyOverride = <local>
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Sothink SWF Catcher - c:\program files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
LSP: c:\windows\system32\wpclsp.dll
LSP: %windir%\system32\vsocklib.dll
TCP: DhcpNameServer = 192.168.0.1
DPF: {EF0D1A14-1033-41A2-A589-240C01EDC078} - hxxp://dl.pplive.com/PluginSetup.cab
FF - ProfilePath - c:\users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\7v4tfamq.default\
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKCU-Run-AdubNotz - (no file)
SafeBoot-WudfPf
SafeBoot-WudfRd
MSConfigStartUp-CitrixReceiver - c:\programdata\Microsoft\Windows\Start Menu\Programs\Citrix\Receiver Updater.lnk
AddRemove-Tintin Au Tibet_is1 - e:\uni\Steffi\Tintin Au Tibet\unins000.exe
AddRemove-{6C37FA93-10B5-4F55-A672-954ECEDA221B}_is1 - d:\basti\Spiele\Mass Effect\Mass Effect\unins000.exe
AddRemove-Octoshape add-in for Adobe Flash Player - c:\users\Basti\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe
AddRemove-UnityWebPlayer - c:\users\Basti\AppData\Local\Unity\WebPlayer\Uninstall.exe
.
.
.
**************************************************************************
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
Scan erfolgreich abgeschlossen
versteckte Dateien:
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MySQL]
"ImagePath"="\"e:\uni\Datenbanken\bin\mysqld\" --defaults-file=\"e:\uni\Datenbanken\my.ini\" MySQL"
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'Explorer.exe'(5316)
c:\program files\ATI Technologies\HydraVision\HydraDMH.dll
c:\program files\WinSCP\DragExt.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\atiesrxx.exe
c:\program files\Avira\AntiVir Desktop\sched.exe
c:\windows\system32\atieclxx.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\windows\system32\HPSIsvc.exe
d:\basti\Andere Progs\3ds Max 2013\NVIDIA\raysat_3dsmax2013_32server.exe
c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
c:\program files\CDBurnerXP\NMSAccessU.exe
c:\program files\NVIDIA Corporation\nTune\nTuneService.exe
c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\windows\system32\vmnat.exe
c:\program files\Avira\My Avira\Avira.OE.ServiceHost.exe
e:\progs\VMware\vmware-authd.exe
c:\windows\system32\vmnetdhcp.exe
c:\program files\Common Files\VMware\USB\vmware-usbarbitrator.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\windows\system32\conime.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\windows\System32\regsvr32.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
e:\steffi\License10.2\bin\lmgrd.exe
e:\steffi\License10.2\bin\lmgrd.exe
e:\steffi\License10.2\bin\ARCGIS.exe
c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
c:\program files\Logitech Gaming Software\Applets\LCDClock.exe
c:\program files\Logitech Gaming Software\Applets\LCDMedia.exe
c:\program files\Logitech Gaming Software\Applets\LCDCountdown.exe
c:\windows\servicing\TrustedInstaller.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-08-20 23:55:56 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2014-08-20 21:55
.
Vor Suchlauf: 7.907.627.008 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 18.135.134.208 Bytes frei
.
- - End Of File - - 0F1E28E9CB54CE819F49BA0471799BE7
5C616939100B85E558DA92B899A0FC36
|
|
21.08.2014, 20:20
| #7 |
| /// the machine /// TB-Ausbilder | Vista: iexplorer.exe startet eigenständig und belastet den PC Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
21.08.2014, 21:20
| #8 |
| | Vista: iexplorer.exe startet eigenständig und belastet den PC Während MBAM die ganze Arbeit gemacht hat, hat Avira plöztzlich erkannt, dass sein Schirm nicht nur vor Regen schützen soll, und hat sich gemeldet, kurz bevor MBAm das erste gefunden hat: Code:
ATTFilter Exportierte Ereignisse:
21.08.2014 21:35 [System-Scanner] Malware gefunden
Die Datei 'C:\ProgramData\Windows Genuine
Advantage\{4BEC3BB2-7989-4E27-A434-A66FA5E34425}\msiexec.exe'
enthielt einen Virus oder unerwünschtes Programm 'TR/Crypt.Xpack.80467'
[trojan].
Durchgeführte Aktion(en):
Beim Versuch eine Sicherungskopie der Datei anzulegen ist ein Fehler
aufgetreten und die Datei wurde nicht gelöscht. Fehlernummer: 26003.
Die Datei konnte nicht gelöscht werden!
Es wird versucht die Aktion mit Hilfe der ARK Library durchzuführen.
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '4841f23f.qua'
verschoben!
21.08.2014 21:34 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\ProgramData\Windows Genuine
Advantage\{4BEC3BB2-7989-4E27-A434-A66FA5E34425}\msiexec.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.Xpack.80467' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
21.08.2014 21:34 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\ProgramData\Windows Genuine
Advantage\{4BEC3BB2-7989-4E27-A434-A66FA5E34425}\msiexec.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.Xpack.80467' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
21.08.2014 21:34 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\ProgramData\Windows Genuine
Advantage\{4BEC3BB2-7989-4E27-A434-A66FA5E34425}\msiexec.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.Xpack.80467' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
21.08.2014 21:34 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\ProgramData\Windows Genuine
Advantage\{4BEC3BB2-7989-4E27-A434-A66FA5E34425}\msiexec.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.Xpack.80467' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
21.08.2014 21:34 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\ProgramData\Windows Genuine
Advantage\{4BEC3BB2-7989-4E27-A434-A66FA5E34425}\msiexec.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.Xpack.80467' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
21.08.2014 21:34 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\ProgramData\Windows Genuine
Advantage\{4BEC3BB2-7989-4E27-A434-A66FA5E34425}\msiexec.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.Xpack.80467' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
21.08.2014 21:34 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\ProgramData\Windows Genuine
Advantage\{4BEC3BB2-7989-4E27-A434-A66FA5E34425}\msiexec.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.Xpack.80467' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
21.08.2014 21:34 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\ProgramData\Windows Genuine
Advantage\{4BEC3BB2-7989-4E27-A434-A66FA5E34425}\msiexec.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.Xpack.80467' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
21.08.2014 21:34 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\ProgramData\Windows Genuine
Advantage\{4BEC3BB2-7989-4E27-A434-A66FA5E34425}\msiexec.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.Xpack.80467' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
21.08.2014 21:34 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\ProgramData\Windows Genuine
Advantage\{4BEC3BB2-7989-4E27-A434-A66FA5E34425}\msiexec.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.Xpack.80467' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
21.08.2014 21:34 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\ProgramData\Windows Genuine
Advantage\{4BEC3BB2-7989-4E27-A434-A66FA5E34425}\msiexec.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.Xpack.80467' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
21.08.2014 21:34 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\ProgramData\Windows Genuine
Advantage\{4BEC3BB2-7989-4E27-A434-A66FA5E34425}\msiexec.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.Xpack.80467' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
21.08.2014 21:34 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\ProgramData\Windows Genuine
Advantage\{4BEC3BB2-7989-4E27-A434-A66FA5E34425}\msiexec.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.Xpack.80467' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
21.08.2014 21:34 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\ProgramData\Windows Genuine
Advantage\{4BEC3BB2-7989-4E27-A434-A66FA5E34425}\msiexec.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.Xpack.80467' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
21.08.2014 21:34 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\ProgramData\Windows Genuine
Advantage\{4BEC3BB2-7989-4E27-A434-A66FA5E34425}\msiexec.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.Xpack.80467' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
21.08.2014 21:33 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\ProgramData\Windows Genuine
Advantage\{4BEC3BB2-7989-4E27-A434-A66FA5E34425}\msiexec.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.Xpack.80467' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
21.08.2014 21:33 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\ProgramData\Windows Genuine
Advantage\{4BEC3BB2-7989-4E27-A434-A66FA5E34425}\msiexec.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.Xpack.80467' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
21.08.2014 21:33 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\ProgramData\Windows Genuine
Advantage\{4BEC3BB2-7989-4E27-A434-A66FA5E34425}\msiexec.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.Xpack.80467' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
21.08.2014 21:33 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\ProgramData\Windows Genuine
Advantage\{4BEC3BB2-7989-4E27-A434-A66FA5E34425}\msiexec.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.Xpack.80467' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
21.08.2014 21:33 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\ProgramData\Windows Genuine
Advantage\{4BEC3BB2-7989-4E27-A434-A66FA5E34425}\msiexec.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.Xpack.80467' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
21.08.2014 21:33 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\ProgramData\Windows Genuine
Advantage\{4BEC3BB2-7989-4E27-A434-A66FA5E34425}\msiexec.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.Xpack.80467' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
21.08.2014 21:33 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\ProgramData\Windows Genuine
Advantage\{4BEC3BB2-7989-4E27-A434-A66FA5E34425}\msiexec.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.Xpack.80467' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
21.08.2014 21:33 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\ProgramData\Windows Genuine
Advantage\{4BEC3BB2-7989-4E27-A434-A66FA5E34425}\msiexec.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.Xpack.80467' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
21.08.2014 21:33 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\ProgramData\Windows Genuine
Advantage\{4BEC3BB2-7989-4E27-A434-A66FA5E34425}\msiexec.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.Xpack.80467' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
21.08.2014 21:33 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\ProgramData\Windows Genuine
Advantage\{4BEC3BB2-7989-4E27-A434-A66FA5E34425}\msiexec.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.Xpack.80467' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
21.08.2014 21:33 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\ProgramData\Windows Genuine
Advantage\{4BEC3BB2-7989-4E27-A434-A66FA5E34425}\msiexec.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.Xpack.80467' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 21.08.2014 Suchlauf-Zeit: 21:30:16 Logdatei: mbam.txt Administrator: Ja Version: 2.00.2.1012 Malware Datenbank: v2014.08.21.07 Rootkit Datenbank: v2014.08.16.01 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Self-protection: Deaktiviert Betriebssystem: Windows Vista Service Pack 2 CPU: x86 Dateisystem: NTFS Benutzer: Basti Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 396028 Verstrichene Zeit: 15 Min, 30 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristics: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registrierungsschlüssel: 0 (No malicious items detected) Registrierungswerte: 0 (No malicious items detected) Registrierungsdaten: 0 (No malicious items detected) Ordner: 0 (No malicious items detected) Dateien: 0 (No malicious items detected) Physische Sektoren: 0 (No malicious items detected) (end) Code:
ATTFilter # AdwCleaner v3.308 - Bericht erstellt am 21/08/2014 um 21:53:18
# Aktualisiert 20/08/2014 von Xplode
# Betriebssystem : Windows Vista (TM) Ultimate Service Pack 2 (32 bits)
# Benutzername : Basti - SEBASTIAN
# Gestartet von : D:\Basti\Andere Progs\Antivirenshizzle\adwcleaner_3.308.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\NCH Software
Ordner Gelöscht : C:\Program Files\NCH Software
Ordner Gelöscht : C:\Program Files\Common Files\DVDVideoSoft\TB
Ordner Gelöscht : C:\Users\Basti\AppData\LocalLow\AskToolbar
Ordner Gelöscht : C:\Users\Basti\AppData\Roaming\DesktopIconForAmazon
Datei Gelöscht : C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\7v4tfamq.default\foxydeal.sqlite
Datei Gelöscht : C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\7v4tfamq.default\user.js
***** [ Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Conduit
Schlüssel Gelöscht : HKLM\SOFTWARE\dt soft\daemon tools toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Speedchecker Limited
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FLV Player
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\FLV Player
***** [ Browser ] *****
-\\ Internet Explorer v9.0.8112.16563
-\\ Mozilla Firefox v31.0 (x86 de)
[ Datei : C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\54urgpmt.muh\prefs.js ]
[ Datei : C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\7v4tfamq.default\prefs.js ]
-\\ Google Chrome v
[ Datei : C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [3115 octets] - [21/08/2014 21:50:28]
AdwCleaner[S0].txt - [3036 octets] - [21/08/2014 21:53:18]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3096 octets] ##########
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:17-08-2014 01
Ran by Basti (administrator) on SEBASTIAN on 21-08-2014 22:04:13
Running from C:\Users\Basti\Desktop
Platform: Microsoft® Windows Vista™ Ultimate Service Pack 2 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(HP) C:\Windows\System32\HPSIsvc.exe
() D:\Basti\Andere Progs\3ds Max 2013\NVIDIA\raysat_3dsmax2013_32server.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
() C:\Program Files\CDBurnerXP\NMSAccessU.exe
(NVIDIA) C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(NVIDIA) C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe
(VMware, Inc.) C:\Windows\System32\vmnat.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
(VMware, Inc.) E:\Progs\VMware\vmware-authd.exe
(VMware, Inc.) C:\Windows\System32\vmnetdhcp.exe
(VMware, Inc.) C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\wpcumi.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
(AMD) C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Akamai Technologies, Inc.) C:\Users\Basti\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Basti\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Flexera Software LLC) E:\Steffi\License10.2\bin\lmgrd.exe
(Flexera Software LLC) E:\Steffi\License10.2\bin\lmgrd.exe
(ESRI) E:\Steffi\License10.2\bin\ARCGIS.exe
(Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKU\S-1-5-21-2381145205-3011512156-3281773795-1000\...\Run: [Messenger (Yahoo!)] => C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [6497592 2012-01-04] (Yahoo! Inc.)
HKU\S-1-5-21-2381145205-3011512156-3281773795-1000\...\Run: [HydraVisionDesktopManager] => C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe [389120 2013-02-15] (AMD)
HKU\S-1-5-21-2381145205-3011512156-3281773795-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [21650016 2014-07-24] (Skype Technologies S.A.)
HKU\S-1-5-21-2381145205-3011512156-3281773795-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Basti\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2381145205-3011512156-3281773795-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2381145205-3011512156-3281773795-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Basti\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Basti\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Basti\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xE99003D041BFCA01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {EF0D1A14-1033-41A2-A589-240C01EDC078} hxxp://dl.pplive.com/PluginSetup.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
FireFox:
========
FF ProfilePath: C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\7v4tfamq.default
FF DefaultSearchEngine: Ask.com
FF SearchEngineOrder.1: Ask.com
FF SelectedSearchEngine: Ask.com
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)
FF Plugin: @Citrix.com/npican -> C:\Program Files\Citrix\ICA Client\npicaN.dll (Citrix Systems, Inc.)
FF Plugin: @java.com/JavaPlugin,version=10.5.1 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin: @real.com/nppl3260;version=6.0.12.448 -> C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @octoshape.com/Octoshape Streaming Services,version=1.0 -> C:\Users\Basti\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1101262-0-npoctoshape.dll (Octoshape ApS)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Basti\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Basti\AppData\Roaming\mozilla\plugins\npoctoshape.dll (Octoshape ApS)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: ExHentai Easy - C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\7v4tfamq.default\Extensions\jid0-db0owQRjcx0mRj5LBNH2MHAwEkc@jetpack [2012-08-12]
FF Extension: Greasemonkey - C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\7v4tfamq.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2012-02-13]
FF Extension: Firebug - C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\7v4tfamq.default\Extensions\firebug@software.joehewitt.com.xpi [2012-02-15]
FF Extension: ProxTube - C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\7v4tfamq.default\Extensions\ich@maltegoetz.de.xpi [2014-08-16]
FF Extension: Status-4-Evar - C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\7v4tfamq.default\Extensions\status4evar@caligonstudios.com.xpi [2012-02-15]
FF Extension: YouTube quality manager - C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\7v4tfamq.default\Extensions\youtubequality@rzll.xpi [2012-03-10]
FF Extension: NoScript - C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\7v4tfamq.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2012-02-15]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-08-16]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-03-07]
Chrome:
=======
CHR HomePage: hxxp://www.google.de/
CHR DefaultSearchURL: {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR DefaultSuggestURL: {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Basti\AppData\Local\Google\Chrome\Application\20.0.1132.47\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Basti\AppData\Local\Google\Chrome\Application\20.0.1132.47\pdf.dll No File
CHR Plugin: (Shockwave Flash) - C:\Users\Basti\AppData\Local\Google\Chrome\Application\20.0.1132.47\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (Octoshape Streaming Services) - C:\Users\Basti\AppData\Roaming\Mozilla\plugins\npoctoshape.dll (Octoshape ApS)
CHR Plugin: (Octoshape Streaming Services) - C:\Users\Basti\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1101262-0-npoctoshape.dll (Octoshape ApS)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\4.0.51204.0\npctrl.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll No File
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U5) - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.50.255) - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Pando Web Plugin) - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
CHR Plugin: (Unity Player) - C:\Users\Basti\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Google Update) - C:\Users\Basti\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Presentation Foundation) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (YouTube) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-07-09]
CHR Extension: (Google-Suche) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-07-09]
CHR Extension: (Google Mail) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-07-09]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 ArcGIS License Manager; E:\Steffi\License10.2\bin\lmgrd.exe [1452408 2013-11-13] (Flexera Software LLC)
R2 Avira.OE.ServiceHost; C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe [141392 2014-07-24] (Avira Operations GmbH & Co. KG)
R3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1074480 2014-07-24] (Flexera Software LLC)
R2 mi-raysat_3dsmax2013_32; D:\Basti\Andere Progs\3ds Max 2013\NVIDIA\raysat_3dsmax2013_32server.exe [86016 2011-09-15] () [File not signed]
S3 MySQL; E:\Uni\Datenbanken\my.ini [8934 2011-12-12] () [File not signed]
R2 NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [71096 2009-11-12] ()
R2 nTuneService; C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe [192832 2011-09-19] (NVIDIA)
R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000 2012-10-02] (Skype Technologies S.A.)
R2 VMAuthdService; E:\Progs\VMware\vmware-authd.exe [79872 2012-08-15] (VMware, Inc.) [File not signed]
R2 VMnetDHCP; C:\Windows\system32\vmnetdhcp.exe [357016 2012-08-15] (VMware, Inc.)
R2 VMUSBArbService; C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe [719512 2012-08-01] (VMware, Inc.)
R2 VMware NAT Service; C:\Windows\system32\vmnat.exe [435864 2012-08-15] (VMware, Inc.)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdLH3.sys [75776 2013-01-14] (Advanced Micro Devices)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [281760 2013-02-20] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [97648 2014-07-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-11-25] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [218688 2011-03-08] (DT Soft Ltd)
R2 hcmon; C:\Windows\system32\drivers\hcmon.sys [41496 2012-08-01] (VMware, Inc.)
R3 LGBusEnum; C:\Windows\System32\drivers\LGBusEnum.sys [19720 2009-11-24] (Logitech Inc.)
R3 LGPBTDD; C:\Windows\System32\Drivers\LGPBTDD.sys [23432 2009-07-01] (Logitech Inc.)
R3 LGVirHid; C:\Windows\System32\drivers\LGVirHid.sys [14856 2009-11-24] (Logitech Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2013-02-20] ()
S3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [570880 2007-12-14] (Ralink Technology Corp.)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2010-03-18] (Duplex Secure Ltd.)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-03-24] (Avira GmbH)
S3 StarOpen; C:\Windows\system32\Drivers\StarOpen.sys [7168 2009-11-12] () [File not signed]
R3 vmkbd; C:\Windows\system32\drivers\VMkbd.sys [25624 2012-08-15] (VMware, Inc.)
R3 VMnetAdapter; C:\Windows\System32\DRIVERS\vmnetadapter.sys [16664 2012-08-15] (VMware, Inc.)
R2 VMnetBridge; C:\Windows\System32\DRIVERS\vmnetbridge.sys [37016 2012-08-15] (VMware, Inc.)
R2 VMnetuserif; C:\Windows\system32\drivers\vmnetuserif.sys [25752 2012-08-15] (VMware, Inc.)
R2 VMparport; C:\Windows\system32\Drivers\VMparport.sys [23832 2012-08-15] (VMware, Inc.)
S3 vmusb; C:\Windows\System32\Drivers\vmusb.sys [31280 2012-08-01] (VMware, Inc.)
R2 vmx86; C:\Windows\system32\Drivers\vmx86.sys [61848 2012-08-15] (VMware, Inc.)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [61296 2012-07-06] (VMware, Inc.)
S3 xnacc; C:\Windows\System32\DRIVERS\xnacc.sys [521216 2008-01-19] (Microsoft Corporation)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S4 nvlddmkm; system32\DRIVERS\nvlddmkm.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-21 22:04 - 2014-08-21 22:04 - 00023029 _____ () C:\Users\Basti\Desktop\FRST.txt
2014-08-21 22:00 - 2014-08-21 22:00 - 00000000 ____D () C:\Windows\ERUNT
2014-08-21 21:59 - 2014-08-21 21:48 - 01016261 _____ (Thisisu) C:\Users\Basti\Desktop\JRT.exe
2014-08-21 21:58 - 2014-08-21 21:58 - 00003176 _____ () C:\Users\Basti\Desktop\AdwCleaner[S0].txt
2014-08-21 21:50 - 2014-08-21 21:53 - 00000000 ____D () C:\AdwCleaner
2014-08-21 21:46 - 2014-08-21 21:46 - 00001163 _____ () C:\Users\Basti\Desktop\mbam.txt
2014-08-21 21:29 - 2014-08-21 21:29 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-21 21:28 - 2014-08-21 21:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-08-21 21:28 - 2014-08-21 21:28 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-21 21:28 - 2014-08-21 21:28 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware
2014-08-21 21:28 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-21 21:28 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-21 21:28 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-08-20 23:55 - 2014-08-20 23:55 - 00012730 _____ () C:\ComboFix.txt
2014-08-20 23:30 - 2014-08-20 23:56 - 00000000 ____D () C:\Qoobox
2014-08-20 23:30 - 2014-08-20 23:53 - 00000000 ____D () C:\Windows\erdnt
2014-08-20 23:30 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-08-20 23:30 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-08-20 23:30 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-08-20 23:30 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-08-20 23:30 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-08-20 23:30 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-08-20 23:30 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-08-20 23:30 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-08-20 23:27 - 2014-08-20 23:27 - 05572251 ____R (Swearware) C:\Users\Basti\Desktop\ComboFix.exe
2014-08-19 15:05 - 2014-08-19 14:53 - 01093632 _____ (Farbar) C:\Users\Basti\Desktop\FRST.exe
2014-08-19 15:05 - 2014-08-19 14:53 - 00380416 _____ () C:\Users\Basti\Desktop\Gmer-19357.exe
2014-08-19 15:05 - 2014-08-19 14:52 - 00050477 _____ () C:\Users\Basti\Desktop\Defogger.exe
2014-08-19 15:01 - 2014-08-21 22:04 - 00000000 ____D () C:\FRST
2014-08-19 14:55 - 2014-08-19 14:55 - 00000020 _____ () C:\Users\Basti\defogger_reenable
2014-08-18 15:26 - 2014-08-18 15:26 - 00000036 _____ () C:\Users\Basti\AppData\Local\housecall.guid.cache
2014-08-18 15:26 - 2011-06-21 06:09 - 00200976 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmcomm.sys
2014-08-18 15:19 - 2014-08-18 15:19 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\QuickScan
2014-08-17 14:13 - 2014-08-17 14:13 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Real
2014-08-17 14:01 - 2014-08-17 14:02 - 00000000 ____D () C:\ProgramData\AdubNotz
2014-08-17 14:01 - 2014-08-17 14:01 - 00000000 ____D () C:\ProgramData\Windows Genuine Advantage
2014-08-17 09:21 - 2014-08-17 09:21 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-08-16 22:02 - 2014-08-16 22:03 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-08-14 06:24 - 2014-06-27 00:17 - 00619664 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-14 06:24 - 2014-06-27 00:17 - 00099480 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-14 06:24 - 2014-06-27 00:17 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-14 06:24 - 2014-06-06 06:28 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-14 06:09 - 2014-07-24 20:07 - 12356608 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-14 06:09 - 2014-07-24 19:58 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-14 06:09 - 2014-07-24 19:52 - 01137664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-14 06:09 - 2014-07-24 19:51 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-14 06:09 - 2014-07-24 19:51 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-14 06:09 - 2014-07-24 19:50 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-14 06:09 - 2014-07-24 19:49 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-08-14 06:09 - 2014-07-24 19:49 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-14 06:09 - 2014-07-24 19:49 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-14 06:09 - 2014-07-24 19:48 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-14 06:09 - 2014-07-24 19:48 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-14 06:09 - 2014-07-24 19:48 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-14 06:09 - 2014-07-24 19:48 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-14 06:09 - 2014-07-24 19:48 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-08-14 06:09 - 2014-07-24 19:48 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-08-14 06:09 - 2014-07-24 19:48 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-08-14 06:09 - 2014-07-24 19:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-14 06:08 - 2014-07-24 19:57 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-14 06:08 - 2014-07-24 19:50 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-08-14 06:08 - 2014-07-24 19:49 - 01802240 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-14 06:08 - 2014-07-24 19:49 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-14 06:08 - 2014-07-08 02:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-14 06:08 - 2014-06-14 02:44 - 00638400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-14 06:08 - 2014-06-14 02:33 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-08-14 06:08 - 2014-06-02 12:31 - 02263552 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-14 06:08 - 2014-06-02 12:31 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-14 06:08 - 2014-06-02 12:30 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-14 06:08 - 2014-06-02 12:30 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-08-14 06:08 - 2014-06-02 10:56 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-14 06:05 - 2014-07-25 06:26 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-14 06:05 - 2014-07-25 04:53 - 02054656 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-29 12:48 - 2014-07-29 12:52 - 00000000 ____D () C:\Users\Basti\AppData\Local\Autodesk
2014-07-26 16:40 - 2014-07-26 16:40 - 00000000 ____D () C:\Users\Basti\.idlerc
2014-07-26 15:51 - 2014-07-26 15:51 - 00000000 ____D () C:\Users\Basti\AppData\Local\ArcGISRuntime
2014-07-26 12:26 - 2014-07-26 12:26 - 00000000 ____D () C:\Users\Basti\Documents\Inventor Server x86 3dsMax
2014-07-26 12:24 - 2014-07-26 12:24 - 00000000 ____D () C:\Users\Basti\Documents\Inventor Server x86 Direct Connect
2014-07-26 12:15 - 2014-07-26 12:18 - 00000000 ____D () C:\Program Files\Autodesk
2014-07-26 12:14 - 2014-07-26 12:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2014-07-26 12:06 - 2014-07-29 16:43 - 00000000 ____D () C:\Users\Basti\Documents\3dsMax
2014-07-26 11:48 - 2014-07-26 12:33 - 00000000 ____D () C:\Program Files\Common Files\Autodesk Shared
2014-07-26 11:43 - 2014-07-29 12:55 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Autodesk
2014-07-26 11:43 - 2014-07-29 12:50 - 00000000 ____D () C:\ProgramData\Autodesk
2014-07-26 11:42 - 2014-07-26 11:42 - 00000000 ____D () C:\Users\Basti\AppData\Local\Akamai
2014-07-26 11:36 - 2014-07-26 11:42 - 00000000 ____D () C:\Autodesk
2014-07-25 17:07 - 2014-07-26 16:30 - 00000000 ____D () C:\Users\Basti\Documents\ArcGIS
2014-07-25 17:07 - 2014-07-26 15:51 - 00000000 ____D () C:\Users\Basti\AppData\Local\ESRI
2014-07-24 22:05 - 2014-07-24 22:05 - 00000000 ____D () C:\ProgramData\FNP
2014-07-24 21:14 - 2014-07-24 22:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcGIS
2014-07-24 21:11 - 2014-07-26 15:59 - 00000000 ____D () C:\Program Files\Common Files\AnswerWorks 4.0
2014-07-24 21:09 - 2014-07-24 21:09 - 00000000 ____D () C:\Program Files\Common Files\Data Dynamics
2014-07-24 21:08 - 2014-07-24 21:13 - 00000000 ____D () C:\Program Files\Common Files\ArcGIS
2014-07-24 21:08 - 2014-07-24 21:08 - 00000000 ____D () C:\Program Files\Common Files\Tom Sawyer Software
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-21 22:04 - 2014-08-21 22:04 - 00023029 _____ () C:\Users\Basti\Desktop\FRST.txt
2014-08-21 22:04 - 2014-08-19 15:01 - 00000000 ____D () C:\FRST
2014-08-21 22:01 - 2006-11-02 14:51 - 02093346 _____ () C:\Windows\WindowsUpdate.log
2014-08-21 22:00 - 2014-08-21 22:00 - 00000000 ____D () C:\Windows\ERUNT
2014-08-21 21:59 - 2010-03-18 15:22 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Skype
2014-08-21 21:58 - 2014-08-21 21:58 - 00003176 _____ () C:\Users\Basti\Desktop\AdwCleaner[S0].txt
2014-08-21 21:56 - 2012-11-01 20:45 - 00000000 ____D () C:\ProgramData\VMware
2014-08-21 21:55 - 2006-11-02 15:00 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-21 21:55 - 2006-11-02 14:59 - 00664498 _____ () C:\Windows\PFRO.log
2014-08-21 21:55 - 2006-11-02 14:46 - 00004048 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-21 21:55 - 2006-11-02 14:46 - 00004048 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-21 21:54 - 2006-11-02 15:00 - 00032530 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-08-21 21:53 - 2014-08-21 21:50 - 00000000 ____D () C:\AdwCleaner
2014-08-21 21:53 - 2012-02-04 03:28 - 00000000 ____D () C:\Program Files\Common Files\DVDVideoSoft
2014-08-21 21:48 - 2014-08-21 21:59 - 01016261 _____ (Thisisu) C:\Users\Basti\Desktop\JRT.exe
2014-08-21 21:46 - 2014-08-21 21:46 - 00001163 _____ () C:\Users\Basti\Desktop\mbam.txt
2014-08-21 21:29 - 2014-08-21 21:29 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-21 21:29 - 2012-07-29 18:33 - 00466766 _____ () C:\Windows\system32\perfh011.dat
2014-08-21 21:29 - 2012-07-29 18:33 - 00145430 _____ () C:\Windows\system32\perfc011.dat
2014-08-21 21:29 - 2006-11-02 12:33 - 02371800 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-21 21:28 - 2014-08-21 21:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-08-21 21:28 - 2014-08-21 21:28 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-21 21:28 - 2014-08-21 21:28 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware
2014-08-21 21:23 - 2006-11-02 14:46 - 00328504 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-20 23:56 - 2014-08-20 23:30 - 00000000 ____D () C:\Qoobox
2014-08-20 23:55 - 2014-08-20 23:55 - 00012730 _____ () C:\ComboFix.txt
2014-08-20 23:55 - 2006-11-02 13:18 - 00000000 __RHD () C:\Users\Default
2014-08-20 23:55 - 2006-11-02 13:18 - 00000000 ___RD () C:\Users\Public
2014-08-20 23:53 - 2014-08-20 23:30 - 00000000 ____D () C:\Windows\erdnt
2014-08-20 23:47 - 2006-11-02 12:23 - 00000215 _____ () C:\Windows\system.ini
2014-08-20 23:27 - 2014-08-20 23:27 - 05572251 ____R (Swearware) C:\Users\Basti\Desktop\ComboFix.exe
2014-08-19 14:55 - 2014-08-19 14:55 - 00000020 _____ () C:\Users\Basti\defogger_reenable
2014-08-19 14:55 - 2010-03-07 19:47 - 00000000 ____D () C:\Users\Basti
2014-08-19 14:53 - 2014-08-19 15:05 - 01093632 _____ (Farbar) C:\Users\Basti\Desktop\FRST.exe
2014-08-19 14:53 - 2014-08-19 15:05 - 00380416 _____ () C:\Users\Basti\Desktop\Gmer-19357.exe
2014-08-19 14:52 - 2014-08-19 15:05 - 00050477 _____ () C:\Users\Basti\Desktop\Defogger.exe
2014-08-18 15:26 - 2014-08-18 15:26 - 00000036 _____ () C:\Users\Basti\AppData\Local\housecall.guid.cache
2014-08-18 15:19 - 2014-08-18 15:19 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\QuickScan
2014-08-18 15:08 - 2013-07-04 13:05 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\.purple
2014-08-17 19:38 - 2014-03-13 17:49 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-17 19:15 - 2010-03-07 19:47 - 00002032 _____ () C:\Users\Basti\AppData\Local\d3d9caps.dat
2014-08-17 14:13 - 2014-08-17 14:13 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Real
2014-08-17 14:04 - 2010-04-21 11:52 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\mIRC
2014-08-17 14:02 - 2014-08-17 14:01 - 00000000 ____D () C:\ProgramData\AdubNotz
2014-08-17 14:01 - 2014-08-17 14:01 - 00000000 ____D () C:\ProgramData\Windows Genuine Advantage
2014-08-17 09:21 - 2014-08-17 09:21 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-08-17 09:21 - 2010-03-18 15:19 - 00000000 ____D () C:\ProgramData\Skype
2014-08-17 09:15 - 2014-04-13 21:12 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-08-16 22:03 - 2014-08-16 22:02 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-08-16 17:25 - 2010-09-27 10:10 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Dropbox
2014-08-16 17:24 - 2010-09-27 10:10 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-08-16 17:03 - 2013-07-04 13:16 - 00000000 ____D () C:\Users\Basti\AppData\Local\gtk-2.0
2014-08-14 22:15 - 2014-02-21 20:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-14 22:15 - 2013-03-24 10:19 - 00000000 ____D () C:\Program Files\Avira
2014-08-14 22:09 - 2013-03-24 10:19 - 00000000 ____D () C:\ProgramData\Avira
2014-08-14 18:32 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-08-14 15:12 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\rescache
2014-08-14 06:33 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\ja-JP
2014-08-14 06:33 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\de-DE
2014-08-14 06:32 - 2010-03-18 16:10 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-14 06:31 - 2013-07-17 14:12 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-14 06:26 - 2006-11-02 12:24 - 96303304 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-08-08 13:40 - 2010-03-18 15:02 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\ICQ
2014-08-04 21:20 - 2013-10-21 23:50 - 00000000 ____D () C:\Users\Basti\AppData\Local\Battle.net
2014-07-29 16:43 - 2014-07-26 12:06 - 00000000 ____D () C:\Users\Basti\Documents\3dsMax
2014-07-29 15:01 - 2010-03-13 12:39 - 00000000 ____D () C:\Program Files\Common Files\Blizzard Entertainment
2014-07-29 12:55 - 2014-07-26 11:43 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Autodesk
2014-07-29 12:52 - 2014-07-29 12:48 - 00000000 ____D () C:\Users\Basti\AppData\Local\Autodesk
2014-07-29 12:50 - 2014-07-26 11:43 - 00000000 ____D () C:\ProgramData\Autodesk
2014-07-29 12:48 - 2012-04-12 00:19 - 00000000 ____D () C:\ProgramData\FLEXnet
2014-07-26 16:40 - 2014-07-26 16:40 - 00000000 ____D () C:\Users\Basti\.idlerc
2014-07-26 16:30 - 2014-07-25 17:07 - 00000000 ____D () C:\Users\Basti\Documents\ArcGIS
2014-07-26 15:59 - 2014-07-24 21:11 - 00000000 ____D () C:\Program Files\Common Files\AnswerWorks 4.0
2014-07-26 15:51 - 2014-07-26 15:51 - 00000000 ____D () C:\Users\Basti\AppData\Local\ArcGISRuntime
2014-07-26 15:51 - 2014-07-25 17:07 - 00000000 ____D () C:\Users\Basti\AppData\Local\ESRI
2014-07-26 12:33 - 2014-07-26 11:48 - 00000000 ____D () C:\Program Files\Common Files\Autodesk Shared
2014-07-26 12:26 - 2014-07-26 12:26 - 00000000 ____D () C:\Users\Basti\Documents\Inventor Server x86 3dsMax
2014-07-26 12:24 - 2014-07-26 12:24 - 00000000 ____D () C:\Users\Basti\Documents\Inventor Server x86 Direct Connect
2014-07-26 12:18 - 2014-07-26 12:15 - 00000000 ____D () C:\Program Files\Autodesk
2014-07-26 12:18 - 2014-07-26 12:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2014-07-26 12:04 - 2006-11-02 12:23 - 00017363 _____ () C:\Windows\system32\Drivers\etc\services
2014-07-26 11:42 - 2014-07-26 11:42 - 00000000 ____D () C:\Users\Basti\AppData\Local\Akamai
2014-07-26 11:42 - 2014-07-26 11:36 - 00000000 ____D () C:\Autodesk
2014-07-25 06:26 - 2014-08-14 06:05 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-07-25 04:53 - 2014-08-14 06:05 - 02054656 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-24 22:05 - 2014-07-24 22:05 - 00000000 ____D () C:\ProgramData\FNP
2014-07-24 22:00 - 2014-07-24 21:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcGIS
2014-07-24 21:13 - 2014-07-24 21:08 - 00000000 ____D () C:\Program Files\Common Files\ArcGIS
2014-07-24 21:09 - 2014-07-24 21:09 - 00000000 ____D () C:\Program Files\Common Files\Data Dynamics
2014-07-24 21:08 - 2014-07-24 21:08 - 00000000 ____D () C:\Program Files\Common Files\Tom Sawyer Software
2014-07-24 20:07 - 2014-08-14 06:09 - 12356608 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-24 19:58 - 2014-08-14 06:09 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-24 19:57 - 2014-08-14 06:08 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-24 19:52 - 2014-08-14 06:09 - 01137664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-24 19:51 - 2014-08-14 06:09 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-24 19:51 - 2014-08-14 06:09 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-24 19:50 - 2014-08-14 06:09 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-24 19:50 - 2014-08-14 06:08 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-07-24 19:49 - 2014-08-14 06:09 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-07-24 19:49 - 2014-08-14 06:09 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-24 19:49 - 2014-08-14 06:09 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-24 19:49 - 2014-08-14 06:08 - 01802240 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-24 19:49 - 2014-08-14 06:08 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-24 19:48 - 2014-08-14 06:09 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-24 19:48 - 2014-08-14 06:09 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-24 19:48 - 2014-08-14 06:09 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-24 19:48 - 2014-08-14 06:09 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-24 19:48 - 2014-08-14 06:09 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-07-24 19:48 - 2014-08-14 06:09 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-07-24 19:48 - 2014-08-14 06:09 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-07-24 19:47 - 2014-08-14 06:09 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-24 06:02 - 2011-01-17 16:17 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-24 00:55 - 2011-01-17 16:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
Some content of TEMP:
====================
C:\Users\Basti\AppData\Local\temp\avgnt.exe
C:\Users\Basti\AppData\Local\temp\Quarantine.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-08-21 22:02
==================== End Of Log ============================
Brauchst du die Addition.txt auch noch mal? iexplorer.exe startet übrigens weiter, sobald ne Internetverbindung besteht. |
|
22.08.2014, 19:21
| #9 |
| /// the machine /// TB-Ausbilder | Vista: iexplorer.exe startet eigenständig und belastet den PC Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter C:\ProgramData\Windows Genuine Advantage
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
ESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
23.08.2014, 17:37
| #10 |
| | Vista: iexplorer.exe startet eigenständig und belastet den PC Okay, das war nun etwas komplizierter, weil ich es gerade übers Telefon koordinieren muss. Das hat zur Folge, dass der ESET-Scanner deinstalliert wurde, bevor das Log gesichert wurde. Aber ich hab schon einen neuen Durchlauf angeleiert, weil der Scanner 5 Probleme gefunden hat, die du ja bestimmt erfahren möchtest. Fixlog: Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:21-08-2014
Ran by Basti at 2014-08-22 22:29:05 Run:1
Running from C:\Users\Basti\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
C:\ProgramData\Windows Genuine Advantage
*****************
C:\ProgramData\Windows Genuine Advantage => Moved successfully.
==== End of Fixlog ====
Code:
ATTFilter Results of screen317's Security Check version 0.99.87
x86
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Security Center service is not running! This report may not be accurate!
Avira Desktop
WMI entry may not exist for antivirus; attempting automatic update.
Avira successfully updated!
`````````Anti-malware/Other Utilities Check:`````````
JavaFX 2.1.1
Java(TM) 6 Update 29
Java 7 Update 11
Free JavaScript Editor 4.7
Java version out of Date!
Adobe Flash Player 12.0.0.77 Flash Player out of Date!
Mozilla Firefox (31.0)
````````Process Check: objlist.exe by Laurent````````
`````````````````System Health check`````````````````
Total Fragmentation on Drive C::
````````````````````End of Log``````````````````````
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:22-08-2014
Ran by Basti (administrator) on SEBASTIAN on 23-08-2014 10:31:24
Running from C:\Users\Basti\Desktop
Platform: Microsoft® Windows Vista™ Ultimate Service Pack 2 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Microsoft Corporation) C:\Windows\System32\wpcumi.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
(AMD) C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe
(Akamai Technologies, Inc.) C:\Users\Basti\AppData\Local\Akamai\netsession_win.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(HP) C:\Windows\System32\HPSIsvc.exe
() D:\Basti\Andere Progs\3ds Max 2013\NVIDIA\raysat_3dsmax2013_32server.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
() C:\Program Files\CDBurnerXP\NMSAccessU.exe
(NVIDIA) C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Akamai Technologies, Inc.) C:\Users\Basti\AppData\Local\Akamai\netsession_win.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(VMware, Inc.) C:\Windows\System32\vmnat.exe
(NVIDIA) C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe
(VMware, Inc.) C:\Windows\System32\vmnetdhcp.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
(VMware, Inc.) E:\Progs\VMware\vmware-authd.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(VMware, Inc.) C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Flexera Software LLC) E:\Steffi\License10.2\bin\lmgrd.exe
(Flexera Software LLC) E:\Steffi\License10.2\bin\lmgrd.exe
(ESRI) E:\Steffi\License10.2\bin\ARCGIS.exe
(Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Moonchild Productions) C:\Program Files\Pale Moon\palemoon.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmplayer.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [4375320 2011-12-07] (Logitech Inc.)
HKLM\...\Run: [WPCUMI] => C:\Windows\system32\WpcUmi.exe [176128 2006-11-02] (Microsoft Corporation)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-14] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-14] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [Avira Systray] => C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe [161584 2014-08-04] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-2381145205-3011512156-3281773795-1000\...\Run: [Messenger (Yahoo!)] => C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [6497592 2012-01-04] (Yahoo! Inc.)
HKU\S-1-5-21-2381145205-3011512156-3281773795-1000\...\Run: [HydraVisionDesktopManager] => C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe [389120 2013-02-15] (AMD)
HKU\S-1-5-21-2381145205-3011512156-3281773795-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [21650016 2014-07-24] (Skype Technologies S.A.)
HKU\S-1-5-21-2381145205-3011512156-3281773795-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Basti\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2381145205-3011512156-3281773795-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2381145205-3011512156-3281773795-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Basti\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Basti\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Basti\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xE99003D041BFCA01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {EF0D1A14-1033-41A2-A589-240C01EDC078} hxxp://dl.pplive.com/PluginSetup.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\7v4tfamq.default
FF DefaultSearchEngine: Ask.com
FF SearchEngineOrder.1: Ask.com
FF SelectedSearchEngine: Ask.com
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)
FF Plugin: @Citrix.com/npican -> C:\Program Files\Citrix\ICA Client\npicaN.dll (Citrix Systems, Inc.)
FF Plugin: @java.com/JavaPlugin,version=10.5.1 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin: @real.com/nppl3260;version=6.0.12.448 -> C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @octoshape.com/Octoshape Streaming Services,version=1.0 -> C:\Users\Basti\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1101262-0-npoctoshape.dll (Octoshape ApS)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Basti\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Basti\AppData\Roaming\mozilla\plugins\npoctoshape.dll (Octoshape ApS)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: ExHentai Easy - C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\7v4tfamq.default\Extensions\jid0-db0owQRjcx0mRj5LBNH2MHAwEkc@jetpack [2012-08-12]
FF Extension: Greasemonkey - C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\7v4tfamq.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2012-02-13]
FF Extension: Firebug - C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\7v4tfamq.default\Extensions\firebug@software.joehewitt.com.xpi [2012-02-15]
FF Extension: ProxTube - C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\7v4tfamq.default\Extensions\ich@maltegoetz.de.xpi [2014-08-16]
FF Extension: Status-4-Evar - C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\7v4tfamq.default\Extensions\status4evar@caligonstudios.com.xpi [2012-02-15]
FF Extension: YouTube quality manager - C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\7v4tfamq.default\Extensions\youtubequality@rzll.xpi [2012-03-10]
FF Extension: NoScript - C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\7v4tfamq.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2012-02-15]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-08-16]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-03-07]
Chrome:
=======
CHR HomePage: hxxp://www.google.de/
CHR DefaultSearchURL: {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR DefaultSuggestURL: {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Basti\AppData\Local\Google\Chrome\Application\20.0.1132.47\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Basti\AppData\Local\Google\Chrome\Application\20.0.1132.47\pdf.dll No File
CHR Plugin: (Shockwave Flash) - C:\Users\Basti\AppData\Local\Google\Chrome\Application\20.0.1132.47\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (Octoshape Streaming Services) - C:\Users\Basti\AppData\Roaming\Mozilla\plugins\npoctoshape.dll (Octoshape ApS)
CHR Plugin: (Octoshape Streaming Services) - C:\Users\Basti\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1101262-0-npoctoshape.dll (Octoshape ApS)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\4.0.51204.0\npctrl.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll No File
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U5) - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.50.255) - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Pando Web Plugin) - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
CHR Plugin: (Unity Player) - C:\Users\Basti\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Google Update) - C:\Users\Basti\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Presentation Foundation) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (YouTube) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-07-09]
CHR Extension: (Google-Suche) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-07-09]
CHR Extension: (Google Mail) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-07-09]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 ArcGIS License Manager; E:\Steffi\License10.2\bin\lmgrd.exe [1452408 2013-11-13] (Flexera Software LLC)
R2 Avira.OE.ServiceHost; C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe [149296 2014-08-04] (Avira Operations GmbH & Co. KG)
R3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1074480 2014-07-24] (Flexera Software LLC)
R2 mi-raysat_3dsmax2013_32; D:\Basti\Andere Progs\3ds Max 2013\NVIDIA\raysat_3dsmax2013_32server.exe [86016 2011-09-15] () [File not signed]
S3 MySQL; E:\Uni\Datenbanken\my.ini [8934 2011-12-12] () [File not signed]
R2 NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [71096 2009-11-12] ()
R2 nTuneService; C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe [192832 2011-09-19] (NVIDIA)
S2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000 2012-10-02] (Skype Technologies S.A.)
R2 VMAuthdService; E:\Progs\VMware\vmware-authd.exe [79872 2012-08-15] (VMware, Inc.) [File not signed]
R2 VMnetDHCP; C:\Windows\system32\vmnetdhcp.exe [357016 2012-08-15] (VMware, Inc.)
R2 VMUSBArbService; C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe [719512 2012-08-01] (VMware, Inc.)
R2 VMware NAT Service; C:\Windows\system32\vmnat.exe [435864 2012-08-15] (VMware, Inc.)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdLH3.sys [75776 2013-01-14] (Advanced Micro Devices)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [281760 2013-02-20] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [97648 2014-07-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-11-25] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [218688 2011-03-08] (DT Soft Ltd)
R2 hcmon; C:\Windows\system32\drivers\hcmon.sys [41496 2012-08-01] (VMware, Inc.)
R3 LGBusEnum; C:\Windows\System32\drivers\LGBusEnum.sys [19720 2009-11-24] (Logitech Inc.)
R3 LGPBTDD; C:\Windows\System32\Drivers\LGPBTDD.sys [23432 2009-07-01] (Logitech Inc.)
R3 LGVirHid; C:\Windows\System32\drivers\LGVirHid.sys [14856 2009-11-24] (Logitech Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2013-02-20] ()
S3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [570880 2007-12-14] (Ralink Technology Corp.)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2010-03-18] (Duplex Secure Ltd.)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-03-24] (Avira GmbH)
S3 StarOpen; C:\Windows\system32\Drivers\StarOpen.sys [7168 2009-11-12] () [File not signed]
R3 vmkbd; C:\Windows\system32\drivers\VMkbd.sys [25624 2012-08-15] (VMware, Inc.)
R3 VMnetAdapter; C:\Windows\System32\DRIVERS\vmnetadapter.sys [16664 2012-08-15] (VMware, Inc.)
R2 VMnetBridge; C:\Windows\System32\DRIVERS\vmnetbridge.sys [37016 2012-08-15] (VMware, Inc.)
R2 VMnetuserif; C:\Windows\system32\drivers\vmnetuserif.sys [25752 2012-08-15] (VMware, Inc.)
R2 VMparport; C:\Windows\system32\Drivers\VMparport.sys [23832 2012-08-15] (VMware, Inc.)
S3 vmusb; C:\Windows\System32\Drivers\vmusb.sys [31280 2012-08-01] (VMware, Inc.)
R2 vmx86; C:\Windows\system32\Drivers\vmx86.sys [61848 2012-08-15] (VMware, Inc.)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [61296 2012-07-06] (VMware, Inc.)
S3 xnacc; C:\Windows\System32\DRIVERS\xnacc.sys [521216 2008-01-19] (Microsoft Corporation)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S4 nvlddmkm; system32\DRIVERS\nvlddmkm.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-23 10:31 - 2014-08-23 10:31 - 00024038 _____ () C:\Users\Basti\Desktop\FRST.txt
2014-08-23 10:20 - 2014-08-23 10:20 - 00000990 _____ () C:\Users\Basti\Desktop\checkup.txt
2014-08-23 10:13 - 2014-08-23 10:13 - 00854417 _____ () C:\Users\Basti\Desktop\SecurityCheck.exe
2014-08-22 22:44 - 2014-08-22 22:44 - 00000000 ____D () C:\Program Files\ESET
2014-08-22 22:44 - 2014-08-22 22:43 - 02347384 _____ (ESET) C:\Users\Basti\Desktop\esetsmartinstaller_deu.exe
2014-08-22 22:38 - 2014-08-22 22:39 - 00000000 ____D () C:\Users\Basti\Desktop\Neuer Ordner
2014-08-22 22:28 - 2014-08-23 10:31 - 00000000 ____D () C:\Users\Basti\Desktop\FRST-OlderVersion
2014-08-22 01:24 - 2014-08-22 01:24 - 00001002 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-21 22:10 - 2014-08-21 22:10 - 00018314 _____ () C:\Users\Basti\Desktop\avira.txt
2014-08-21 22:05 - 2014-08-21 22:05 - 00134170 _____ () C:\Users\Basti\Desktop\Addition.txt
2014-08-21 22:04 - 2014-08-21 22:05 - 00044563 _____ () C:\Users\Basti\Desktop\FRSTalt.txt
2014-08-21 22:00 - 2014-08-21 22:00 - 00000000 ____D () C:\Windows\ERUNT
2014-08-21 21:59 - 2014-08-21 21:48 - 01016261 _____ (Thisisu) C:\Users\Basti\Desktop\JRT.exe
2014-08-21 21:58 - 2014-08-21 21:58 - 00003176 _____ () C:\Users\Basti\Desktop\AdwCleaner[S0].txt
2014-08-21 21:50 - 2014-08-21 21:53 - 00000000 ____D () C:\AdwCleaner
2014-08-21 21:46 - 2014-08-21 21:46 - 00001163 _____ () C:\Users\Basti\Desktop\mbam.txt
2014-08-21 21:29 - 2014-08-21 21:29 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-21 21:28 - 2014-08-21 21:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-08-21 21:28 - 2014-08-21 21:28 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-21 21:28 - 2014-08-21 21:28 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware
2014-08-21 21:28 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-21 21:28 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-21 21:28 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-08-20 23:55 - 2014-08-20 23:55 - 00012730 _____ () C:\ComboFix.txt
2014-08-20 23:30 - 2014-08-20 23:56 - 00000000 ____D () C:\Qoobox
2014-08-20 23:30 - 2014-08-20 23:53 - 00000000 ____D () C:\Windows\erdnt
2014-08-20 23:30 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-08-20 23:30 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-08-20 23:30 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-08-20 23:30 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-08-20 23:30 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-08-20 23:30 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-08-20 23:30 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-08-20 23:30 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-08-20 23:27 - 2014-08-20 23:27 - 05572251 ____R (Swearware) C:\Users\Basti\Desktop\ComboFix.exe
2014-08-19 15:05 - 2014-08-23 10:31 - 01094656 _____ (Farbar) C:\Users\Basti\Desktop\FRST.exe
2014-08-19 15:05 - 2014-08-19 14:53 - 00380416 _____ () C:\Users\Basti\Desktop\Gmer-19357.exe
2014-08-19 15:05 - 2014-08-19 14:52 - 00050477 _____ () C:\Users\Basti\Desktop\Defogger.exe
2014-08-19 15:01 - 2014-08-23 10:31 - 00000000 ____D () C:\FRST
2014-08-19 14:55 - 2014-08-19 14:55 - 00000020 _____ () C:\Users\Basti\defogger_reenable
2014-08-18 15:26 - 2014-08-18 15:26 - 00000036 _____ () C:\Users\Basti\AppData\Local\housecall.guid.cache
2014-08-18 15:26 - 2011-06-21 06:09 - 00200976 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmcomm.sys
2014-08-18 15:19 - 2014-08-18 15:19 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\QuickScan
2014-08-17 14:13 - 2014-08-17 14:13 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Real
2014-08-17 14:01 - 2014-08-17 14:02 - 00000000 ____D () C:\ProgramData\AdubNotz
2014-08-17 09:21 - 2014-08-17 09:21 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-08-16 22:02 - 2014-08-16 22:03 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-08-14 06:24 - 2014-06-27 00:17 - 00619664 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-14 06:24 - 2014-06-27 00:17 - 00099480 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-14 06:24 - 2014-06-27 00:17 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-14 06:24 - 2014-06-06 06:28 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-14 06:09 - 2014-07-24 20:07 - 12356608 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-14 06:09 - 2014-07-24 19:58 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-14 06:09 - 2014-07-24 19:52 - 01137664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-14 06:09 - 2014-07-24 19:51 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-14 06:09 - 2014-07-24 19:51 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-14 06:09 - 2014-07-24 19:50 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-14 06:09 - 2014-07-24 19:49 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-08-14 06:09 - 2014-07-24 19:49 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-14 06:09 - 2014-07-24 19:49 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-14 06:09 - 2014-07-24 19:48 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-14 06:09 - 2014-07-24 19:48 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-14 06:09 - 2014-07-24 19:48 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-14 06:09 - 2014-07-24 19:48 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-14 06:09 - 2014-07-24 19:48 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-08-14 06:09 - 2014-07-24 19:48 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-08-14 06:09 - 2014-07-24 19:48 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-08-14 06:09 - 2014-07-24 19:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-14 06:08 - 2014-07-24 19:57 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-14 06:08 - 2014-07-24 19:50 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-08-14 06:08 - 2014-07-24 19:49 - 01802240 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-14 06:08 - 2014-07-24 19:49 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-14 06:08 - 2014-07-08 02:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-14 06:08 - 2014-06-14 02:44 - 00638400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-14 06:08 - 2014-06-14 02:33 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-08-14 06:08 - 2014-06-02 12:31 - 02263552 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-14 06:08 - 2014-06-02 12:31 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-14 06:08 - 2014-06-02 12:30 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-14 06:08 - 2014-06-02 12:30 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-08-14 06:08 - 2014-06-02 10:56 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-14 06:05 - 2014-07-25 06:26 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-14 06:05 - 2014-07-25 04:53 - 02054656 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-29 12:48 - 2014-07-29 12:52 - 00000000 ____D () C:\Users\Basti\AppData\Local\Autodesk
2014-07-26 16:40 - 2014-07-26 16:40 - 00000000 ____D () C:\Users\Basti\.idlerc
2014-07-26 15:51 - 2014-07-26 15:51 - 00000000 ____D () C:\Users\Basti\AppData\Local\ArcGISRuntime
2014-07-26 12:26 - 2014-07-26 12:26 - 00000000 ____D () C:\Users\Basti\Documents\Inventor Server x86 3dsMax
2014-07-26 12:24 - 2014-07-26 12:24 - 00000000 ____D () C:\Users\Basti\Documents\Inventor Server x86 Direct Connect
2014-07-26 12:15 - 2014-07-26 12:18 - 00000000 ____D () C:\Program Files\Autodesk
2014-07-26 12:14 - 2014-07-26 12:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2014-07-26 12:06 - 2014-07-29 16:43 - 00000000 ____D () C:\Users\Basti\Documents\3dsMax
2014-07-26 11:48 - 2014-07-26 12:33 - 00000000 ____D () C:\Program Files\Common Files\Autodesk Shared
2014-07-26 11:43 - 2014-07-29 12:55 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Autodesk
2014-07-26 11:43 - 2014-07-29 12:50 - 00000000 ____D () C:\ProgramData\Autodesk
2014-07-26 11:42 - 2014-07-26 11:42 - 00000000 ____D () C:\Users\Basti\AppData\Local\Akamai
2014-07-26 11:36 - 2014-07-26 11:42 - 00000000 ____D () C:\Autodesk
2014-07-25 17:07 - 2014-07-26 16:30 - 00000000 ____D () C:\Users\Basti\Documents\ArcGIS
2014-07-25 17:07 - 2014-07-26 15:51 - 00000000 ____D () C:\Users\Basti\AppData\Local\ESRI
2014-07-24 22:05 - 2014-07-24 22:05 - 00000000 ____D () C:\ProgramData\FNP
2014-07-24 21:14 - 2014-07-24 22:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcGIS
2014-07-24 21:11 - 2014-07-26 15:59 - 00000000 ____D () C:\Program Files\Common Files\AnswerWorks 4.0
2014-07-24 21:09 - 2014-07-24 21:09 - 00000000 ____D () C:\Program Files\Common Files\Data Dynamics
2014-07-24 21:08 - 2014-07-24 21:13 - 00000000 ____D () C:\Program Files\Common Files\ArcGIS
2014-07-24 21:08 - 2014-07-24 21:08 - 00000000 ____D () C:\Program Files\Common Files\Tom Sawyer Software
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-23 10:31 - 2014-08-23 10:31 - 00024038 _____ () C:\Users\Basti\Desktop\FRST.txt
2014-08-23 10:31 - 2014-08-22 22:28 - 00000000 ____D () C:\Users\Basti\Desktop\FRST-OlderVersion
2014-08-23 10:31 - 2014-08-19 15:05 - 01094656 _____ (Farbar) C:\Users\Basti\Desktop\FRST.exe
2014-08-23 10:31 - 2014-08-19 15:01 - 00000000 ____D () C:\FRST
2014-08-23 10:20 - 2014-08-23 10:20 - 00000990 _____ () C:\Users\Basti\Desktop\checkup.txt
2014-08-23 10:13 - 2014-08-23 10:13 - 00854417 _____ () C:\Users\Basti\Desktop\SecurityCheck.exe
2014-08-23 10:12 - 2006-11-02 14:46 - 00004048 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-23 10:12 - 2006-11-02 14:46 - 00004048 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-23 08:19 - 2006-11-02 14:51 - 01125298 _____ () C:\Windows\WindowsUpdate.log
2014-08-22 22:44 - 2014-08-22 22:44 - 00000000 ____D () C:\Program Files\ESET
2014-08-22 22:43 - 2014-08-22 22:44 - 02347384 _____ (ESET) C:\Users\Basti\Desktop\esetsmartinstaller_deu.exe
2014-08-22 22:39 - 2014-08-22 22:38 - 00000000 ____D () C:\Users\Basti\Desktop\Neuer Ordner
2014-08-22 22:33 - 2012-07-29 18:33 - 00466766 _____ () C:\Windows\system32\perfh011.dat
2014-08-22 22:33 - 2012-07-29 18:33 - 00145430 _____ () C:\Windows\system32\perfc011.dat
2014-08-22 22:33 - 2006-11-02 12:33 - 02371800 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-22 22:19 - 2010-03-18 15:22 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Skype
2014-08-22 22:13 - 2012-11-01 20:45 - 00000000 ____D () C:\ProgramData\VMware
2014-08-22 22:12 - 2006-11-02 15:00 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-22 01:27 - 2006-11-02 15:00 - 00032530 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-08-22 01:24 - 2014-08-22 01:24 - 00001002 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-22 01:24 - 2014-03-13 17:49 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-22 01:24 - 2014-02-21 20:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-22 01:24 - 2013-03-24 10:19 - 00000000 ____D () C:\Program Files\Avira
2014-08-22 01:18 - 2006-11-02 14:46 - 00328504 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-22 01:17 - 2006-11-02 14:59 - 00664848 _____ () C:\Windows\PFRO.log
2014-08-21 22:10 - 2014-08-21 22:10 - 00018314 _____ () C:\Users\Basti\Desktop\avira.txt
2014-08-21 22:05 - 2014-08-21 22:05 - 00134170 _____ () C:\Users\Basti\Desktop\Addition.txt
2014-08-21 22:05 - 2014-08-21 22:04 - 00044563 _____ () C:\Users\Basti\Desktop\FRSTalt.txt
2014-08-21 22:00 - 2014-08-21 22:00 - 00000000 ____D () C:\Windows\ERUNT
2014-08-21 21:58 - 2014-08-21 21:58 - 00003176 _____ () C:\Users\Basti\Desktop\AdwCleaner[S0].txt
2014-08-21 21:53 - 2014-08-21 21:50 - 00000000 ____D () C:\AdwCleaner
2014-08-21 21:53 - 2012-02-04 03:28 - 00000000 ____D () C:\Program Files\Common Files\DVDVideoSoft
2014-08-21 21:48 - 2014-08-21 21:59 - 01016261 _____ (Thisisu) C:\Users\Basti\Desktop\JRT.exe
2014-08-21 21:46 - 2014-08-21 21:46 - 00001163 _____ () C:\Users\Basti\Desktop\mbam.txt
2014-08-21 21:29 - 2014-08-21 21:29 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-21 21:28 - 2014-08-21 21:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-08-21 21:28 - 2014-08-21 21:28 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-21 21:28 - 2014-08-21 21:28 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware
2014-08-20 23:56 - 2014-08-20 23:30 - 00000000 ____D () C:\Qoobox
2014-08-20 23:55 - 2014-08-20 23:55 - 00012730 _____ () C:\ComboFix.txt
2014-08-20 23:55 - 2006-11-02 13:18 - 00000000 __RHD () C:\Users\Default
2014-08-20 23:55 - 2006-11-02 13:18 - 00000000 ___RD () C:\Users\Public
2014-08-20 23:53 - 2014-08-20 23:30 - 00000000 ____D () C:\Windows\erdnt
2014-08-20 23:47 - 2006-11-02 12:23 - 00000215 _____ () C:\Windows\system.ini
2014-08-20 23:27 - 2014-08-20 23:27 - 05572251 ____R (Swearware) C:\Users\Basti\Desktop\ComboFix.exe
2014-08-19 14:55 - 2014-08-19 14:55 - 00000020 _____ () C:\Users\Basti\defogger_reenable
2014-08-19 14:55 - 2010-03-07 19:47 - 00000000 ____D () C:\Users\Basti
2014-08-19 14:53 - 2014-08-19 15:05 - 00380416 _____ () C:\Users\Basti\Desktop\Gmer-19357.exe
2014-08-19 14:52 - 2014-08-19 15:05 - 00050477 _____ () C:\Users\Basti\Desktop\Defogger.exe
2014-08-18 15:26 - 2014-08-18 15:26 - 00000036 _____ () C:\Users\Basti\AppData\Local\housecall.guid.cache
2014-08-18 15:19 - 2014-08-18 15:19 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\QuickScan
2014-08-18 15:08 - 2013-07-04 13:05 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\.purple
2014-08-17 19:15 - 2010-03-07 19:47 - 00002032 _____ () C:\Users\Basti\AppData\Local\d3d9caps.dat
2014-08-17 14:13 - 2014-08-17 14:13 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Real
2014-08-17 14:04 - 2010-04-21 11:52 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\mIRC
2014-08-17 14:02 - 2014-08-17 14:01 - 00000000 ____D () C:\ProgramData\AdubNotz
2014-08-17 09:21 - 2014-08-17 09:21 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-08-17 09:21 - 2010-03-18 15:19 - 00000000 ____D () C:\ProgramData\Skype
2014-08-17 09:15 - 2014-04-13 21:12 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-08-16 22:03 - 2014-08-16 22:02 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-08-16 17:25 - 2010-09-27 10:10 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Dropbox
2014-08-16 17:24 - 2010-09-27 10:10 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-08-16 17:03 - 2013-07-04 13:16 - 00000000 ____D () C:\Users\Basti\AppData\Local\gtk-2.0
2014-08-14 22:09 - 2013-03-24 10:19 - 00000000 ____D () C:\ProgramData\Avira
2014-08-14 18:32 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-08-14 15:12 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\rescache
2014-08-14 06:33 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\ja-JP
2014-08-14 06:33 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\de-DE
2014-08-14 06:32 - 2010-03-18 16:10 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-14 06:31 - 2013-07-17 14:12 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-14 06:26 - 2006-11-02 12:24 - 96303304 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-08-08 13:40 - 2010-03-18 15:02 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\ICQ
2014-08-04 21:20 - 2013-10-21 23:50 - 00000000 ____D () C:\Users\Basti\AppData\Local\Battle.net
2014-07-29 16:43 - 2014-07-26 12:06 - 00000000 ____D () C:\Users\Basti\Documents\3dsMax
2014-07-29 15:01 - 2010-03-13 12:39 - 00000000 ____D () C:\Program Files\Common Files\Blizzard Entertainment
2014-07-29 12:55 - 2014-07-26 11:43 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Autodesk
2014-07-29 12:52 - 2014-07-29 12:48 - 00000000 ____D () C:\Users\Basti\AppData\Local\Autodesk
2014-07-29 12:50 - 2014-07-26 11:43 - 00000000 ____D () C:\ProgramData\Autodesk
2014-07-29 12:48 - 2012-04-12 00:19 - 00000000 ____D () C:\ProgramData\FLEXnet
2014-07-26 16:40 - 2014-07-26 16:40 - 00000000 ____D () C:\Users\Basti\.idlerc
2014-07-26 16:30 - 2014-07-25 17:07 - 00000000 ____D () C:\Users\Basti\Documents\ArcGIS
2014-07-26 15:59 - 2014-07-24 21:11 - 00000000 ____D () C:\Program Files\Common Files\AnswerWorks 4.0
2014-07-26 15:51 - 2014-07-26 15:51 - 00000000 ____D () C:\Users\Basti\AppData\Local\ArcGISRuntime
2014-07-26 15:51 - 2014-07-25 17:07 - 00000000 ____D () C:\Users\Basti\AppData\Local\ESRI
2014-07-26 12:33 - 2014-07-26 11:48 - 00000000 ____D () C:\Program Files\Common Files\Autodesk Shared
2014-07-26 12:26 - 2014-07-26 12:26 - 00000000 ____D () C:\Users\Basti\Documents\Inventor Server x86 3dsMax
2014-07-26 12:24 - 2014-07-26 12:24 - 00000000 ____D () C:\Users\Basti\Documents\Inventor Server x86 Direct Connect
2014-07-26 12:18 - 2014-07-26 12:15 - 00000000 ____D () C:\Program Files\Autodesk
2014-07-26 12:18 - 2014-07-26 12:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2014-07-26 12:04 - 2006-11-02 12:23 - 00017363 _____ () C:\Windows\system32\Drivers\etc\services
2014-07-26 11:42 - 2014-07-26 11:42 - 00000000 ____D () C:\Users\Basti\AppData\Local\Akamai
2014-07-26 11:42 - 2014-07-26 11:36 - 00000000 ____D () C:\Autodesk
2014-07-25 06:26 - 2014-08-14 06:05 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-07-25 04:53 - 2014-08-14 06:05 - 02054656 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-24 22:05 - 2014-07-24 22:05 - 00000000 ____D () C:\ProgramData\FNP
2014-07-24 22:00 - 2014-07-24 21:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcGIS
2014-07-24 21:13 - 2014-07-24 21:08 - 00000000 ____D () C:\Program Files\Common Files\ArcGIS
2014-07-24 21:09 - 2014-07-24 21:09 - 00000000 ____D () C:\Program Files\Common Files\Data Dynamics
2014-07-24 21:08 - 2014-07-24 21:08 - 00000000 ____D () C:\Program Files\Common Files\Tom Sawyer Software
2014-07-24 20:07 - 2014-08-14 06:09 - 12356608 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-24 19:58 - 2014-08-14 06:09 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-24 19:57 - 2014-08-14 06:08 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-24 19:52 - 2014-08-14 06:09 - 01137664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-24 19:51 - 2014-08-14 06:09 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-24 19:51 - 2014-08-14 06:09 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-24 19:50 - 2014-08-14 06:09 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-24 19:50 - 2014-08-14 06:08 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-07-24 19:49 - 2014-08-14 06:09 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-07-24 19:49 - 2014-08-14 06:09 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-24 19:49 - 2014-08-14 06:09 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-24 19:49 - 2014-08-14 06:08 - 01802240 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-24 19:49 - 2014-08-14 06:08 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-24 19:48 - 2014-08-14 06:09 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-24 19:48 - 2014-08-14 06:09 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-24 19:48 - 2014-08-14 06:09 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-24 19:48 - 2014-08-14 06:09 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-24 19:48 - 2014-08-14 06:09 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-07-24 19:48 - 2014-08-14 06:09 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-07-24 19:48 - 2014-08-14 06:09 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-07-24 19:47 - 2014-08-14 06:09 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-24 06:02 - 2011-01-17 16:17 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-24 00:55 - 2011-01-17 16:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
Some content of TEMP:
====================
C:\Users\Basti\AppData\Local\temp\avgnt.exe
C:\Users\Basti\AppData\Local\temp\Quarantine.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-08-23 10:21
==================== End Of Log ============================
--- --- --- Leider öffnen sich immer noch fleißig iexplorer.exen. Allerdings ist seit dem letzten Mal die Fehlermeldung beim Systemstart weg, das ist auch schon viel wert. Das ESET-Log reiche ich dann in ein paar Stunden nach. Ist nicht so einfach, andere auf dem eigenen Rechner zu navigieren ... Hier das ESET-Log: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=0d51430473896a40bf01e0a4f0704319
# engine=19799
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-08-23 12:40:47
# local_time=2014-08-23 02:40:47 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 100 16314 153346225 0 0
# compatibility_mode_1=''
# compatibility_mode=5892 16776574 100 100 422698 246330502 0 0
# scanned=339601
# found=4
# cleaned=0
# scan_time=12970
sh=8992F72873D09212597E582A16F8D9BC60E6A22A ft=1 fh=e21391a34e842ffc vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Common Files\DVDVideoSoft\TB\ConduitInstaller.exe.vir"
sh=72ABDF34B3773B53443847F804B9BBB571E69CFD ft=1 fh=c71c001173852f55 vn="Variante von Win32/Toolbar.SearchSuite.P evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files\Free mp3 Wma Converter\Helper.dll"
sh=18D74F2E90D7886B4CCD0F24E197DE82C1222B0B ft=1 fh=d03f67a46ff367c8 vn="Variante von Win32/KoyoteLab.A evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files\Free mp3 Wma Converter\Uninstall.exe"
sh=80227DDE308BB11A588F56B42D420EE9CD92D886 ft=1 fh=d3534ed3962b7fee vn="Variante von Win32/KoyoteLab.A evtl. unerwünschte Anwendung" ac=I fn="D:\Basti\Andere Progs\FreeMp3WmaConverterSetup-r0-n-bc.exe"
|
|
24.08.2014, 06:49
| #11 |
| /// the machine /// TB-Ausbilder | Vista: iexplorer.exe startet eigenständig und belastet den PC Java und Flash updaten. Downloade dir bitte  Farbar Service Scanner
Poste bitte den Inhalt hier. Öffnen die sich wirklich von alleine? Oder hast du nur pro offenem Tab im IE eine iexplore.exe?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
25.08.2014, 15:19
| #12 |
| | Vista: iexplorer.exe startet eigenständig und belastet den PC Ich benutze keinen Internet Explorer (außer vielleicht zweimal im Jahr), folglich kommen die wohl nciht daher. Hab grad auch noch mal spaßeshalber ne Weile zugeguckt, ob ich mir das vielleicht nur eingebildet habe, aber etwa alle 30-40 Sekunden startet ein neuer iexplorer-Prozess und dieser veursacht zwischen 15 und 40% CPU-Auslastung und belegt zwischen 300 und 400MB Arbeitsspeicher. Mal so eine dumme Frage am Rande: wäre es möglich, dass der eine oder andere deiner Scanner vielleicht ein Problem damit hätte haben können, den Verursacher dieses Spaßes zu entdecken, solang keine Internetverbindung bestand (da sich die prozesse dann ja ruhig verhalten und nich starten undso)? FSS.txt: Code:
ATTFilter Farbar Service Scanner Version: 21-07-2014
Ran by Basti (administrator) on 25-08-2014 at 16:09:46
Running from "C:\Users\Basti\Desktop"
Microsoft® Windows Vista™ Ultimate Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************
Internet Services:
============
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
Windows Firewall:
=============
Firewall Disabled Policy:
==================
System Restore:
============
System Restore Disabled Policy:
========================
Security Center:
============
Windows Update:
============
Windows Autoupdate Disabled Policy:
============================
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.
Other Services:
==============
File Check:
========
C:\Windows\system32\nsisvc.dll => File is digitally signed
C:\Windows\system32\Drivers\nsiproxy.sys => File is digitally signed
C:\Windows\system32\dhcpcsvc.dll => File is digitally signed
C:\Windows\system32\Drivers\afd.sys => File is digitally signed
C:\Windows\system32\Drivers\tdx.sys => File is digitally signed
C:\Windows\system32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\system32\dnsrslvr.dll => File is digitally signed
C:\Windows\system32\mpssvc.dll => File is digitally signed
C:\Windows\system32\bfe.dll => File is digitally signed
C:\Windows\system32\Drivers\mpsdrv.sys => File is digitally signed
C:\Windows\system32\SDRSVC.dll => File is digitally signed
C:\Windows\system32\vssvc.exe => File is digitally signed
C:\Windows\system32\wscsvc.dll => File is digitally signed
C:\Windows\system32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\system32\wuaueng.dll => File is digitally signed
C:\Windows\system32\qmgr.dll => File is digitally signed
C:\Windows\system32\es.dll => File is digitally signed
C:\Windows\system32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\system32\ipnathlp.dll => File is digitally signed
C:\Windows\system32\iphlpsvc.dll => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
**** End of log ****
|
|
26.08.2014, 15:35
| #13 |
| /// the machine /// TB-Ausbilder | Vista: iexplorer.exe startet eigenständig und belastet den PC hi, Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
26.08.2014, 16:14
| #14 |
| | Vista: iexplorer.exe startet eigenständig und belastet den PC Kannst du mir eigentlich einen Hinweis darauf geben, welchen Effekt (abgesehen von Ressourcen-Belagerung) der Spaß hat, der sich auf meinem PC eingenistet hat? TDSSKiller: Code:
ATTFilter 17:05:27.0681 0x1430 TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
17:05:34.0537 0x1430 ============================================================
17:05:34.0538 0x1430 Current date / time: 2014/08/26 17:05:34.0537
17:05:34.0538 0x1430 SystemInfo:
17:05:34.0538 0x1430
17:05:34.0538 0x1430 OS Version: 6.0.6002 ServicePack: 2.0
17:05:34.0538 0x1430 Product type: Workstation
17:05:34.0538 0x1430 ComputerName: SEBASTIAN
17:05:34.0540 0x1430 UserName: Basti
17:05:34.0541 0x1430 Windows directory: C:\Windows
17:05:34.0541 0x1430 System windows directory: C:\Windows
17:05:34.0541 0x1430 Processor architecture: Intel x86
17:05:34.0541 0x1430 Number of processors: 4
17:05:34.0541 0x1430 Page size: 0x1000
17:05:34.0541 0x1430 Boot type: Normal boot
17:05:34.0541 0x1430 ============================================================
17:05:41.0223 0x1430 KLMD registered as C:\Windows\system32\drivers\96882416.sys
17:05:41.0653 0x1430 System UUID: {10CC0392-1777-4CA9-6AE3-1AA01B0BB5E0}
17:05:43.0064 0x1430 Drive \Device\Harddisk0\DR0 - Size: 0x7470AFDE00 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
17:05:43.0069 0x1430 ============================================================
17:05:43.0069 0x1430 \Device\Harddisk0\DR0:
17:05:43.0079 0x1430 MBR partitions:
17:05:43.0079 0x1430 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xA9CD000
17:05:43.0079 0x1430 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xA9CD800, BlocksNum 0x186A0000
17:05:43.0079 0x1430 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x2306D800, BlocksNum 0x17317000
17:05:43.0079 0x1430 ============================================================
17:05:43.0283 0x1430 C: <-> \Device\Harddisk0\DR0\Partition1
17:05:43.0397 0x1430 D: <-> \Device\Harddisk0\DR0\Partition2
17:05:43.0671 0x1430 E: <-> \Device\Harddisk0\DR0\Partition3
17:05:43.0671 0x1430 ============================================================
17:05:43.0672 0x1430 Initialize success
17:05:43.0672 0x1430 ============================================================
17:06:52.0582 0x0460 ============================================================
17:06:52.0582 0x0460 Scan started
17:06:52.0582 0x0460 Mode: Manual; SigCheck; TDLFS;
17:06:52.0582 0x0460 ============================================================
17:06:52.0582 0x0460 KSN ping started
17:06:55.0075 0x0460 KSN ping finished: true
17:07:34.0324 0x0460 ================ Scan system memory ========================
17:07:34.0324 0x0460 System memory - ok
17:07:34.0324 0x0460 ================ Scan services =============================
17:07:35.0009 0x0460 [ 82B296AE1892FE3DBEE00C9CF92F8AC7, 54B22BA63E1DA616B546992141B0C3117BA057283B8F60CB9BECE203661FEBF3 ] ACPI C:\Windows\system32\drivers\acpi.sys
17:07:35.0224 0x0460 ACPI - ok
17:07:35.0366 0x0460 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB, 0342700760874683A6DF4F149DACACEF0569D40C45FC5958C67100B3C5D9BBBC ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
17:07:35.0592 0x0460 adp94xx - ok
17:07:35.0738 0x0460 [ B84088CA3CDCA97DA44A984C6CE1CCAD, 87009809FB101BF51483FA32318CBCD209386582880C82417BE4FFAD1B04C8C1 ] adpahci C:\Windows\system32\drivers\adpahci.sys
17:07:35.0955 0x0460 adpahci - ok
17:07:36.0010 0x0460 [ 7880C67BCCC27C86FD05AA2AFB5EA469, C8B06E203EEA6EAD19651F212432005ABADFF21E2AA5699E34040527394F2677 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
17:07:36.0118 0x0460 adpu160m - ok
17:07:36.0304 0x0460 [ 9AE713F8E30EFC2ABCCD84904333DF4D, B0C7801AC6E0811C38F0474703F34283914C8873D851F59EE232834F7C0D8087 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
17:07:36.0640 0x0460 adpu320 - ok
17:07:36.0828 0x0460 [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:07:37.0448 0x0460 AeLookupSvc - ok
17:07:37.0581 0x0460 [ F5272A105F59A7B3B345D9D6D87DA7AD, 9E84776994D04240BF2537330DBB555EDE16DFCFC59DEDCBA05A44ED7F70BEFA ] AFD C:\Windows\system32\drivers\afd.sys
17:07:37.0884 0x0460 AFD - ok
17:07:37.0948 0x0460 [ EF23439CDD587F64C2C1B8825CEAD7D8, 762665CFC202B3E16CA2338887896FDF996331A363DC709F1EC088BF927133A3 ] agp440 C:\Windows\system32\drivers\agp440.sys
17:07:38.0061 0x0460 agp440 - ok
17:07:38.0152 0x0460 [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761EB90ABD0F8D96B1 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
17:07:38.0204 0x0460 aic78xx - ok
17:07:38.0312 0x0460 [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] ALG C:\Windows\System32\alg.exe
17:07:39.0537 0x0460 ALG - ok
17:07:39.0580 0x0460 [ 90395B64600EBB4552E26E178C94B2E4, 73095893964DC7915983B58A567184FC51949C99341E7E0D04D70CC4C4F95E37 ] aliide C:\Windows\system32\drivers\aliide.sys
17:07:39.0612 0x0460 aliide - ok
17:07:39.0769 0x0460 [ DE697CA5522739901B17D60E18A48B57, 89C526BEDF5678047A8C0BDFA75FACA308F708B8FE3D3F0AC5A6BE20D27C76EA ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
17:07:40.0062 0x0460 AMD External Events Utility - ok
17:07:40.0110 0x0460 [ 2B13E304C9DFDFA5EB582F6A149FA2C7, 196CCE13E0376526B79D9C43D4071990576C4DD210A48E9E922B438AA11C95E7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
17:07:40.0164 0x0460 amdagp - ok
17:07:40.0188 0x0460 [ 0577DF1D323FE75A739C787893D300EA, 079EF3CA18FB847DB7E62929071BFF007FAF390E1DBF4C59F28DAAC6B9C2DE51 ] amdide C:\Windows\system32\drivers\amdide.sys
17:07:40.0217 0x0460 amdide - ok
17:07:40.0274 0x0460 [ DC487885BCEF9F28EECE6FAC0E5DDFC5, 24A62F6E628AD46273BC226F7BC3453A9C7B76F81ABB9FB801EBEFADB2AB7C9B ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
17:07:44.0359 0x0460 AmdK7 - ok
17:07:44.0395 0x0460 [ 0CA0071DA4315B00FC1328CA86B425DA, 4F816FA2197166A83A266084F9D5ED68876D0521D378F90F1314DD53C6FB8814 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
17:07:44.0554 0x0460 AmdK8 - ok
17:07:46.0572 0x0460 [ A5DE11C167222FB7F73588530F851784, 6847841BD121923BAB5CB118F5477696233F2A14789D99A1C7F528164BFC101B ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
17:07:49.0822 0x0460 amdkmdag - ok
17:07:49.0939 0x0460 [ 354D38ECA8452AB6D3489CAD80BCFF25, 7A296CABC9EE6CB6CB9AA4CFBFBFB1BDC2E26E944D27E3C9BEDA30C979F2C794 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
17:07:50.0029 0x0460 amdkmdap - ok
17:07:50.0182 0x0460 [ 0327A6CE0934C324E3E82920E9EC0EE4, B4A1E6A77032F7DF97FED3C01E76E2BD3270A3FFC500C7C9A118C0E2EB675D75 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
17:07:50.0246 0x0460 AntiVirSchedulerService - ok
17:07:50.0384 0x0460 [ 0327A6CE0934C324E3E82920E9EC0EE4, B4A1E6A77032F7DF97FED3C01E76E2BD3270A3FFC500C7C9A118C0E2EB675D75 ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
17:07:50.0444 0x0460 AntiVirService - ok
17:07:50.0556 0x0460 [ 8F7D200717A58E9800D391F4C2101577, F07CF0F5636F46D8F3D5133284943E991E8739E5A644BCA5F18BB896B374620D ] Appinfo C:\Windows\System32\appinfo.dll
17:07:50.0653 0x0460 Appinfo - ok
17:07:50.0719 0x0460 [ 0FE769CAE5855B53C90E23F85E7E89FF, 7163E364D33EDABCFC1E1B586D28FA906F34A764BF4B3031DF020043EAE0D3BF ] AppMgmt C:\Windows\System32\appmgmts.dll
17:07:50.0846 0x0460 AppMgmt - ok
17:07:50.0935 0x0460 [ 5F673180268BB1FDB69C99B6619FE379, C4307A861163F96648109046A6C7D53AB1C9B10D0B841DD1A7D147D22F462649 ] arc C:\Windows\system32\drivers\arc.sys
17:07:51.0019 0x0460 arc - ok
17:07:51.0433 0x0460 [ E9FA6D1240CAE3FEB3EE333195863C2B, 7DD9F8B36DBAE40CA9726BB2BDE9D41DC2C3E80AB6AAE15E76894F199395B1C5 ] ArcGIS License Manager E:\Steffi\License10.2\bin\lmgrd.exe
17:07:52.0045 0x0460 ArcGIS License Manager - ok
17:07:52.0206 0x0460 [ 957F7540B5E7F602E44648C7DE5A1C05, F03C7708A6C9D2579ECE5A7413AFA068E1067D7191EC653A78BA4FEDE76CFBD8 ] arcsas C:\Windows\system32\drivers\arcsas.sys
17:07:52.0238 0x0460 arcsas - ok
17:07:52.0580 0x0460 [ 2FE0D5DB69014980A970D3BF9A85D2B1, 3837F176B0CB7FEA2689D90B50B62F660FE579A5EB1E47C827DFA95596B72D1E ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
17:07:52.0681 0x0460 aspnet_state - ok
17:07:52.0721 0x0460 [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D00B9F6896DDE70 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:07:52.0798 0x0460 AsyncMac - ok
17:07:52.0838 0x0460 [ 1F05B78AB91C9075565A9D8A4B880BC4, 737BE9F9376DAB0CCDFED93EA6D67F0C432367EA63CD772A453485BE769AF3BD ] atapi C:\Windows\system32\drivers\atapi.sys
17:07:52.0860 0x0460 atapi - ok
17:07:52.0920 0x0460 [ DDCF63069542F513F3A26FA060F84B4C, 6E3B82065A4C33679AB8E1AE5B054EE3B1F352368FCF1D1486DE29610BC80EAA ] AtiHDAudioService C:\Windows\system32\drivers\AtihdLH3.sys
17:07:52.0996 0x0460 AtiHDAudioService - ok
17:07:53.0052 0x0460 [ F0D933B42CD0594048E4D5200AE9E417, FF53E843A99948568515964C3C97107FA875BBC3F2906BADEE0B29ACE5532F0D ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
17:07:53.0105 0x0460 atksgt - ok
17:07:53.0163 0x0460 [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:07:53.0231 0x0460 AudioEndpointBuilder - ok
17:07:53.0250 0x0460 [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] Audiosrv C:\Windows\System32\Audiosrv.dll
17:07:53.0294 0x0460 Audiosrv - ok
17:07:53.0335 0x0460 [ B0A63DD71CB0CB597D8BD5C364E73F7C, 572B31F3FC962F50110D42A08CDD0614323E18C213575710CEEFA35EE7CAE8C5 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
17:07:53.0389 0x0460 avgntflt - ok
17:07:53.0538 0x0460 [ 05AF7CBF0BDA1571BBADC36703EB9CA4, 3925AD58053769D317D3CF0DDDF7371B010F2F4C839CF7B44F327AE9D0AB5442 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
17:07:53.0561 0x0460 avipbb - ok
17:07:53.0851 0x0460 [ A59D07E02A75EDC8FA141470C5EC96C3, A20416444B3C15F85651383F8D40F4F93400B1B78A60174A2AD3A6308836ED93 ] Avira.OE.ServiceHost C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
17:07:53.0987 0x0460 Avira.OE.ServiceHost - ok
17:07:54.0007 0x0460 [ D8C712305F73CD34D1B344810E522728, 49A474FF6CA44E8427D7A8290B47395125B0148AF384CF2B3B1FA495A4718CBA ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
17:07:54.0035 0x0460 avkmgr - ok
17:07:54.0076 0x0460 [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] Beep C:\Windows\system32\drivers\Beep.sys
17:07:54.0143 0x0460 Beep - ok
17:07:54.0223 0x0460 [ C789AF0F724FDA5852FB9A7D3A432381, 4B0F7A3A8F2D45E49630D24F2630B8014BCDB793B9C6E83FD2B2863A54F62BF5 ] BFE C:\Windows\System32\bfe.dll
17:07:54.0322 0x0460 BFE - ok
17:07:54.0467 0x0460 [ 93952506C6D67330367F7E7934B6A02F, 1D9A6B10B9489C1A32F730E22CC399BFF0796E3FCB3BA52BE45ED487CAC59EBD ] BITS C:\Windows\system32\qmgr.dll
17:07:54.0575 0x0460 BITS - ok
17:07:54.0586 0x0460 blbdrive - ok
17:07:54.0621 0x0460 [ 35F376253F687BDE63976CCB3F2108CA, C5EF6301D7BC067050038DB75D961681D1CBE418285AD60167C1334B0B54DFE9 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:07:54.0721 0x0460 bowser - ok
17:07:54.0760 0x0460 [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
17:07:54.0844 0x0460 BrFiltLo - ok
17:07:54.0886 0x0460 [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
17:07:54.0957 0x0460 BrFiltUp - ok
17:07:55.0055 0x0460 [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] Browser C:\Windows\System32\browser.dll
17:07:55.0132 0x0460 Browser - ok
17:07:55.0166 0x0460 [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5B42B3A3A17BFB0 ] Brserid C:\Windows\system32\drivers\brserid.sys
17:07:55.0271 0x0460 Brserid - ok
17:07:55.0292 0x0460 [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
17:07:55.0381 0x0460 BrSerWdm - ok
17:07:55.0404 0x0460 [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
17:07:55.0501 0x0460 BrUsbMdm - ok
17:07:55.0522 0x0460 [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
17:07:55.0623 0x0460 BrUsbSer - ok
17:07:55.0663 0x0460 [ AD07C1EC6665B8B35741AB91200C6B68, DCE1305A30D6713222A01C1F1D03ED0ADABE23C742CE1E82BB142531B82A3FF7 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
17:07:55.0769 0x0460 BTHMODEM - ok
17:07:55.0838 0x0460 catchme - ok
17:07:55.0870 0x0460 [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:07:55.0942 0x0460 cdfs - ok
17:07:55.0969 0x0460 [ 6B4BFFB9BECD728097024276430DB314, 4451EFEAD37B05C8A3CB610B6D72E73B55D3D1E1CC1B17405598C1EDAA93C2D5 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:07:56.0024 0x0460 cdrom - ok
17:07:56.0073 0x0460 [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] CertPropSvc C:\Windows\System32\certprop.dll
17:07:56.0132 0x0460 CertPropSvc - ok
17:07:56.0186 0x0460 [ DA8E0AFC7BAA226C538EF53AC2F90897, 2BBB9966671A3B8325D215DBC29FBD7D912C13ADC562A0D4521D1FF9A6F445C0 ] circlass C:\Windows\system32\drivers\circlass.sys
17:07:56.0316 0x0460 circlass - ok
17:07:56.0360 0x0460 [ D7659D3B5B92C31E84E53C1431F35132, 6BFE644AD9890A8CEEDCC4B97ADD564AD57202FBC5D21599469E0C4B31BB27C6 ] CLFS C:\Windows\system32\CLFS.sys
17:07:56.0409 0x0460 CLFS - ok
17:07:56.0489 0x0460 [ 6B6943A0CA56B47D6FB2EE476890854F, 6DA779879487F4A187DF54B0362642643D7871AA8F7E30992D781F558C50F052 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:07:56.0520 0x0460 clr_optimization_v2.0.50727_32 - ok
17:07:56.0607 0x0460 [ 6D7C8A951AF6AD6835C029B3CB88D333, 66F3D79887B2449B4C6912D1A258D1A96056888F51A8AA24FEDF37942AD5BDBB ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:07:56.0776 0x0460 clr_optimization_v4.0.30319_32 - ok
17:07:56.0808 0x0460 [ 45201046C776FFDAF3FC8A0029C581C8, 68A68CF2B76598BC8610EB5B2D3FD5BDC9D51CFC6F51FB7A0B0C92A2BE910FC6 ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:07:56.0841 0x0460 cmdide - ok
17:07:56.0863 0x0460 [ 82B8C91D327CFECF76CB58716F7D4997, 6F06A4BC44B170BB28BF464E9BB5216D39D11CB8D442570B575A741B032EAEE6 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
17:07:56.0893 0x0460 Compbatt - ok
17:07:56.0903 0x0460 COMSysApp - ok
17:07:56.0931 0x0460 [ 2A213AE086BBEC5E937553C7D9A2B22C, 1F91ACC0426E0ED1717555B282F65629EF15021375B24A63C29C89ADE916EE2A ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
17:07:56.0963 0x0460 crcdisk - ok
17:07:56.0982 0x0460 [ 22A7F883508176489F559EE745B5BF5D, D6341E3FBC8A46D2D1F0477FA60EC4828B585D35B14609CD02868FD04ECD14DB ] Crusoe C:\Windows\system32\drivers\crusoe.sys
17:07:57.0066 0x0460 Crusoe - ok
17:07:57.0111 0x0460 [ 684C130BBC6DB681BAD4920A4C944AA5, DDE434B206984808351C98500824A33E6740B4326C455066027F8D549D4C3B92 ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:07:57.0175 0x0460 CryptSvc - ok
17:07:57.0209 0x0460 [ 9BDB2E89BE8D0EF37B1F25C3D3FC192C, 95E3AA76DAF3F9EDE1AAE9B85C779F2716097266F492E0A8D361C6ED9A9AC8CC ] CSC C:\Windows\system32\drivers\csc.sys
17:07:57.0348 0x0460 CSC - ok
17:07:57.0394 0x0460 [ 0A2095F92F6AE4FE6484D911B0C21E95, 52E2E08107FEBD6B46E1C71B39ECA8AB1A0ECF18CA248D9172F831B6FAB99139 ] CscService C:\Windows\System32\cscsvc.dll
17:07:57.0506 0x0460 CscService - ok
17:07:57.0545 0x0460 [ FFC5377AA2C1A3F5B18F359F661E76C8, BEC4574ABCFF5B5261395B09AD6C14BEC75C603812ABB8C1786C434C84A102F4 ] ctxusbm C:\Windows\system32\DRIVERS\ctxusbm.sys
17:07:57.0639 0x0460 ctxusbm - ok
17:07:57.0841 0x0460 [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:07:58.0019 0x0460 DcomLaunch - ok
17:07:58.0055 0x0460 [ 622C41A07CA7E6DD91770F50D532CB6C, 2A9040949CB45F9970FDE930278F30D2F08E957290CB3D4DC4F2CA94F3D444D2 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:07:58.0120 0x0460 DfsC - ok
17:07:58.0393 0x0460 [ 2CC3DCFB533A1035B13DCAB6160AB38B, C88C91F662ADE248EEE3B568E70C2BC2D5075B7D9B7D3C63E83D011C5F7812B0 ] DFSR C:\Windows\system32\DFSR.exe
17:07:58.0712 0x0460 DFSR - ok
17:07:58.0751 0x0460 [ 9028559C132146FB75EB7ACF384B086A, 35159D86706441ED94895B4629411B4445FCB4526AFD1F7036EE647931B7A94D ] Dhcp C:\Windows\System32\dhcpcsvc.dll
17:07:58.0806 0x0460 Dhcp - ok
17:07:58.0840 0x0460 [ 5D4AEFC3386920236A548271F8F1AF6A, 11B74D6800EC6F7AAEFB0B6A9F2E8376C7C3B8DB677F03AC3743CB004CA96B08 ] disk C:\Windows\system32\drivers\disk.sys
17:07:58.0872 0x0460 disk - ok
17:07:58.0915 0x0460 [ 57D762F6F5974AF0DA2BE88A3349BAAA, D9E7DC8F9FB7837F88BBB95B52147AA80E688FB9762EEA99B8046D9C6AD48F3C ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:07:58.0965 0x0460 Dnscache - ok
17:07:59.0003 0x0460 [ 324FD74686B1EF5E7C19A8AF49E748F6, DC6EB4304555B60DD17E04D20DFE4E279718E4041A9310DE29E678834BB22C5B ] dot3svc C:\Windows\System32\dot3svc.dll
17:07:59.0072 0x0460 dot3svc - ok
17:07:59.0103 0x0460 [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] DPS C:\Windows\system32\dps.dll
17:07:59.0171 0x0460 DPS - ok
17:07:59.0206 0x0460 [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:07:59.0288 0x0460 drmkaud - ok
17:07:59.0324 0x0460 [ 555E54AC2F601A8821CEF58961653991, C094E4BE6903D73C45BEEA21B8E0B65FB94178FF99927640C2C2792F46D543A0 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
17:07:59.0352 0x0460 dtsoftbus01 - ok
17:07:59.0553 0x0460 [ 5C2C209CDEFBC51D83D66E8A53B2BE89, 7AE68672A6BEEF601017BE28AA0BF3673318EFE97AA08E70F58A9391C54DF71F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:07:59.0648 0x0460 DXGKrnl - ok
17:07:59.0711 0x0460 [ F88FB26547FD2CE6D0A5AF2985892C48, F02E06E16830F5D3FAF61991F5A91E54BB3461F58AFE3BFB7A9066CD302B879F ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
17:07:59.0861 0x0460 E1G60 - ok
17:07:59.0938 0x0460 [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] EapHost C:\Windows\System32\eapsvc.dll
17:07:59.0980 0x0460 EapHost - ok
17:08:00.0072 0x0460 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371, F3E9CF5D8E9124CB06F08454C5F0E510DE19A92780151FB2F8A58A0905D59B8F ] Ecache C:\Windows\system32\drivers\ecache.sys
17:08:00.0115 0x0460 Ecache - ok
17:08:00.0225 0x0460 [ 9BE3744D295A7701EB425332014F0797, 1A139EE9232581E466591C5EBEF41E4BF1F82D99C1959F1C68C879B240E9F46D ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:08:00.0306 0x0460 ehRecvr - ok
17:08:00.0339 0x0460 [ AD1870C8E5D6DD340C829E6074BF3C3F, 064D07106A1BBE80294F1913354832F2B67D22274BB4D36C81D2D83C96FE0B88 ] ehSched C:\Windows\ehome\ehsched.exe
17:08:00.0392 0x0460 ehSched - ok
17:08:00.0410 0x0460 [ C27C4EE8926E74AA72EFCAB24C5242C3, F1EBF78CCE9BA76AFD0478BC66B67CA44DEAF3C380369BFCE91BD8F678C8608A ] ehstart C:\Windows\ehome\ehstart.dll
17:08:00.0446 0x0460 ehstart - ok
17:08:00.0507 0x0460 [ E8F3F21A71720C84BCF423B80028359F, 63114E6120F634224A0E83A5047B37C7D6F26CF99FE3C01CFC0AB8B1763BB084 ] elxstor C:\Windows\system32\drivers\elxstor.sys
17:08:00.0645 0x0460 elxstor - ok
17:08:00.0795 0x0460 [ 4E6B23DFC917EA39306B529B773950F4, C4BA77632B4BD46C4C1797F7F57399DB506D3EB6E5A0A36C269A793DAA3445C2 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
17:08:00.0984 0x0460 EMDMgmt - ok
17:08:01.0041 0x0460 [ 67058C46504BC12D821F38CF99B7B28F, E8D19F305F78BCA1DA8425315F2C77A377CD51E3CC54323DC2FF355120EA097D ] EventSystem C:\Windows\system32\es.dll
17:08:01.0125 0x0460 EventSystem - ok
17:08:01.0182 0x0460 [ 22B408651F9123527BCEE54B4F6C5CAE, 31AF9649333A9496A9224001266D1B68CE2A31B9FB182A755D127FC5492AA6B2 ] exfat C:\Windows\system32\drivers\exfat.sys
17:08:01.0256 0x0460 exfat - ok
17:08:01.0281 0x0460 [ 1E9B9A70D332103C52995E957DC09EF8, 7E709D545D4025A2E9F3489CF2A231040904CB53E3E4EEAC15A22468FAB2A5B3 ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:08:01.0341 0x0460 fastfat - ok
17:08:01.0439 0x0460 [ DFBA0F60FA301E5B1BFB1403A93EE23E, 727A01AA77BFD6B6FEB394A4C4CCBDB785987A1904F8EED3739A5F6D03C15965 ] Fax C:\Windows\system32\fxssvc.exe
17:08:01.0544 0x0460 Fax - ok
17:08:01.0577 0x0460 [ 63BDADA84951B9C03E641800E176898A, AD3EA20CAD0E0C438422D5D39AEA9E0AAD9E1DC866A696AE503C76F5FAC4BE6E ] fdc C:\Windows\system32\DRIVERS\fdc.sys
17:08:01.0668 0x0460 fdc - ok
17:08:01.0697 0x0460 [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] fdPHost C:\Windows\system32\fdPHost.dll
17:08:01.0754 0x0460 fdPHost - ok
17:08:01.0784 0x0460 [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] FDResPub C:\Windows\system32\fdrespub.dll
17:08:01.0902 0x0460 FDResPub - ok
17:08:01.0952 0x0460 [ A8C0139A884861E3AAE9CFE73B208A9F, 3B021D148A2989AAA46AE58E5FED8A2DCA25E9212C2FA7F922880EF5A077E49B ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:08:01.0983 0x0460 FileInfo - ok
17:08:02.0002 0x0460 [ 0AE429A696AECBC5970E3CF2C62635AE, 1ECC315C099D17835788B68F0DE00EC98DC5AEE8F329D739E0DB90A898F22244 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:08:02.0064 0x0460 Filetrace - ok
17:08:02.0144 0x0460 [ 00EDB531DFB127197D625204B138269B, 0CE6536344CE30F06C6CD04BEB202C935B10439200B9CE792B4440D2EE3CB9D9 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
17:08:02.0231 0x0460 FLEXnet Licensing Service - ok
17:08:02.0305 0x0460 [ 6603957EFF5EC62D25075EA8AC27DE68, B52D112301A6BFBD60959D7D2502AB2E1EB6BB7F5DCED46899F1F006C7F1E887 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
17:08:02.0403 0x0460 flpydisk - ok
17:08:02.0463 0x0460 [ 01334F9EA68E6877C4EF05D3EA8ABB05, 82F8AA6AD2B5077898773D4A5814819EAF0E872FFD95894E06FEDAB6EE92CF99 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:08:02.0504 0x0460 FltMgr - ok
17:08:02.0595 0x0460 [ 2AFA3A46986AE935DAECEBC7E66314CF, 747FAF9B7F8291B83EE44B91E5708395E749DC87BD42CC3BF2CD41209C298F4D ] FontCache C:\Windows\system32\FntCache.dll
17:08:02.0699 0x0460 FontCache - ok
17:08:02.0759 0x0460 [ C7FBDD1ED42F82BFA35167A5C9803EA3, 372FF71070D5ECE17342466A690737A0622E93C98DBED8172C49B0854F0012B7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
17:08:02.0797 0x0460 FontCache3.0.0.0 - ok
17:08:02.0851 0x0460 [ B972A66758577E0BFD1DE0F91AAA27B5, E934034F3F740A83D4E7ABCD2C581845AC2945B0BCCAACF65CC3F99A1DBDE455 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:08:03.0021 0x0460 Fs_Rec - ok
17:08:03.0046 0x0460 [ FECF4C2E42440A8D132BF94EEE3C3FC9, 38CA8707AABB4513FF3E4FD4FFA7D1117D3FE2224897ACC65DD55B207498B7C6 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:08:03.0083 0x0460 fvevol - ok
17:08:03.0142 0x0460 [ 4E1CD0A45C50A8882616CAE5BF82F3C5, 1B909AF150F7119A5685999451A85012F4A92F15F38390A281EA507E2D247BAE ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
17:08:03.0188 0x0460 gagp30kx - ok
17:08:03.0370 0x0460 [ CD5D0AEEE35DFD4E986A5AA1500A6E66, DCED5126837292593F1C1B35DF18E3B631D6C0C6D0742B77C7B7742C55A7825F ] gpsvc C:\Windows\System32\gpsvc.dll
17:08:03.0642 0x0460 gpsvc - ok
17:08:03.0786 0x0460 [ 7898E20A298105CC3EA1A7BAA695ACFC, 25A1C0B4DD2294966B1FB6F2D2F42628D4EA07C4A4CA5B8C742CCA3E6442254B ] hcmon C:\Windows\system32\drivers\hcmon.sys
17:08:03.0838 0x0460 hcmon - ok
17:08:03.0961 0x0460 [ 3F90E001369A07243763BD5A523D8722, 25907F85787D879E75C3FE74C93567382AFB2D528BEEC61D71E3A6BE2D71DFBE ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:08:04.0165 0x0460 HdAudAddService - ok
17:08:04.0322 0x0460 [ 062452B7FFD68C8C042A6261FE8DFF4A, DD9873502456D3C058C6177AC223B28C71370E624FA0814C17EA3D93201F2B56 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
17:08:04.0430 0x0460 HDAudBus - ok
17:08:04.0491 0x0460 [ 1338520E78D90154ED6BE8F84DE5FCEB, 8531F1C5856983EBDA4C2B70162645ECE72FFFBA9FE7A28BCEDDF2169B7ECF9D ] HidBth C:\Windows\system32\drivers\hidbth.sys
17:08:04.0592 0x0460 HidBth - ok
17:08:04.0629 0x0460 [ FF3160C3A2445128C5A6D9B076DA519E, DC1A70C80CD55F33B3AD5A21E86AF7C3086D8CC2DC6148C058E74A871E0BAD4A ] HidIr C:\Windows\system32\drivers\hidir.sys
17:08:04.0731 0x0460 HidIr - ok
17:08:04.0786 0x0460 [ 84067081F3318162797385E11A8F0582, 11E32E3800CFCA37354388243F88D0239D622891BAC5483518A2BE5D1CA19015 ] hidserv C:\Windows\System32\hidserv.dll
17:08:04.0857 0x0460 hidserv - ok
17:08:04.0882 0x0460 [ CCA4B519B17E23A00B826C55716809CC, 91AD0758A6185B0FBBE383BDB1B457FFB850477AFF8DE040DE9527A97D28EF62 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:08:04.0933 0x0460 HidUsb - ok
17:08:04.0957 0x0460 [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] hkmsvc C:\Windows\system32\kmsvc.dll
17:08:05.0038 0x0460 hkmsvc - ok
17:08:05.0071 0x0460 [ DF353B401001246853763C4B7AAA6F50, 05C043493BDD99DEFBB0F5C3D8C475B06C2BF5629565ACF6F3B754002519B836 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
17:08:05.0100 0x0460 HpCISSs - ok
17:08:05.0137 0x0460 [ 37B1A74B7950F0B30BF575D85E997CF7, 8B3B45A2BF602D9CEDE98BC107F84AC6470D3DD9C1070B60B3D7E6B88CD009D9 ] HPSIService C:\Windows\system32\HPSIsvc.exe
17:08:05.0170 0x0460 HPSIService - ok
17:08:05.0269 0x0460 [ F870AA3E254628EBEAFE754108D664DE, B0444E7D246AA1982094030ACB991690F6A7DD3FB07B1BB6A1BC0F3AA9718A70 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:08:05.0406 0x0460 HTTP - ok
17:08:05.0440 0x0460 [ 324C2152FF2C61ABAE92D09F3CCA4D63, 2D09964C8003277F7DB1FFAA0DAEF15B205F3C4100FF601950BC9E544DC0B91F ] i2omp C:\Windows\system32\drivers\i2omp.sys
17:08:05.0515 0x0460 i2omp - ok
17:08:05.0592 0x0460 [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
17:08:05.0662 0x0460 i8042prt - ok
17:08:05.0735 0x0460 [ C957BF4B5D80B46C5017BF0101E6C906, 6B9186335E50E7E0DBAF574A224E524EC526B57AA02F509E4A8D0F905C9CE880 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
17:08:05.0776 0x0460 iaStorV - ok
17:08:05.0903 0x0460 [ DD386C45D2B5863740166783448A2E7A, 10B912BA70306644BE73A53AF4DCDFF63880C4C5860FF6DBA92B0914EB566718 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:08:05.0982 0x0460 idsvc - ok
17:08:06.0033 0x0460 [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA8639945609001D790CE ] iirsp C:\Windows\system32\drivers\iirsp.sys
17:08:06.0079 0x0460 iirsp - ok
17:08:06.0122 0x0460 [ 4687EE0C0DD2CE5F7AAA9C2E33C1DC78, FA8EBED2778D9F7560ADC1B563954EEF98AAE651C0553F2803372B37B122AEB3 ] IKEEXT C:\Windows\System32\ikeext.dll
17:08:06.0234 0x0460 IKEEXT - ok
17:08:06.0261 0x0460 [ 97469037714070E45194ED318D636401, DDB5AE39BE0BD37ECB44969A5FA740E5B1169342347D0DB3E5DF0353A6708271 ] intelide C:\Windows\system32\drivers\intelide.sys
17:08:06.0292 0x0460 intelide - ok
17:08:06.0357 0x0460 [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638BBFFF1D5FC2563 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:08:06.0409 0x0460 intelppm - ok
17:08:06.0514 0x0460 [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:08:06.0598 0x0460 IPBusEnum - ok
17:08:06.0683 0x0460 [ 62C265C38769B864CB25B4BCF62DF6C3, CAF6BCE967104233E216464E4729B0275C3BD426D812F404AB0EE83A7F2063D8 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:08:06.0818 0x0460 IpFilterDriver - ok
17:08:06.0908 0x0460 [ 1998BD97F950680BB55F55A7244679C2, A4E8BB4C6B2AF4800BD5E0BA8725FD0927F8FB6751AEBF6DD16B59C414CCB9D8 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:08:07.0080 0x0460 iphlpsvc - ok
17:08:07.0090 0x0460 IpInIp - ok
17:08:07.0166 0x0460 [ 40F34F8ABA2A015D780E4B09138B6C17, 22F86888C6B4F76836E863A90730D8F0DBD518305D87A399A159387E79E9D2F7 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
17:08:07.0339 0x0460 IPMIDRV - ok
17:08:07.0387 0x0460 [ 8793643A67B42CEC66490B2A0CF92D68, 8B1ED1314E4C6623824DD6B9C15A0F7F996F4D243BF0B305421251BE40850907 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
17:08:07.0465 0x0460 IPNAT - ok
17:08:07.0574 0x0460 [ 109C0DFB82C3632FBD11949B73AEEAC9, 73B01426100256B7110DF0B74483AF1B62FC209612EEC29A7BF6DC31A7FBEFB6 ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:08:07.0679 0x0460 IRENUM - ok
17:08:07.0715 0x0460 [ 350FCA7E73CF65BCEF43FAE1E4E91293, 68403FE3F4DC40919CD26A2CC42BE4386AE6874F47DD382348FFD79080721A13 ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:08:07.0833 0x0460 isapnp - ok
17:08:07.0939 0x0460 [ 232FA340531D940AAC623B121A595034, 90C93F04D8A0094EEBD118F10223605B8169DA5F24C466F503CED5C014BD17B1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
17:08:07.0967 0x0460 iScsiPrt - ok
17:08:08.0015 0x0460 [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C1517B8F9C340D4 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
17:08:08.0042 0x0460 iteatapi - ok
17:08:08.0173 0x0460 [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE0E99CD7658EA88 ] iteraid C:\Windows\system32\drivers\iteraid.sys
17:08:08.0204 0x0460 iteraid - ok
17:08:08.0222 0x0460 [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:08:08.0270 0x0460 kbdclass - ok
17:08:08.0298 0x0460 [ EDE59EC70E25C24581ADD1FBEC7325F7, 41B37778E9A12675FC0DF74606AAF18C652EB88513B3C4889C5C512E14587CEE ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
17:08:08.0402 0x0460 kbdhid - ok
17:08:08.0468 0x0460 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] KeyIso C:\Windows\system32\lsass.exe
17:08:08.0565 0x0460 KeyIso - ok
17:08:08.0636 0x0460 [ 4A1445EFA932A3BAF5BDB02D7131EE20, 9DD262ED72DF268FE024063788F54124E320D0775D8DC0C5CAD099CD5F655DA2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:08:08.0719 0x0460 KSecDD - ok
17:08:08.0793 0x0460 [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] KtmRm C:\Windows\system32\msdtckrm.dll
17:08:08.0916 0x0460 KtmRm - ok
17:08:09.0006 0x0460 [ 1BF5EEBFD518DD7298434D8C862F825D, F41C79410345C40B346EB5EDEA397ECD29ECB9B921AC3E19F9453E52A7B9288A ] LanmanServer C:\Windows\System32\srvsvc.dll
17:08:09.0108 0x0460 LanmanServer - ok
17:08:09.0220 0x0460 [ 1DB69705B695B987082C8BAEC0C6B34F, D395B272F6B69D4A9FC3CDEFD812EF0DBFECF3C1B1C787C7CC1E1A1B091B8DB3 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:08:09.0308 0x0460 LanmanWorkstation - ok
17:08:09.0364 0x0460 [ 170E7093A77AD586F3A012A3DB651D94, 43A7C3BFBEC8FB255AB2B77C2A9705777EF6607F6BF0E8F2664766116EAAD536 ] LGBusEnum C:\Windows\system32\drivers\LGBusEnum.sys
17:08:09.0403 0x0460 LGBusEnum - ok
17:08:09.0453 0x0460 [ FC57B9EA6DC9CD4C5488A8F803F0A3C0, 577DFF1E042317AF9316DD347B401054478C493F1EA43DE39E9FF002DCA84113 ] LGPBTDD C:\Windows\system32\Drivers\LGPBTDD.sys
17:08:09.0486 0x0460 LGPBTDD - ok
17:08:09.0602 0x0460 [ D2DD04D1C8DF65EECD1F2C7FB947D43E, 980FCE188FCB57C8F210A4905D345D2D6D32545EFE673BE51B3D3AE18084243B ] LGVirHid C:\Windows\system32\drivers\LGVirHid.sys
17:08:09.0623 0x0460 LGVirHid - ok
17:08:09.0703 0x0460 [ F8A7212D0864EF5E9185FB95E6623F4D, 277EAA06BD3D1CB31E6CD7B9ECD3A4B7D4AB7A369DB5FFF04EC7D749DF26E3D2 ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
17:08:09.0762 0x0460 lirsgt - ok
17:08:09.0808 0x0460 [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:08:09.0881 0x0460 lltdio - ok
17:08:09.0932 0x0460 [ 2D5A428872F1442631D0959A34ABFF63, E532C6ECFFB936EFF744CA57BDC6394C89E797B6B0822D04F1F3F35D9BDDD4F0 ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:08:09.0997 0x0460 lltdsvc - ok
17:08:10.0021 0x0460 [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:08:10.0109 0x0460 lmhosts - ok
17:08:10.0155 0x0460 [ A2262FB9F28935E862B4DB46438C80D2, 792684A68726BC007ACABB584682FDF4F059AE60888FB5B47ED68A97EA0BB5E6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
17:08:10.0210 0x0460 LSI_FC - ok
17:08:10.0228 0x0460 [ 30D73327D390F72A62F32C103DAF1D6D, 7BB5BFB0DCF33AF9907539B52DF7BA1943C1E75A17715B58DBC702ACA6D406EA ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
17:08:10.0260 0x0460 LSI_SAS - ok
17:08:10.0311 0x0460 [ E1E36FEFD45849A95F1AB81DE0159FE3, DA02B23A881D156A02D3874B41E6D042F84AD558B434280A6A6AC6B619668647 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
17:08:10.0356 0x0460 LSI_SCSI - ok
17:08:10.0410 0x0460 [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] luafv C:\Windows\system32\drivers\luafv.sys
17:08:10.0481 0x0460 luafv - ok
17:08:10.0532 0x0460 [ AEF9BABB8A506BC4CE0451A64AADED46, D5608A703EA7E97F11ED4D029B4B820440B0C9317DB7D7DC0152253CD723DC07 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:08:10.0586 0x0460 Mcx2Svc - ok
17:08:10.0677 0x0460 [ D153B14FC6598EAE8422A2037553ADCE, D5408B07B6EBA0146A605F11106497DC3DF8EC72E0DCC44BE1366A2A58ABE478 ] megasas C:\Windows\system32\drivers\megasas.sys
17:08:10.0742 0x0460 megasas - ok
17:08:11.0123 0x0460 [ 0AF89452A8CE3928168F4E5B2208C68B, 571F1A9F1F0B31DB5FFAE7FB7F98C16958439D6666A9F2131B0F2E496BF3D2AC ] mi-raysat_3dsmax2013_32 D:\Basti\Andere Progs\3ds Max 2013\NVIDIA\raysat_3dsmax2013_32server.exe
17:08:11.0174 0x0460 mi-raysat_3dsmax2013_32 - detected UnsignedFile.Multi.Generic ( 1 )
17:08:13.0732 0x0460 Detect skipped due to KSN trusted
17:08:13.0732 0x0460 mi-raysat_3dsmax2013_32 - ok
17:08:13.0782 0x0460 [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] MMCSS C:\Windows\system32\mmcss.dll
17:08:13.0935 0x0460 MMCSS - ok
17:08:13.0960 0x0460 [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] Modem C:\Windows\system32\drivers\modem.sys
17:08:14.0125 0x0460 Modem - ok
17:08:14.0167 0x0460 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:08:14.0211 0x0460 monitor - ok
17:08:14.0246 0x0460 [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:08:14.0274 0x0460 mouclass - ok
17:08:14.0315 0x0460 [ 93B8D4869E12CFBE663915502900876F, 7464DE60FAAD8793D855F1F86C3C865B3A3EE41C19A3E926D1BE4426E67F5EC2 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:08:14.0365 0x0460 mouhid - ok
17:08:14.0389 0x0460 [ BDAFC88AA6B92F7842416EA6A48E1600, 2CA8A7BB260016D6B7953980A94C45A3C5D41F7DC7E73EEFB1C18EA144749503 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
17:08:14.0423 0x0460 MountMgr - ok
17:08:14.0511 0x0460 [ 4E9D8041D352A33332FD6F59A3A78B03, D4E6229B07EF9866993EEE4F6223DC7F1FF1108273FE14A3DC74E65C181DE56A ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
17:08:14.0561 0x0460 MozillaMaintenance - ok
17:08:14.0636 0x0460 [ 583A41F26278D9E0EA548163D6139397, 1F09D2FEEE1A8D4F1D9E53596158154099FD436A408F7E72E40F50778A3838A1 ] mpio C:\Windows\system32\drivers\mpio.sys
17:08:14.0715 0x0460 mpio - ok
17:08:14.0753 0x0460 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:08:14.0829 0x0460 mpsdrv - ok
17:08:14.0933 0x0460 [ 5DE62C6E9108F14F6794060A9BDECAEC, 655E6645CC4A1EDBE5F51F5F80C7B504DD956851E788A6E4E4E08CDCDCE160D9 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:08:14.0994 0x0460 MpsSvc - ok
17:08:15.0047 0x0460 [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1ACF4FD3B248F0A ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
17:08:15.0078 0x0460 Mraid35x - ok
17:08:15.0138 0x0460 [ 82CEA0395524AACFEB58BA1448E8325C, 16E37990A291C848DE35F48EA7E09AE5B258AE589EB08A3FA2C60DC1278DE182 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:08:15.0198 0x0460 MRxDAV - ok
17:08:15.0232 0x0460 [ 1E94971C4B446AB2290DEB71D01CF0C2, 4701AA1B419AEF735CB2DA34532B0F1844433272C36D79F4EB55807E39B923D1 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:08:15.0326 0x0460 mrxsmb - ok
17:08:15.0349 0x0460 [ 4FCCB34D793B116423209C0F8B7A3B03, 7A483AEB691ADBE82779F12F0BB1CCCBFFD7E92902EC1ADC99AB7D129F887143 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:08:15.0398 0x0460 mrxsmb10 - ok
17:08:15.0418 0x0460 [ C3CB1B40AD4A0124D617A1199B0B9D7C, B975A39DE6D324C6274B6E3B883F36082A958F028335CEB3A37F44481EB284B3 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:08:15.0464 0x0460 mrxsmb20 - ok
17:08:15.0536 0x0460 [ 5457DCFA7C0DA43522F4D9D4049C1472, C8B0FD8F96E4FC5CB4B74D5968E808F44B4371F0A797B1D368E6A6080CB862FD ] msahci C:\Windows\system32\drivers\msahci.sys
17:08:15.0620 0x0460 msahci - ok
17:08:15.0673 0x0460 [ 3FC82A2AE4CC149165A94699183D3028, 8575BE62A209672A5D8C68D75BBBB4FF06220CA73A939B0793442DAD2272598C ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:08:15.0749 0x0460 msdsm - ok
17:08:15.0775 0x0460 [ FD7520CC3A80C5FC8C48852BB24C6DED, C3F3D7A07FAB9AF38A2A00BF0DF6EEE18CA8FE26277BEC9D8ADB793F2CD5EC1F ] MSDTC C:\Windows\System32\msdtc.exe
17:08:15.0840 0x0460 MSDTC - ok
17:08:15.0898 0x0460 [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:08:15.0964 0x0460 Msfs - ok
17:08:16.0003 0x0460 [ 0F400E306F385C56317357D6DEA56F62, C48FA8193787359902D20D869F5F602CD66D3C5D061A58DDB72F51EED433C4BC ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:08:16.0033 0x0460 msisadrv - ok
17:08:16.0062 0x0460 [ 85466C0757A23D9A9AECDC0755203CB2, 79141B8DF9D7470466872AF03A85C3D3976512BFDBDB8B92A22225DC8EFD70A6 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:08:16.0125 0x0460 MSiSCSI - ok
17:08:16.0137 0x0460 msiserver - ok
17:08:16.0163 0x0460 [ D8C63D34D9C9E56C059E24EC7185CC07, D0CBFB8D57E6D908679DC0488ED659CA35B92626DEA890873E165F051A1AD2AE ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:08:16.0233 0x0460 MSKSSRV - ok
17:08:16.0266 0x0460 [ 1D373C90D62DDB641D50E55B9E78D65E, 1D4897A96EA54D6FAC7916D69B4E88CAE1397C38CC8FAE08554772808476357B ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:08:16.0315 0x0460 MSPCLOCK - ok
17:08:16.0337 0x0460 [ B572DA05BF4E098D4BBA3A4734FB505B, B7923F204CEADD0F62C2FE4B7CF8C56DAB70F88093B15C5692D0E61490CF4BAA ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:08:16.0386 0x0460 MSPQM - ok
17:08:16.0423 0x0460 [ B49456D70555DE905C311BCDA6EC6ADB, 8E40586B3A1FAE9996459E0261726C9DD6A8D5F575604868C45604613385C92F ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:08:16.0457 0x0460 MsRPC - ok
17:08:16.0503 0x0460 [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
17:08:16.0523 0x0460 mssmbios - ok
17:08:16.0587 0x0460 MSSQL$SQLEXPRESS - ok
17:08:16.0645 0x0460 [ F1761C8FB2B25A32C6D63E36BB88C3AE, C88F5EF7B547DAA2394888362916FA18F07241E0BF2B938297428A1C04FFD806 ] MSSQLServerADHelper100 C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
17:08:16.0681 0x0460 MSSQLServerADHelper100 - ok
17:08:16.0715 0x0460 [ 7199C1EEC1E4993CAF96B8C0A26BD58A, DD02DF8ED7AF5BB88BD2A91F38CE4C52432CB8044BDCBC41C320CD22B10B8A3B ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:08:16.0775 0x0460 MSTEE - ok
17:08:16.0809 0x0460 [ 6A57B5733D4CB702C8EA4542E836B96C, 080FB0B01E949D24CDD6876125B3A72DA9F88845D8B9A1A425BCA99E7ACF6821 ] Mup C:\Windows\system32\Drivers\mup.sys
17:08:16.0840 0x0460 Mup - ok
17:08:16.0965 0x0460 MySQL - ok
17:08:17.0020 0x0460 [ E4EAF0C5C1B41B5C83386CF212CA9584, 5946C3DCE65A0DB164169A1775DFCA544AF4E1895ADF6916BB1653F373F8D9AF ] napagent C:\Windows\system32\qagentRT.dll
17:08:17.0076 0x0460 napagent - ok
17:08:17.0131 0x0460 [ 85C44FDFF9CF7E72A40DCB7EC06A4416, DC37C99C458CA69B33BFD3894187089E947F4F9C01EC2ED024FA8614989E0956 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:08:17.0240 0x0460 NativeWifiP - ok
17:08:17.0295 0x0460 [ 1357274D1883F68300AEADD15D7BBB42, EE6352CBF0D9D633816F338159CDA27F1A805C3DDC3402D8605B50D8F3CD3300 ] NDIS C:\Windows\system32\drivers\ndis.sys
17:08:17.0335 0x0460 NDIS - ok
17:08:17.0379 0x0460 [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:08:17.0426 0x0460 NdisTapi - ok
17:08:17.0452 0x0460 [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:08:17.0518 0x0460 Ndisuio - ok
17:08:17.0544 0x0460 [ 818F648618AE34F729FDB47EC68345C3, 5FC8F9237BD7FCE3C62D5BDDD49DC104BE2BECDC2FA8CDC1DB8F1891CBAA9140 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:08:17.0603 0x0460 NdisWan - ok
17:08:17.0639 0x0460 [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:08:17.0709 0x0460 NDProxy - ok
17:08:17.0785 0x0460 [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:08:17.0867 0x0460 NetBIOS - ok
17:08:17.0921 0x0460 [ ECD64230A59CBD93C85F1CD1CAB9F3F6, 83650D756C1F2768A2AAAFC7924F2A4316ABAEB1708F4B05803CDDD699B5AB6F ] netbt C:\Windows\system32\DRIVERS\netbt.sys
17:08:18.0010 0x0460 netbt - ok
17:08:18.0028 0x0460 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] Netlogon C:\Windows\system32\lsass.exe
17:08:18.0055 0x0460 Netlogon - ok
17:08:18.0102 0x0460 [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] Netman C:\Windows\System32\netman.dll
17:08:18.0186 0x0460 Netman - ok
17:08:18.0236 0x0460 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:08:18.0357 0x0460 NetMsmqActivator - ok
17:08:18.0367 0x0460 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetPipeActivator c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:08:18.0391 0x0460 NetPipeActivator - ok
17:08:18.0429 0x0460 [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] netprofm C:\Windows\System32\netprofm.dll
17:08:18.0498 0x0460 netprofm - ok
17:08:18.0591 0x0460 [ 0DA6B9A40EEF9F3EEDE12BC634FACAB7, 8A97C8E3B52FBECF694CDF7A6F8C04DE683D596A1E23F343D30FE0E403F60174 ] netr28u C:\Windows\system32\DRIVERS\netr28u.sys
17:08:18.0731 0x0460 netr28u - ok
17:08:18.0757 0x0460 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpActivator c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:08:18.0783 0x0460 NetTcpActivator - ok
17:08:18.0796 0x0460 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:08:18.0824 0x0460 NetTcpPortSharing - ok
17:08:18.0850 0x0460 [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059661D057094B1A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
17:08:18.0898 0x0460 nfrd960 - ok
17:08:18.0942 0x0460 [ 2997B15415F9BBE05B5A4C1C85E0C6A2, 5455536515FE740E18E090329FDCC40288724372AD18ACDB2CB4BB9D85CF681E ] NlaSvc C:\Windows\System32\nlasvc.dll
17:08:19.0041 0x0460 NlaSvc - ok
17:08:19.0091 0x0460 [ FD306FBCCE7ADB1077B709742E7148E9, B1D4704F27B09F8EBF2DF55EDDC003E6480643CBB1806B0487DF1535BE374CF1 ] NMSAccessU C:\Program Files\CDBurnerXP\NMSAccessU.exe
17:08:19.0131 0x0460 NMSAccessU - ok
17:08:19.0160 0x0460 [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD999CD08FC4A637 ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:08:19.0210 0x0460 Npfs - ok
17:08:19.0246 0x0460 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] nsi C:\Windows\system32\nsisvc.dll
17:08:19.0308 0x0460 nsi - ok
17:08:19.0342 0x0460 [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:08:19.0386 0x0460 nsiproxy - ok
17:08:19.0497 0x0460 [ 2C1121F2B87E9A6B12485DF53CD848C7, E580428F3BA7B201C6C7CFADF1F44A6ECA4F589EDB034DA14260136236195936 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:08:19.0601 0x0460 Ntfs - ok
17:08:19.0634 0x0460 [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
17:08:19.0731 0x0460 ntrigdigi - ok
17:08:19.0802 0x0460 nTuneService - ok
17:08:19.0855 0x0460 [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] Null C:\Windows\system32\drivers\Null.sys
17:08:19.0919 0x0460 Null - ok
17:08:19.0924 0x0460 nvlddmkm - ok
17:08:19.0951 0x0460 [ E69E946F80C1C31C53003BFBF50CBB7C, A0A4BC57822B2CBC75602A969E28DCEDE04B41CC084E1EF1532B1BCDAEAA43BB ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:08:19.0984 0x0460 nvraid - ok
17:08:20.0009 0x0460 [ 9E0BA19A28C498A6D323D065DB76DFFC, EA9E33ED2820ED39932FAE114A9CF1D87780ED6605D0260A6F22F920B48F34E9 ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:08:20.0037 0x0460 nvstor - ok
17:08:20.0064 0x0460 [ 07C186427EB8FCC3D8D7927187F260F7, 9AFDE1CB7B7232BD019804BFC691580B9CC2E51A5BC0E5584B23907D532600D8 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:08:20.0097 0x0460 nv_agp - ok
17:08:20.0107 0x0460 NwlnkFlt - ok
17:08:20.0114 0x0460 NwlnkFwd - ok
17:08:20.0184 0x0460 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
17:08:20.0256 0x0460 odserv - ok
17:08:20.0288 0x0460 [ 6F310E890D46E246E0E261A63D9B36B4, 7050B0C43CC0DF2DDAD3EB8D2FF9EEE425A627C68654CBB154D55A4B1A47AA08 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
17:08:20.0328 0x0460 ohci1394 - ok
17:08:20.0348 0x0460 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:08:20.0397 0x0460 ose - ok
17:08:20.0457 0x0460 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2pimsvc C:\Windows\system32\p2psvc.dll
17:08:20.0602 0x0460 p2pimsvc - ok
17:08:20.0629 0x0460 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2psvc C:\Windows\system32\p2psvc.dll
17:08:20.0692 0x0460 p2psvc - ok
17:08:20.0738 0x0460 [ 8A79FDF04A73428597E2CAF9D0D67850, DB438FDE5510AB2F350ED1AC4CF0E99D3CC665FE46533A438A8FDA4DAF950F93 ] Parport C:\Windows\system32\DRIVERS\parport.sys
17:08:20.0846 0x0460 Parport - ok
17:08:20.0889 0x0460 [ B9C2B89F08670E159F7181891E449CD9, BD48CE95CF4B75D1FD5FD379B2A8727BC000F2B6748B77636C6BDB0B37B0344A ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:08:20.0930 0x0460 partmgr - ok
17:08:20.0956 0x0460 [ 6C580025C81CAF3AE9E3617C22CAD00E, 64F9061196462085E5DCD3ACB97A0D8FC67CA9A96DDD6E2103AFFF1593AE236A ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
17:08:21.0006 0x0460 Parvdm - ok
17:08:21.0040 0x0460 [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] PcaSvc C:\Windows\System32\pcasvc.dll
17:08:21.0121 0x0460 PcaSvc - ok
17:08:21.0175 0x0460 [ 941DC1D19E7E8620F40BBC206981EFDB, 156142A8B587131D2D47074CBFD0A31F69B3C27A8C74C8C4F29DFE7B53BBA802 ] pci C:\Windows\system32\drivers\pci.sys
17:08:21.0204 0x0460 pci - ok
17:08:21.0225 0x0460 [ 1636D43F10416AEB483BC6001097B26C, 36E61A993693A46538FE0F726D67BB28886F61D53384AD600D1282296A27662E ] pciide C:\Windows\system32\drivers\pciide.sys
17:08:21.0266 0x0460 pciide - ok
17:08:21.0306 0x0460 [ E6F3FB1B86AA519E7698AD05E58B04E5, 2C4B45DDD3B980C9DAA6F039CAEFCD6E84A4D5BB43AFBA73C0C42B5556C1303C ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
17:08:21.0342 0x0460 pcmcia - ok
17:08:21.0405 0x0460 [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:08:21.0572 0x0460 PEAUTH - ok
17:08:21.0701 0x0460 [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] pla C:\Windows\system32\pla.dll
17:08:21.0893 0x0460 pla - ok
17:08:21.0933 0x0460 [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD3B715DACD4B61F ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:08:22.0000 0x0460 PlugPlay - ok
17:08:22.0049 0x0460 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
17:08:22.0126 0x0460 PNRPAutoReg - ok
17:08:22.0155 0x0460 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPsvc C:\Windows\system32\p2psvc.dll
17:08:22.0214 0x0460 PNRPsvc - ok
17:08:22.0251 0x0460 [ D0494460421A03CD5225CCA0059AA146, FC30E90522C63F2A66D89381705712D2CDF07B2E029DF40C2DEBB2353E763E90 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:08:22.0330 0x0460 PolicyAgent - ok
17:08:22.0381 0x0460 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:08:22.0436 0x0460 PptpMiniport - ok
17:08:22.0466 0x0460 [ 0E3CEF5D28B40CF273281D620C50700A, 8ADA99B4563AE2129B95136295EE92A94102B035EBBC83D4C8587ECE8B0DEE60 ] Processor C:\Windows\system32\drivers\processr.sys
17:08:22.0546 0x0460 Processor - ok
17:08:22.0584 0x0460 [ 0508FAA222D28835310B7BFCA7A77346, 3AE2340C6E365F137CC00D9560069501DD2724756EA9EBF7A6CDFFC91B43709C ] ProfSvc C:\Windows\system32\profsvc.dll
17:08:22.0657 0x0460 ProfSvc - ok
17:08:22.0678 0x0460 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] ProtectedStorage C:\Windows\system32\lsass.exe
17:08:22.0712 0x0460 ProtectedStorage - ok
17:08:22.0746 0x0460 [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB49C7F486B52C18 ] PSched C:\Windows\system32\DRIVERS\pacer.sys
17:08:22.0803 0x0460 PSched - ok
17:08:22.0869 0x0460 [ CCDAC889326317792480C0A67156A1EC, 3D3B561B6D4E12DE442C98993C929765F002AF5CFB5A00EFACE6ABE957F7E8AF ] ql2300 C:\Windows\system32\drivers\ql2300.sys
17:08:22.0942 0x0460 ql2300 - ok
17:08:22.0971 0x0460 [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
17:08:23.0005 0x0460 ql40xx - ok
17:08:23.0050 0x0460 [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] QWAVE C:\Windows\system32\qwave.dll
17:08:23.0136 0x0460 QWAVE - ok
17:08:23.0165 0x0460 [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:08:23.0202 0x0460 QWAVEdrv - ok
17:08:23.0223 0x0460 [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:08:23.0273 0x0460 RasAcd - ok
17:08:23.0309 0x0460 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] RasAuto C:\Windows\System32\rasauto.dll
17:08:23.0361 0x0460 RasAuto - ok
17:08:23.0388 0x0460 [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:08:23.0453 0x0460 Rasl2tp - ok
17:08:23.0491 0x0460 [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950598D89CCF25E14 ] RasMan C:\Windows\System32\rasmans.dll
17:08:23.0569 0x0460 RasMan - ok
17:08:23.0600 0x0460 [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB8772C7DE1A60B1 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:08:23.0654 0x0460 RasPppoe - ok
17:08:23.0692 0x0460 [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59AB384C52F0FD94 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:08:23.0780 0x0460 RasSstp - ok
17:08:23.0846 0x0460 [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533BDA9B649548269 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:08:23.0897 0x0460 rdbss - ok
17:08:23.0922 0x0460 [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:08:23.0970 0x0460 RDPCDD - ok
17:08:24.0016 0x0460 [ 943B18305EAE3935598A9B4A3D560B4C, E083FA4B9CA1A24031FF23A54942372D7FB3F02F62EE3580F01BEC3229DB2101 ] rdpdr C:\Windows\system32\DRIVERS\rdpdr.sys
17:08:24.0146 0x0460 rdpdr - ok
17:08:24.0218 0x0460 [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:08:24.0304 0x0460 RDPENCDD - ok
17:08:24.0340 0x0460 [ C127EBD5AFAB31524662C48DFCEB773A, 40A6B88FEAFF02D1B5C0CA32F290CF3D9B48B85D248C7532F30CC5C09BAA4D89 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:08:24.0421 0x0460 RDPWD - ok
17:08:24.0465 0x0460 [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] RemoteAccess C:\Windows\System32\mprdim.dll
17:08:24.0529 0x0460 RemoteAccess - ok
17:08:24.0564 0x0460 [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53F65AD988819E67 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:08:24.0622 0x0460 RemoteRegistry - ok
17:08:24.0652 0x0460 [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator C:\Windows\system32\locator.exe
17:08:24.0733 0x0460 RpcLocator - ok
17:08:24.0770 0x0460 [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] RpcSs C:\Windows\system32\rpcss.dll
17:08:24.0847 0x0460 RpcSs - ok
17:08:24.0917 0x0460 [ FD692C6FFADE58F7C4C3C3C9A0EC35BD, 0168F61220999B2D084EDEF87079C1970BC53A9AFE4241B08931F9408FF58013 ] RsFx0103 C:\Windows\system32\DRIVERS\RsFx0103.sys
17:08:24.0958 0x0460 RsFx0103 - ok
17:08:24.0984 0x0460 [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:08:25.0060 0x0460 rspndr - ok
17:08:25.0111 0x0460 [ 2D19A7469EA19993D0C12E627F4530BC, B59F0D4ACAA60ED95093FA561D4C5D87F26C9F6C646858772743038D97B2D6AB ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys
17:08:25.0151 0x0460 RTL8169 - ok
17:08:25.0169 0x0460 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] SamSs C:\Windows\system32\lsass.exe
17:08:25.0194 0x0460 SamSs - ok
17:08:25.0230 0x0460 [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:08:25.0259 0x0460 sbp2port - ok
17:08:25.0341 0x0460 [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:08:25.0392 0x0460 SCardSvr - ok
17:08:25.0447 0x0460 [ 1A58069DB21D05EB2AB58EE5753EBE8D, EED8111EB613F4C93D1638C74FDB0A6DC6694E1B108DCD0D794B5B5F9B8C6EE4 ] Schedule C:\Windows\system32\schedsvc.dll
17:08:25.0608 0x0460 Schedule - ok
17:08:25.0627 0x0460 [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] SCPolicySvc C:\Windows\System32\certprop.dll
17:08:25.0661 0x0460 SCPolicySvc - ok
17:08:25.0687 0x0460 [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:08:25.0749 0x0460 SDRSVC - ok
17:08:25.0820 0x0460 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:08:25.0902 0x0460 secdrv - ok
17:08:25.0938 0x0460 [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] seclogon C:\Windows\system32\seclogon.dll
17:08:25.0996 0x0460 seclogon - ok
17:08:26.0027 0x0460 [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS C:\Windows\system32\sens.dll
17:08:26.0082 0x0460 SENS - ok
17:08:26.0094 0x0460 [ CE9EC966638EF0B10B864DDEDF62A099, 2DEC5A8C947D87C12B342F15B8A552A0D49B979A2AC32D2C97FC7A3A76C34524 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
17:08:26.0169 0x0460 Serenum - ok
17:08:26.0183 0x0460 [ 6D663022DB3E7058907784AE14B69898, 54263888C64A7F010D3B5E399369B0F3FF3AF0A0DE8ADB502B98277533E4D45F ] Serial C:\Windows\system32\DRIVERS\serial.sys
17:08:26.0242 0x0460 Serial - ok
17:08:26.0280 0x0460 [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse C:\Windows\system32\drivers\sermouse.sys
17:08:26.0323 0x0460 sermouse - ok
17:08:26.0363 0x0460 [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv C:\Windows\system32\sessenv.dll
17:08:26.0424 0x0460 SessionEnv - ok
17:08:26.0454 0x0460 [ 103B79418DA647736EE95645F305F68A, E4D356FD8C62B616D3584FE84905995A1CEE452288E3A456CC358FF41FEAB1B7 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:08:26.0538 0x0460 sffdisk - ok
17:08:26.0555 0x0460 [ 8FD08A310645FE872EEEC6E08C6BF3EE, 702A148C9DE172E7B5E331F057487255E0729FD42F949BB0FF2D5A01775933CF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:08:26.0641 0x0460 sffp_mmc - ok
17:08:26.0657 0x0460 [ 9CFA05FCFCB7124E69CFC812B72F9614, E9CFCE695E4D1AF146781CFAA295878536E573F06AEA65438878DE29EC9959AD ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:08:26.0730 0x0460 sffp_sd - ok
17:08:26.0758 0x0460 [ 46ED8E91793B2E6F848015445A0AC188, 34A97304F23EA153422848F6F1CAF8ADF0944EA781E12F027B6DEAF751A04B5D ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
17:08:26.0885 0x0460 sfloppy - ok
17:08:26.0969 0x0460 [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:08:27.0083 0x0460 SharedAccess - ok
17:08:27.0161 0x0460 [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:08:27.0283 0x0460 ShellHWDetection - ok
17:08:27.0311 0x0460 [ D2A595D6EEBEEAF4334F8E50EFBC9931, 851B8205C657BF806C4D815DC75356E99B4246016B6E1C1F51BAF8AD1E6D5299 ] sisagp C:\Windows\system32\drivers\sisagp.sys
17:08:27.0517 0x0460 sisagp - ok
17:08:27.0575 0x0460 [ CEDD6F4E7D84E9F98B34B3FE988373AA, E102977E6FAC30B5ABEEC0B412A9F2A10C5C42F4D9C3AD69296BF9E1E88B6141 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
17:08:27.0666 0x0460 SiSRaid2 - ok
17:08:27.0707 0x0460 [ DF843C528C4F69D12CE41CE462E973A7, A2BEC74FCB8D8B6B9D8DD4746C013DFDF1DD662AEFE9B88CA495E5B83B4A76F9 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
17:08:27.0786 0x0460 SiSRaid4 - ok
17:08:28.0221 0x0460 [ 388AE59FE75F1B959DFA0900923C61BB, 0D47F8B4B4FBE5BF041DBE75B0A14D905E9310FFA6F0160746455B38A349EA54 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
17:08:28.0705 0x0460 Skype C2C Service - ok
17:08:28.0802 0x0460 [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
17:08:28.0952 0x0460 SkypeUpdate - ok
17:08:29.0140 0x0460 [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] slsvc C:\Windows\system32\SLsvc.exe
17:08:29.0752 0x0460 slsvc - ok
17:08:29.0805 0x0460 [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] SLUINotify C:\Windows\system32\SLUINotify.dll
17:08:29.0895 0x0460 SLUINotify - ok
17:08:29.0923 0x0460 [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:08:29.0977 0x0460 Smb - ok
17:08:30.0022 0x0460 [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:08:30.0058 0x0460 SNMPTRAP - ok
17:08:30.0081 0x0460 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr C:\Windows\system32\drivers\spldr.sys
17:08:30.0121 0x0460 spldr - ok
17:08:30.0159 0x0460 [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] Spooler C:\Windows\System32\spoolsv.exe
17:08:30.0244 0x0460 Spooler - ok
17:08:30.0306 0x0460 [ CDDDEC541BC3C96F91ECB48759673505, B030FFA02832317AC5626BF1BF8A4A95A5992C9A6E81BC1C002D5F4D667C27FB ] sptd C:\Windows\System32\Drivers\sptd.sys
17:08:30.0395 0x0460 sptd - ok
17:08:30.0442 0x0460 [ A687B5B326AFCFCF182C4931D1FF9771, B8447F9FFB87A2B891D9FE29BA5182ED1129B718FB27990CE79E6CDCA6023A59 ] SQLAgent$SQLEXPRESS C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
17:08:30.0491 0x0460 SQLAgent$SQLEXPRESS - ok
17:08:30.0558 0x0460 [ B54B48F6D92423440C264E91225C5FF1, 7484D90CE309555E1FB54F011A2980D8491354223111B7AA16D1D2473570DC19 ] SQLBrowser C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
17:08:30.0585 0x0460 SQLBrowser - ok
17:08:30.0651 0x0460 [ 637A0F23F9012358E92E6F99835494D1, 5399EF5C35D58B6902F470BF5F851C96CBD83CAD77658917C46867B91D7D9442 ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
17:08:30.0684 0x0460 SQLWriter - ok
17:08:30.0778 0x0460 [ 41987F9FC0E61ADF54F581E15029AD91, A46E718648C2DD3B43FC3798932C966315893A59442A0686CE46C605B9E4641E ] srv C:\Windows\system32\DRIVERS\srv.sys
17:08:30.0889 0x0460 srv - ok
17:08:30.0915 0x0460 [ FF33AFF99564B1AA534F58868CBE41EF, EFBB005DA19E5B320009CBF93E686D8BFA6A50A23B5A5001C7C84C7D85EF7D49 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:08:30.0994 0x0460 srv2 - ok
17:08:31.0023 0x0460 [ 7605C0E1D01A08F3ECD743F38B834A44, 83A77E31004BCF83443F30EFC290E04BB1A2F332E8DFD614AB6E25B527C92299 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:08:31.0076 0x0460 srvnet - ok
17:08:31.0101 0x0460 [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:08:31.0162 0x0460 SSDPSRV - ok
17:08:31.0186 0x0460 [ A36EE93698802CD899F98BFD553D8185, 224CFED921EA230FF8025D259E34968FD2C0FD34BB3A918FB4B9B8BA42BEA5D3 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys
17:08:31.0209 0x0460 ssmdrv - ok
17:08:31.0244 0x0460 [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:08:31.0292 0x0460 SstpSvc - ok
17:08:31.0324 0x0460 [ F92254B0BCFCD10CAAC7BCCC7CB7F467, A44B569F658BED53502C9155947759EE67FABEE306DA2A9ABE87141F99B251A3 ] StarOpen C:\Windows\system32\drivers\StarOpen.sys
17:08:31.0343 0x0460 StarOpen - detected UnsignedFile.Multi.Generic ( 1 )
17:08:33.0868 0x0460 Detect skipped due to KSN trusted
17:08:33.0868 0x0460 StarOpen - ok
17:08:33.0887 0x0460 Steam Client Service - ok
17:08:33.0935 0x0460 [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] stisvc C:\Windows\System32\wiaservc.dll
17:08:34.0026 0x0460 stisvc - ok
17:08:34.0054 0x0460 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum C:\Windows\system32\DRIVERS\swenum.sys
17:08:34.0082 0x0460 swenum - ok
17:08:34.0161 0x0460 [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] swprv C:\Windows\System32\swprv.dll
17:08:34.0221 0x0460 swprv - ok
17:08:34.0254 0x0460 [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
17:08:34.0283 0x0460 Symc8xx - ok
17:08:34.0304 0x0460 [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
17:08:34.0331 0x0460 Sym_hi - ok
17:08:34.0343 0x0460 [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
17:08:34.0371 0x0460 Sym_u3 - ok
17:08:34.0422 0x0460 [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] SysMain C:\Windows\system32\sysmain.dll
17:08:34.0499 0x0460 SysMain - ok
17:08:34.0565 0x0460 [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:08:34.0634 0x0460 TabletInputService - ok
17:08:34.0666 0x0460 [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] TapiSrv C:\Windows\System32\tapisrv.dll
17:08:34.0733 0x0460 TapiSrv - ok
17:08:34.0762 0x0460 [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS C:\Windows\System32\tbssvc.dll
17:08:34.0833 0x0460 TBS - ok
17:08:34.0914 0x0460 [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:08:34.0997 0x0460 Tcpip - ok
17:08:35.0041 0x0460 [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
17:08:35.0100 0x0460 Tcpip6 - ok
17:08:35.0128 0x0460 [ 608C345A255D82A6289C2D468EB41FD7, 74ECFDD45DC3EB3AFAEF9C42B546241AA1D6ACB2F6591A76DDB8BB1768545889 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:08:35.0255 0x0460 tcpipreg - ok
17:08:35.0281 0x0460 [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:08:35.0327 0x0460 TDPIPE - ok
17:08:35.0357 0x0460 [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:08:35.0407 0x0460 TDTCP - ok
17:08:35.0443 0x0460 [ 76B06EB8A01FC8624D699E7045303E54, EC30F244B48A35622ED3EE91792F6A1517C5A50770FAB3945E7A945EB7AF28A8 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:08:35.0494 0x0460 tdx - ok
17:08:35.0523 0x0460 [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
17:08:35.0556 0x0460 TermDD - ok
17:08:35.0638 0x0460 [ BB95DA09BEF6E7A131BFF3BA5032090D, BAF6997F8D944F85F0553957677866C7F22E72AA434BA45FFFB6CC41041070DC ] TermService C:\Windows\System32\termsrv.dll
17:08:35.0711 0x0460 TermService - ok
17:08:35.0752 0x0460 [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] Themes C:\Windows\system32\shsvcs.dll
17:08:35.0816 0x0460 Themes - ok
17:08:35.0829 0x0460 [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER C:\Windows\system32\mmcss.dll
17:08:35.0876 0x0460 THREADORDER - ok
17:08:35.0901 0x0460 [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks C:\Windows\System32\trkwks.dll
17:08:35.0966 0x0460 TrkWks - ok
17:08:36.0010 0x0460 [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:08:36.0079 0x0460 TrustedInstaller - ok
17:08:36.0133 0x0460 [ F4EAA7ECBCB25DE901C9B7F2CDCDA0B3, 1CBB5106A32362ABDEE73BF170E205FE64DDBF826C5F6DFFCCD229F220B9C85E ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:08:36.0177 0x0460 tssecsrv - ok
17:08:36.0204 0x0460 [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
17:08:36.0251 0x0460 tunmp - ok
17:08:36.0285 0x0460 [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:08:36.0314 0x0460 tunnel - ok
17:08:36.0334 0x0460 [ C3ADE15414120033A36C0F293D4A4121, 74A002C4B5EBD94E33EDEACB6639AF44ED72A8DDE3083C6DE71C1EE937EF1A9C ] uagp35 C:\Windows\system32\drivers\uagp35.sys
17:08:36.0364 0x0460 uagp35 - ok
17:08:36.0408 0x0460 [ D9728AF68C4C7693CB100B8441CBDEC6, A2CEE1EE4EF17106349F4E6967F504354801934179FBB3F10B9A4E3C30BC28CE ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:08:36.0478 0x0460 udfs - ok
17:08:36.0521 0x0460 [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:08:36.0593 0x0460 UI0Detect - ok
17:08:36.0615 0x0460 [ 75E6890EBFCE0841D3291B02E7A8BDB0, FDF9CDCCCCC0AA2A52623C5A67AC5F5224557EE4C8F6487CB13CAEB012575E2A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:08:36.0682 0x0460 uliagpkx - ok
17:08:36.0716 0x0460 [ 3CD4EA35A6221B85DCC25DAA46313F8D, 100A7E12B8EA395F70A00874328E87B930CE88FF442F3576FE88B105A22E04C5 ] uliahci C:\Windows\system32\drivers\uliahci.sys
17:08:36.0771 0x0460 uliahci - ok
17:08:36.0805 0x0460 [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata C:\Windows\system32\drivers\ulsata.sys
17:08:36.0837 0x0460 UlSata - ok
17:08:36.0875 0x0460 [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
17:08:36.0909 0x0460 ulsata2 - ok
17:08:36.0945 0x0460 [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus C:\Windows\system32\DRIVERS\umbus.sys
17:08:37.0012 0x0460 umbus - ok
17:08:37.0040 0x0460 [ 8A66360F38F81E960E2367B428CBD5D9, 349A39BD63E1FF3C3D0249A3BE834D62F3EFC5EA4416269421AF03F10356D3E5 ] UmRdpService C:\Windows\System32\umrdp.dll
17:08:37.0104 0x0460 UmRdpService - ok
17:08:37.0135 0x0460 [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost C:\Windows\System32\upnphost.dll
17:08:37.0200 0x0460 upnphost - ok
17:08:37.0236 0x0460 [ AAB0B5F72D2D726FBFDC895A2902DE1D, 7824AF6E2ADEA23F208526F3A62AD1BACDBBDB23E58EB5806890B0761529C50F ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:08:37.0285 0x0460 usbccgp - ok
17:08:37.0314 0x0460 [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:08:37.0413 0x0460 usbcir - ok
17:08:37.0441 0x0460 [ 153E8515CB86F8BB5D1A8B478EBF4BB2, 0F1F79BA7C32ACAAE69184A56E67D6E18E2E2F07E0BE23F266401431169DAE14 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
17:08:37.0472 0x0460 usbehci - ok
17:08:37.0494 0x0460 [ 2AE6BCEBD85D31317E433733DAF25888, 7B2C0E8703D0275A620160E479166EB7AA31B0F146507603535CEBF0BA4684A4 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:08:37.0551 0x0460 usbhub - ok
17:08:37.0573 0x0460 [ 38DBC7DD6CC5A72011F187425384388B, 456CFCD190035C3033709C8DC0F6DC4352BBF751D57C0C52DD04F8C301FEBACD ] usbohci C:\Windows\system32\drivers\usbohci.sys
17:08:37.0671 0x0460 usbohci - ok
17:08:37.0704 0x0460 [ B51E52ACF758BE00EF3A58EA452FE360, 79E629EC5DE8AB7F31B0EE9AE94C71E8F703FED5C09A816228726974F7790C85 ] usbprint C:\Windows\system32\drivers\usbprint.sys
17:08:37.0796 0x0460 usbprint - ok
17:08:37.0838 0x0460 [ BE3DA31C191BC222D9AD503C5224F2AD, 201FB0FDBF423342202686DC0D8A3221B7798AE04C04A649D3441C257C733CE8 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:08:37.0885 0x0460 USBSTOR - ok
17:08:37.0907 0x0460 [ 44056325428A8E4C755830426E29878F, 95F182047746D352B7DC2B22298D5E58738E1B787C110D1DE841C026FB8A67EB ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
17:08:37.0944 0x0460 usbuhci - ok
17:08:37.0972 0x0460 [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] UxSms C:\Windows\System32\uxsms.dll
17:08:38.0046 0x0460 UxSms - ok
17:08:38.0088 0x0460 [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] vds C:\Windows\System32\vds.exe
17:08:38.0178 0x0460 vds - ok
17:08:38.0210 0x0460 [ 87B06E1F30B749A114F74622D013F8D4, 06C06EF87F7DC668D23B50AA5F419F62474ACF90E325E167491BF290286D6594 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:08:38.0272 0x0460 vga - ok
17:08:38.0300 0x0460 [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave C:\Windows\System32\drivers\vga.sys
17:08:38.0359 0x0460 VgaSave - ok
17:08:38.0385 0x0460 [ 045D9961E591CF0674A920B6BA3BA5CB, EBF498A0424CEA0F7ECBAAE144A8669CE6B5DD67115DE22CEC5A46AED26CD90B ] viaagp C:\Windows\system32\drivers\viaagp.sys
17:08:38.0415 0x0460 viaagp - ok
17:08:38.0432 0x0460 [ 56A4DE5F02F2E88182B0981119B4DD98, 36FC94BCFD41907838DBCB02E6EA24065FDED4224239CD19E90D14433BE9108B ] ViaC7 C:\Windows\system32\drivers\viac7.sys
17:08:38.0533 0x0460 ViaC7 - ok
17:08:38.0551 0x0460 [ FD2E3175FCADA350C7AB4521DCA187EC, 1C914B184478611A27E0141F90EBC34FC63DFB2A83441DD36DFA43D945FB1C52 ] viaide C:\Windows\system32\drivers\viaide.sys
17:08:38.0578 0x0460 viaide - ok
17:08:38.0652 0x0460 [ 7171B884DA8BFB1CE5C8BAE46D993CB1, 41FDD5973D7F02F0C568041E959C13EF2EA42334683C718B7443FFC5810322E6 ] VMAuthdService E:\Progs\VMware\vmware-authd.exe
17:08:38.0694 0x0460 VMAuthdService - detected UnsignedFile.Multi.Generic ( 1 )
17:08:41.0235 0x0460 Detect skipped due to KSN trusted
17:08:41.0235 0x0460 VMAuthdService - ok
17:08:41.0282 0x0460 [ 753BD0240B6586ABA0D67A70B3EF44A0, 8D891A6632F4241A1C21BF3C9F29D2599F371E2C953A67594417700641153CAB ] vmci C:\Windows\system32\DRIVERS\vmci.sys
17:08:41.0316 0x0460 vmci - ok
17:08:41.0354 0x0460 [ DB38B7DDC2E5E0DB3984AAEE0BED93AF, 11B2C9CB02D63E9D65C304F86745A87DCA3B3E945D3074597E9E153E71B7C05B ] vmkbd C:\Windows\system32\drivers\VMkbd.sys
17:08:41.0379 0x0460 vmkbd - ok
17:08:41.0401 0x0460 [ A267D2321ED281359D301BFEB8202652, 63D76585733C79657106A057B97FD371AEDF0564BE5AD4BA50EB8DE096F4F73B ] VMnetAdapter C:\Windows\system32\DRIVERS\vmnetadapter.sys
17:08:41.0435 0x0460 VMnetAdapter - ok
17:08:41.0464 0x0460 [ 7A4BB278D7860551A716D46349492692, 8974205C0E4453EAF4CCA167EA052702CC1A3446CA9C7172510BF5AAE9D79207 ] VMnetBridge C:\Windows\system32\DRIVERS\vmnetbridge.sys
17:08:41.0490 0x0460 VMnetBridge - ok
17:08:41.0531 0x0460 [ 03A7980C30E9F00F1EAC752612DC80CE, 5EAC5FCEFE6663B53B6BE3DB5D048020D254A398BE4F1A355F2E9AB26E3A6A9B ] VMnetDHCP C:\Windows\system32\vmnetdhcp.exe
17:08:41.0581 0x0460 VMnetDHCP - ok
17:08:41.0603 0x0460 [ F804B83C419F4D60458C19F9FA7C4253, CF77E6D136B16ADA22234A69B8750F1184655B360B3E370F88544473AD3B0B1E ] VMnetuserif C:\Windows\system32\drivers\vmnetuserif.sys
17:08:41.0625 0x0460 VMnetuserif - ok
17:08:41.0657 0x0460 [ F88896A06172D58978D108F5DFE728D4, 2252E1620F6D8DEFB3DD4DFA7F4052A37C37E2651466BF13E6D64DAC612B151B ] VMparport C:\Windows\system32\Drivers\VMparport.sys
17:08:41.0681 0x0460 VMparport - ok
17:08:41.0738 0x0460 [ AFB10AD9AA91D2F70C9F0E6BDA0D119B, 3321A9600CB284E25EAC909A44D3039C7330D398A48AAE2CEDDCFD5C5E438456 ] vmusb C:\Windows\system32\Drivers\vmusb.sys
17:08:41.0764 0x0460 vmusb - ok
17:08:41.0820 0x0460 [ A77A76DD2773616651121B7EFA5948C1, 533A975CE23165EEDBC2A4B080A9FBEAE0648DC86A6E698A485C5ACF42D74824 ] VMUSBArbService C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
17:08:41.0884 0x0460 VMUSBArbService - ok
17:08:41.0927 0x0460 [ F1D29D9C5DB9C144769F5CD7212BE555, 7FB533F79DF5AF8650D15E19C2B84E75BA2384AF82770DFDAA062A66DC277FD2 ] VMware NAT Service C:\Windows\system32\vmnat.exe
17:08:41.0981 0x0460 VMware NAT Service - ok
17:08:42.0002 0x0460 [ 168CEE789DB3B6C2432059AAC8C8D933, DAEB18382D9AB5C371C067846F04FC4619723942B710A632D242A4B53E2A0DD4 ] vmx86 C:\Windows\system32\Drivers\vmx86.sys
17:08:42.0033 0x0460 vmx86 - ok
17:08:42.0066 0x0460 [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:08:42.0100 0x0460 volmgr - ok
17:08:42.0168 0x0460 [ 23E41B834759917BFD6B9A0D625D0C28, 9F60992805262F936E8DA33610FDF60A191ECAFC08BBF657C8F9A21833C8EFC5 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:08:42.0243 0x0460 volmgrx - ok
17:08:42.0283 0x0460 [ 786DB5771F05EF300390399F626BF30A, 4A07BE5AEDBA4C15C2F9A91250F0488A0B0305C67BB7A037508D5CBF86D4E1B7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:08:42.0325 0x0460 volsnap - ok
17:08:42.0356 0x0460 [ D984439746D42B30FC65A4C3546C6829, B134A9890638C2B4964A9C30812A2828A3E0CC641690CBF22D9FCE65EE3C2385 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
17:08:42.0386 0x0460 vsmraid - ok
17:08:42.0438 0x0460 [ C78C6BC9C3A65256B7A96B478C16278F, 11E98B1ACD998D83C69F342839F58E2CA1158FDE99EA0451C793A7FD98054E6F ] vsock C:\Windows\system32\drivers\vsock.sys
17:08:42.0463 0x0460 vsock - ok
17:08:42.0527 0x0460 [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] VSS C:\Windows\system32\vssvc.exe
17:08:42.0675 0x0460 VSS - ok
17:08:42.0725 0x0460 [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] W32Time C:\Windows\system32\w32time.dll
17:08:42.0799 0x0460 W32Time - ok
17:08:42.0838 0x0460 [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
17:08:42.0907 0x0460 WacomPen - ok
17:08:42.0936 0x0460 [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
17:08:43.0016 0x0460 Wanarp - ok
17:08:43.0029 0x0460 [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:08:43.0063 0x0460 Wanarpv6 - ok
17:08:43.0165 0x0460 [ 20B23332885DFB93FE0185362EE811E9, 67B8026E8285FEB6E3939DEEE4E0F2FD0FA0917E0ED0F1FAE56B7841AF74C8F8 ] wbengine C:\Windows\system32\wbengine.exe
17:08:43.0292 0x0460 wbengine - ok
17:08:43.0322 0x0460 [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:08:43.0405 0x0460 wcncsvc - ok
17:08:43.0434 0x0460 [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:08:43.0489 0x0460 WcsPlugInService - ok
17:08:43.0535 0x0460 [ AFC5AD65B991C1E205CF25CFDBF7A6F4, 544173AE85A11B99B9221DB30B6803DAEB3EB7FCA57FE62F0D13EF70B9C69A89 ] Wd C:\Windows\system32\drivers\wd.sys
17:08:43.0560 0x0460 Wd - ok
17:08:43.0613 0x0460 [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:08:43.0691 0x0460 Wdf01000 - ok
17:08:43.0742 0x0460 [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:08:43.0816 0x0460 WdiServiceHost - ok
17:08:43.0823 0x0460 [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:08:43.0871 0x0460 WdiSystemHost - ok
17:08:43.0912 0x0460 [ 04C37D8107320312FBAE09926103D5E2, 1C6726A9871CBACB240AFA93E57781515F01758D43693DDA395EA683D97234F0 ] WebClient C:\Windows\System32\webclnt.dll
17:08:43.0986 0x0460 WebClient - ok
17:08:44.0009 0x0460 [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:08:44.0090 0x0460 Wecsvc - ok
17:08:44.0118 0x0460 [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:08:44.0189 0x0460 wercplsupport - ok
17:08:44.0217 0x0460 [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] WerSvc C:\Windows\System32\WerSvc.dll
17:08:44.0279 0x0460 WerSvc - ok
17:08:44.0335 0x0460 [ 4575AA12561C5648483403541D0D7F2B, 2DBB7904285F16E879E1662C4CC4DFAA420D5EB24DDFC4BAC0B7616F5F44649A ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
17:08:44.0379 0x0460 WinDefend - ok
17:08:44.0394 0x0460 WinHttpAutoProxySvc - ok
17:08:44.0463 0x0460 [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:08:44.0515 0x0460 Winmgmt - ok
17:08:44.0628 0x0460 [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] WinRM C:\Windows\system32\WsmSvc.dll
17:08:44.0788 0x0460 WinRM - ok
17:08:44.0838 0x0460 [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] Wlansvc C:\Windows\System32\wlansvc.dll
17:08:44.0953 0x0460 Wlansvc - ok
17:08:44.0984 0x0460 [ 701A9F884A294327E9141D73746EE279, C8A46B8C32F9EAC7848D385473F6B5C4B6DA719A941A75AD5F081757FC07A09D ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
17:08:45.0068 0x0460 WmiAcpi - ok
17:08:45.0101 0x0460 [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:08:45.0174 0x0460 wmiApSrv - ok
17:08:45.0364 0x0460 [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
17:08:45.0473 0x0460 WMPNetworkSvc - ok
17:08:45.0496 0x0460 [ CFC5A04558F5070CEE3E3A7809F3FF52, 45899E04000E21C4E009BE8B6149F199A5B2E0512C657A525770BF9DBFED7D2B ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:08:45.0588 0x0460 WPCSvc - ok
17:08:45.0630 0x0460 [ 801FBDB89D472B3C467EB112A0FC9246, C24053FA12732089384D3AF06C676FF201D282FC5AD56A42B6EE8BAED4379CB2 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:08:45.0766 0x0460 WPDBusEnum - ok
17:08:45.0870 0x0460 [ DE9D36F91A4DF3D911626643DEBF11EA, 8029ECE76E29276BFB6ED3387AC560A9A779AAF683A4416E96334FAF7BDBADA0 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
17:08:45.0921 0x0460 WpdUsb - ok
17:08:46.0065 0x0460 [ FFB823D0043D93F3CF3BFFBA6CA355B1, 14E87395638CE16C2FAEA771BCFB39EC2446B3478B057EB2955656B12ED5783E ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
17:08:46.0120 0x0460 WPFFontCache_v0400 - ok
17:08:46.0165 0x0460 [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:08:46.0220 0x0460 ws2ifsl - ok
17:08:46.0244 0x0460 [ 1CA6C40261DDC0425987980D0CD2AAAB, 727C1E3A170316641F832A8D197EDA6D6EE1206E4ED7B741E5A4017B7F2F7B88 ] wscsvc C:\Windows\system32\wscsvc.dll
17:08:46.0314 0x0460 wscsvc - ok
17:08:46.0338 0x0460 [ 4422AC5ED8D4C2F0DB63E71D4C069DD7, B010DCC7B802C26A701A7DE1CA1B21D6B43D99FE88524D015C9228376B0BDA6E ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
17:08:46.0378 0x0460 WSDPrintDevice - ok
17:08:46.0386 0x0460 WSearch - ok
17:08:46.0637 0x0460 [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv C:\Windows\system32\wuaueng.dll
17:08:46.0936 0x0460 wuauserv - ok
17:08:47.0053 0x0460 [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:08:47.0139 0x0460 WudfPf - ok
17:08:47.0168 0x0460 [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:08:47.0257 0x0460 WUDFRd - ok
17:08:47.0279 0x0460 [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:08:47.0356 0x0460 wudfsvc - ok
17:08:47.0538 0x0460 [ 9EEA6D029FEF5F3016D089B1A603837D, 0DB78D89A64B0C6C98E4E4454692EB7A51B0B3B1FA54CECB74D5B55AE7BEF4C9 ] xnacc C:\Windows\system32\DRIVERS\xnacc.sys
17:08:47.0644 0x0460 xnacc - ok
17:08:47.0692 0x0460 ================ Scan global ===============================
17:08:47.0744 0x0460 [ F31EEBC1A1C81FD04005489CC3DCDFE7, 098C35ACFCCE1686C5A6DB6057001CBF8B06A863A0802CB2E9D793F4795F8CEE ] C:\Windows\system32\basesrv.dll
17:08:47.0791 0x0460 [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
17:08:47.0828 0x0460 [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
17:08:47.0921 0x0460 [ D4E6D91C1349B7BFB3599A6ADA56851B, 8748091BF27F05D28D45688E04DD9229A4B2E159209A64F457703F66A8CECE4D ] C:\Windows\system32\services.exe
17:08:47.0934 0x0460 [ Global ] - ok
17:08:47.0934 0x0460 ================ Scan MBR ==================================
17:08:47.0945 0x0460 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
17:08:49.0237 0x0460 \Device\Harddisk0\DR0 - ok
17:08:49.0248 0x0460 ================ Scan VBR ==================================
17:08:49.0266 0x0460 [ 5DF0987EFBD5010923356661CF128B72 ] \Device\Harddisk0\DR0\Partition1
17:08:49.0326 0x0460 \Device\Harddisk0\DR0\Partition1 - detected Rootkit.Boot.Cidox.b ( 0 )
17:08:49.0326 0x0460 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - infected
17:09:01.0747 0x0460 [ 1248824FD45314F26240684228F77D75 ] \Device\Harddisk0\DR0\Partition2
17:09:01.0795 0x0460 \Device\Harddisk0\DR0\Partition2 - ok
17:09:01.0882 0x0460 [ 72504E5F40EF4603C237026427522DEE ] \Device\Harddisk0\DR0\Partition3
17:09:02.0001 0x0460 \Device\Harddisk0\DR0\Partition3 - ok
17:09:02.0002 0x0460 ================ Scan generic autorun ======================
17:09:03.0184 0x0460 [ FBAFC1D9EDAF771707C6250A146F4911, 944EBC6A53DDCB1B27AE499B37F990823732450D7CD3AB84A23C31B46D05F2F3 ] C:\Program Files\Logitech Gaming Software\LCore.exe
17:09:04.0698 0x0460 Launch LCore - ok
17:09:04.0763 0x0460 [ C456658AF90F42BE3CDF1048F9CDB5CA, CA59B715F38A7FFC002860937EC819EC916119775F3FA7D644B88EE225C675EA ] C:\Windows\system32\WpcUmi.exe
17:09:04.0960 0x0460 WPCUMI - ok
17:09:05.0379 0x0460 [ 2AA5DD75EA1281432C40D22B5FD87D3A, 9868D4176C8F08EB72B0B992D3E2A480C587930CA025B4FDF3212F99B79C3017 ] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
17:09:05.0451 0x0460 avgnt - ok
17:09:05.0900 0x0460 [ CD501835CE93AD1031E87D1963D01F59, A4252905EC0BB1B64B89F374C4F11F2238A16891102427AABA59333E11364537 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
17:09:05.0954 0x0460 StartCCC - ok
17:09:05.0993 0x0460 [ 51DAD159BD771681B67593B9B8289A45, 40A7277819C2D7BCA10D22DC2F443F986DF04E777D3A4A0C89CC0991B020607C ] C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
17:09:06.0031 0x0460 Avira Systray - ok
17:09:06.0184 0x0460 [ 308F2EE28005510DE616409148CF077B, A2126CB185B0053086BDD6F0A16A503F6CA629AC677E4B7AE6D43C770061D087 ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
17:09:06.0280 0x0460 SunJavaUpdateSched - ok
17:09:06.0929 0x0460 [ 46661D154E19D0AFB3B9155CA040776C, C290D791080189841DE65A0C19ED75DFF4A4DDF25B921C96BB69253C6757F3A0 ] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
17:09:07.0686 0x0460 Messenger (Yahoo!) - ok
17:09:07.0758 0x0460 [ A46635F817FC97242444458AE12CDCEF, 7A49820953AE3FC7493FE0D0E32B0E57AAC701C20EB01C753A2813E96A327D04 ] C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe
17:09:07.0799 0x0460 HydraVisionDesktopManager - detected UnsignedFile.Multi.Generic ( 1 )
17:09:10.0315 0x0460 Detect skipped due to KSN trusted
17:09:10.0315 0x0460 HydraVisionDesktopManager - ok
17:09:10.0348 0x0460 Skype - ok
17:09:10.0663 0x0460 [ CC78200C3ECFFA178E78308A0E160D80, 4E02D6827A99401781032A397663770FA7BE56397AA20F6E2FACE0A0004109C5 ] C:\Users\Basti\AppData\Local\Akamai\netsession_win.exe
17:09:11.0585 0x0460 Akamai NetSession Interface - ok
17:09:11.0884 0x0460 [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\sidebar.exe
17:09:12.0473 0x0460 Sidebar - ok
17:09:12.0481 0x0460 WindowsWelcomeCenter - ok
17:09:12.0481 0x0460 Waiting for KSN requests completion. In queue: 9
17:09:13.0481 0x0460 Waiting for KSN requests completion. In queue: 2
17:09:14.0481 0x0460 Waiting for KSN requests completion. In queue: 2
17:09:15.0626 0x0460 AV detected via SS2: Avira Desktop, C:\Program Files\Avira\AntiVir Desktop\wsctool.exe ( 14.0.6.548 ), 0x41000 ( enabled : updated )
17:09:15.0691 0x0460 Win FW state via NFP2: enabled
17:09:18.0170 0x0460 ============================================================
17:09:18.0170 0x0460 Scan finished
17:09:18.0170 0x0460 ============================================================
17:09:18.0193 0x11f0 Detected object count: 1
17:09:18.0193 0x11f0 Actual detected object count: 1
17:09:54.0027 0x11f0 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - skipped by user
17:09:54.0027 0x11f0 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - User select action: Skip
|
|
27.08.2014, 14:13
| #15 |
| /// the machine /// TB-Ausbilder | Vista: iexplorer.exe startet eigenständig und belastet den PC Rootkit, also schon en bissl mehr Spass Starte TDSSkiller.exe mit Doppelklick. Vista und Win7 User mit Rechtsklick "als Administrator starten"
Als Beispiel: C:\TDSSKiller.<version_date_time>log.txt Poste den Inhalt bitte hier in deinen Thread.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Vista: iexplorer.exe startet eigenständig und belastet den PC |
| adobe, akamai, antivir, avg, avira, browser, cdburnerxp, computer, defender, fehlermeldung, hdd0(c:, helper, homepage, iexplorer.exe, mozilla, programm, prozesse, registry, required, rundll, scan, services.exe, software, starten, svchost.exe, system, usb, vista |
Linear-Darstellung
