Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Windows 7: Spiele starten nicht mehr und PC starten funktioniert manchmal nicht

Windows 7: Spiele starten nicht mehr und PC starten funktioniert manchmal nicht


Plagegeister aller Art und deren Bekämpfung: Windows 7: Spiele starten nicht mehr und PC starten funktioniert manchmal nicht

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Seite 1 von 2 1 2
Alt 02.05.2015, 17:21   #1
Necro0
 
Windows 7: Spiele starten nicht mehr und PC starten funktioniert manchmal nicht - Standard

Windows 7: Spiele starten nicht mehr und PC starten funktioniert manchmal nicht


Hallo Trojaner-Board Team,

seit einiger Zeit ist mein PC sehr langsam geworden.
Zudem starten Spiele nicht mehr ordnungsgemäß, dass bedeutet sie werden nach einem Doppelklick zwar gestartet und sie arbeiten dann auch kurzfristig brechen dann aber ab. Fehlermeldungen werden hierbei keine ausgegeben.
Außerdem erscheint manchmal ( 2 mal ist mir das passiert ) beim Starten des PC ein Bild in Türkis und egal wie lange ich warte dann passiert gar nichts mehr.

Ich habe mich dazu entschlossen, da ich das sowieso mal tun sollte, mein System komplett neu zu installieren. Allerdings habe ich in dem dazu vorhanden Thema gelesen:
Anleitung: Neuaufsetzen des Systems + Absicherung
"Dadurch werden alle Daten inkl. fast jede Schadsoftware aus Sicht des Dateisystems entfernt und man erhält üblicherweise ein sauberes, übersichtliches System."

Ich würde mir gerne nach der Neuinstallation sicher sein, dass sich kein Schadprogramm mehr auf meinem Rechner befindet und zudem habe ich noch Daten auf einer externen Festplatte und USB-Sticks bei denen ich mir auch gerne sicher wäre, dass sich kein Schadprogramm darauf befindet.

Da ich mir nicht sicher war, ob ich evtl. einen Virus auf dem Rechner habe, habe ich mich auch nicht um die Hardware-Treiber gekümmert. Ich dachte evtl. hole ich mir sonst auf meinem dann neuen System mit diesen Treibern direkt wieder einen Virus.
Hierbei habe ich mal irgendwo, ich glaube es war hier in diesem Forum, von einem Programm gelesen mit dem man genau sieht welche Treiber man ich runterladen muss. Es wäre sehr hilfreich, wenn Ihr mir den Namen von diesem Programm nennen könntet.

Anbei noch die Logs von Defogger, FRST (+Addition) und GMER:
Defogger:
Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 17:13 on 02/05/2015 (Admin)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
FRST:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-04-2015 01
Ran by Robert (ATTENTION: The logged in user is not administrator) on ROBERT-PC on 02-05-2015 17:14:50
Running from C:\Users\Robert\Desktop
Loaded Profiles: Robert & Admin (Available profiles: Robert & Admin)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

Failed to access process -> smss.exe
Failed to access process -> csrss.exe
Failed to access process -> wininit.exe
Failed to access process -> csrss.exe
Failed to access process -> services.exe
Failed to access process -> lsass.exe
Failed to access process -> lsm.exe
Failed to access process -> winlogon.exe
Failed to access process -> svchost.exe
Failed to access process -> nvvsvc.exe
Failed to access process -> nvSCPAPISvr.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> spoolsv.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> NvXDSync.exe
Failed to access process -> nvvsvc.exe
Failed to access process -> AEADISRV.EXE
Failed to access process -> AsSysCtrlService.exe
Failed to access process -> avp.exe
Failed to access process -> cjpcsc.exe
Failed to access process -> FABS.exe
Failed to access process -> mbamscheduler.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
Failed to access process -> mbamservice.exe
Failed to access process -> NvNetworkService.exe
(Gainward Co.) C:\Program Files (x86)\EXPERTool\TBPANEL.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Analog Devices, Inc.) C:\Program Files (x86)\Analog Devices\SoundMAX\SoundMAX.exe
Failed to access process -> nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
Failed to access process -> PnkBstrA.exe
Failed to access process -> svchost.exe
Failed to access process -> vmnat.exe
Failed to access process -> svchost.exe
Failed to access process -> vmnetdhcp.exe
(Logitech, Inc.) C:\Program Files (x86)\Logitech\SetPoint\SetPoint.exe
Failed to access process -> vmware-usbarbitrator64.exe
() C:\Program Files (x86)\ASUS\TurboV\TurboV.exe
Failed to access process -> vmware-authd.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
Failed to access process -> SearchIndexer.exe
Failed to access process -> nvstreamsvc.exe
Failed to access process -> nvstreamsvc.exe
Failed to access process -> conhost.exe
Failed to access process -> conhost.exe
Failed to access process -> svchost.exe
Failed to access process -> wmpnetwk.exe
() C:\Program Files (x86)\Logitech\SetPoint\x86\SetPoint32.exe
Failed to access process -> svchost.exe
(Analog Devices, Inc.) C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
Failed to access process -> svchost.exe
Failed to access process -> SearchProtocolHost.exe
Failed to access process -> WmiPrvSE.exe
Failed to access process -> sppsvc.exe
Failed to access process -> SearchFilterHost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM-x32\...\Run: [TurboV] => C:\Program Files (x86)\ASUS\TurboV\TurboV.exe [4040192 2008-10-21] ()
HKLM-x32\...\Run: [SoundMAXPnP] => C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [1310720 2008-04-16] (Analog Devices, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [224128 2014-03-18] (Oracle Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logitech\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [163328 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\Run: [GAINWARD] => C:\Program Files (x86)\EXPERTool\TBPanel.exe [2181672 2009-05-12] (Gainward Co.)
HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\Run: [SoundMax] => C:\Program Files (x86)\Analog Devices\SoundMAX\SoundMAX.exe [3858432 2008-08-20] (Analog Devices, Inc.)
HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\Run: [Google Update] => C:\Users\Robert\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-09-16] (Google Inc.)
HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
AppInit_DLLs:  =>  File Not Found
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech SetPoint.lnk [2009-08-13]
ShortcutTarget: Logitech SetPoint.lnk -> C:\Program Files (x86)\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
Startup: C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2014-01-30] ()
GroupPolicyUsers\S-1-5-21-908869703-3165420859-1136871304-1000\User: Group Policy restriction detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-908869703-3165420859-1136871304-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-908869703-3165420859-1136871304-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-908869703-3165420859-1136871304-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKU\S-1-5-21-908869703-3165420859-1136871304-1000 - (No Name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - No File
URLSearchHook: [S-1-5-21-908869703-3165420859-1136871304-1012] ATTENTION ==> Default URLSearchHook is missing.
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKLM-x32 -> DefaultScope value is missing.
SearchScopes: HKU\S-1-5-21-908869703-3165420859-1136871304-1000 -> DefaultScope {7DDC945D-68E7-480A-B922-594CD4878A41} URL = hxxp://www.google.de/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-908869703-3165420859-1136871304-1000 -> {7DDC945D-68E7-480A-B922-594CD4878A41} URL = hxxp://www.google.de/search?q={searchTerms}
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-01-30] (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-12-17] (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll [2014-01-30] (Kaspersky Lab ZAO)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll [2014-02-18] (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-01-30] (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-12-17] (Kaspersky Lab ZAO)
BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll [2014-01-30] (Kaspersky Lab ZAO)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll [2014-02-18] (Kaspersky Lab ZAO)
DPF: HKLM {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: HKLM-x32 {D0C0F75C-683A-4390-A791-1ACFD5599AB8} hxxp://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-10-10] (Skype Technologies S.A.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\z51uatii.default
FF NetworkProxy: "backup.ftp", "187.18.158.9"
FF NetworkProxy: "backup.ftp_port", 8080
FF NetworkProxy: "backup.socks", "187.18.158.9"
FF NetworkProxy: "backup.socks_port", 8080
FF NetworkProxy: "backup.ssl", "187.18.158.9"
FF NetworkProxy: "backup.ssl_port", 8080
FF NetworkProxy: "ftp", "94.201.134.251"
FF NetworkProxy: "ftp_port", 80
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "94.201.134.251"
FF NetworkProxy: "socks_port", 80
FF NetworkProxy: "ssl", "94.201.134.251"
FF NetworkProxy: "ssl_port", 80
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll [2014-12-09] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll [2014-12-09] ()
FF Plugin-x32: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll No File
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-02-18] (DivX, LLC)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.0 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.104.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.122.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.96.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.96.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.1.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.2\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-07-02] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-07-02] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2011-06-27] (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-908869703-3165420859-1136871304-1000: @octoshape.com/Octoshape Streaming Services,version=1.0 -> C:\Users\Robert\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1002170-0-npoctoshape.dll No File
FF Plugin HKU\S-1-5-21-908869703-3165420859-1136871304-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Robert\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin HKU\S-1-5-21-908869703-3165420859-1136871304-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Robert\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin HKU\S-1-5-21-908869703-3165420859-1136871304-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2011-06-27] (Pando Networks)
FF Plugin HKU\S-1-5-21-908869703-3165420859-1136871304-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npDivxPlayerPlugin.dll [2009-09-25] (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npijjiFFPlugin1.dll [2010-07-28] (NHN USA Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2014-10-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2014-10-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2014-10-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2014-10-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2014-10-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Robert\AppData\Roaming\mozilla\plugins\npoctoshape.dll [2010-02-09] (Octoshape ApS)
FF Extension: WOT - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\z51uatii.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-01-29]
FF Extension: NoScript - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\z51uatii.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-01-29]
FF Extension: Adblock Plus - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\z51uatii.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-01-29]
FF Extension: Anti-Banner - C:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak [2014-05-03]
FF Extension: Anti-Banner - C:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak2 [2014-05-03]
FF Extension: Modul zur Link-Untersuchung - C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak [2014-05-03]
FF Extension: Modul zur Link-Untersuchung - C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak2 [2014-05-03]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-05-03]
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-08-05]
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2014-01-30]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-01-30]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2014-01-30]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2014-01-30]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2014-01-30]

Chrome: 
=======
CHR HomePage: Default -> 
CHR DefaultSearchKeyword: Default -> google.de__
CHR DefaultSearchURL: Default -> hxxp://www.google.de/search?q={searchTerms}
CHR DefaultSuggestURL: Default -> 
CHR Profile: C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-04-26]
CHR Extension: (Google Drive) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-09-16]
CHR Extension: (Brushed) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfjgbcjfpbbfepcccpaffkjofcmglifg [2013-03-27]
CHR Extension: (WOT) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2014-01-29]
CHR Extension: (Kaspersky Protection) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\blbkdnmdcafmfhinpmnlhhddbepgkeaa [2014-03-28]
CHR Extension: (YouTube) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-09-16]
CHR Extension: (Google Search) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-09-16]
CHR Extension: (Kaspersky URL Advisor) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2012-09-16]
CHR Extension: (BetaFish Adblocker) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2012-09-16]
CHR Extension: (Safe Money) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh [2013-01-21]
CHR Extension: (Dangerous Websites Blocker) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail [2014-01-19]
CHR Extension: (Virtual Keyboard) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2012-09-16]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-14]
CHR Extension: (FVD Video Downloader) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp [2012-11-04]
CHR Extension: (Google Wallet) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (NotScripts) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\odjhifogjcknibkahlpidmdajjpkkcfn [2012-09-29]
CHR Extension: (Bitdefender QuickScan) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie [2012-11-01]
CHR Extension: (Gmail) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-09-16]
CHR Extension: (Anti-Banner) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2012-09-16]
CHR HKLM\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa
CHR HKLM-x32\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx [2013-10-17]
StartMenuInternet: Google Chrome.DMG6G4FT2SXSVYP5L36MOYKJ2E - C:\Users\Robert\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AEADIFilters; C:\Windows\system32\AEADISRV.EXE [111616 2008-07-15] (Andrea Electronics Corporation)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.00\AsSysCtrlService.exe [86016 2008-08-15] () [File not signed]
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-17] (Kaspersky Lab ZAO)
R2 cjpcsc; C:\Windows\SysWOW64\cjpcsc.exe [514128 2012-03-19] (REINER SCT)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1155072 2009-02-03] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [3276800 2008-08-07] (MAGIX®) [File not signed]
S3 LBTServ; C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe [160784 2009-07-20] (Logitech, Inc.)
R2 lmhosts; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 lmhosts; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 NlaSvc; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 nsi; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-02-22] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2009-10-20] (CACE Technologies, Inc.)
S3 UPnPService; C:\Program Files (x86)\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [548864 2008-10-21] (Magix AG) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 Steam Client Service; "C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Cardex; C:\Windows\SysWOW64\drivers\TBPANELX64.SYS [15648 2007-03-16] (Windows (R) Server 2003 DDK provider)
S3 cjusb; C:\Windows\System32\DRIVERS\cjusb.sys [34672 2011-03-29] (REINER SCT)
S3 ESLvnic1; C:\Windows\System32\DRIVERS\ESLvnic.sys [25528 2009-12-03] (Turtle Entertainment GmbH)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-01-30] (Kaspersky Lab ZAO)
S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [115296 2014-03-28] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625248 2014-03-28] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-10-17] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2014-02-18] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178272 2014-01-30] (Kaspersky Lab ZAO)
S3 KOBCCID; C:\Windows\System32\drivers\KOBCCID.sys [116864 2014-02-27] (KOBIL Systems GmbH) [File not signed]
S3 LADF_DHP2; C:\Windows\System32\DRIVERS\ladfDHP2amd64.sys [61712 2009-05-28] (Logitech)
S3 LADF_SBVM; C:\Windows\System32\DRIVERS\ladfSBVMamd64.sys [376848 2009-05-28] (Logitech)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-04-26] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15680 2006-11-01] ()
R2 NPF; C:\Windows\System32\drivers\npf.sys [47632 2009-10-20] (CACE Technologies, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 uisp; C:\Windows\System32\Drivers\usbicp.sys [20480 2010-08-24] (Motorola)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2013-03-18] (Apple, Inc.) [File not signed]
S3 VaneFltr; C:\Windows\System32\drivers\Lachesis.sys [30336 2007-08-17] (Razer (Asia-Pacific) Pte Ltd)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.)
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-02 17:14 - 2015-05-02 17:15 - 00030946 _____ () C:\Users\Robert\Desktop\FRST.txt
2015-05-02 17:14 - 2015-05-02 17:14 - 00000000 ____D () C:\FRST
2015-05-02 17:13 - 2015-05-02 17:13 - 00000472 _____ () C:\Users\Robert\Desktop\defogger_disable.log
2015-05-02 17:13 - 2015-05-02 17:13 - 00000000 _____ () C:\Users\Admin\defogger_reenable
2015-05-02 00:55 - 2015-05-02 00:55 - 00380416 _____ () C:\Users\Robert\Desktop\Gmer-19357.exe
2015-05-02 00:53 - 2015-05-02 00:53 - 02101248 _____ (Farbar) C:\Users\Robert\Desktop\FRST64.exe
2015-05-02 00:52 - 2015-05-02 00:52 - 00050477 _____ () C:\Users\Robert\Desktop\Defogger.exe
2015-05-01 17:47 - 2015-05-01 17:47 - 00000000 __SHD () C:\Users\Admin\AppData\Local\EmieBrowserModeList
2015-04-15 02:18 - 2015-04-15 02:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-04-14 22:54 - 2015-04-02 02:17 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-14 22:54 - 2015-04-02 01:49 - 00342704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-04-14 22:54 - 2015-03-25 05:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-14 22:54 - 2015-03-25 05:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-14 22:54 - 2015-03-25 05:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-14 22:54 - 2015-03-25 05:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-14 22:54 - 2015-03-25 05:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-14 22:54 - 2015-03-25 05:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-14 22:54 - 2015-03-25 05:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-14 22:54 - 2015-03-25 05:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-14 22:54 - 2015-03-25 05:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-14 22:54 - 2015-03-25 05:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-14 22:54 - 2015-03-25 05:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-14 22:54 - 2015-03-25 05:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-14 22:54 - 2015-03-25 05:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-14 22:54 - 2015-03-25 05:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-14 22:54 - 2015-03-25 05:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-14 22:54 - 2015-03-25 05:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-14 22:54 - 2015-03-23 05:25 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-14 22:54 - 2015-03-23 05:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-14 22:54 - 2015-03-23 05:24 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-14 22:54 - 2015-03-23 05:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-14 22:54 - 2015-03-23 05:24 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-14 22:54 - 2015-03-23 05:24 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-14 22:54 - 2015-03-23 05:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-14 22:54 - 2015-03-23 05:17 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-14 22:54 - 2015-03-17 07:22 - 05557696 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-14 22:54 - 2015-03-17 07:22 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-14 22:54 - 2015-03-17 07:22 - 00095672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-14 22:54 - 2015-03-17 07:19 - 01727904 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-14 22:54 - 2015-03-17 07:17 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-04-14 22:54 - 2015-03-17 07:17 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-14 22:54 - 2015-03-17 07:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-14 22:54 - 2015-03-17 07:16 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-14 22:54 - 2015-03-17 07:16 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-04-14 22:54 - 2015-03-17 07:16 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-14 22:54 - 2015-03-17 07:16 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-04-14 22:54 - 2015-03-17 07:16 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-04-14 22:54 - 2015-03-17 07:16 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-14 22:54 - 2015-03-17 07:16 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-14 22:54 - 2015-03-17 07:16 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-04-14 22:54 - 2015-03-17 07:16 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-04-14 22:54 - 2015-03-17 07:16 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-04-14 22:54 - 2015-03-17 07:16 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-04-14 22:54 - 2015-03-17 07:16 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-04-14 22:54 - 2015-03-17 07:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-04-14 22:54 - 2015-03-17 07:16 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-04-14 22:54 - 2015-03-17 07:16 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-04-14 22:54 - 2015-03-17 07:16 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-04-14 22:54 - 2015-03-17 07:16 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-04-14 22:54 - 2015-03-17 07:16 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-04-14 22:54 - 2015-03-17 07:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-04-14 22:54 - 2015-03-17 07:16 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-04-14 22:54 - 2015-03-17 07:15 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-04-14 22:54 - 2015-03-17 07:15 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-04-14 22:54 - 2015-03-17 07:15 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-04-14 22:54 - 2015-03-17 07:13 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-14 22:54 - 2015-03-17 07:13 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-04-14 22:54 - 2015-03-17 07:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-04-14 22:54 - 2015-03-17 06:59 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-14 22:54 - 2015-03-17 06:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-04-14 22:54 - 2015-03-17 06:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-04-14 22:54 - 2015-03-17 06:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-04-14 22:54 - 2015-03-17 06:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-04-14 22:54 - 2015-03-17 06:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-04-14 22:54 - 2015-03-17 06:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-04-14 22:54 - 2015-03-17 06:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-04-14 22:54 - 2015-03-17 06:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-04-14 22:54 - 2015-03-17 06:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-04-14 22:54 - 2015-03-17 06:56 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-04-14 22:54 - 2015-03-17 06:56 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-04-14 22:54 - 2015-03-17 06:56 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-04-14 22:54 - 2015-03-17 06:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-04-14 22:54 - 2015-03-17 06:56 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-04-14 22:54 - 2015-03-17 06:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-04-14 22:54 - 2015-03-17 06:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-04-14 22:54 - 2015-03-17 06:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-04-14 22:54 - 2015-03-17 06:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 05:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-04-14 22:54 - 2015-03-17 05:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-04-14 22:54 - 2015-03-17 05:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 05:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 05:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 05:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-14 22:54 - 2015-03-13 06:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-14 22:54 - 2015-03-13 06:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-14 22:54 - 2015-03-13 06:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-04-14 22:54 - 2015-03-13 06:09 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-04-14 22:54 - 2015-03-13 06:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-14 22:54 - 2015-03-13 06:08 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-14 22:54 - 2015-03-13 06:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-04-14 22:54 - 2015-03-13 06:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-14 22:54 - 2015-03-13 06:06 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-04-14 22:54 - 2015-03-13 06:00 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-14 22:54 - 2015-03-13 05:59 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-04-14 22:54 - 2015-03-13 05:55 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-14 22:54 - 2015-03-13 05:54 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-14 22:54 - 2015-03-13 05:54 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-04-14 22:54 - 2015-03-13 05:53 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-04-14 22:54 - 2015-03-13 05:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-14 22:54 - 2015-03-13 05:44 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-14 22:54 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-14 22:54 - 2015-03-13 05:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-04-14 22:54 - 2015-03-13 05:40 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-14 22:54 - 2015-03-13 05:32 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-14 22:54 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-14 22:54 - 2015-03-13 05:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-04-14 22:54 - 2015-03-13 05:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-04-14 22:54 - 2015-03-13 05:27 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-04-14 22:54 - 2015-03-13 05:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-04-14 22:54 - 2015-03-13 05:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-14 22:54 - 2015-03-13 05:26 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-04-14 22:54 - 2015-03-13 05:23 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-14 22:54 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-14 22:54 - 2015-03-13 05:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-04-14 22:54 - 2015-03-13 05:20 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-04-14 22:54 - 2015-03-13 05:17 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-04-14 22:54 - 2015-03-13 05:16 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-04-14 22:54 - 2015-03-13 05:15 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-04-14 22:54 - 2015-03-13 05:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-14 22:54 - 2015-03-13 05:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-14 22:54 - 2015-03-13 05:06 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-04-14 22:54 - 2015-03-13 05:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-14 22:54 - 2015-03-13 05:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-04-14 22:54 - 2015-03-13 05:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-04-14 22:54 - 2015-03-13 05:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-14 22:54 - 2015-03-13 04:57 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-04-14 22:54 - 2015-03-13 04:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-04-14 22:54 - 2015-03-13 04:54 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-04-14 22:54 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-14 22:54 - 2015-03-13 04:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-14 22:54 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-14 22:54 - 2015-03-13 04:43 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-04-14 22:54 - 2015-03-13 04:42 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-04-14 22:54 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-14 22:54 - 2015-03-13 04:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-14 22:54 - 2015-03-13 04:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-14 22:54 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-14 22:54 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-14 22:54 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-14 22:54 - 2015-03-10 05:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-14 22:54 - 2015-03-10 05:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-14 22:54 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-04-14 22:54 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-04-14 22:54 - 2015-03-05 07:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-14 22:54 - 2015-03-05 06:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-04-14 22:54 - 2015-02-25 05:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-14 22:53 - 2015-03-04 06:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-14 22:53 - 2015-03-04 06:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-14 22:53 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-07 03:00 - 2015-04-07 03:00 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-04-07 03:00 - 2015-04-07 03:00 - 00000000 ___SD () C:\Windows\system32\GWX

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-02 17:14 - 2014-01-18 16:38 - 00067816 _____ () C:\Users\Robert\AppData\Local\GDIPFONTCACHEV1.DAT
2015-05-02 17:13 - 2014-01-30 00:19 - 00000000 ____D () C:\Users\Admin
2015-05-02 17:00 - 2009-12-11 18:22 - 01559216 _____ () C:\Windows\WindowsUpdate.log
2015-05-02 16:37 - 2014-11-26 18:19 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-02 16:33 - 2012-09-16 14:47 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-908869703-3165420859-1136871304-1000UA.job
2015-05-02 15:34 - 2009-08-13 23:46 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-05-02 15:26 - 2009-12-11 17:59 - 00017680 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-02 15:26 - 2009-12-11 17:59 - 00017680 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-02 15:17 - 2014-01-18 16:26 - 23297151 _____ () C:\Windows\setupact.log
2015-05-02 15:17 - 2012-11-24 17:45 - 00000000 ____D () C:\ProgramData\VMware
2015-05-02 15:17 - 2009-08-05 20:07 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-05-02 15:17 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-02 01:54 - 2014-07-30 19:38 - 00000000 ____D () C:\Users\Robert\AppData\Roaming\vlc
2015-05-02 01:05 - 2012-11-04 06:16 - 00000000 ___RD () C:\Users\Robert\Desktop\Desktop für den ganzen Schrott
2015-05-02 00:33 - 2012-09-16 14:47 - 00001072 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-908869703-3165420859-1136871304-1000Core.job
2015-05-01 20:26 - 2014-01-18 16:25 - 00315456 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-01 20:23 - 2009-08-14 00:20 - 00000000 ____D () C:\Users\Robert\AppData\Local\GameSpy
2015-05-01 20:17 - 2012-11-24 17:51 - 00000000 ____D () C:\Users\Robert\AppData\Local\VMware
2015-05-01 18:21 - 2012-11-24 17:51 - 00000000 ____D () C:\Users\Robert\AppData\Roaming\VMware
2015-05-01 18:16 - 2014-01-18 16:25 - 00018784 _____ () C:\Windows\PFRO.log
2015-05-01 18:12 - 2013-07-12 16:37 - 00000000 ____D () C:\Program Files\TortoiseSVN
2015-05-01 18:11 - 2012-11-13 16:40 - 00000000 ____D () C:\Program Files\EslWire
2015-05-01 18:10 - 2011-10-01 15:56 - 00000000 ____D () C:\ProgramData\Origin
2015-05-01 18:05 - 2014-05-29 17:15 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2015-05-01 18:03 - 2014-10-25 17:12 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2015-05-01 18:02 - 2014-04-24 06:53 - 00000000 ____D () C:\ProgramData\Apple
2015-05-01 18:02 - 2013-07-12 15:27 - 00000000 ____D () C:\Users\Robert\AppData\Local\Package Cache
2015-05-01 17:53 - 2010-03-12 21:48 - 00000000 ____D () C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-05-01 17:45 - 2013-09-15 16:53 - 00000000 ____D () C:\Users\Robert\AppData\Local\Deployment
2015-05-01 17:42 - 2009-08-05 19:56 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-05-01 17:41 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-04-30 22:35 - 2012-09-16 15:21 - 00002362 _____ () C:\Users\Robert\Desktop\Google Chrome.lnk
2015-04-26 22:43 - 2014-05-24 14:30 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-26 15:32 - 2014-05-24 14:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-04-26 15:32 - 2014-05-24 14:30 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-04-26 15:32 - 2014-01-30 21:39 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-04-25 09:02 - 2013-07-12 16:42 - 00000000 ____D () C:\Users\Robert\AppData\Local\TSVNCache
2015-04-23 03:29 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-04-16 00:55 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-04-16 00:52 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat
2015-04-15 14:28 - 2014-12-11 23:15 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-15 14:28 - 2014-05-02 23:57 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-15 02:22 - 2009-12-11 18:02 - 01725292 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-04-15 02:22 - 2009-07-14 19:58 - 00747994 _____ () C:\Windows\system32\perfh007.dat
2015-04-15 02:22 - 2009-07-14 19:58 - 00170676 _____ () C:\Windows\system32\perfc007.dat
2015-04-15 02:21 - 2009-07-14 07:13 - 01725292 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-15 02:18 - 2013-01-26 17:01 - 00002697 _____ () C:\Users\Public\Desktop\Skype.lnk
2015-04-15 02:18 - 2011-05-12 19:30 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-04-15 02:18 - 2009-08-13 22:42 - 00000000 ____D () C:\ProgramData\Skype
2015-04-15 02:17 - 2013-08-17 04:45 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-15 01:58 - 2010-01-14 18:47 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-14 09:37 - 2014-05-24 14:30 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-04-14 09:37 - 2014-05-24 14:30 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-04-14 09:37 - 2014-01-26 15:10 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

==================== Files in the root of some directories =======

2011-07-06 20:20 - 2012-07-03 16:41 - 0168864 _____ () C:\Program Files\Common Files\WireHelpSvc.exe
2014-01-22 18:55 - 2014-01-22 18:55 - 0000288 _____ () C:\Users\Robert\AppData\Roaming\.backup.dm
2009-08-13 21:27 - 2009-08-13 21:27 - 0000179 _____ () C:\Users\Robert\AppData\Roaming\setup.log
2009-08-13 21:27 - 2009-08-13 21:59 - 0000760 _____ () C:\Users\Robert\AppData\Roaming\setup_ldm.iss
2012-11-21 20:55 - 2012-11-21 20:55 - 0003584 _____ () C:\Users\Robert\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-04-21 10:14 - 2012-04-21 10:14 - 0007610 _____ () C:\Users\Robert\AppData\Local\Resmon.ResmonCfg
2012-01-22 16:32 - 2012-01-22 16:32 - 0017408 _____ () C:\Users\Robert\AppData\Local\WebpageIcons.db
2009-12-27 01:33 - 2009-12-27 01:33 - 0000056 ____H () C:\ProgramData\ezsidmv.dat

Some content of TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\npp.6.5.5.Installer.exe
C:\Users\Admin\AppData\Local\Temp\Nv3DVisionIePlugin64.dll
C:\Users\Admin\AppData\Local\Temp\Nv3DVStreaming.dll
C:\Users\Admin\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Admin\AppData\Local\Temp\nvSCPAPISvr.exe
C:\Users\Admin\AppData\Local\Temp\nvStInst.exe
C:\Users\Admin\AppData\Local\Temp\xmlUpdater.exe
C:\Users\Robert\AppData\Local\Temp\DivXSetup.exe
C:\Users\Robert\AppData\Local\Temp\g35_g35.exe
C:\Users\Robert\AppData\Local\Temp\GURE531.exe
C:\Users\Robert\AppData\Local\Temp\vlc-2.1.3-win64.exe
C:\Users\Robert\AppData\Local\Temp\vlc-2.1.4-win64.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================
Addition:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-04-2015 01
Ran by Robert at 2015-05-02 17:15:25
Running from C:\Users\Robert\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Admin (S-1-5-21-908869703-3165420859-1136871304-1012 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-908869703-3165420859-1136871304-500 - Administrator - Disabled)
ASPNET (S-1-5-21-908869703-3165420859-1136871304-1002 - Limited - Enabled)
Gast (S-1-5-21-908869703-3165420859-1136871304-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-908869703-3165420859-1136871304-1005 - Limited - Enabled)
Robert (S-1-5-21-908869703-3165420859-1136871304-1000 - Limited - Enabled) => C:\Users\Robert

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Flash Player 15 Plugin (HKLM-x32\...\{F1410A0A-8205-4D45-BF2B-9C7ACB2F4B24}) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Badaboom 1.1.1.241 (HKLM-x32\...\Badaboom) (Version: 1.1.1.241 - Elemental Technologies)
CDDRV_Installer (Version: 4.60 - Logitech) Hidden
Cool & Quiet (HKLM-x32\...\{1ADE1AA0-7F82-4BB1-B1BD-727DE438057B}) (Version:  - )
cyberJack Base Components (HKLM-x32\...\{FC338210-F594-11D3-BA24-00001C3AB4DF}) (Version: 6.10.0 - REINER SCT)
DivX Converter (HKLM-x32\...\{B13A7C41581B411290FBC0395694E2A9}) (Version: 7.1.0 - DivX, Inc.)
DivX Plus DirectShow Filters (HKLM-x32\...\DivX Plus DirectShow Filters) (Version:  - DivX, Inc.)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.100 - DivX, LLC)
EasyBits GO (HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\Game Organizer) (Version:  - EasyBits Media)
EPU-6 Engine (HKLM-x32\...\{56B83336-FBC1-4C46-8613-90A9E3B440D6}) (Version: 1.00.28 - )
erLT (x32 Version: 1.20.0137 - Logitech, Inc.) Hidden
EXPERTool 7.5 (HKLM-x32\...\EXPERTool_is1) (Version:  - Gainward Co., Ltd)
Express Gate Updater (HKLM-x32\...\{30E1022C-17EB-482A-8C82-16B79B98C4E4}) (Version: 1.1.1.2 - DeviceVM)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{3E6F0CAD-EE38-42A5-9EEA-AE17A55BF2D4}) (Version: 2.1.23.0 - MAGIX AG)
Google Chrome (HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\Google Chrome) (Version: 42.0.2311.135 - Google Inc.)
Google Update Helper (x32 Version: 1.3.21.111 - Google Inc.) Hidden
Host OpenAL (ADI) (HKLM-x32\...\Host OpenAL (ADI)) (Version:  - )
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{6F6873E3-5C92-4049-B511-231A138DD090}) (Version: 14.0.0.4651 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 14.0.0.4651 - Kaspersky Lab) Hidden
KhalInstallWrapper (Version: 2.00.0000 - Logitech) Hidden
Logitech SetPoint (HKLM-x32\...\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}) (Version: 4.80 - Logitech)
MAGIX Screenshare (HKLM-x32\...\MAGIX Screenshare D) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Speed burnR (HKLM-x32\...\MAGIX Speed burnR D) (Version: 7.0.2.7 - MAGIX AG)
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB953297) (HKLM-x32\...\M953297) (Version:  - )
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NCsoft Launcher (HKLM-x32\...\{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}) (Version: 1.5.19002 - NCsoft)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.5 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
OpenOffice 4.0.0 (HKLM-x32\...\{B28DBCBA-60F8-40ED-B35B-F510C327946C}) (Version: 4.00.9702 - Apache Software Foundation)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.3.6.0 - Pando Networks Inc.)
Profi cash (HKLM-x32\...\Profi cash) (Version:  - )
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.6.8442 - Skype Technologies S.A.)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SoundMAX (HKLM-x32\...\{F0A37341-D692-11D4-A984-009027EC0A9C}) (Version: 6.10.2.6520 - Analog Devices)
SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.13.1 - TeamSpeak Systems GmbH)
TuneUp Utilities Language Pack (de-DE) (x32 Version: 10.0.4410.1 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 12.0.2160.11 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 9.0.5100.2 - TuneUp Software) Hidden
TurboV (HKLM-x32\...\{A31951C5-DCD8-4DFE-A525-CFC701F54792}) (Version: 1.00.17 - )
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VMware Player (HKLM-x32\...\VMware_Player) (Version: 6.0.1 - VMware, Inc)
VMware Player (Version: 6.0.1 - VMware, Inc.) Hidden
vReveal (HKLM-x32\...\vReveal) (Version:  - MotionDSP)
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinPcap 4.1.1 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.1753 - CACE Technologies)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

ATTENTION: System Restore is disabled.
Check "winmgmt" service or repair WMI.


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 14:34 - 2014-01-29 20:21 - 00526213 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
0.0.0.0 fr.a2dfp.net
0.0.0.0 m.fr.a2dfp.net
0.0.0.0 mfr.a2dfp.net
0.0.0.0 ad.a8.net
0.0.0.0 asy.a8ww.net
0.0.0.0 abcstats.com
0.0.0.0 a.abv.bg
0.0.0.0 adserver.abv.bg
0.0.0.0 adv.abv.bg
0.0.0.0 bimg.abv.bg
0.0.0.0 ca.abv.bg
0.0.0.0 www2.a-counter.kiev.ua
0.0.0.0 track.acclaimnetwork.com
0.0.0.0 accuserveadsystem.com
0.0.0.0 www.accuserveadsystem.com
0.0.0.0 achmedia.com
0.0.0.0 csh.actiondesk.com
0.0.0.0 ads.activepower.net
0.0.0.0 app.activetrail.com
0.0.0.0 stat.active24stats.nl #[Tracking.Cookie]
0.0.0.0 traffic.acwebconnecting.com
0.0.0.0 office.ad1.ru
0.0.0.0 cms.ad2click.nl
0.0.0.0 ad2games.com
0.0.0.0 ads.ad2games.com
0.0.0.0 content.ad20.net
0.0.0.0 core.ad20.net
0.0.0.0 banner.ad.nu

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => 
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-908869703-3165420859-1136871304-1000Core.job => C:\Users\Robert\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-908869703-3165420859-1136871304-1000UA.job => C:\Users\Robert\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2012-06-18 17:24 - 2012-06-18 17:24 - 00222720 _____ () E:\Programme\Notepad++\NppShell_05.dll
2009-09-14 14:08 - 2009-07-20 12:35 - 00018960 _____ () C:\Program Files (x86)\Logitech\SetPoint\khalwrapper.dll
2009-08-05 19:58 - 2008-10-21 22:14 - 04040192 _____ () C:\Program Files (x86)\ASUS\TurboV\TurboV.exe
2009-08-13 21:57 - 2009-07-20 04:00 - 00077824 _____ () C:\Program Files (x86)\Logitech\SetPoint\x86\SetPoint32.exe

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:24721E3C
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\100sexlinks.com -> 100sexlinks.com

There are 6052 more restricted sites.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-908869703-3165420859-1136871304-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: EslWireHelper => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: Secunia PSI Agent => 2
MSCONFIG\Services: Secunia Update Agent => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk => C:\Windows\pss\Secunia PSI Tray.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Robert^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Zahlungserinnerung.lnk => C:\Windows\pss\Zahlungserinnerung.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: DivXMediaServer => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: iTunesHelper => "E:\Programme\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Kernel and Hardware Abstraction Layer => KHALMNPR.EXE
MSCONFIG\startupreg: Lachesis => E:\Programme\Razer\razerhid.exe                                                                                                                                                                                                                                          
MSCONFIG\startupreg: Pando Media Booster => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SoundMAX => "C:\Program Files (x86)\Analog Devices\SoundMAX\soundmax.exe" /tray

==================== FirewallRules (whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [UDP Query User{F91435D9-EFCF-4B87-830F-35F165F16C90}C:\users\robert\temp\teamviewer\version4\teamviewer.exe] => (Allow) C:\users\robert\temp\teamviewer\version4\teamviewer.exe
FirewallRules: [TCP Query User{E63063BD-85C9-4DF0-A724-E3E147D19CE6}C:\users\robert\temp\teamviewer\version4\teamviewer.exe] => (Allow) C:\users\robert\temp\teamviewer\version4\teamviewer.exe
FirewallRules: [UDP Query User{C2C5EBED-5553-4A54-9CDD-D48371624776}C:\program files (x86)\mirc\mirc.exe] => (Allow) C:\program files (x86)\mirc\mirc.exe
FirewallRules: [TCP Query User{82204638-2C30-4051-9520-BC3BF6AB2A31}C:\program files (x86)\mirc\mirc.exe] => (Allow) C:\program files (x86)\mirc\mirc.exe
FirewallRules: [{F9D8C60D-0A2F-4404-97BA-7831E3DEF19C}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [{66742885-3FC3-4A8B-A5A2-15836F425280}] => (Allow) C:\Users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-3.2.2.10482-to-3.2.2.10505-deDE-downloader.exe
FirewallRules: [{1F884B59-E7F4-4485-9B6F-F81DFE97BC6F}] => (Allow) C:\Users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-3.2.2.10482-to-3.2.2.10505-deDE-downloader.exe
FirewallRules: [{E56F2280-E745-41E3-A852-E57E71D1BA19}] => (Allow) C:\Users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-3.2.0.10314-to-3.2.2.10482-deDE-downloader.exe
FirewallRules: [{77893C14-69D7-4848-98E1-0326A99716DD}] => (Allow) C:\Users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-3.2.0.10314-to-3.2.2.10482-deDE-downloader.exe
FirewallRules: [{FE9B1925-B483-4D71-ACF0-7A0FD79C49EE}] => (Allow) C:\Users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-deDE-downloader.exe
FirewallRules: [{BD8666CE-3803-493E-879A-8080BD25FA0E}] => (Allow) C:\Users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-deDE-downloader.exe
FirewallRules: [{0CDCF451-A779-4CA8-8000-1ED097E7B175}] => (Allow) C:\Users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-3.1.3.9947-to-3.2.0.10192-deDE-downloader.exe
FirewallRules: [{1A7A5E6C-C56E-4B42-ADB9-3CC5DD3557D1}] => (Allow) C:\Users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-3.1.3.9947-to-3.2.0.10192-deDE-downloader.exe
FirewallRules: [{71F5ACEA-7C42-4ED7-9E91-18CCFCEFAD36}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{48B7474E-46AD-4543-A5C8-33E81A925AA8}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{4914B35F-7DCC-4390-B404-EA41E11B76AF}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{EA50682F-0A05-40E9-BEC1-D398ACA658B7}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{5878656F-0A36-4CBD-BD15-C8969D86F625}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{5A72A216-F6BC-440E-ABDC-3345A364BB21}] => (Allow) LPort=56858
FirewallRules: [{63350A18-1188-417D-B57E-1BA705215ACF}] => (Allow) LPort=56858
FirewallRules: [{EBE548F9-DF2A-4E59-BCCE-B2E559D1CAC9}] => (Allow) LPort=56858
FirewallRules: [{EE3C615D-F9A0-4C1B-99B9-8B2930424F6D}] => (Allow) LPort=56858
FirewallRules: [{FAAB74B4-9B1B-4E4B-A048-EFEE9DBBD736}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{48FF4247-C741-4CDF-ABCF-B0A750B1C149}] => (Allow) E:\Programme\Steam\SteamApps\faceman765\counter-strike\hl.exe
FirewallRules: [{41D898FB-3FD4-43DB-9570-7E5AB2044CFD}] => (Allow) E:\Programme\Steam\SteamApps\faceman765\counter-strike\hl.exe
FirewallRules: [{02338F63-67B0-4DAB-88FA-9EFC32A08333}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{2E67C032-4394-48F7-99DB-22FDE22F276C}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{48DE4895-3C8F-4B30-ABCF-62517F549A02}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{82EC6C03-9B87-474C-B1FD-548C89E42A21}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{A6D8FA07-2CD0-4D28-84EA-39F264EBB354}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{CFE66C94-772C-475E-8EED-73CD3419B7EF}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{7431BAD5-56DA-4A83-AB8A-211F29DF2CF9}] => (Allow) E:\Programme\Assassins Creed Revelations\ACRSP.exe
FirewallRules: [{C65BC40E-335F-4F57-A68E-8A7EEC9A8219}] => (Allow) E:\Programme\Assassins Creed Revelations\ACRSP.exe
FirewallRules: [{10B42EF3-AC83-42D1-BF2D-21856E8629F2}] => (Allow) E:\Programme\Assassins Creed Revelations\ACRMP.exe
FirewallRules: [{6BCD06D9-FC41-4593-981C-D6C4F653A86A}] => (Allow) E:\Programme\Assassins Creed Revelations\ACRMP.exe
FirewallRules: [{32C18A5B-E2CD-4F20-9C87-170CF26431F2}] => (Allow) E:\Programme\Assassins Creed Revelations\AssassinsCreedRevelations.exe
FirewallRules: [{B8316D37-B419-422B-86B9-B37E23E7823C}] => (Allow) E:\Programme\Assassins Creed Revelations\AssassinsCreedRevelations.exe
FirewallRules: [{89BD3FC3-0271-4212-8F61-033FD952115E}] => (Allow) E:\Programme\Steam\SteamApps\faceman765\counter-strike\hl.exe
FirewallRules: [{6AE83308-54B1-48E0-B28F-1D2BC0F3746D}] => (Allow) E:\Programme\Steam\SteamApps\faceman765\counter-strike\hl.exe
FirewallRules: [{FCB47402-BB77-4866-A553-BDE0F19C8595}] => (Allow) E:\Programme\Battlefield 3\Battlefield 3\bf3.exe
FirewallRules: [{60A1774B-BAEF-46BA-9E6B-FC3EBC040891}] => (Allow) E:\Programme\Battlefield 3\Battlefield 3\bf3.exe
FirewallRules: [{FA4013BB-3800-446E-9311-E653CAB74871}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{3771E463-FEE5-43D0-9F0D-948035B92C5A}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{4B597462-88A5-4C60-AFDF-F015891BB021}] => (Allow) E:\Programme\Steam\SteamApps\common\Sniper Elite V2\bin\SniperEliteV2.exe
FirewallRules: [{D66E25A4-B16B-4C3E-8D51-0A44584228AA}] => (Allow) E:\Programme\Steam\SteamApps\common\Sniper Elite V2\bin\SniperEliteV2.exe
FirewallRules: [{A77A4043-BA06-4A5D-B7ED-4858A10F2B4F}] => (Allow) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
FirewallRules: [{A337226D-7B68-484F-9466-E095117D8425}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{2AD8D3DD-4AD8-4048-8345-3D37E528DBDC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{27A8C16C-BA10-46E4-BE00-AC8BB4DE7A8D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{0BCF7845-D89E-408A-8A0F-EB4128C4DBFC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{44D65810-E33D-4685-8623-B1AFD78360AF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{456D7F90-C137-4E13-9C40-9C66587246FD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{026185A2-534E-41F8-A898-8603B5D0BD3F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{6F6E36DA-2530-485D-BFB7-9697ACE388B0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D7006922-8871-4D32-BBE1-FC32E7F1C2E1}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
FirewallRules: [{6E6826D7-791E-4BD0-B92C-40108BC8FD64}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
FirewallRules: [{E869C5EC-E6DB-490C-AB8F-48D5D1C11A6D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{1221DEF1-5A0E-4F46-8C26-9A0095825751}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{F8CAFBAD-A8C4-489C-ADEE-A0647CF99A64}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{DA4193BF-CE30-4D5A-B82E-F1B864AB9CE9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{62696D86-6B83-4B64-B95C-A88C88D061CA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{DEB90366-F380-4E32-8389-C00F55593FCE}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{37886D58-60FB-4ED8-A03F-8C433025B617}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{405E7D2D-ECA7-4D53-B9E7-3EDAF2DF13AA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{9C6605B1-FE3F-4ABA-B59E-374551AE6897}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D91CBCF8-F6BE-49A6-A3D2-0A3FE24E3D7F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{473D944F-BB8A-4BB5-852E-413EBB655A5C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{4AFB9732-DF57-40B2-8954-65EBF31B0487}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{17B1C777-B812-4FD1-B8B5-9635143F43C4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{E48AA2BD-35FB-4936-85DE-2F13F5A5CE96}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{B485A384-48D7-4D88-B0D5-DF10274C0076}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{70BE2044-2B2A-493B-B984-6819B8CEC8FC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{083D1EF7-926E-4AB2-95F0-C0FBC9C1700B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{6EDA2D60-47B7-46F9-8A29-9D5A5A19646C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{F2CF4B3F-F58A-433B-ABCF-72864FBDA07B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{8ED19118-BD87-4381-801F-F5CF0583E1D1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{B1C6C7EE-94FD-4E62-9D89-6A0A2B8076EF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{9B2DF132-71A0-4C96-8408-76DF35296A26}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{32B86F39-66A3-45FB-9B31-CC8896911AFF}] => (Allow) E:\Programme\Steam\Steam.exe
FirewallRules: [{4441E7F4-C7AA-49C0-AFAB-EAE23100DD9C}] => (Allow) E:\Programme\Steam\Steam.exe
FirewallRules: [{45AEE704-4C54-41C2-B299-51963F6B79CE}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{FD87B08C-8CBD-422F-8DF1-65750EF90C85}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{D48AD544-77EA-45EF-8B10-6017C3B4C845}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{7423AD7A-8403-4D95-BB89-78A3B1A5C192}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{7642A794-A94F-499C-A47C-92EC06C3E262}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D31C8B03-01B1-4985-83F1-4BA51DE20664}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{2136A4FD-28A7-41EB-B424-D8B9B6F2E48A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{3AFBBA99-AECF-4438-9C4C-A7FD686FE403}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{15AB8819-E36E-49EA-8FE3-5D3130B87272}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{43204974-2C1B-4C42-A97E-42B88F9A12F6}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{2690488B-3CB4-4407-A03F-8647D4A4FAC4}] => (Allow) E:\Programme\Steam\bin\steamwebhelper.exe
FirewallRules: [{58BDE336-E03D-46CF-96D5-0249FE6CE4EB}] => (Allow) E:\Programme\Steam\bin\steamwebhelper.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/02/2015 04:01:45 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "UCCAPI,processorArchitecture="x86",type="win32",version="2.0.0.0"1".
Die abhängige Assemblierung "UCCAPI,processorArchitecture="x86",type="win32",version="2.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (05/02/2015 04:01:35 PM) (Source: SideBySide) (EventID: 75) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Mehrere requestedPrivileges-Elemente sind nicht im Manifest zulässig.

Error: (05/02/2015 03:19:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/01/2015 08:28:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/01/2015 06:18:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/01/2015 06:12:00 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddLegacyDriverFiles: Unable to back up image of binary GEAR ASPI Filter Driver.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (05/01/2015 06:03:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MsiExec.exe, Version: 5.0.7601.17514, Zeitstempel: 0x4ce792c4
Name des fehlerhaften Moduls: QuickTime.qts_unloaded, Version: 0.0.0.0, Zeitstempel: 0x542dbdf4
Ausnahmecode: 0xc0000005
Fehleroffset: 0x6025ccf9
ID des fehlerhaften Prozesses: 0x17e0
Startzeit der fehlerhaften Anwendung: 0xMsiExec.exe0
Pfad der fehlerhaften Anwendung: MsiExec.exe1
Pfad des fehlerhaften Moduls: MsiExec.exe2
Berichtskennung: MsiExec.exe3

Error: (05/01/2015 04:59:17 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/01/2015 04:58:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 1.0.2.929, Zeitstempel: 0x552d3ec4
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18798, Zeitstempel: 0x5507b3e0
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0002e3be
ID des fehlerhaften Prozesses: 0xac8
Startzeit der fehlerhaften Anwendung: 0xmbam.exe0
Pfad der fehlerhaften Anwendung: mbam.exe1
Pfad des fehlerhaften Moduls: mbam.exe2
Berichtskennung: mbam.exe3

Error: (05/01/2015 00:45:19 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "UCCAPI,processorArchitecture="x86",type="win32",version="2.0.0.0"1".
Die abhängige Assemblierung "UCCAPI,processorArchitecture="x86",type="win32",version="2.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".


System errors:
=============
Error: (05/01/2015 07:13:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "MBAMService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/01/2015 06:20:17 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "PnkBstrA" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/01/2015 05:17:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "MBAMService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/01/2015 05:16:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "PnkBstrA" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/30/2015 06:24:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "MBAMService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/30/2015 06:24:16 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "PnkBstrA" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/27/2015 04:51:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "MBAMService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/27/2015 04:16:29 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "PnkBstrA" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/26/2015 06:11:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "MBAMService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/26/2015 03:33:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "PnkBstrA" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


Microsoft Office Sessions:
=========================
Error: (05/02/2015 04:01:45 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: UCCAPI,processorArchitecture="x86",type="win32",version="2.0.0.0"c:\program files (x86)\windows live\messenger\wlcsdk.exe

Error: (05/02/2015 04:01:35 PM) (Source: SideBySide) (EventID: 75) (User: )
Description: c:\program files (x86)\Skype\Toolbars\internet explorer\SkypeIEPluginBroker.exec:\program files (x86)\Skype\Toolbars\internet explorer\SkypeIEPluginBroker.exe2

Error: (05/02/2015 03:19:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/01/2015 08:28:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/01/2015 06:18:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/01/2015 06:12:00 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary GEAR ASPI Filter Driver.

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (05/01/2015 06:03:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: MsiExec.exe5.0.7601.175144ce792c4QuickTime.qts_unloaded0.0.0.0542dbdf4c00000056025ccf917e001d084285b8c4258C:\Windows\syswow64\MsiExec.exeQuickTime.qts9a5b3519-f01b-11e4-9cc8-005056c00008

Error: (05/01/2015 04:59:17 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/01/2015 04:58:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.2.929552d3ec4ntdll.dll6.1.7601.187985507b3e0c00000050002e3beac801d0841f2f532a81C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exeC:\Windows\SysWOW64\ntdll.dll8e1f083e-f012-11e4-9cc8-005056c00008

Error: (05/01/2015 00:45:19 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: UCCAPI,processorArchitecture="x86",type="win32",version="2.0.0.0"c:\program files (x86)\windows live\messenger\wlcsdk.exe


CodeIntegrity Errors:
===================================
  Date: 2014-10-15 20:29:27.027
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-10-15 20:29:27.027
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-10-15 20:29:27.027
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-10-15 20:29:26.996
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-10-15 20:29:26.996
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-10-15 20:29:26.996
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-10-15 20:29:26.965
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-10-15 20:29:26.965
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-10-15 20:29:26.949
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-10-14 21:03:51.906
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7 CPU 920 @ 2.67GHz
Percentage of memory in use: 29%
Total physical RAM: 6135.12 MB
Available physical RAM: 4309.91 MB
Total Pagefile: 12268.43 MB
Available Pagefile: 10073.29 MB
Total Virtual: 8192 MB
Available Virtual: 8191.79 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:298.09 GB) (Free:125.96 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (Volume) (Fixed) (Total:698.63 GB) (Free:697.97 GB) NTFS

==================== MBR & Partition Table ==================

==================== End Of Log ============================
Rest folgt in 2. Beitrag wg. folgendem Hinweis:
"Der Text, den Sie eingegeben haben, besteht aus 187313 Zeichen und ist damit zu lang. Bitte die Logs auf mehrere Beiträge aufspalten mit maximaler Länge von 120000 Zeichen."

Alt 02.05.2015, 17:22   #2
Necro0
 
Windows 7: Spiele starten nicht mehr und PC starten funktioniert manchmal nicht - Standard

Windows 7: Spiele starten nicht mehr und PC starten funktioniert manchmal nicht


GMER:
Code:
ATTFilter
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-05-02 17:30:21
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2 SAMSUNG_HD322HJ rev.1AC01118 298,09GB
Running: Gmer-19357.exe; Driver: C:\Users\Admin\AppData\Local\Temp\kgdiqpow.sys


---- User code sections - GMER 2.1 ----

.text   C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe[1952] C:\Windows\SysWOW64\ntdll.dll!NtQueryValueKey                    000000007790faa4 5 bytes JMP 0000000172f518dd
.text   C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe[1952] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory             0000000077910034 5 bytes JMP 0000000172f51ed6
.text   C:\Windows\SysWOW64\PnkBstrA.exe[2928] C:\Windows\SysWOW64\WSOCK32.dll!recv + 82                                                                       0000000074ae17fa 2 bytes CALL 759911a9 C:\Windows\syswow64\kernel32.dll
.text   C:\Windows\SysWOW64\PnkBstrA.exe[2928] C:\Windows\SysWOW64\WSOCK32.dll!recvfrom + 88                                                                   0000000074ae1860 2 bytes CALL 759911a9 C:\Windows\syswow64\kernel32.dll
.text   C:\Windows\SysWOW64\PnkBstrA.exe[2928] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 98                                                                 0000000074ae1942 2 bytes JMP 77037089 C:\Windows\syswow64\WS2_32.dll
.text   C:\Windows\SysWOW64\PnkBstrA.exe[2928] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 109                                                                0000000074ae194d 2 bytes JMP 7703cba6 C:\Windows\syswow64\WS2_32.dll
.text   C:\Windows\SysWOW64\PnkBstrA.exe[2928] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                                         00000000778c1401 2 bytes JMP 759bb1ef C:\Windows\syswow64\kernel32.dll
.text   C:\Windows\SysWOW64\PnkBstrA.exe[2928] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                                           00000000778c1419 2 bytes JMP 759bb31a C:\Windows\syswow64\kernel32.dll
.text   C:\Windows\SysWOW64\PnkBstrA.exe[2928] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                                         00000000778c1431 2 bytes JMP 75a38f09 C:\Windows\syswow64\kernel32.dll
.text   C:\Windows\SysWOW64\PnkBstrA.exe[2928] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                                         00000000778c144a 2 bytes CALL 75994885 C:\Windows\syswow64\kernel32.dll
.text   ...                                                                                                                                                    * 9
.text   C:\Windows\SysWOW64\PnkBstrA.exe[2928] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                                            00000000778c14dd 2 bytes JMP 75a38802 C:\Windows\syswow64\kernel32.dll
.text   C:\Windows\SysWOW64\PnkBstrA.exe[2928] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                                     00000000778c14f5 2 bytes JMP 75a389d8 C:\Windows\syswow64\kernel32.dll
.text   C:\Windows\SysWOW64\PnkBstrA.exe[2928] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                                            00000000778c150d 2 bytes JMP 75a386f8 C:\Windows\syswow64\kernel32.dll
.text   C:\Windows\SysWOW64\PnkBstrA.exe[2928] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                                     00000000778c1525 2 bytes JMP 75a38ac2 C:\Windows\syswow64\kernel32.dll
.text   C:\Windows\SysWOW64\PnkBstrA.exe[2928] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                                           00000000778c153d 2 bytes JMP 759afc78 C:\Windows\syswow64\kernel32.dll
.text   C:\Windows\SysWOW64\PnkBstrA.exe[2928] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                                                00000000778c1555 2 bytes JMP 759b68bf C:\Windows\syswow64\kernel32.dll
.text   C:\Windows\SysWOW64\PnkBstrA.exe[2928] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                                         00000000778c156d 2 bytes JMP 75a38fc1 C:\Windows\syswow64\kernel32.dll
.text   C:\Windows\SysWOW64\PnkBstrA.exe[2928] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                                           00000000778c1585 2 bytes JMP 75a38b22 C:\Windows\syswow64\kernel32.dll
.text   C:\Windows\SysWOW64\PnkBstrA.exe[2928] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                                              00000000778c159d 2 bytes JMP 75a386bc C:\Windows\syswow64\kernel32.dll
.text   C:\Windows\SysWOW64\PnkBstrA.exe[2928] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                                           00000000778c15b5 2 bytes JMP 759afd11 C:\Windows\syswow64\kernel32.dll
.text   C:\Windows\SysWOW64\PnkBstrA.exe[2928] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                                         00000000778c15cd 2 bytes JMP 759bb2b0 C:\Windows\syswow64\kernel32.dll
.text   C:\Windows\SysWOW64\PnkBstrA.exe[2928] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                                     00000000778c16b2 2 bytes JMP 75a38e84 C:\Windows\syswow64\kernel32.dll
.text   C:\Windows\SysWOW64\PnkBstrA.exe[2928] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                                     00000000778c16bd 2 bytes JMP 75a38651 C:\Windows\syswow64\kernel32.dll
.text   C:\Windows\SysWOW64\vmnat.exe[1688] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathW + 4                                                              0000000074ad13b0 2 bytes JMP 76465660 C:\Windows\syswow64\SHELL32.dll
.text   C:\Windows\SysWOW64\vmnat.exe[1688] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathW + 20                                                             0000000074ad13c0 2 bytes CALL 75469cee C:\Windows\syswow64\msvcrt.dll
.text   ...                                                                                                                                                    * 20
.text   C:\Windows\SysWOW64\vmnat.exe[1688] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathA + 22                                                             0000000074ad153e 2 bytes CALL 764f7794 C:\Windows\syswow64\SHELL32.dll
.text   C:\Windows\SysWOW64\vmnat.exe[1688] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathA + 43                                                             0000000074ad1553 2 bytes CALL 759910ff C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\ASUS\TurboV\TurboV.exe[3544] C:\Windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 159                                           00000000777113ef 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\ASUS\TurboV\TurboV.exe[3544] C:\Windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 500                                           0000000077711544 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\ASUS\TurboV\TurboV.exe[3544] C:\Windows\SYSTEM32\ntdll.dll!RtlDeleteAce + 126                                                   00000000777118ce 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\ASUS\TurboV\TurboV.exe[3544] C:\Windows\SYSTEM32\ntdll.dll!RtlDeleteAce + 644                                                   0000000077711ad4 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\ASUS\TurboV\TurboV.exe[3544] C:\Windows\SYSTEM32\ntdll.dll!_vsnwprintf_s + 212                                                  0000000077711bb4 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\ASUS\TurboV\TurboV.exe[3544] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateActivationContext + 373                                     0000000077711d35 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\ASUS\TurboV\TurboV.exe[3544] C:\Windows\SYSTEM32\ntdll.dll!isalpha + 31                                                         0000000077711e9f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\ASUS\TurboV\TurboV.exe[3544] C:\Windows\SYSTEM32\ntdll.dll!_strnicmp + 89                                                       0000000077711f85 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\ASUS\TurboV\TurboV.exe[3544] C:\Windows\SYSTEM32\ntdll.dll!RtlImpersonateSelfEx + 680                                           0000000077712248 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\ASUS\TurboV\TurboV.exe[3544] C:\Windows\SYSTEM32\ntdll.dll!RtlIsGenericTableEmptyAvl + 16                                       00000000777126f0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\ASUS\TurboV\TurboV.exe[3544] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableAvl + 18                                     0000000077712712 8 bytes {JMP 0x10}
.text   C:\Program Files (x86)\ASUS\TurboV\TurboV.exe[3544] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 79                      000000007771276f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\ASUS\TurboV\TurboV.exe[3544] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 184                     00000000777127d8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   ...                                                                                                                                                    * 3
.text   C:\Program Files (x86)\ASUS\TurboV\TurboV.exe[3544] C:\Windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 299                             0000000077712b9b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\ASUS\TurboV\TurboV.exe[3544] C:\Windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 375                             0000000077712be7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   ...                                                                                                                                                    * 2
.text   C:\Program Files (x86)\ASUS\TurboV\TurboV.exe[3544] C:\Windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 523                                         00000000777130bb 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\ASUS\TurboV\TurboV.exe[3544] C:\Windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 920                                         0000000077713248 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\ASUS\TurboV\TurboV.exe[3544] C:\Windows\SYSTEM32\ntdll.dll!_itow_s + 33                                                         00000000777137c1 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\ASUS\TurboV\TurboV.exe[3544] C:\Windows\SYSTEM32\ntdll.dll!_itow_s + 274                                                        00000000777138b2 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   ...                                                                                                                                                    * 3
.text   C:\Program Files (x86)\ASUS\TurboV\TurboV.exe[3544] C:\Windows\SYSTEM32\ntdll.dll!RtlpCheckDynamicTimeZoneInformation + 197                            0000000077713a15 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\ASUS\TurboV\TurboV.exe[3544] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetLCIDFromLangInfoNode + 80                                     0000000077713fb0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\ASUS\TurboV\TurboV.exe[3544] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 161                                    0000000077714061 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\ASUS\TurboV\TurboV.exe[3544] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 277                                    00000000777140d5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   ...                                                                                                                                                    * 3
.text   C:\Program Files (x86)\ASUS\TurboV\TurboV.exe[3544] C:\Windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 214                                        0000000077714216 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\ASUS\TurboV\TurboV.exe[3544] C:\Windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 276                                        0000000077714254 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\ASUS\TurboV\TurboV.exe[3544] C:\Windows\SYSTEM32\ntdll.dll!RtlpNtOpenKey + 609                                                  00000000777144c1 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\ASUS\TurboV\TurboV.exe[3544] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 284                                     00000000777146ac 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\ASUS\TurboV\TurboV.exe[3544] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 483                                     0000000077714773 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\ASUS\TurboV\TurboV.exe[3544] C:\Windows\SYSTEM32\ntdll.dll!TpWaitForWait + 231                                                  0000000077714867 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\ASUS\TurboV\TurboV.exe[3544] C:\Windows\SYSTEM32\ntdll.dll!TpWaitForWait + 518                                                  0000000077714986 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   ...                                                                                                                                                    * 2
.text   C:\Program Files (x86)\ASUS\TurboV\TurboV.exe[3544] C:\Windows\SYSTEM32\ntdll.dll!RtlDeactivateActivationContext + 256                                 0000000077714ab0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\ASUS\TurboV\TurboV.exe[3544] C:\Windows\SYSTEM32\ntdll.dll!RtlActivateActivationContext + 67                                    0000000077714b03 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\ASUS\TurboV\TurboV.exe[3544] C:\Windows\SYSTEM32\ntdll.dll!RtlActivateActivationContextEx + 501                                 0000000077714d05 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\ASUS\TurboV\TurboV.exe[3544] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateUserThread + 256                                            0000000077714f00 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\ASUS\TurboV\TurboV.exe[3544] C:\Windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringExW + 247                                      0000000077715007 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\ASUS\TurboV\TurboV.exe[3544] C:\Windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringW + 483                                        00000000777151f3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\ASUS\TurboV\TurboV.exe[3544] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseAlpcCompletion + 438                                        0000000077716006 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\ASUS\TurboV\TurboV.exe[3544] C:\Windows\SYSTEM32\ntdll.dll!atol + 194                                                           00000000777161be 8 bytes [70, 6C, F8, 7E, 00, 00, 00, ...]
.text   C:\Program Files (x86)\ASUS\TurboV\TurboV.exe[3544] C:\Windows\SYSTEM32\ntdll.dll!qsort + 76                                                           00000000777163ac 8 bytes [60, 6C, F8, 7E, 00, 00, 00, ...]
.text   C:\Program Files (x86)\ASUS\TurboV\TurboV.exe[3544] C:\Windows\SYSTEM32\ntdll.dll!RtlLookupElementGenericTableFullAvl + 45                             00000000777163ed 8 bytes [50, 6C, F8, 7E, 00, 00, 00, ...]
.text   C:\Program Files (x86)\ASUS\TurboV\TurboV.exe[3544] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 4                                 0000000077716404 8 bytes [40, 6C, F8, 7E, 00, 00, 00, ...]
.text   C:\Program Files (x86)\ASUS\TurboV\TurboV.exe[3544] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 92                                000000007771645c 8 bytes [30, 6C, F8, 7E, 00, 00, 00, ...]
.text   C:\Program Files (x86)\ASUS\TurboV\TurboV.exe[3544] C:\Windows\SYSTEM32\ntdll.dll!RtlSubtreePredecessor + 790                                          0000000077716c26 8 bytes [20, 6C, F8, 7E, 00, 00, 00, ...]
.text   C:\Program Files (x86)\ASUS\TurboV\TurboV.exe[3544] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationThread                                               000000007775dca0 8 bytes {JMP QWORD [RIP-0x478a2]}
.text   C:\Program Files (x86)\ASUS\TurboV\TurboV.exe[3544] C:\Windows\SYSTEM32\ntdll.dll!NtQueryInformationThread                                             000000007775de20 8 bytes {JMP QWORD [RIP-0x479ca]}
.text   C:\Program Files (x86)\ASUS\TurboV\TurboV.exe[3544] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection                                                   000000007775de50 8 bytes {JMP QWORD [RIP-0x47c98]}
.text   C:\Program Files (x86)\ASUS\TurboV\TurboV.exe[3544] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory                                                 000000007775df70 8 bytes {JMP QWORD [RIP-0x47b89]}
.text   C:\Program Files (x86)\ASUS\TurboV\TurboV.exe[3544] C:\Windows\SYSTEM32\ntdll.dll!NtQueueApcThread                                                     000000007775e020 8 bytes {JMP QWORD [RIP-0x47c7a]}
.text   C:\Program Files (x86)\ASUS\TurboV\TurboV.exe[3544] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThreadEx                                                     000000007775e650 8 bytes {JMP QWORD [RIP-0x46b93]}
.text   C:\Program Files (x86)\ASUS\TurboV\TurboV.exe[3544] C:\Windows\SYSTEM32\ntdll.dll!NtGetContextThread                                                   000000007775e8a0 8 bytes {JMP QWORD [RIP-0x472a2]}
.text   C:\Program Files (x86)\ASUS\TurboV\TurboV.exe[3544] C:\Windows\SYSTEM32\ntdll.dll!NtSetContextThread                                                   000000007775f100 8 bytes {JMP QWORD [RIP-0x484e0]}
.text   C:\Program Files (x86)\ASUS\TurboV\TurboV.exe[3544] C:\Windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 312                                 00000000751b13cc 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\ASUS\TurboV\TurboV.exe[3544] C:\Windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 471                                 00000000751b146b 8 bytes {JMP 0xffffffffffffffb0}
.text   C:\Program Files (x86)\ASUS\TurboV\TurboV.exe[3544] C:\Windows\SYSTEM32\wow64cpu.dll!CpuProcessInit + 611                                              00000000751b16d7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\ASUS\TurboV\TurboV.exe[3544] C:\Windows\SYSTEM32\wow64cpu.dll!CpuGetStackPointer + 23                                           00000000751b19db 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\ASUS\TurboV\TurboV.exe[3544] C:\Windows\SYSTEM32\wow64cpu.dll!CpuSetStackPointer + 23                                           00000000751b19fb 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\ASUS\TurboV\TurboV.exe[3544] C:\Windows\SYSTEM32\wow64cpu.dll!CpuFlushInstructionCache + 23                                     00000000751b1a63 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe[3604] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                             00000000778c1401 2 bytes JMP 759bb1ef C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe[3604] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                               00000000778c1419 2 bytes JMP 759bb31a C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe[3604] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                             00000000778c1431 2 bytes JMP 75a38f09 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe[3604] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                             00000000778c144a 2 bytes CALL 75994885 C:\Windows\syswow64\kernel32.dll
.text   ...                                                                                                                                                    * 9
.text   C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe[3604] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                00000000778c14dd 2 bytes JMP 75a38802 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe[3604] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                         00000000778c14f5 2 bytes JMP 75a389d8 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe[3604] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                00000000778c150d 2 bytes JMP 75a386f8 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe[3604] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                         00000000778c1525 2 bytes JMP 75a38ac2 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe[3604] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                               00000000778c153d 2 bytes JMP 759afc78 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe[3604] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                    00000000778c1555 2 bytes JMP 759b68bf C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe[3604] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                             00000000778c156d 2 bytes JMP 75a38fc1 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe[3604] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                               00000000778c1585 2 bytes JMP 75a38b22 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe[3604] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                  00000000778c159d 2 bytes JMP 75a386bc C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe[3604] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                               00000000778c15b5 2 bytes JMP 759afd11 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe[3604] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                             00000000778c15cd 2 bytes JMP 759bb2b0 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe[3604] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                         00000000778c16b2 2 bytes JMP 75a38e84 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe[3604] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                         00000000778c16bd 2 bytes JMP 75a38651 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\Logitech\SetPoint\x86\SetPoint32.exe[4472] C:\Windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 159                             00000000777113ef 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Logitech\SetPoint\x86\SetPoint32.exe[4472] C:\Windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 500                             0000000077711544 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Logitech\SetPoint\x86\SetPoint32.exe[4472] C:\Windows\SYSTEM32\ntdll.dll!RtlDeleteAce + 126                                     00000000777118ce 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Logitech\SetPoint\x86\SetPoint32.exe[4472] C:\Windows\SYSTEM32\ntdll.dll!RtlDeleteAce + 644                                     0000000077711ad4 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Logitech\SetPoint\x86\SetPoint32.exe[4472] C:\Windows\SYSTEM32\ntdll.dll!_vsnwprintf_s + 212                                    0000000077711bb4 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Logitech\SetPoint\x86\SetPoint32.exe[4472] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateActivationContext + 373                       0000000077711d35 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Logitech\SetPoint\x86\SetPoint32.exe[4472] C:\Windows\SYSTEM32\ntdll.dll!isalpha + 31                                           0000000077711e9f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Logitech\SetPoint\x86\SetPoint32.exe[4472] C:\Windows\SYSTEM32\ntdll.dll!_strnicmp + 89                                         0000000077711f85 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Logitech\SetPoint\x86\SetPoint32.exe[4472] C:\Windows\SYSTEM32\ntdll.dll!RtlImpersonateSelfEx + 680                             0000000077712248 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Logitech\SetPoint\x86\SetPoint32.exe[4472] C:\Windows\SYSTEM32\ntdll.dll!RtlIsGenericTableEmptyAvl + 16                         00000000777126f0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Logitech\SetPoint\x86\SetPoint32.exe[4472] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableAvl + 18                       0000000077712712 8 bytes {JMP 0x10}
.text   C:\Program Files (x86)\Logitech\SetPoint\x86\SetPoint32.exe[4472] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 79        000000007771276f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Logitech\SetPoint\x86\SetPoint32.exe[4472] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 184       00000000777127d8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   ...                                                                                                                                                    * 3
.text   C:\Program Files (x86)\Logitech\SetPoint\x86\SetPoint32.exe[4472] C:\Windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 299               0000000077712b9b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Logitech\SetPoint\x86\SetPoint32.exe[4472] C:\Windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 375               0000000077712be7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   ...                                                                                                                                                    * 2
.text   C:\Program Files (x86)\Logitech\SetPoint\x86\SetPoint32.exe[4472] C:\Windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 523                           00000000777130bb 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Logitech\SetPoint\x86\SetPoint32.exe[4472] C:\Windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 920                           0000000077713248 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Logitech\SetPoint\x86\SetPoint32.exe[4472] C:\Windows\SYSTEM32\ntdll.dll!_itow_s + 33                                           00000000777137c1 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Logitech\SetPoint\x86\SetPoint32.exe[4472] C:\Windows\SYSTEM32\ntdll.dll!_itow_s + 274                                          00000000777138b2 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   ...                                                                                                                                                    * 3
.text   C:\Program Files (x86)\Logitech\SetPoint\x86\SetPoint32.exe[4472] C:\Windows\SYSTEM32\ntdll.dll!RtlpCheckDynamicTimeZoneInformation + 197              0000000077713a15 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Logitech\SetPoint\x86\SetPoint32.exe[4472] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetLCIDFromLangInfoNode + 80                       0000000077713fb0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Logitech\SetPoint\x86\SetPoint32.exe[4472] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 161                      0000000077714061 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Logitech\SetPoint\x86\SetPoint32.exe[4472] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 277                      00000000777140d5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   ...                                                                                                                                                    * 3
.text   C:\Program Files (x86)\Logitech\SetPoint\x86\SetPoint32.exe[4472] C:\Windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 214                          0000000077714216 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Logitech\SetPoint\x86\SetPoint32.exe[4472] C:\Windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 276                          0000000077714254 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Logitech\SetPoint\x86\SetPoint32.exe[4472] C:\Windows\SYSTEM32\ntdll.dll!RtlpNtOpenKey + 609                                    00000000777144c1 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Logitech\SetPoint\x86\SetPoint32.exe[4472] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 284                       00000000777146ac 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Logitech\SetPoint\x86\SetPoint32.exe[4472] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 483                       0000000077714773 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Logitech\SetPoint\x86\SetPoint32.exe[4472] C:\Windows\SYSTEM32\ntdll.dll!TpWaitForWait + 231                                    0000000077714867 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Logitech\SetPoint\x86\SetPoint32.exe[4472] C:\Windows\SYSTEM32\ntdll.dll!TpWaitForWait + 518                                    0000000077714986 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   ...                                                                                                                                                    * 2
.text   C:\Program Files (x86)\Logitech\SetPoint\x86\SetPoint32.exe[4472] C:\Windows\SYSTEM32\ntdll.dll!RtlDeactivateActivationContext + 256                   0000000077714ab0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Logitech\SetPoint\x86\SetPoint32.exe[4472] C:\Windows\SYSTEM32\ntdll.dll!RtlActivateActivationContext + 67                      0000000077714b03 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Logitech\SetPoint\x86\SetPoint32.exe[4472] C:\Windows\SYSTEM32\ntdll.dll!RtlActivateActivationContextEx + 501                   0000000077714d05 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Logitech\SetPoint\x86\SetPoint32.exe[4472] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateUserThread + 256                              0000000077714f00 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Logitech\SetPoint\x86\SetPoint32.exe[4472] C:\Windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringExW + 247                        0000000077715007 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Logitech\SetPoint\x86\SetPoint32.exe[4472] C:\Windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringW + 483                          00000000777151f3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Logitech\SetPoint\x86\SetPoint32.exe[4472] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseAlpcCompletion + 438                          0000000077716006 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Logitech\SetPoint\x86\SetPoint32.exe[4472] C:\Windows\SYSTEM32\ntdll.dll!atol + 194                                             00000000777161be 8 bytes [70, 6C, F8, 7E, 00, 00, 00, ...]
.text   C:\Program Files (x86)\Logitech\SetPoint\x86\SetPoint32.exe[4472] C:\Windows\SYSTEM32\ntdll.dll!qsort + 76                                             00000000777163ac 8 bytes [60, 6C, F8, 7E, 00, 00, 00, ...]
.text   C:\Program Files (x86)\Logitech\SetPoint\x86\SetPoint32.exe[4472] C:\Windows\SYSTEM32\ntdll.dll!RtlLookupElementGenericTableFullAvl + 45               00000000777163ed 8 bytes [50, 6C, F8, 7E, 00, 00, 00, ...]
.text   C:\Program Files (x86)\Logitech\SetPoint\x86\SetPoint32.exe[4472] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 4                   0000000077716404 8 bytes [40, 6C, F8, 7E, 00, 00, 00, ...]
.text   C:\Program Files (x86)\Logitech\SetPoint\x86\SetPoint32.exe[4472] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 92                  000000007771645c 8 bytes [30, 6C, F8, 7E, 00, 00, 00, ...]
.text   C:\Program Files (x86)\Logitech\SetPoint\x86\SetPoint32.exe[4472] C:\Windows\SYSTEM32\ntdll.dll!RtlSubtreePredecessor + 790                            0000000077716c26 8 bytes [20, 6C, F8, 7E, 00, 00, 00, ...]
.text   C:\Program Files (x86)\Logitech\SetPoint\x86\SetPoint32.exe[4472] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationThread                                 000000007775dca0 8 bytes {JMP QWORD [RIP-0x478a2]}
.text   C:\Program Files (x86)\Logitech\SetPoint\x86\SetPoint32.exe[4472] C:\Windows\SYSTEM32\ntdll.dll!NtQueryInformationThread                               000000007775de20 8 bytes {JMP QWORD [RIP-0x479ca]}
.text   C:\Program Files (x86)\Logitech\SetPoint\x86\SetPoint32.exe[4472] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection                                     000000007775de50 8 bytes {JMP QWORD [RIP-0x47c98]}
.text   C:\Program Files (x86)\Logitech\SetPoint\x86\SetPoint32.exe[4472] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory                                   000000007775df70 8 bytes {JMP QWORD [RIP-0x47b89]}
.text   C:\Program Files (x86)\Logitech\SetPoint\x86\SetPoint32.exe[4472] C:\Windows\SYSTEM32\ntdll.dll!NtQueueApcThread                                       000000007775e020 8 bytes {JMP QWORD [RIP-0x47c7a]}
.text   C:\Program Files (x86)\Logitech\SetPoint\x86\SetPoint32.exe[4472] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThreadEx                                       000000007775e650 8 bytes {JMP QWORD [RIP-0x46b93]}
.text   C:\Program Files (x86)\Logitech\SetPoint\x86\SetPoint32.exe[4472] C:\Windows\SYSTEM32\ntdll.dll!NtGetContextThread                                     000000007775e8a0 8 bytes {JMP QWORD [RIP-0x472a2]}
.text   C:\Program Files (x86)\Logitech\SetPoint\x86\SetPoint32.exe[4472] C:\Windows\SYSTEM32\ntdll.dll!NtSetContextThread                                     000000007775f100 8 bytes {JMP QWORD [RIP-0x484e0]}
.text   C:\Program Files (x86)\Logitech\SetPoint\x86\SetPoint32.exe[4472] C:\Windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 312                   00000000751b13cc 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Logitech\SetPoint\x86\SetPoint32.exe[4472] C:\Windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 471                   00000000751b146b 8 bytes {JMP 0xffffffffffffffb0}
.text   C:\Program Files (x86)\Logitech\SetPoint\x86\SetPoint32.exe[4472] C:\Windows\SYSTEM32\wow64cpu.dll!CpuProcessInit + 611                                00000000751b16d7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Logitech\SetPoint\x86\SetPoint32.exe[4472] C:\Windows\SYSTEM32\wow64cpu.dll!CpuGetStackPointer + 23                             00000000751b19db 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Logitech\SetPoint\x86\SetPoint32.exe[4472] C:\Windows\SYSTEM32\wow64cpu.dll!CpuSetStackPointer + 23                             00000000751b19fb 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Logitech\SetPoint\x86\SetPoint32.exe[4472] C:\Windows\SYSTEM32\wow64cpu.dll!CpuFlushInstructionCache + 23                       00000000751b1a63 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe[5512] C:\Windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 159                                 00000000777113ef 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe[5512] C:\Windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 500                                 0000000077711544 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe[5512] C:\Windows\SYSTEM32\ntdll.dll!RtlDeleteAce + 126                                         00000000777118ce 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe[5512] C:\Windows\SYSTEM32\ntdll.dll!RtlDeleteAce + 644                                         0000000077711ad4 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe[5512] C:\Windows\SYSTEM32\ntdll.dll!_vsnwprintf_s + 212                                        0000000077711bb4 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe[5512] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateActivationContext + 373                           0000000077711d35 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe[5512] C:\Windows\SYSTEM32\ntdll.dll!isalpha + 31                                               0000000077711e9f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe[5512] C:\Windows\SYSTEM32\ntdll.dll!_strnicmp + 89                                             0000000077711f85 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe[5512] C:\Windows\SYSTEM32\ntdll.dll!RtlImpersonateSelfEx + 680                                 0000000077712248 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe[5512] C:\Windows\SYSTEM32\ntdll.dll!RtlIsGenericTableEmptyAvl + 16                             00000000777126f0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe[5512] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableAvl + 18                           0000000077712712 8 bytes {JMP 0x10}
.text   C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe[5512] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 79            000000007771276f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe[5512] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 184           00000000777127d8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   ...                                                                                                                                                    * 3
.text   C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe[5512] C:\Windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 299                   0000000077712b9b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe[5512] C:\Windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 375                   0000000077712be7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   ...                                                                                                                                                    * 2
.text   C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe[5512] C:\Windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 523                               00000000777130bb 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe[5512] C:\Windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 920                               0000000077713248 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe[5512] C:\Windows\SYSTEM32\ntdll.dll!_itow_s + 33                                               00000000777137c1 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe[5512] C:\Windows\SYSTEM32\ntdll.dll!_itow_s + 274                                              00000000777138b2 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   ...                                                                                                                                                    * 3
.text   C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe[5512] C:\Windows\SYSTEM32\ntdll.dll!RtlpCheckDynamicTimeZoneInformation + 197                  0000000077713a15 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe[5512] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetLCIDFromLangInfoNode + 80                           0000000077713fb0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe[5512] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 161                          0000000077714061 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe[5512] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 277                          00000000777140d5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   ...                                                                                                                                                    * 3
.text   C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe[5512] C:\Windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 214                              0000000077714216 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe[5512] C:\Windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 276                              0000000077714254 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe[5512] C:\Windows\SYSTEM32\ntdll.dll!RtlpNtOpenKey + 609                                        00000000777144c1 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe[5512] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 284                           00000000777146ac 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe[5512] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 483                           0000000077714773 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe[5512] C:\Windows\SYSTEM32\ntdll.dll!TpWaitForWait + 231                                        0000000077714867 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe[5512] C:\Windows\SYSTEM32\ntdll.dll!TpWaitForWait + 518                                        0000000077714986 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   ...                                                                                                                                                    * 2
.text   C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe[5512] C:\Windows\SYSTEM32\ntdll.dll!RtlDeactivateActivationContext + 256                       0000000077714ab0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe[5512] C:\Windows\SYSTEM32\ntdll.dll!RtlActivateActivationContext + 67                          0000000077714b03 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe[5512] C:\Windows\SYSTEM32\ntdll.dll!RtlActivateActivationContextEx + 501                       0000000077714d05 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe[5512] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateUserThread + 256                                  0000000077714f00 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe[5512] C:\Windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringExW + 247                            0000000077715007 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe[5512] C:\Windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringW + 483                              00000000777151f3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe[5512] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseAlpcCompletion + 438                              0000000077716006 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe[5512] C:\Windows\SYSTEM32\ntdll.dll!atol + 194                                                 00000000777161be 8 bytes [70, 6C, F8, 7E, 00, 00, 00, ...]
.text   C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe[5512] C:\Windows\SYSTEM32\ntdll.dll!qsort + 76                                                 00000000777163ac 8 bytes [60, 6C, F8, 7E, 00, 00, 00, ...]
.text   C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe[5512] C:\Windows\SYSTEM32\ntdll.dll!RtlLookupElementGenericTableFullAvl + 45                   00000000777163ed 8 bytes [50, 6C, F8, 7E, 00, 00, 00, ...]
.text   C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe[5512] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 4                       0000000077716404 8 bytes [40, 6C, F8, 7E, 00, 00, 00, ...]
.text   C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe[5512] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 92                      000000007771645c 8 bytes [30, 6C, F8, 7E, 00, 00, 00, ...]
.text   C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe[5512] C:\Windows\SYSTEM32\ntdll.dll!RtlSubtreePredecessor + 790                                0000000077716c26 8 bytes [20, 6C, F8, 7E, 00, 00, 00, ...]
.text   C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe[5512] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationThread                                     000000007775dca0 8 bytes {JMP QWORD [RIP-0x478a2]}
.text   C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe[5512] C:\Windows\SYSTEM32\ntdll.dll!NtQueryInformationThread                                   000000007775de20 8 bytes {JMP QWORD [RIP-0x479ca]}
.text   C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe[5512] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection                                         000000007775de50 8 bytes {JMP QWORD [RIP-0x47c98]}
.text   C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe[5512] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory                                       000000007775df70 8 bytes {JMP QWORD [RIP-0x47b89]}
.text   C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe[5512] C:\Windows\SYSTEM32\ntdll.dll!NtQueueApcThread                                           000000007775e020 8 bytes {JMP QWORD [RIP-0x47c7a]}
.text   C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe[5512] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThreadEx                                           000000007775e650 8 bytes {JMP QWORD [RIP-0x46b93]}
.text   C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe[5512] C:\Windows\SYSTEM32\ntdll.dll!NtGetContextThread                                         000000007775e8a0 8 bytes {JMP QWORD [RIP-0x472a2]}
.text   C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe[5512] C:\Windows\SYSTEM32\ntdll.dll!NtSetContextThread                                         000000007775f100 8 bytes {JMP QWORD [RIP-0x484e0]}
.text   C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe[5512] C:\Windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 312                       00000000751b13cc 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe[5512] C:\Windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 471                       00000000751b146b 8 bytes {JMP 0xffffffffffffffb0}
.text   C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe[5512] C:\Windows\SYSTEM32\wow64cpu.dll!CpuProcessInit + 611                                    00000000751b16d7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe[5512] C:\Windows\SYSTEM32\wow64cpu.dll!CpuGetStackPointer + 23                                 00000000751b19db 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe[5512] C:\Windows\SYSTEM32\wow64cpu.dll!CpuSetStackPointer + 23                                 00000000751b19fb 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe[5512] C:\Windows\SYSTEM32\wow64cpu.dll!CpuFlushInstructionCache + 23                           00000000751b1a63 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5824] C:\Windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 159                        00000000777113ef 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5824] C:\Windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 500                        0000000077711544 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5824] C:\Windows\SYSTEM32\ntdll.dll!RtlDeleteAce + 126                                00000000777118ce 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5824] C:\Windows\SYSTEM32\ntdll.dll!RtlDeleteAce + 644                                0000000077711ad4 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5824] C:\Windows\SYSTEM32\ntdll.dll!_vsnwprintf_s + 212                               0000000077711bb4 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5824] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateActivationContext + 373                  0000000077711d35 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5824] C:\Windows\SYSTEM32\ntdll.dll!isalpha + 31                                      0000000077711e9f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5824] C:\Windows\SYSTEM32\ntdll.dll!_strnicmp + 89                                    0000000077711f85 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5824] C:\Windows\SYSTEM32\ntdll.dll!RtlImpersonateSelfEx + 680                        0000000077712248 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5824] C:\Windows\SYSTEM32\ntdll.dll!RtlIsGenericTableEmptyAvl + 16                    00000000777126f0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5824] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableAvl + 18                  0000000077712712 8 bytes {JMP 0x10}
.text   C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5824] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 79   000000007771276f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5824] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 184  00000000777127d8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   ...                                                                                                                                                    * 3
.text   C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5824] C:\Windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 299          0000000077712b9b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5824] C:\Windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 375          0000000077712be7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   ...                                                                                                                                                    * 2
.text   C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5824] C:\Windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 523                      00000000777130bb 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5824] C:\Windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 920                      0000000077713248 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5824] C:\Windows\SYSTEM32\ntdll.dll!_itow_s + 33                                      00000000777137c1 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5824] C:\Windows\SYSTEM32\ntdll.dll!_itow_s + 274                                     00000000777138b2 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   ...                                                                                                                                                    * 3
.text   C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5824] C:\Windows\SYSTEM32\ntdll.dll!RtlpCheckDynamicTimeZoneInformation + 197         0000000077713a15 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5824] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetLCIDFromLangInfoNode + 80                  0000000077713fb0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5824] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 161                 0000000077714061 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5824] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 277                 00000000777140d5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   ...                                                                                                                                                    * 3
.text   C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5824] C:\Windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 214                     0000000077714216 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5824] C:\Windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 276                     0000000077714254 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5824] C:\Windows\SYSTEM32\ntdll.dll!RtlpNtOpenKey + 609                               00000000777144c1 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5824] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 284                  00000000777146ac 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5824] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 483                  0000000077714773 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5824] C:\Windows\SYSTEM32\ntdll.dll!TpWaitForWait + 231                               0000000077714867 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5824] C:\Windows\SYSTEM32\ntdll.dll!TpWaitForWait + 518                               0000000077714986 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   ...                                                                                                                                                    * 2
.text   C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5824] C:\Windows\SYSTEM32\ntdll.dll!RtlDeactivateActivationContext + 256              0000000077714ab0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5824] C:\Windows\SYSTEM32\ntdll.dll!RtlActivateActivationContext + 67                 0000000077714b03 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5824] C:\Windows\SYSTEM32\ntdll.dll!RtlActivateActivationContextEx + 501              0000000077714d05 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5824] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateUserThread + 256                         0000000077714f00 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5824] C:\Windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringExW + 247                   0000000077715007 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5824] C:\Windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringW + 483                     00000000777151f3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5824] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseAlpcCompletion + 438                     0000000077716006 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5824] C:\Windows\SYSTEM32\ntdll.dll!atol + 194                                        00000000777161be 8 bytes [70, 6C, F8, 7E, 00, 00, 00, ...]
.text   C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5824] C:\Windows\SYSTEM32\ntdll.dll!qsort + 76                                        00000000777163ac 8 bytes [60, 6C, F8, 7E, 00, 00, 00, ...]
.text   C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5824] C:\Windows\SYSTEM32\ntdll.dll!RtlLookupElementGenericTableFullAvl + 45          00000000777163ed 8 bytes [50, 6C, F8, 7E, 00, 00, 00, ...]
.text   C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5824] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 4              0000000077716404 8 bytes [40, 6C, F8, 7E, 00, 00, 00, ...]
.text   C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5824] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 92             000000007771645c 8 bytes [30, 6C, F8, 7E, 00, 00, 00, ...]
.text   C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5824] C:\Windows\SYSTEM32\ntdll.dll!RtlSubtreePredecessor + 790                       0000000077716c26 8 bytes [20, 6C, F8, 7E, 00, 00, 00, ...]
.text   C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5824] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationThread                            000000007775dca0 8 bytes {JMP QWORD [RIP-0x478a2]}
.text   C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5824] C:\Windows\SYSTEM32\ntdll.dll!NtQueryInformationThread                          000000007775de20 8 bytes {JMP QWORD [RIP-0x479ca]}
.text   C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5824] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection                                000000007775de50 8 bytes {JMP QWORD [RIP-0x47c98]}
.text   C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5824] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory                              000000007775df70 8 bytes {JMP QWORD [RIP-0x47b89]}
.text   C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5824] C:\Windows\SYSTEM32\ntdll.dll!NtQueueApcThread                                  000000007775e020 8 bytes {JMP QWORD [RIP-0x47c7a]}
.text   C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5824] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThreadEx                                  000000007775e650 8 bytes {JMP QWORD [RIP-0x46b93]}
.text   C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5824] C:\Windows\SYSTEM32\ntdll.dll!NtGetContextThread                                000000007775e8a0 8 bytes {JMP QWORD [RIP-0x472a2]}
.text   C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5824] C:\Windows\SYSTEM32\ntdll.dll!NtSetContextThread                                000000007775f100 8 bytes {JMP QWORD [RIP-0x484e0]}
.text   C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5824] C:\Windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 312              00000000751b13cc 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5824] C:\Windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 471              00000000751b146b 8 bytes {JMP 0xffffffffffffffb0}
.text   C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5824] C:\Windows\SYSTEM32\wow64cpu.dll!CpuProcessInit + 611                           00000000751b16d7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5824] C:\Windows\SYSTEM32\wow64cpu.dll!CpuGetStackPointer + 23                        00000000751b19db 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5824] C:\Windows\SYSTEM32\wow64cpu.dll!CpuSetStackPointer + 23                        00000000751b19fb 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[5824] C:\Windows\SYSTEM32\wow64cpu.dll!CpuFlushInstructionCache + 23                  00000000751b1a63 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Users\Robert\Desktop\Gmer-19357.exe[5588] C:\Windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 159                                                  00000000777113ef 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Users\Robert\Desktop\Gmer-19357.exe[5588] C:\Windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 500                                                  0000000077711544 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Users\Robert\Desktop\Gmer-19357.exe[5588] C:\Windows\SYSTEM32\ntdll.dll!RtlDeleteAce + 126                                                          00000000777118ce 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Users\Robert\Desktop\Gmer-19357.exe[5588] C:\Windows\SYSTEM32\ntdll.dll!RtlDeleteAce + 644                                                          0000000077711ad4 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Users\Robert\Desktop\Gmer-19357.exe[5588] C:\Windows\SYSTEM32\ntdll.dll!_vsnwprintf_s + 212                                                         0000000077711bb4 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Users\Robert\Desktop\Gmer-19357.exe[5588] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateActivationContext + 373                                            0000000077711d35 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Users\Robert\Desktop\Gmer-19357.exe[5588] C:\Windows\SYSTEM32\ntdll.dll!isalpha + 31                                                                0000000077711e9f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Users\Robert\Desktop\Gmer-19357.exe[5588] C:\Windows\SYSTEM32\ntdll.dll!_strnicmp + 89                                                              0000000077711f85 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Users\Robert\Desktop\Gmer-19357.exe[5588] C:\Windows\SYSTEM32\ntdll.dll!RtlImpersonateSelfEx + 680                                                  0000000077712248 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Users\Robert\Desktop\Gmer-19357.exe[5588] C:\Windows\SYSTEM32\ntdll.dll!RtlIsGenericTableEmptyAvl + 16                                              00000000777126f0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Users\Robert\Desktop\Gmer-19357.exe[5588] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableAvl + 18                                            0000000077712712 8 bytes {JMP 0x10}
.text   C:\Users\Robert\Desktop\Gmer-19357.exe[5588] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 79                             000000007771276f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Users\Robert\Desktop\Gmer-19357.exe[5588] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 184                            00000000777127d8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   ...                                                                                                                                                    * 3
.text   C:\Users\Robert\Desktop\Gmer-19357.exe[5588] C:\Windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 299                                    0000000077712b9b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Users\Robert\Desktop\Gmer-19357.exe[5588] C:\Windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 375                                    0000000077712be7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   ...                                                                                                                                                    * 2
.text   C:\Users\Robert\Desktop\Gmer-19357.exe[5588] C:\Windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 523                                                00000000777130bb 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Users\Robert\Desktop\Gmer-19357.exe[5588] C:\Windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 920                                                0000000077713248 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Users\Robert\Desktop\Gmer-19357.exe[5588] C:\Windows\SYSTEM32\ntdll.dll!_itow_s + 33                                                                00000000777137c1 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Users\Robert\Desktop\Gmer-19357.exe[5588] C:\Windows\SYSTEM32\ntdll.dll!_itow_s + 274                                                               00000000777138b2 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   ...                                                                                                                                                    * 3
.text   C:\Users\Robert\Desktop\Gmer-19357.exe[5588] C:\Windows\SYSTEM32\ntdll.dll!RtlpCheckDynamicTimeZoneInformation + 197                                   0000000077713a15 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Users\Robert\Desktop\Gmer-19357.exe[5588] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetLCIDFromLangInfoNode + 80                                            0000000077713fb0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Users\Robert\Desktop\Gmer-19357.exe[5588] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 161                                           0000000077714061 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Users\Robert\Desktop\Gmer-19357.exe[5588] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 277                                           00000000777140d5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   ...                                                                                                                                                    * 3
.text   C:\Users\Robert\Desktop\Gmer-19357.exe[5588] C:\Windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 214                                               0000000077714216 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Users\Robert\Desktop\Gmer-19357.exe[5588] C:\Windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 276                                               0000000077714254 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Users\Robert\Desktop\Gmer-19357.exe[5588] C:\Windows\SYSTEM32\ntdll.dll!RtlpNtOpenKey + 609                                                         00000000777144c1 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Users\Robert\Desktop\Gmer-19357.exe[5588] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 284                                            00000000777146ac 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Users\Robert\Desktop\Gmer-19357.exe[5588] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 483                                            0000000077714773 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Users\Robert\Desktop\Gmer-19357.exe[5588] C:\Windows\SYSTEM32\ntdll.dll!TpWaitForWait + 231                                                         0000000077714867 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Users\Robert\Desktop\Gmer-19357.exe[5588] C:\Windows\SYSTEM32\ntdll.dll!TpWaitForWait + 518                                                         0000000077714986 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   ...                                                                                                                                                    * 2
.text   C:\Users\Robert\Desktop\Gmer-19357.exe[5588] C:\Windows\SYSTEM32\ntdll.dll!RtlDeactivateActivationContext + 256                                        0000000077714ab0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Users\Robert\Desktop\Gmer-19357.exe[5588] C:\Windows\SYSTEM32\ntdll.dll!RtlActivateActivationContext + 67                                           0000000077714b03 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Users\Robert\Desktop\Gmer-19357.exe[5588] C:\Windows\SYSTEM32\ntdll.dll!RtlActivateActivationContextEx + 501                                        0000000077714d05 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Users\Robert\Desktop\Gmer-19357.exe[5588] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateUserThread + 256                                                   0000000077714f00 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Users\Robert\Desktop\Gmer-19357.exe[5588] C:\Windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringExW + 247                                             0000000077715007 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Users\Robert\Desktop\Gmer-19357.exe[5588] C:\Windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringW + 483                                               00000000777151f3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Users\Robert\Desktop\Gmer-19357.exe[5588] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseAlpcCompletion + 438                                               0000000077716006 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Users\Robert\Desktop\Gmer-19357.exe[5588] C:\Windows\SYSTEM32\ntdll.dll!atol + 194                                                                  00000000777161be 8 bytes [70, 6C, F8, 7E, 00, 00, 00, ...]
.text   C:\Users\Robert\Desktop\Gmer-19357.exe[5588] C:\Windows\SYSTEM32\ntdll.dll!qsort + 76                                                                  00000000777163ac 8 bytes [60, 6C, F8, 7E, 00, 00, 00, ...]
.text   C:\Users\Robert\Desktop\Gmer-19357.exe[5588] C:\Windows\SYSTEM32\ntdll.dll!RtlLookupElementGenericTableFullAvl + 45                                    00000000777163ed 8 bytes [50, 6C, F8, 7E, 00, 00, 00, ...]
.text   C:\Users\Robert\Desktop\Gmer-19357.exe[5588] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 4                                        0000000077716404 8 bytes [40, 6C, F8, 7E, 00, 00, 00, ...]
.text   C:\Users\Robert\Desktop\Gmer-19357.exe[5588] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 92                                       000000007771645c 8 bytes [30, 6C, F8, 7E, 00, 00, 00, ...]
.text   C:\Users\Robert\Desktop\Gmer-19357.exe[5588] C:\Windows\SYSTEM32\ntdll.dll!RtlSubtreePredecessor + 790                                                 0000000077716c26 8 bytes [20, 6C, F8, 7E, 00, 00, 00, ...]
.text   C:\Users\Robert\Desktop\Gmer-19357.exe[5588] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationThread                                                      000000007775dca0 8 bytes {JMP QWORD [RIP-0x478a2]}
.text   C:\Users\Robert\Desktop\Gmer-19357.exe[5588] C:\Windows\SYSTEM32\ntdll.dll!NtQueryInformationThread                                                    000000007775de20 8 bytes {JMP QWORD [RIP-0x479ca]}
.text   C:\Users\Robert\Desktop\Gmer-19357.exe[5588] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection                                                          000000007775de50 8 bytes {JMP QWORD [RIP-0x47c98]}
.text   C:\Users\Robert\Desktop\Gmer-19357.exe[5588] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory                                                        000000007775df70 8 bytes {JMP QWORD [RIP-0x47b89]}
.text   C:\Users\Robert\Desktop\Gmer-19357.exe[5588] C:\Windows\SYSTEM32\ntdll.dll!NtQueueApcThread                                                            000000007775e020 8 bytes {JMP QWORD [RIP-0x47c7a]}
.text   C:\Users\Robert\Desktop\Gmer-19357.exe[5588] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThreadEx                                                            000000007775e650 8 bytes {JMP QWORD [RIP-0x46b93]}
.text   C:\Users\Robert\Desktop\Gmer-19357.exe[5588] C:\Windows\SYSTEM32\ntdll.dll!NtGetContextThread                                                          000000007775e8a0 8 bytes {JMP QWORD [RIP-0x472a2]}
.text   C:\Users\Robert\Desktop\Gmer-19357.exe[5588] C:\Windows\SYSTEM32\ntdll.dll!NtSetContextThread                                                          000000007775f100 8 bytes {JMP QWORD [RIP-0x484e0]}
.text   C:\Users\Robert\Desktop\Gmer-19357.exe[5588] C:\Windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 312                                        00000000751b13cc 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Users\Robert\Desktop\Gmer-19357.exe[5588] C:\Windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 471                                        00000000751b146b 8 bytes {JMP 0xffffffffffffffb0}
.text   C:\Users\Robert\Desktop\Gmer-19357.exe[5588] C:\Windows\SYSTEM32\wow64cpu.dll!CpuProcessInit + 611                                                     00000000751b16d7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Users\Robert\Desktop\Gmer-19357.exe[5588] C:\Windows\SYSTEM32\wow64cpu.dll!CpuGetStackPointer + 23                                                  00000000751b19db 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Users\Robert\Desktop\Gmer-19357.exe[5588] C:\Windows\SYSTEM32\wow64cpu.dll!CpuSetStackPointer + 23                                                  00000000751b19fb 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Users\Robert\Desktop\Gmer-19357.exe[5588] C:\Windows\SYSTEM32\wow64cpu.dll!CpuFlushInstructionCache + 23                                            00000000751b1a63 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]

---- Threads - GMER 2.1 ----

Thread  C:\Windows\System32\svchost.exe [2344:6040]                                                                                                            000007feeff29688

---- EOF - GMER 2.1 ----
Noch zu erwähnen ist, das ich MBAM(Premium) besitze und die Untersuchungen mit diesem keine Funde ergab.

Im voraus schon mal vielen Dank.

Mit freundlichen Grüßen

Necro
__________________
Alt 02.05.2015, 22:48   #3
schrauber
/// the machine
/// TB-Ausbilder
 
Windows 7: Spiele starten nicht mehr und PC starten funktioniert manchmal nicht - Standard

Windows 7: Spiele starten nicht mehr und PC starten funktioniert manchmal nicht


Hi,

FRST bitte nochmal, unsere Tools brauchen immer Adminrechte.
__________________
__________________
Alt 03.05.2015, 00:43   #4
Necro0
 
Windows 7: Spiele starten nicht mehr und PC starten funktioniert manchmal nicht - Standard

Windows 7: Spiele starten nicht mehr und PC starten funktioniert manchmal nicht


Hi Schrauber,

tut mir leid da hab ich wohl gepennt.
Hier die Logs

FRST:


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-04-2015 01
Ran by Admin (administrator) on ROBERT-PC on 03-05-2015 01:39:02
Running from C:\Users\Robert\Desktop
Loaded Profiles: Robert & Admin (Available profiles: Robert & Admin)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Andrea Electronics Corporation) C:\Windows\System32\AEADISRV.EXE
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.00\AsSysCtrlService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
(REINER SCT) C:\Windows\SysWOW64\cjpcsc.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Gainward Co.) C:\Program Files (x86)\EXPERTool\TBPANEL.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Analog Devices, Inc.) C:\Program Files (x86)\Analog Devices\SoundMAX\SoundMAX.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
() C:\Program Files (x86)\ASUS\TurboV\TurboV.exe
(Logitech, Inc.) C:\Program Files (x86)\Logitech\SetPoint\SetPoint.exe
(Analog Devices, Inc.) C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Logitech\SetPoint\x86\SetPoint32.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM-x32\...\Run: [TurboV] => C:\Program Files (x86)\ASUS\TurboV\TurboV.exe [4040192 2008-10-21] ()
HKLM-x32\...\Run: [SoundMAXPnP] => C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [1310720 2008-04-16] (Analog Devices, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [224128 2014-03-18] (Oracle Corporation)
HKLM\...\RunOnce: [*WerKernelReporting] => C:\Windows\SYSTEM32\WerFault.exe [415232 2009-07-14] (Microsoft Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logitech\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [163328 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\Run: [GAINWARD] => C:\Program Files (x86)\EXPERTool\TBPanel.exe [2181672 2009-05-12] (Gainward Co.)
HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\Run: [SoundMax] => C:\Program Files (x86)\Analog Devices\SoundMAX\SoundMAX.exe [3858432 2008-08-20] (Analog Devices, Inc.)
HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\Run: [Google Update] => C:\Users\Robert\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-09-16] (Google Inc.)
HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
AppInit_DLLs:  =>  File Not Found
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech SetPoint.lnk [2009-08-13]
ShortcutTarget: Logitech SetPoint.lnk -> C:\Program Files (x86)\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
Startup: C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2014-01-30] ()
GroupPolicyUsers\S-1-5-21-908869703-3165420859-1136871304-1002\User: Group Policy restriction detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-908869703-3165420859-1136871304-1000\User: Group Policy restriction detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-908869703-3165420859-1136871304-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-908869703-3165420859-1136871304-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-908869703-3165420859-1136871304-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKU\S-1-5-21-908869703-3165420859-1136871304-1000 - (No Name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - No File
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKLM-x32 -> DefaultScope value is missing.
SearchScopes: HKU\S-1-5-21-908869703-3165420859-1136871304-1000 -> DefaultScope {7DDC945D-68E7-480A-B922-594CD4878A41} URL = hxxp://www.google.de/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-908869703-3165420859-1136871304-1000 -> {7DDC945D-68E7-480A-B922-594CD4878A41} URL = hxxp://www.google.de/search?q={searchTerms}
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-01-30] (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-12-17] (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll [2014-01-30] (Kaspersky Lab ZAO)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll [2014-02-18] (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-01-30] (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-12-17] (Kaspersky Lab ZAO)
BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll [2014-01-30] (Kaspersky Lab ZAO)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll [2014-02-18] (Kaspersky Lab ZAO)
DPF: HKLM {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: HKLM-x32 {D0C0F75C-683A-4390-A791-1ACFD5599AB8} hxxp://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-10-10] (Skype Technologies S.A.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll [2014-12-09] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll [2014-12-09] ()
FF Plugin-x32: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll No File
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-02-18] (DivX, LLC)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.0 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.104.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.122.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.96.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.96.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.1.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.2\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-07-02] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-07-02] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2011-06-27] (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-908869703-3165420859-1136871304-1000: @octoshape.com/Octoshape Streaming Services,version=1.0 -> C:\Users\Robert\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1002170-0-npoctoshape.dll No File
FF Plugin HKU\S-1-5-21-908869703-3165420859-1136871304-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Robert\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin HKU\S-1-5-21-908869703-3165420859-1136871304-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Robert\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin HKU\S-1-5-21-908869703-3165420859-1136871304-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2011-06-27] (Pando Networks)
FF Plugin HKU\S-1-5-21-908869703-3165420859-1136871304-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npDivxPlayerPlugin.dll [2009-09-25] (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npijjiFFPlugin1.dll [2010-07-28] (NHN USA Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2014-10-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2014-10-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2014-10-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2014-10-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2014-10-25] (Apple Inc.)
FF Extension: Anti-Banner - C:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak [2014-05-03]
FF Extension: Anti-Banner - C:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak2 [2014-05-03]
FF Extension: Modul zur Link-Untersuchung - C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak [2014-05-03]
FF Extension: Modul zur Link-Untersuchung - C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak2 [2014-05-03]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-05-03]
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-08-05]
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2014-01-30]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-01-30]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2014-01-30]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2014-01-30]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2014-01-30]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa
CHR HKLM-x32\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx [2013-10-17]
StartMenuInternet: Google Chrome.DMG6G4FT2SXSVYP5L36MOYKJ2E - C:\Users\Robert\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AEADIFilters; C:\Windows\system32\AEADISRV.EXE [111616 2008-07-15] (Andrea Electronics Corporation)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.00\AsSysCtrlService.exe [86016 2008-08-15] () [File not signed]
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-17] (Kaspersky Lab ZAO)
R2 cjpcsc; C:\Windows\SysWOW64\cjpcsc.exe [514128 2012-03-19] (REINER SCT)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1155072 2009-02-03] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [3276800 2008-08-07] (MAGIX®) [File not signed]
S3 LBTServ; C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe [160784 2009-07-20] (Logitech, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-02-22] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2009-10-20] (CACE Technologies, Inc.)
S3 UPnPService; C:\Program Files (x86)\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [548864 2008-10-21] (Magix AG) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 Steam Client Service; "C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Cardex; C:\Windows\SysWOW64\drivers\TBPANELX64.SYS [15648 2007-03-16] (Windows (R) Server 2003 DDK provider)
S3 cjusb; C:\Windows\System32\DRIVERS\cjusb.sys [34672 2011-03-29] (REINER SCT)
S3 ESLvnic1; C:\Windows\System32\DRIVERS\ESLvnic.sys [25528 2009-12-03] (Turtle Entertainment GmbH)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-01-30] (Kaspersky Lab ZAO)
S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [115296 2014-03-28] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625248 2014-03-28] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-10-17] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2014-02-18] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178272 2014-01-30] (Kaspersky Lab ZAO)
S3 KOBCCID; C:\Windows\System32\drivers\KOBCCID.sys [116864 2014-02-27] (KOBIL Systems GmbH) [File not signed]
S3 LADF_DHP2; C:\Windows\System32\DRIVERS\ladfDHP2amd64.sys [61712 2009-05-28] (Logitech)
S3 LADF_SBVM; C:\Windows\System32\DRIVERS\ladfSBVMamd64.sys [376848 2009-05-28] (Logitech)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-04-26] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15680 2006-11-01] ()
R2 NPF; C:\Windows\System32\drivers\npf.sys [47632 2009-10-20] (CACE Technologies, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 uisp; C:\Windows\System32\Drivers\usbicp.sys [20480 2010-08-24] (Motorola)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2013-03-18] (Apple, Inc.) [File not signed]
S3 VaneFltr; C:\Windows\System32\drivers\Lachesis.sys [30336 2007-08-17] (Razer (Asia-Pacific) Pte Ltd)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.)
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-03 01:39 - 2015-05-03 01:39 - 00025378 _____ () C:\Users\Robert\Desktop\FRST.txt
2015-05-02 18:20 - 2015-05-02 18:20 - 00077418 _____ () C:\Users\Robert\Desktop\Board.txt
2015-05-02 17:44 - 2015-05-02 17:44 - 01598240 _____ () C:\Windows\Minidump\050215-21746-01.dmp
2015-05-02 17:14 - 2015-05-03 01:39 - 00000000 ____D () C:\FRST
2015-05-02 17:13 - 2015-05-02 17:13 - 00000000 _____ () C:\Users\Admin\defogger_reenable
2015-05-02 00:55 - 2015-05-02 00:55 - 00380416 _____ () C:\Users\Robert\Desktop\Gmer-19357.exe
2015-05-02 00:53 - 2015-05-02 00:53 - 02101248 _____ (Farbar) C:\Users\Robert\Desktop\FRST64.exe
2015-05-02 00:52 - 2015-05-02 00:52 - 00050477 _____ () C:\Users\Robert\Desktop\Defogger.exe
2015-05-01 17:47 - 2015-05-01 17:47 - 00000000 __SHD () C:\Users\Admin\AppData\Local\EmieBrowserModeList
2015-04-15 02:18 - 2015-04-15 02:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-04-14 22:54 - 2015-04-02 02:17 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-14 22:54 - 2015-04-02 01:49 - 00342704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-04-14 22:54 - 2015-03-25 05:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-14 22:54 - 2015-03-25 05:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-14 22:54 - 2015-03-25 05:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-14 22:54 - 2015-03-25 05:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-14 22:54 - 2015-03-25 05:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-14 22:54 - 2015-03-25 05:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-14 22:54 - 2015-03-25 05:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-14 22:54 - 2015-03-25 05:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-14 22:54 - 2015-03-25 05:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-14 22:54 - 2015-03-25 05:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-14 22:54 - 2015-03-25 05:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-14 22:54 - 2015-03-25 05:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-14 22:54 - 2015-03-25 05:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-14 22:54 - 2015-03-25 05:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-14 22:54 - 2015-03-25 05:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-14 22:54 - 2015-03-25 05:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-14 22:54 - 2015-03-23 05:25 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-14 22:54 - 2015-03-23 05:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-14 22:54 - 2015-03-23 05:24 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-14 22:54 - 2015-03-23 05:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-14 22:54 - 2015-03-23 05:24 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-14 22:54 - 2015-03-23 05:24 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-14 22:54 - 2015-03-23 05:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-14 22:54 - 2015-03-23 05:17 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-14 22:54 - 2015-03-17 07:22 - 05557696 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-14 22:54 - 2015-03-17 07:22 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-14 22:54 - 2015-03-17 07:22 - 00095672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-14 22:54 - 2015-03-17 07:19 - 01727904 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-14 22:54 - 2015-03-17 07:17 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-04-14 22:54 - 2015-03-17 07:17 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-14 22:54 - 2015-03-17 07:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-14 22:54 - 2015-03-17 07:16 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-14 22:54 - 2015-03-17 07:16 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-04-14 22:54 - 2015-03-17 07:16 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-14 22:54 - 2015-03-17 07:16 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-04-14 22:54 - 2015-03-17 07:16 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-04-14 22:54 - 2015-03-17 07:16 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-14 22:54 - 2015-03-17 07:16 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-14 22:54 - 2015-03-17 07:16 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-04-14 22:54 - 2015-03-17 07:16 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-04-14 22:54 - 2015-03-17 07:16 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-04-14 22:54 - 2015-03-17 07:16 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-04-14 22:54 - 2015-03-17 07:16 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-04-14 22:54 - 2015-03-17 07:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-04-14 22:54 - 2015-03-17 07:16 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-04-14 22:54 - 2015-03-17 07:16 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-04-14 22:54 - 2015-03-17 07:16 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-04-14 22:54 - 2015-03-17 07:16 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-04-14 22:54 - 2015-03-17 07:16 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-04-14 22:54 - 2015-03-17 07:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-04-14 22:54 - 2015-03-17 07:16 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-04-14 22:54 - 2015-03-17 07:15 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-04-14 22:54 - 2015-03-17 07:15 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-04-14 22:54 - 2015-03-17 07:15 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-04-14 22:54 - 2015-03-17 07:13 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-14 22:54 - 2015-03-17 07:13 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-04-14 22:54 - 2015-03-17 07:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-04-14 22:54 - 2015-03-17 06:59 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-14 22:54 - 2015-03-17 06:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-04-14 22:54 - 2015-03-17 06:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-04-14 22:54 - 2015-03-17 06:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-04-14 22:54 - 2015-03-17 06:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-04-14 22:54 - 2015-03-17 06:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-04-14 22:54 - 2015-03-17 06:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-04-14 22:54 - 2015-03-17 06:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-04-14 22:54 - 2015-03-17 06:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-04-14 22:54 - 2015-03-17 06:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-04-14 22:54 - 2015-03-17 06:56 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-04-14 22:54 - 2015-03-17 06:56 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-04-14 22:54 - 2015-03-17 06:56 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-04-14 22:54 - 2015-03-17 06:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-04-14 22:54 - 2015-03-17 06:56 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-04-14 22:54 - 2015-03-17 06:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-04-14 22:54 - 2015-03-17 06:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-04-14 22:54 - 2015-03-17 06:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-04-14 22:54 - 2015-03-17 06:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 05:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-04-14 22:54 - 2015-03-17 05:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-04-14 22:54 - 2015-03-17 05:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 05:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 05:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 05:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-14 22:54 - 2015-03-13 06:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-14 22:54 - 2015-03-13 06:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-14 22:54 - 2015-03-13 06:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-04-14 22:54 - 2015-03-13 06:09 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-04-14 22:54 - 2015-03-13 06:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-14 22:54 - 2015-03-13 06:08 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-14 22:54 - 2015-03-13 06:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-04-14 22:54 - 2015-03-13 06:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-14 22:54 - 2015-03-13 06:06 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-04-14 22:54 - 2015-03-13 06:00 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-14 22:54 - 2015-03-13 05:59 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-04-14 22:54 - 2015-03-13 05:55 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-14 22:54 - 2015-03-13 05:54 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-14 22:54 - 2015-03-13 05:54 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-04-14 22:54 - 2015-03-13 05:53 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-04-14 22:54 - 2015-03-13 05:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-14 22:54 - 2015-03-13 05:44 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-14 22:54 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-14 22:54 - 2015-03-13 05:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-04-14 22:54 - 2015-03-13 05:40 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-14 22:54 - 2015-03-13 05:32 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-14 22:54 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-14 22:54 - 2015-03-13 05:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-04-14 22:54 - 2015-03-13 05:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-04-14 22:54 - 2015-03-13 05:27 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-04-14 22:54 - 2015-03-13 05:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-04-14 22:54 - 2015-03-13 05:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-14 22:54 - 2015-03-13 05:26 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-04-14 22:54 - 2015-03-13 05:23 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-14 22:54 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-14 22:54 - 2015-03-13 05:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-04-14 22:54 - 2015-03-13 05:20 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-04-14 22:54 - 2015-03-13 05:17 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-04-14 22:54 - 2015-03-13 05:16 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-04-14 22:54 - 2015-03-13 05:15 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-04-14 22:54 - 2015-03-13 05:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-14 22:54 - 2015-03-13 05:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-14 22:54 - 2015-03-13 05:06 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-04-14 22:54 - 2015-03-13 05:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-14 22:54 - 2015-03-13 05:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-04-14 22:54 - 2015-03-13 05:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-04-14 22:54 - 2015-03-13 05:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-14 22:54 - 2015-03-13 04:57 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-04-14 22:54 - 2015-03-13 04:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-04-14 22:54 - 2015-03-13 04:54 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-04-14 22:54 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-14 22:54 - 2015-03-13 04:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-14 22:54 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-14 22:54 - 2015-03-13 04:43 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-04-14 22:54 - 2015-03-13 04:42 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-04-14 22:54 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-14 22:54 - 2015-03-13 04:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-14 22:54 - 2015-03-13 04:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-14 22:54 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-14 22:54 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-14 22:54 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-14 22:54 - 2015-03-10 05:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-14 22:54 - 2015-03-10 05:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-14 22:54 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-04-14 22:54 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-04-14 22:54 - 2015-03-05 07:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-14 22:54 - 2015-03-05 06:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-04-14 22:54 - 2015-02-25 05:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-14 22:53 - 2015-03-04 06:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-14 22:53 - 2015-03-04 06:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-14 22:53 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-07 03:00 - 2015-04-07 03:00 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-04-07 03:00 - 2015-04-07 03:00 - 00000000 ___SD () C:\Windows\system32\GWX

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-03 01:37 - 2014-11-26 18:19 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-03 01:33 - 2012-09-16 14:47 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-908869703-3165420859-1136871304-1000UA.job
2015-05-03 00:33 - 2012-09-16 14:47 - 00001072 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-908869703-3165420859-1136871304-1000Core.job
2015-05-03 00:04 - 2009-08-13 23:46 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-05-02 21:31 - 2010-03-07 04:07 - 00003938 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{17212944-8BF8-4509-BFF6-0D177AC05DDE}
2015-05-02 19:48 - 2009-12-11 18:22 - 01576024 _____ () C:\Windows\WindowsUpdate.log
2015-05-02 17:52 - 2009-12-11 17:59 - 00017680 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-02 17:52 - 2009-12-11 17:59 - 00017680 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-02 17:44 - 2014-05-02 19:13 - 537211074 _____ () C:\Windows\MEMORY.DMP
2015-05-02 17:44 - 2014-01-18 16:26 - 23349501 _____ () C:\Windows\setupact.log
2015-05-02 17:44 - 2012-11-24 17:45 - 00000000 ____D () C:\ProgramData\VMware
2015-05-02 17:44 - 2010-12-15 23:23 - 00000000 ____D () C:\Windows\Minidump
2015-05-02 17:44 - 2009-08-05 20:07 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-05-02 17:44 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-02 17:14 - 2014-01-18 16:38 - 00067816 _____ () C:\Users\Robert\AppData\Local\GDIPFONTCACHEV1.DAT
2015-05-02 17:13 - 2014-01-30 00:19 - 00000000 ____D () C:\Users\Admin
2015-05-02 01:54 - 2014-07-30 19:38 - 00000000 ____D () C:\Users\Robert\AppData\Roaming\vlc
2015-05-02 01:05 - 2012-11-04 06:16 - 00000000 ___RD () C:\Users\Robert\Desktop\Desktop für den ganzen Schrott
2015-05-01 20:26 - 2014-01-18 16:25 - 00315456 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-01 20:23 - 2009-08-14 00:20 - 00000000 ____D () C:\Users\Robert\AppData\Local\GameSpy
2015-05-01 20:17 - 2012-11-24 17:51 - 00000000 ____D () C:\Users\Robert\AppData\Local\VMware
2015-05-01 18:21 - 2012-11-24 17:51 - 00000000 ____D () C:\Users\Robert\AppData\Roaming\VMware
2015-05-01 18:16 - 2014-01-18 16:25 - 00018784 _____ () C:\Windows\PFRO.log
2015-05-01 18:12 - 2013-07-12 16:37 - 00000000 ____D () C:\Program Files\TortoiseSVN
2015-05-01 18:11 - 2012-11-13 16:40 - 00000000 ____D () C:\Program Files\EslWire
2015-05-01 18:10 - 2011-10-01 15:56 - 00000000 ____D () C:\ProgramData\Origin
2015-05-01 18:05 - 2014-05-29 17:15 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2015-05-01 18:03 - 2014-10-25 17:12 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2015-05-01 18:02 - 2014-04-24 06:53 - 00000000 ____D () C:\ProgramData\Apple
2015-05-01 18:02 - 2013-07-12 15:27 - 00000000 ____D () C:\Users\Robert\AppData\Local\Package Cache
2015-05-01 17:53 - 2010-03-12 21:48 - 00000000 ____D () C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-05-01 17:45 - 2013-09-15 16:53 - 00000000 ____D () C:\Users\Robert\AppData\Local\Deployment
2015-05-01 17:42 - 2009-08-05 19:56 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-05-01 17:41 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-04-30 22:35 - 2012-09-16 15:21 - 00002362 _____ () C:\Users\Robert\Desktop\Google Chrome.lnk
2015-04-26 22:43 - 2014-05-24 14:30 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-26 15:32 - 2014-05-24 14:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-04-26 15:32 - 2014-05-24 14:30 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-04-26 15:32 - 2014-01-30 21:39 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-04-25 09:02 - 2013-07-12 16:42 - 00000000 ____D () C:\Users\Robert\AppData\Local\TSVNCache
2015-04-23 03:29 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-04-16 00:55 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-04-16 00:52 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat
2015-04-15 14:28 - 2014-12-11 23:15 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-15 14:28 - 2014-05-02 23:57 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-15 02:22 - 2009-12-11 18:02 - 01725292 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-04-15 02:22 - 2009-07-14 19:58 - 00747994 _____ () C:\Windows\system32\perfh007.dat
2015-04-15 02:22 - 2009-07-14 19:58 - 00170676 _____ () C:\Windows\system32\perfc007.dat
2015-04-15 02:21 - 2009-07-14 07:13 - 01725292 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-15 02:18 - 2013-01-26 17:01 - 00002697 _____ () C:\Users\Public\Desktop\Skype.lnk
2015-04-15 02:18 - 2011-05-12 19:30 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-04-15 02:18 - 2009-08-13 22:42 - 00000000 ____D () C:\ProgramData\Skype
2015-04-15 02:17 - 2013-08-17 04:45 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-15 01:58 - 2010-01-14 18:47 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-14 09:37 - 2014-05-24 14:30 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-04-14 09:37 - 2014-05-24 14:30 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-04-14 09:37 - 2014-01-26 15:10 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

==================== Files in the root of some directories =======

2011-07-06 20:20 - 2012-07-03 16:41 - 0168864 _____ () C:\Program Files\Common Files\WireHelpSvc.exe
2009-12-27 01:33 - 2009-12-27 01:33 - 0000056 ____H () C:\ProgramData\ezsidmv.dat

Some content of TEMP:
====================
C:\Users\Admin\AppData\Local\temp\npp.6.5.5.Installer.exe
C:\Users\Admin\AppData\Local\temp\Nv3DVisionIePlugin64.dll
C:\Users\Admin\AppData\Local\temp\Nv3DVStreaming.dll
C:\Users\Admin\AppData\Local\temp\nvSCPAPI.dll
C:\Users\Admin\AppData\Local\temp\nvSCPAPISvr.exe
C:\Users\Admin\AppData\Local\temp\nvStInst.exe
C:\Users\Admin\AppData\Local\temp\xmlUpdater.exe
C:\Users\Robert\AppData\Local\temp\DivXSetup.exe
C:\Users\Robert\AppData\Local\temp\g35_g35.exe
C:\Users\Robert\AppData\Local\temp\GURE531.exe
C:\Users\Robert\AppData\Local\temp\vlc-2.1.3-win64.exe
C:\Users\Robert\AppData\Local\temp\vlc-2.1.4-win64.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-24 00:43

==================== End Of Log ============================
--- --- ---


Addition:

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-04-2015 01
Ran by Admin at 2015-05-03 01:39:38
Running from C:\Users\Robert\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Admin (S-1-5-21-908869703-3165420859-1136871304-1012 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-908869703-3165420859-1136871304-500 - Administrator - Disabled)
ASPNET (S-1-5-21-908869703-3165420859-1136871304-1002 - Limited - Enabled)
Gast (S-1-5-21-908869703-3165420859-1136871304-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-908869703-3165420859-1136871304-1005 - Limited - Enabled)
Robert (S-1-5-21-908869703-3165420859-1136871304-1000 - Limited - Enabled) => C:\Users\Robert

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Flash Player 15 Plugin (HKLM-x32\...\{F1410A0A-8205-4D45-BF2B-9C7ACB2F4B24}) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Badaboom 1.1.1.241 (HKLM-x32\...\Badaboom) (Version: 1.1.1.241 - Elemental Technologies)
CDDRV_Installer (Version: 4.60 - Logitech) Hidden
Cool & Quiet (HKLM-x32\...\{1ADE1AA0-7F82-4BB1-B1BD-727DE438057B}) (Version:  - )
cyberJack Base Components (HKLM-x32\...\{FC338210-F594-11D3-BA24-00001C3AB4DF}) (Version: 6.10.0 - REINER SCT)
DivX Converter (HKLM-x32\...\{B13A7C41581B411290FBC0395694E2A9}) (Version: 7.1.0 - DivX, Inc.)
DivX Plus DirectShow Filters (HKLM-x32\...\DivX Plus DirectShow Filters) (Version:  - DivX, Inc.)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.100 - DivX, LLC)
EasyBits GO (HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\Game Organizer) (Version:  - EasyBits Media)
EPU-6 Engine (HKLM-x32\...\{56B83336-FBC1-4C46-8613-90A9E3B440D6}) (Version: 1.00.28 - )
erLT (x32 Version: 1.20.0137 - Logitech, Inc.) Hidden
EXPERTool 7.5 (HKLM-x32\...\EXPERTool_is1) (Version:  - Gainward Co., Ltd)
Express Gate Updater (HKLM-x32\...\{30E1022C-17EB-482A-8C82-16B79B98C4E4}) (Version: 1.1.1.2 - DeviceVM)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{3E6F0CAD-EE38-42A5-9EEA-AE17A55BF2D4}) (Version: 2.1.23.0 - MAGIX AG)
Google Chrome (HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\Google Chrome) (Version: 42.0.2311.135 - Google Inc.)
Google Update Helper (x32 Version: 1.3.21.111 - Google Inc.) Hidden
Host OpenAL (ADI) (HKLM-x32\...\Host OpenAL (ADI)) (Version:  - )
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{6F6873E3-5C92-4049-B511-231A138DD090}) (Version: 14.0.0.4651 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 14.0.0.4651 - Kaspersky Lab) Hidden
KhalInstallWrapper (Version: 2.00.0000 - Logitech) Hidden
Logitech SetPoint (HKLM-x32\...\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}) (Version: 4.80 - Logitech)
MAGIX Screenshare (HKLM-x32\...\MAGIX Screenshare D) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Speed burnR (HKLM-x32\...\MAGIX Speed burnR D) (Version: 7.0.2.7 - MAGIX AG)
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB953297) (HKLM-x32\...\M953297) (Version:  - )
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NCsoft Launcher (HKLM-x32\...\{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}) (Version: 1.5.19002 - NCsoft)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.5 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
OpenOffice 4.0.0 (HKLM-x32\...\{B28DBCBA-60F8-40ED-B35B-F510C327946C}) (Version: 4.00.9702 - Apache Software Foundation)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.3.6.0 - Pando Networks Inc.)
Profi cash (HKLM-x32\...\Profi cash) (Version:  - )
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.6.8442 - Skype Technologies S.A.)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SoundMAX (HKLM-x32\...\{F0A37341-D692-11D4-A984-009027EC0A9C}) (Version: 6.10.2.6520 - Analog Devices)
SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.13.1 - TeamSpeak Systems GmbH)
TuneUp Utilities Language Pack (de-DE) (x32 Version: 10.0.4410.1 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 12.0.2160.11 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 9.0.5100.2 - TuneUp Software) Hidden
TurboV (HKLM-x32\...\{A31951C5-DCD8-4DFE-A525-CFC701F54792}) (Version: 1.00.17 - )
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VMware Player (HKLM-x32\...\VMware_Player) (Version: 6.0.1 - VMware, Inc)
VMware Player (Version: 6.0.1 - VMware, Inc.) Hidden
vReveal (HKLM-x32\...\vReveal) (Version:  - MotionDSP)
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinPcap 4.1.1 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.1753 - CACE Technologies)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

03-04-2015 22:08:37 Windows Update
07-04-2015 03:00:15 Windows Update
10-04-2015 19:53:07 Windows Update
14-04-2015 22:53:17 Windows Update
15-04-2015 01:54:56 Windows Update
21-04-2015 16:31:12 Windows Update
30-04-2015 16:49:27 Windows Update
01-05-2015 17:38:20 Removed TortoiseSVN 1.8.0.24401 (64 bit)
01-05-2015 17:39:39 Removed Bonjour
01-05-2015 17:40:05 Removed Apple Software Update
01-05-2015 17:42:01 Removed Ubisoft Game Launcher
01-05-2015 17:48:13 Removed Apple Mobile Device Support
01-05-2015 17:48:52 Counter-Strike: Source wird entfernt
01-05-2015 17:54:41 Steam(TM) wird entfernt
01-05-2015 17:55:48 Steam(TM) wird entfernt
01-05-2015 18:02:23 Removed Apple Application Support
01-05-2015 18:03:06 Removed QuickTime 7
01-05-2015 18:03:51 Removed iTunes
01-05-2015 18:12:00 Removed TortoiseSVN 1.8.0.24401 (64 bit)
01-05-2015 20:22:43 Removed GameSpy Comrade.

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 14:34 - 2014-01-29 20:21 - 00526213 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
0.0.0.0 fr.a2dfp.net
0.0.0.0 m.fr.a2dfp.net
0.0.0.0 mfr.a2dfp.net
0.0.0.0 ad.a8.net
0.0.0.0 asy.a8ww.net
0.0.0.0 abcstats.com
0.0.0.0 a.abv.bg
0.0.0.0 adserver.abv.bg
0.0.0.0 adv.abv.bg
0.0.0.0 bimg.abv.bg
0.0.0.0 ca.abv.bg
0.0.0.0 www2.a-counter.kiev.ua
0.0.0.0 track.acclaimnetwork.com
0.0.0.0 accuserveadsystem.com
0.0.0.0 www.accuserveadsystem.com
0.0.0.0 achmedia.com
0.0.0.0 csh.actiondesk.com
0.0.0.0 ads.activepower.net
0.0.0.0 app.activetrail.com
0.0.0.0 stat.active24stats.nl #[Tracking.Cookie]
0.0.0.0 traffic.acwebconnecting.com
0.0.0.0 office.ad1.ru
0.0.0.0 cms.ad2click.nl
0.0.0.0 ad2games.com
0.0.0.0 ads.ad2games.com
0.0.0.0 content.ad20.net
0.0.0.0 core.ad20.net
0.0.0.0 banner.ad.nu

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {017BF6ED-054F-4411-8850-485DA80CA0B5} - System32\Tasks\{0E973118-9199-4BDF-8BD9-91C09EABEC8C} => pcalua.exe -a "E:\Programme\Battlefield Bad Company 2\pb\pbsetup.exe" -d "E:\Programme\Battlefield Bad Company 2\pb"
Task: {075D7D6F-7EFB-4F13-BFD5-91EA80696D0B} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation)
Task: {08631979-D016-4152-A093-6D3E4F4E7A12} - System32\Tasks\SVN Update2 => E:\SVN Update2.bat
Task: {09112DFE-1094-4C4C-B798-595E168B9ADA} - System32\Tasks\{8A940E43-868F-4F05-86AE-AE49B3959701} => pcalua.exe -a C:\Windows\system32\Lachesis.cpl -c Lachesis
Task: {0E94E595-D945-471C-B06A-E56FD7FF83C7} - System32\Tasks\{4FFD9F72-D42C-4AAB-98A5-8ED4F6AEEE5C} => pcalua.exe -a C:\Users\Robert\Downloads\installer\bde.exe -d C:\Users\Robert\Downloads\installer
Task: {13A36FA7-B51E-42A7-A24C-6928FFE7F87D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-908869703-3165420859-1136871304-1000Core => C:\Users\Robert\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-16] (Google Inc.)
Task: {15E757FE-CA07-40D1-9F1D-10B27CF947A3} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {18010635-0EE2-4B03-9EA6-30B0C50C7AA2} - System32\Tasks\{90A3A757-3A64-445C-B407-B3956DB512CD} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
Task: {185BBCC6-9B25-4AA5-8140-FEA91F0FDB77} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-12-21] (Adobe Systems Incorporated)
Task: {1D571EDF-1EB8-4D06-98B6-621613C54E70} - \Scheduled Update for Ask Toolbar No Task File <==== ATTENTION
Task: {1F118039-491C-4C69-A79F-079D0C6DB516} - System32\Tasks\{0EBBB489-CB9C-45B4-9BD3-6501EF4B66D8} => pcalua.exe -a C:\Users\Robert\Downloads\installer\WC3Banlist_3.0.exe -d C:\Users\Robert\Downloads\installer
Task: {3A567034-CC11-4DD3-AB1E-6CC06C3E852A} - System32\Tasks\{CAE3D0C9-E6C9-48B2-84E5-8FCD07F042A0} => pcalua.exe -a "C:\Program Files\NVIDIA Corporation\3D Emitter\nvUSBInst.exe" -d "C:\Program Files\NVIDIA Corporation\3D Emitter"
Task: {3BE67737-A7A8-4186-AE85-99C5B26A9113} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-908869703-3165420859-1136871304-1000UA => C:\Users\Robert\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-16] (Google Inc.)
Task: {3EC05D4E-9136-4550-860D-52BB7A855A83} - System32\Tasks\{AE7222BC-ADDD-4759-A859-85B9C2A68C59} => pcalua.exe -a C:\Users\Robert\Desktop\2.17.06\Setup.exe -d C:\Users\Robert\Desktop\2.17.06
Task: {4998CC9B-3709-4B00-8FE1-169FCE83C4D6} - System32\Tasks\{F3B8E413-8909-4156-A231-D8F860CD7D2A} => pcalua.exe -a C:\Users\Robert\Downloads\installer\Lachesis_win7_(compatible_only)_driver_v1.10_Eng.exe -d C:\Users\Robert\Downloads\installer
Task: {4C0E5B45-8EB2-4F5D-B752-ED53133328B6} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe
Task: {4C2F3E75-29AC-4B0E-BB2B-6AE7C8756AF2} - System32\Tasks\{B37E03D7-724D-4ED6-A0C3-B870D6690AA1} => C:\Program Files (x86)\ASUS\EPU-6 Engine\SixEngine.exe [2008-11-13] ()
Task: {4F814AB8-EA3A-4587-B9FD-BBF302E0FE65} - System32\Tasks\{B60632FC-CD32-4786-B57E-6F6D7D05B405} => C:\Program Files (x86)\ASUS\EPU-6 Engine\SixEngine.exe [2008-11-13] ()
Task: {770355DE-8AC5-46CE-BBE4-D713197CD451} - System32\Tasks\{A62795F6-793A-4AC8-9330-D290B3EEBC9A} => pcalua.exe -a "E:\programme\steam\steamapps\common\left 4 dead 2\bin\addoninstaller.exe" -d "e:\programme\steam\steamapps\common\left 4 dead 2" -c /register
Task: {7F5D8CCF-8D6C-49EE-B06A-73A1EAD7D24F} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {830998AC-4D46-484A-AA33-5DF38748633E} - System32\Tasks\DivX-Online-Aktualisierungsprogramm => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2014-01-10] ()
Task: {8B2736AE-5EE0-48DF-8016-40D52DE02B63} - System32\Tasks\{6C51A44D-7FE4-4948-AFED-2C754C2F1F14} => pcalua.exe -a D:\Installer.exe -d D:\
Task: {8F5F9978-92E6-4069-9DE2-9E5F1958EE50} - System32\Tasks\{B652ED8D-E3B5-4152-982C-1382E64A6802} => pcalua.exe -a E:\Programme\WC3Banlist\WC3Banlist.exe -d E:\Programme\WC3Banlist
Task: {90F5E964-C187-40A6-A384-1CF67A1D603D} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-03-18] (Oracle Corporation)
Task: {95C6CA51-3E2A-47DE-9288-024625960618} - System32\Tasks\{DCED82F0-7941-43D4-BB72-5307D26CA57A} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
Task: {9B34B395-2186-49B7-B5EB-CF53607FE0E9} - System32\Tasks\Google Updater and Installer => C:\Users\Robert\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-16] (Google Inc.)
Task: {A6651D8F-83E0-4A57-9E78-6B6803C1E6A8} - System32\Tasks\SVN Update => E:\SVN Update.bat
Task: {AE17272F-8E41-4056-B822-354581F6C6E2} - System32\Tasks\{DCE9D458-5A5C-4C33-B054-1E531B793694} => C:\Program Files (x86)\ASUS\EPU-6 Engine\SixEngine.exe [2008-11-13] ()
Task: {AEF9163C-2714-4A2E-802D-7A436580359D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-09] (Adobe Systems Incorporated)
Task: {AFB39AE5-3A9F-40B0-8E7A-542BCE86D1BA} - System32\Tasks\{3F697A2A-3AEF-4047-8F2E-CA2F16595686} => pcalua.exe -a D:\Setup.exe -d D:\
Task: {C15A9275-9D3A-49A2-9FAE-ECBE177427D5} - System32\Tasks\{862D60CD-E564-4C01-9101-9AF7AD4B6E2B} => E:\Programme\HoN\hon.exe
Task: {C15F8E8F-C064-4FEB-AF1A-4C3ACC1A2649} - System32\Tasks\Microsoft\Windows\Wired\GatherWiredInfo => C:\Windows\system32\gatherWiredInfo.vbs
Task: {C1DA5514-9A37-4F60-BBA6-43C5C089DBE2} - System32\Tasks\{6CF4C697-7C64-4695-96EC-E76CDC33BDAD} => pcalua.exe -a "C:\Users\Robert\Downloads\wow addons\Offi\setup.exe" -d "C:\Users\Robert\Downloads\wow addons\Offi"
Task: {C28278BF-1ABF-4595-BB2A-15201DDF25E3} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs
Task: {C592C51D-489B-4B85-BE20-EF6F489FD5E1} - System32\Tasks\ASUS\ASUS SIX Engine => C:\Program Files (x86)\ASUS\EPU-6 Engine\SixEngine.exe [2008-11-13] ()
Task: {CD093164-F8E4-465C-868B-E0A6ED381B41} - System32\Tasks\{B0D03894-D0B5-4529-8217-8B30C0B70F7B} => pcalua.exe -a C:\Users\Robert\Downloads\installer\DivXInstaller.exe -d C:\Users\Robert\Downloads\installer
Task: {D364ACBB-F916-42B6-B23B-6D2CFFB421F6} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {DC69638B-35B6-4932-A742-8CF09EA335AD} - System32\Tasks\{DFB05294-0DC7-4FEE-9B93-42EC5DC53F4C} => C:\Program Files (x86)\ASUS\EPU-6 Engine\SixEngine.exe [2008-11-13] ()
Task: {DEC6077F-9A09-4C78-B0B7-4810075327AD} - System32\Tasks\{6DD6A043-E231-4A58-BE82-F905C24D3A73} => pcalua.exe -a D:\Installer.exe -d D:\
Task: {E32DBEBF-712F-4796-89E0-2344E2F13E55} - System32\Tasks\{FF3960FF-32B3-4FE0-B52A-6492FB5EB66A} => pcalua.exe -a "C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktopSetup.exe" -c -uninstall
Task: {EAF095B1-6733-4C4C-9EF5-C99A0A422071} - System32\Tasks\{D50278D1-5745-42A5-BC70-BC28F00EC00D} => pcalua.exe -a "C:\Users\Robert\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -c -uninstall -launchrunonce:false
Task: {FC23F25B-C08F-4460-915A-B05E68940A78} - System32\Tasks\{4508EB49-3357-4153-8ED6-C4F285F9B56D} => pcalua.exe -a C:\Windows\SysWOW64\BDEADMIN.CPL -c BDE-Verwaltung
Task: {FE8DADA4-6A6E-4C0D-ABDE-33260E02D8CC} - System32\Tasks\{931A7744-FD78-4DAD-8FC9-8F03E9A1A980} => pcalua.exe -a C:\Users\Robert\Downloads\installer\pbsetup_3.2.exe -d C:\Users\Robert\Downloads\installer
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-908869703-3165420859-1136871304-1000Core.job => C:\Users\Robert\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-908869703-3165420859-1136871304-1000UA.job => C:\Users\Robert\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2011-10-02 01:24 - 2014-07-02 20:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2008-08-15 10:23 - 2008-08-15 10:23 - 00086016 ____R () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.00\AsSysCtrlService.exe
2012-06-18 17:24 - 2012-06-18 17:24 - 00222720 _____ () E:\Programme\Notepad++\NppShell_05.dll
2009-08-13 23:12 - 2014-02-22 01:14 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2009-08-05 19:58 - 2008-10-21 22:14 - 04040192 _____ () C:\Program Files (x86)\ASUS\TurboV\TurboV.exe
2009-09-14 14:08 - 2009-07-20 12:35 - 00018960 _____ () C:\Program Files (x86)\Logitech\SetPoint\khalwrapper.dll
2009-08-13 21:57 - 2009-07-20 04:00 - 00077824 _____ () C:\Program Files (x86)\Logitech\SetPoint\x86\SetPoint32.exe
2013-05-08 15:52 - 2013-05-08 15:52 - 01270464 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\kpcengine.2.3.dll
2013-06-17 13:35 - 2013-06-17 13:35 - 00478400 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\dblite.dll
2014-03-28 19:45 - 2007-05-31 08:38 - 00167936 ____N () C:\Windows\SysWOW64\SerialXP.dll
2013-10-18 13:46 - 2013-10-18 13:46 - 01260624 _____ () C:\Program Files (x86)\VMware\VMware Player\libxml2.dll
2009-08-05 20:01 - 1998-10-31 10:55 - 00005120 _____ () C:\Program Files (x86)\EXPERTool\TBManage.dll
2009-08-05 19:58 - 2005-05-11 16:39 - 00565248 _____ () C:\Program Files (x86)\ASUS\TurboV\pngio.dll
2009-08-05 19:58 - 2008-09-04 17:42 - 01126912 _____ () C:\Program Files (x86)\ASUS\TurboV\OcProfile.dll
2009-08-05 19:58 - 2008-08-21 15:19 - 00126976 _____ () C:\Program Files (x86)\ASUS\TurboV\TVOCLIB.DLL

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:24721E3C
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\100sexlinks.com -> 100sexlinks.com

There are 6052 more restricted sites.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-908869703-3165420859-1136871304-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: EslWireHelper => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: Secunia PSI Agent => 2
MSCONFIG\Services: Secunia Update Agent => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk => C:\Windows\pss\Secunia PSI Tray.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Robert^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Zahlungserinnerung.lnk => C:\Windows\pss\Zahlungserinnerung.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: DivXMediaServer => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: iTunesHelper => "E:\Programme\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Kernel and Hardware Abstraction Layer => KHALMNPR.EXE
MSCONFIG\startupreg: Lachesis => E:\Programme\Razer\razerhid.exe                                                                                                                                                                                                                                          
MSCONFIG\startupreg: Pando Media Booster => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SoundMAX => "C:\Program Files (x86)\Analog Devices\SoundMAX\soundmax.exe" /tray

==================== FirewallRules (whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [UDP Query User{F91435D9-EFCF-4B87-830F-35F165F16C90}C:\users\robert\temp\teamviewer\version4\teamviewer.exe] => (Allow) C:\users\robert\temp\teamviewer\version4\teamviewer.exe
FirewallRules: [TCP Query User{E63063BD-85C9-4DF0-A724-E3E147D19CE6}C:\users\robert\temp\teamviewer\version4\teamviewer.exe] => (Allow) C:\users\robert\temp\teamviewer\version4\teamviewer.exe
FirewallRules: [UDP Query User{C2C5EBED-5553-4A54-9CDD-D48371624776}C:\program files (x86)\mirc\mirc.exe] => (Allow) C:\program files (x86)\mirc\mirc.exe
FirewallRules: [TCP Query User{82204638-2C30-4051-9520-BC3BF6AB2A31}C:\program files (x86)\mirc\mirc.exe] => (Allow) C:\program files (x86)\mirc\mirc.exe
FirewallRules: [{F9D8C60D-0A2F-4404-97BA-7831E3DEF19C}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [{66742885-3FC3-4A8B-A5A2-15836F425280}] => (Allow) C:\Users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-3.2.2.10482-to-3.2.2.10505-deDE-downloader.exe
FirewallRules: [{1F884B59-E7F4-4485-9B6F-F81DFE97BC6F}] => (Allow) C:\Users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-3.2.2.10482-to-3.2.2.10505-deDE-downloader.exe
FirewallRules: [{E56F2280-E745-41E3-A852-E57E71D1BA19}] => (Allow) C:\Users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-3.2.0.10314-to-3.2.2.10482-deDE-downloader.exe
FirewallRules: [{77893C14-69D7-4848-98E1-0326A99716DD}] => (Allow) C:\Users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-3.2.0.10314-to-3.2.2.10482-deDE-downloader.exe
FirewallRules: [{FE9B1925-B483-4D71-ACF0-7A0FD79C49EE}] => (Allow) C:\Users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-deDE-downloader.exe
FirewallRules: [{BD8666CE-3803-493E-879A-8080BD25FA0E}] => (Allow) C:\Users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-deDE-downloader.exe
FirewallRules: [{0CDCF451-A779-4CA8-8000-1ED097E7B175}] => (Allow) C:\Users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-3.1.3.9947-to-3.2.0.10192-deDE-downloader.exe
FirewallRules: [{1A7A5E6C-C56E-4B42-ADB9-3CC5DD3557D1}] => (Allow) C:\Users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-3.1.3.9947-to-3.2.0.10192-deDE-downloader.exe
FirewallRules: [{71F5ACEA-7C42-4ED7-9E91-18CCFCEFAD36}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{48B7474E-46AD-4543-A5C8-33E81A925AA8}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{4914B35F-7DCC-4390-B404-EA41E11B76AF}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{EA50682F-0A05-40E9-BEC1-D398ACA658B7}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{5878656F-0A36-4CBD-BD15-C8969D86F625}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{5A72A216-F6BC-440E-ABDC-3345A364BB21}] => (Allow) LPort=56858
FirewallRules: [{63350A18-1188-417D-B57E-1BA705215ACF}] => (Allow) LPort=56858
FirewallRules: [{EBE548F9-DF2A-4E59-BCCE-B2E559D1CAC9}] => (Allow) LPort=56858
FirewallRules: [{EE3C615D-F9A0-4C1B-99B9-8B2930424F6D}] => (Allow) LPort=56858
FirewallRules: [{FAAB74B4-9B1B-4E4B-A048-EFEE9DBBD736}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{48FF4247-C741-4CDF-ABCF-B0A750B1C149}] => (Allow) E:\Programme\Steam\SteamApps\faceman765\counter-strike\hl.exe
FirewallRules: [{41D898FB-3FD4-43DB-9570-7E5AB2044CFD}] => (Allow) E:\Programme\Steam\SteamApps\faceman765\counter-strike\hl.exe
FirewallRules: [{02338F63-67B0-4DAB-88FA-9EFC32A08333}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{2E67C032-4394-48F7-99DB-22FDE22F276C}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{48DE4895-3C8F-4B30-ABCF-62517F549A02}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{82EC6C03-9B87-474C-B1FD-548C89E42A21}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{A6D8FA07-2CD0-4D28-84EA-39F264EBB354}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{CFE66C94-772C-475E-8EED-73CD3419B7EF}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{7431BAD5-56DA-4A83-AB8A-211F29DF2CF9}] => (Allow) E:\Programme\Assassins Creed Revelations\ACRSP.exe
FirewallRules: [{C65BC40E-335F-4F57-A68E-8A7EEC9A8219}] => (Allow) E:\Programme\Assassins Creed Revelations\ACRSP.exe
FirewallRules: [{10B42EF3-AC83-42D1-BF2D-21856E8629F2}] => (Allow) E:\Programme\Assassins Creed Revelations\ACRMP.exe
FirewallRules: [{6BCD06D9-FC41-4593-981C-D6C4F653A86A}] => (Allow) E:\Programme\Assassins Creed Revelations\ACRMP.exe
FirewallRules: [{32C18A5B-E2CD-4F20-9C87-170CF26431F2}] => (Allow) E:\Programme\Assassins Creed Revelations\AssassinsCreedRevelations.exe
FirewallRules: [{B8316D37-B419-422B-86B9-B37E23E7823C}] => (Allow) E:\Programme\Assassins Creed Revelations\AssassinsCreedRevelations.exe
FirewallRules: [{89BD3FC3-0271-4212-8F61-033FD952115E}] => (Allow) E:\Programme\Steam\SteamApps\faceman765\counter-strike\hl.exe
FirewallRules: [{6AE83308-54B1-48E0-B28F-1D2BC0F3746D}] => (Allow) E:\Programme\Steam\SteamApps\faceman765\counter-strike\hl.exe
FirewallRules: [{FCB47402-BB77-4866-A553-BDE0F19C8595}] => (Allow) E:\Programme\Battlefield 3\Battlefield 3\bf3.exe
FirewallRules: [{60A1774B-BAEF-46BA-9E6B-FC3EBC040891}] => (Allow) E:\Programme\Battlefield 3\Battlefield 3\bf3.exe
FirewallRules: [{FA4013BB-3800-446E-9311-E653CAB74871}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{3771E463-FEE5-43D0-9F0D-948035B92C5A}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{4B597462-88A5-4C60-AFDF-F015891BB021}] => (Allow) E:\Programme\Steam\SteamApps\common\Sniper Elite V2\bin\SniperEliteV2.exe
FirewallRules: [{D66E25A4-B16B-4C3E-8D51-0A44584228AA}] => (Allow) E:\Programme\Steam\SteamApps\common\Sniper Elite V2\bin\SniperEliteV2.exe
FirewallRules: [{A77A4043-BA06-4A5D-B7ED-4858A10F2B4F}] => (Allow) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
FirewallRules: [{A337226D-7B68-484F-9466-E095117D8425}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{2AD8D3DD-4AD8-4048-8345-3D37E528DBDC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{27A8C16C-BA10-46E4-BE00-AC8BB4DE7A8D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{0BCF7845-D89E-408A-8A0F-EB4128C4DBFC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{44D65810-E33D-4685-8623-B1AFD78360AF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{456D7F90-C137-4E13-9C40-9C66587246FD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{026185A2-534E-41F8-A898-8603B5D0BD3F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{6F6E36DA-2530-485D-BFB7-9697ACE388B0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D7006922-8871-4D32-BBE1-FC32E7F1C2E1}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
FirewallRules: [{6E6826D7-791E-4BD0-B92C-40108BC8FD64}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
FirewallRules: [{E869C5EC-E6DB-490C-AB8F-48D5D1C11A6D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{1221DEF1-5A0E-4F46-8C26-9A0095825751}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{F8CAFBAD-A8C4-489C-ADEE-A0647CF99A64}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{DA4193BF-CE30-4D5A-B82E-F1B864AB9CE9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{62696D86-6B83-4B64-B95C-A88C88D061CA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{DEB90366-F380-4E32-8389-C00F55593FCE}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{37886D58-60FB-4ED8-A03F-8C433025B617}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{405E7D2D-ECA7-4D53-B9E7-3EDAF2DF13AA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{9C6605B1-FE3F-4ABA-B59E-374551AE6897}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D91CBCF8-F6BE-49A6-A3D2-0A3FE24E3D7F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{473D944F-BB8A-4BB5-852E-413EBB655A5C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{4AFB9732-DF57-40B2-8954-65EBF31B0487}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{17B1C777-B812-4FD1-B8B5-9635143F43C4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{E48AA2BD-35FB-4936-85DE-2F13F5A5CE96}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{B485A384-48D7-4D88-B0D5-DF10274C0076}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{70BE2044-2B2A-493B-B984-6819B8CEC8FC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{083D1EF7-926E-4AB2-95F0-C0FBC9C1700B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{6EDA2D60-47B7-46F9-8A29-9D5A5A19646C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{F2CF4B3F-F58A-433B-ABCF-72864FBDA07B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{8ED19118-BD87-4381-801F-F5CF0583E1D1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{B1C6C7EE-94FD-4E62-9D89-6A0A2B8076EF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{9B2DF132-71A0-4C96-8408-76DF35296A26}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{32B86F39-66A3-45FB-9B31-CC8896911AFF}] => (Allow) E:\Programme\Steam\Steam.exe
FirewallRules: [{4441E7F4-C7AA-49C0-AFAB-EAE23100DD9C}] => (Allow) E:\Programme\Steam\Steam.exe
FirewallRules: [{45AEE704-4C54-41C2-B299-51963F6B79CE}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{FD87B08C-8CBD-422F-8DF1-65750EF90C85}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{D48AD544-77EA-45EF-8B10-6017C3B4C845}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{7423AD7A-8403-4D95-BB89-78A3B1A5C192}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{7642A794-A94F-499C-A47C-92EC06C3E262}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D31C8B03-01B1-4985-83F1-4BA51DE20664}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{2136A4FD-28A7-41EB-B424-D8B9B6F2E48A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{3AFBBA99-AECF-4438-9C4C-A7FD686FE403}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{15AB8819-E36E-49EA-8FE3-5D3130B87272}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{43204974-2C1B-4C42-A97E-42B88F9A12F6}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{2690488B-3CB4-4407-A03F-8647D4A4FAC4}] => (Allow) E:\Programme\Steam\bin\steamwebhelper.exe
FirewallRules: [{58BDE336-E03D-46CF-96D5-0249FE6CE4EB}] => (Allow) E:\Programme\Steam\bin\steamwebhelper.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/02/2015 11:54:51 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "UCCAPI,processorArchitecture="x86",type="win32",version="2.0.0.0"1".
Die abhängige Assemblierung "UCCAPI,processorArchitecture="x86",type="win32",version="2.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (05/02/2015 11:54:28 PM) (Source: SideBySide) (EventID: 75) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Mehrere requestedPrivileges-Elemente sind nicht im Manifest zulässig.

Error: (05/02/2015 05:46:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/02/2015 05:44:49 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (05/02/2015 05:44:49 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (05/02/2015 05:44:49 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]

Error: (05/02/2015 04:01:45 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "UCCAPI,processorArchitecture="x86",type="win32",version="2.0.0.0"1".
Die abhängige Assemblierung "UCCAPI,processorArchitecture="x86",type="win32",version="2.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (05/02/2015 04:01:35 PM) (Source: SideBySide) (EventID: 75) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Mehrere requestedPrivileges-Elemente sind nicht im Manifest zulässig.

Error: (05/02/2015 03:19:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/01/2015 08:28:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (05/02/2015 05:44:37 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x0000009f (0x0000000000000003, 0xfffffa8005554060, 0xfffff80000b9a518, 0xfffffa80083aa010)C:\Windows\MEMORY.DMP050215-21746-01

Error: (05/02/2015 05:24:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "MBAMScheduler" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/02/2015 05:24:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "MBAMService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/01/2015 07:13:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "MBAMService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/01/2015 06:20:17 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "PnkBstrA" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/01/2015 05:17:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "MBAMService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/01/2015 05:16:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "PnkBstrA" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/30/2015 06:24:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "MBAMService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/30/2015 06:24:16 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "PnkBstrA" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/27/2015 04:51:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "MBAMService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


Microsoft Office Sessions:
=========================
Error: (05/02/2015 11:54:51 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: UCCAPI,processorArchitecture="x86",type="win32",version="2.0.0.0"c:\program files (x86)\windows live\messenger\wlcsdk.exe

Error: (05/02/2015 11:54:28 PM) (Source: SideBySide) (EventID: 75) (User: )
Description: c:\program files (x86)\Skype\Toolbars\internet explorer\SkypeIEPluginBroker.exec:\program files (x86)\Skype\Toolbars\internet explorer\SkypeIEPluginBroker.exe2

Error: (05/02/2015 05:46:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/02/2015 05:44:49 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (05/02/2015 05:44:49 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (05/02/2015 05:44:49 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]

Error: (05/02/2015 04:01:45 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: UCCAPI,processorArchitecture="x86",type="win32",version="2.0.0.0"c:\program files (x86)\windows live\messenger\wlcsdk.exe

Error: (05/02/2015 04:01:35 PM) (Source: SideBySide) (EventID: 75) (User: )
Description: c:\program files (x86)\Skype\Toolbars\internet explorer\SkypeIEPluginBroker.exec:\program files (x86)\Skype\Toolbars\internet explorer\SkypeIEPluginBroker.exe2

Error: (05/02/2015 03:19:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/01/2015 08:28:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
  Date: 2014-10-15 20:29:27.027
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-10-15 20:29:27.027
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-10-15 20:29:27.027
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-10-15 20:29:26.996
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-10-15 20:29:26.996
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-10-15 20:29:26.996
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-10-15 20:29:26.965
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-10-15 20:29:26.965
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-10-15 20:29:26.949
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-10-14 21:03:51.906
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7 CPU 920 @ 2.67GHz
Percentage of memory in use: 30%
Total physical RAM: 6135.12 MB
Available physical RAM: 4260.24 MB
Total Pagefile: 12268.43 MB
Available Pagefile: 10014.84 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:298.09 GB) (Free:125.76 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (Volume) (Fixed) (Total:698.63 GB) (Free:697.97 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: E7091A42)
Partition 1: (Active) - (Size=298.1 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 114AA6A5)
Partition 1: (Not Active) - (Size=698.6 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Alt 03.05.2015, 13:53   #5
schrauber
/// the machine
/// TB-Ausbilder
 
Windows 7: Spiele starten nicht mehr und PC starten funktioniert manchmal nicht - Standard

Windows 7: Spiele starten nicht mehr und PC starten funktioniert manchmal nicht


hi,

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 03.05.2015, 14:44   #6
Necro0
 
Windows 7: Spiele starten nicht mehr und PC starten funktioniert manchmal nicht - Standard

Windows 7: Spiele starten nicht mehr und PC starten funktioniert manchmal nicht


Beide Programme haben nichts gefunden.
Ich habe nach mbar keinen Neustart gemacht da keiner gefordert war, war das korrekt?

Hier die Logs
Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org

Database version:
  main:    v2015.05.03.03
  rootkit: v2015.04.21.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17728
Admin :: ROBERT-PC [administrator]

03.05.2015 15:03:18
mbar-log-2015-05-03 (15-03-18).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 409373
Time elapsed: 13 minute(s), 6 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
MBAR 2. (habe den Scan ein 2. mal gemacht. Mit der Exe in dem neu angelegten Ordner Admin/Desktop. Den 1. Scan hatte ich mit der EXE gemacht die ich mir runtergeladen habe "mbar-1.09.1.1004.exe" den 2. mit der mbar.exe in dem neuen Ordner)

Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org

Database version:
  main:    v2015.05.03.03
  rootkit: v2015.04.21.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17728
Admin :: ROBERT-PC [administrator]

03.05.2015 15:18:14
mbar-log-2015-05-03 (15-18-14).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 409301
Time elapsed: 12 minute(s), 44 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
Code:
ATTFilter
15:34:34.0433 0x0b68  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
15:35:02.0700 0x0b68  ============================================================
15:35:02.0700 0x0b68  Current date / time: 2015/05/03 15:35:02.0700
15:35:02.0700 0x0b68  SystemInfo:
15:35:02.0700 0x0b68  
15:35:02.0700 0x0b68  OS Version: 6.1.7601 ServicePack: 1.0
15:35:02.0700 0x0b68  Product type: Workstation
15:35:02.0700 0x0b68  ComputerName: ROBERT-PC
15:35:02.0700 0x0b68  UserName: Admin
15:35:02.0700 0x0b68  Windows directory: C:\Windows
15:35:02.0700 0x0b68  System windows directory: C:\Windows
15:35:02.0700 0x0b68  Running under WOW64
15:35:02.0700 0x0b68  Processor architecture: Intel x64
15:35:02.0700 0x0b68  Number of processors: 8
15:35:02.0700 0x0b68  Page size: 0x1000
15:35:02.0700 0x0b68  Boot type: Normal boot
15:35:02.0700 0x0b68  ============================================================
15:35:04.0385 0x0b68  KLMD registered as C:\Windows\system32\drivers\69565143.sys
15:35:05.0165 0x0b68  System UUID: {A3662B9B-9430-599E-4464-0CBEC8485770}
15:35:06.0085 0x0b68  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:35:06.0085 0x0b68  Drive \Device\Harddisk1\DR1 - Size: 0xAEA8CDE000 ( 698.64 Gb ), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:35:06.0085 0x0b68  ============================================================
15:35:06.0085 0x0b68  \Device\Harddisk0\DR0:
15:35:06.0085 0x0b68  MBR partitions:
15:35:06.0085 0x0b68  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x2542D800
15:35:06.0085 0x0b68  \Device\Harddisk1\DR1:
15:35:06.0085 0x0b68  MBR partitions:
15:35:06.0085 0x0b68  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x57545000
15:35:06.0085 0x0b68  ============================================================
15:35:06.0132 0x0b68  C: <-> \Device\Harddisk0\DR0\Partition1
15:35:06.0179 0x0b68  E: <-> \Device\Harddisk1\DR1\Partition1
15:35:06.0179 0x0b68  ============================================================
15:35:06.0179 0x0b68  Initialize success
15:35:06.0179 0x0b68  ============================================================
15:35:40.0015 0x08c4  ============================================================
15:35:40.0015 0x08c4  Scan started
15:35:40.0015 0x08c4  Mode: Manual; SigCheck; TDLFS; 
15:35:40.0015 0x08c4  ============================================================
15:35:40.0015 0x08c4  KSN ping started
15:35:53.0899 0x08c4  KSN ping finished: true
15:35:54.0773 0x08c4  ================ Scan system memory ========================
15:35:54.0773 0x08c4  System memory - ok
15:35:54.0773 0x08c4  ================ Scan services =============================
15:35:54.0882 0x08c4  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
15:35:55.0085 0x08c4  1394ohci - ok
15:35:55.0163 0x08c4  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
15:35:55.0194 0x08c4  ACPI - ok
15:35:55.0225 0x08c4  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
15:35:55.0272 0x08c4  AcpiPmi - ok
15:35:55.0319 0x08c4  [ 59AA63B5DCC9B99C25ACC1BC5E9E6816, 7A797E51F199271E585B9F67660765262F1850A6F646B5B9598DF197B58B025F ] ADIHdAudAddService C:\Windows\system32\drivers\ADIHdAud.sys
15:35:55.0397 0x08c4  ADIHdAudAddService - ok
15:35:55.0490 0x08c4  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:35:55.0506 0x08c4  AdobeARMservice - ok
15:35:55.0631 0x08c4  [ 749F94C424524285DCDA84D695ABC12F, E5AD194AF5B8B4FDB3976D3E3F9EF942DECFEC4EBAA9881A8EF7707BB781E4AD ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:35:55.0646 0x08c4  AdobeFlashPlayerUpdateSvc - ok
15:35:55.0678 0x08c4  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
15:35:55.0709 0x08c4  adp94xx - ok
15:35:55.0724 0x08c4  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
15:35:55.0740 0x08c4  adpahci - ok
15:35:55.0756 0x08c4  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
15:35:55.0771 0x08c4  adpu320 - ok
15:35:55.0802 0x08c4  [ 3BDB13C79CC8C06E2F8182595903ED69, 9E00D6649E862DE6812718B091C350E05A2C5C4D28DE8E05E3DD1F789A04EE96 ] AEADIFilters    C:\Windows\system32\AEADISRV.EXE
15:35:55.0834 0x08c4  AEADIFilters - ok
15:35:55.0865 0x08c4  [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
15:35:55.0927 0x08c4  AeLookupSvc - ok
15:35:55.0974 0x08c4  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
15:35:56.0052 0x08c4  AFD - ok
15:35:56.0068 0x08c4  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
15:35:56.0083 0x08c4  agp440 - ok
15:35:56.0099 0x08c4  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
15:35:56.0146 0x08c4  ALG - ok
15:35:56.0177 0x08c4  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
15:35:56.0177 0x08c4  aliide - ok
15:35:56.0224 0x08c4  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
15:35:56.0255 0x08c4  amdide - ok
15:35:56.0302 0x08c4  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
15:35:56.0411 0x08c4  AmdK8 - ok
15:35:56.0442 0x08c4  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
15:35:56.0473 0x08c4  AmdPPM - ok
15:35:56.0520 0x08c4  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
15:35:56.0536 0x08c4  amdsata - ok
15:35:56.0551 0x08c4  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
15:35:56.0567 0x08c4  amdsbs - ok
15:35:56.0598 0x08c4  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
15:35:56.0614 0x08c4  amdxata - ok
15:35:56.0629 0x08c4  [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID           C:\Windows\system32\drivers\appid.sys
15:35:56.0707 0x08c4  AppID - ok
15:35:56.0738 0x08c4  [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
15:35:56.0770 0x08c4  AppIDSvc - ok
15:35:56.0801 0x08c4  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
15:35:56.0879 0x08c4  Appinfo - ok
15:35:56.0894 0x08c4  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
15:35:56.0972 0x08c4  AppMgmt - ok
15:35:56.0988 0x08c4  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
15:35:57.0004 0x08c4  arc - ok
15:35:57.0019 0x08c4  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
15:35:57.0035 0x08c4  arcsas - ok
15:35:57.0160 0x08c4  [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:35:57.0222 0x08c4  aspnet_state - ok
15:35:57.0253 0x08c4  [ EDABC3FA8F941D2047DA630E95E936C7, F07EAC0AB019522DFD8F5C8B1A3D293D8E5EAD2E7599613C9B8887F5219BD503 ] AsSysCtrlService C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.00\AsSysCtrlService.exe
15:35:57.0284 0x08c4  AsSysCtrlService - detected UnsignedFile.Multi.Generic ( 1 )
15:36:00.0170 0x08c4  Detect skipped due to KSN trusted
15:36:00.0170 0x08c4  AsSysCtrlService - ok
15:36:00.0170 0x08c4  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
15:36:00.0295 0x08c4  AsyncMac - ok
15:36:00.0326 0x08c4  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
15:36:00.0326 0x08c4  atapi - ok
15:36:00.0373 0x08c4  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:36:00.0404 0x08c4  AudioEndpointBuilder - ok
15:36:00.0436 0x08c4  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
15:36:00.0451 0x08c4  AudioSrv - ok
15:36:00.0529 0x08c4  [ 0D2F8F4055903A762AD46204E5A42E86, D3270039E4F066C69D844060388D3F895137C37C0FBE4C106BE1C71AE9DBC17A ] AVP             C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
15:36:00.0576 0x08c4  AVP - ok
15:36:00.0607 0x08c4  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
15:36:00.0701 0x08c4  AxInstSV - ok
15:36:00.0732 0x08c4  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
15:36:00.0779 0x08c4  b06bdrv - ok
15:36:00.0794 0x08c4  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
15:36:00.0841 0x08c4  b57nd60a - ok
15:36:00.0857 0x08c4  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
15:36:00.0935 0x08c4  BDESVC - ok
15:36:00.0950 0x08c4  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
15:36:00.0997 0x08c4  Beep - ok
15:36:01.0044 0x08c4  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
15:36:01.0122 0x08c4  BFE - ok
15:36:01.0169 0x08c4  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
15:36:01.0278 0x08c4  BITS - ok
15:36:01.0278 0x08c4  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
15:36:01.0309 0x08c4  blbdrive - ok
15:36:01.0340 0x08c4  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
15:36:01.0403 0x08c4  bowser - ok
15:36:01.0418 0x08c4  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:36:01.0606 0x08c4  BrFiltLo - ok
15:36:01.0621 0x08c4  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:36:01.0652 0x08c4  BrFiltUp - ok
15:36:01.0684 0x08c4  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
15:36:01.0746 0x08c4  BridgeMP - ok
15:36:01.0762 0x08c4  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
15:36:01.0808 0x08c4  Browser - ok
15:36:01.0824 0x08c4  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
15:36:01.0918 0x08c4  Brserid - ok
15:36:01.0933 0x08c4  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
15:36:01.0980 0x08c4  BrSerWdm - ok
15:36:02.0011 0x08c4  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
15:36:02.0042 0x08c4  BrUsbMdm - ok
15:36:02.0058 0x08c4  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
15:36:02.0089 0x08c4  BrUsbSer - ok
15:36:02.0136 0x08c4  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
15:36:02.0167 0x08c4  BTHMODEM - ok
15:36:02.0198 0x08c4  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
15:36:02.0230 0x08c4  bthserv - ok
15:36:02.0276 0x08c4  [ 2BD001601496AE87F7CB86F1FCD6F1EC, 7DDB69B025BE80CB50C1B8D4B20CD5D40FF09492B00E44157E74CBF7ED987478 ] Cardex          C:\Windows\SysWOW64\drivers\TBPANELX64.SYS
15:36:02.0292 0x08c4  Cardex - ok
15:36:02.0354 0x08c4  catchme - ok
15:36:02.0401 0x08c4  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
15:36:02.0464 0x08c4  cdfs - ok
15:36:02.0495 0x08c4  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\drivers\cdrom.sys
15:36:02.0495 0x08c4  cdrom - ok
15:36:02.0526 0x08c4  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
15:36:02.0557 0x08c4  CertPropSvc - ok
15:36:02.0573 0x08c4  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
15:36:02.0588 0x08c4  circlass - ok
15:36:02.0666 0x08c4  [ ED81E81752CA817AFA740C14AD05BC6C, 9E4B04D4604B96866B3ED18433914BF7ECF3F746CDB34ED856FFC418AAB3C04F ] cjpcsc          C:\Windows\SysWOW64\cjpcsc.exe
15:36:02.0713 0x08c4  cjpcsc - ok
15:36:02.0760 0x08c4  [ 06E1F5228399FC49A8D026DA38DB6784, 5554071E5C55FC7EF3C7C95F0BC565509C3F0C03E0814C98376932A9D1C32AA6 ] cjusb           C:\Windows\system32\DRIVERS\cjusb.sys
15:36:02.0776 0x08c4  cjusb - ok
15:36:02.0807 0x08c4  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
15:36:02.0822 0x08c4  CLFS - ok
15:36:02.0900 0x08c4  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:36:02.0916 0x08c4  clr_optimization_v2.0.50727_32 - ok
15:36:02.0947 0x08c4  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:36:02.0963 0x08c4  clr_optimization_v2.0.50727_64 - ok
15:36:03.0025 0x08c4  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:36:03.0041 0x08c4  clr_optimization_v4.0.30319_32 - ok
15:36:03.0072 0x08c4  [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:36:03.0134 0x08c4  clr_optimization_v4.0.30319_64 - ok
15:36:03.0150 0x08c4  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
15:36:03.0181 0x08c4  CmBatt - ok
15:36:03.0212 0x08c4  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
15:36:03.0228 0x08c4  cmdide - ok
15:36:03.0259 0x08c4  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG             C:\Windows\system32\Drivers\cng.sys
15:36:03.0290 0x08c4  CNG - ok
15:36:03.0306 0x08c4  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
15:36:03.0322 0x08c4  Compbatt - ok
15:36:03.0368 0x08c4  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
15:36:03.0415 0x08c4  CompositeBus - ok
15:36:03.0415 0x08c4  COMSysApp - ok
15:36:03.0431 0x08c4  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
15:36:03.0446 0x08c4  crcdisk - ok
15:36:03.0524 0x08c4  [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc        C:\Windows\system32\cryptsvc.dll
15:36:03.0602 0x08c4  CryptSvc - ok
15:36:03.0649 0x08c4  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
15:36:03.0758 0x08c4  CSC - ok
15:36:03.0805 0x08c4  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
15:36:03.0852 0x08c4  CscService - ok
15:36:03.0899 0x08c4  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
15:36:03.0946 0x08c4  DcomLaunch - ok
15:36:03.0992 0x08c4  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
15:36:04.0055 0x08c4  defragsvc - ok
15:36:04.0086 0x08c4  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
15:36:04.0117 0x08c4  DfsC - ok
15:36:04.0148 0x08c4  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
15:36:04.0211 0x08c4  Dhcp - ok
15:36:04.0242 0x08c4  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
15:36:04.0320 0x08c4  discache - ok
15:36:04.0336 0x08c4  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
15:36:04.0351 0x08c4  Disk - ok
15:36:04.0367 0x08c4  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
15:36:04.0429 0x08c4  Dnscache - ok
15:36:04.0460 0x08c4  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
15:36:04.0507 0x08c4  dot3svc - ok
15:36:04.0538 0x08c4  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
15:36:04.0570 0x08c4  DPS - ok
15:36:04.0601 0x08c4  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
15:36:04.0694 0x08c4  drmkaud - ok
15:36:04.0741 0x08c4  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
15:36:04.0772 0x08c4  DXGKrnl - ok
15:36:04.0804 0x08c4  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
15:36:04.0835 0x08c4  EapHost - ok
15:36:04.0975 0x08c4  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
15:36:05.0069 0x08c4  ebdrv - ok
15:36:05.0100 0x08c4  [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] EFS             C:\Windows\System32\lsass.exe
15:36:05.0178 0x08c4  EFS - ok
15:36:05.0256 0x08c4  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
15:36:05.0334 0x08c4  ehRecvr - ok
15:36:05.0365 0x08c4  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
15:36:05.0428 0x08c4  ehSched - ok
15:36:05.0474 0x08c4  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
15:36:05.0506 0x08c4  elxstor - ok
15:36:05.0521 0x08c4  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
15:36:05.0552 0x08c4  ErrDev - ok
15:36:05.0568 0x08c4  [ C33ACB897AF927D1C1BD84F211FAE75B, D598E1A2372DBA644C411770CFB168AE010F5D8660B2EF2D2E015AD08FB463E4 ] ESLvnic1        C:\Windows\system32\DRIVERS\ESLvnic.sys
15:36:05.0599 0x08c4  ESLvnic1 - ok
15:36:05.0662 0x08c4  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
15:36:05.0708 0x08c4  EventSystem - ok
15:36:05.0724 0x08c4  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
15:36:05.0755 0x08c4  exfat - ok
15:36:05.0818 0x08c4  Fabs - ok
15:36:05.0864 0x08c4  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
15:36:05.0927 0x08c4  fastfat - ok
15:36:05.0974 0x08c4  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
15:36:06.0036 0x08c4  Fax - ok
15:36:06.0052 0x08c4  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
15:36:06.0067 0x08c4  fdc - ok
15:36:06.0114 0x08c4  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
15:36:06.0161 0x08c4  fdPHost - ok
15:36:06.0176 0x08c4  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
15:36:06.0223 0x08c4  FDResPub - ok
15:36:06.0223 0x08c4  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
15:36:06.0239 0x08c4  FileInfo - ok
15:36:06.0254 0x08c4  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
15:36:06.0286 0x08c4  Filetrace - ok
15:36:06.0410 0x08c4  [ FFF1130F7C9FA01D093A1EDFC5CCE8FC, 159EAA1893D871C309A063829CB3BC51A019FBCA1E07530B5CA1A382B2CCAF61 ] FirebirdServerMAGIXInstance C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
15:36:06.0535 0x08c4  FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic ( 1 )
15:36:10.0092 0x08c4  Detect skipped due to KSN trusted
15:36:10.0092 0x08c4  FirebirdServerMAGIXInstance - ok
15:36:10.0108 0x08c4  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
15:36:10.0139 0x08c4  flpydisk - ok
15:36:10.0201 0x08c4  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
15:36:10.0217 0x08c4  FltMgr - ok
15:36:10.0295 0x08c4  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
15:36:10.0373 0x08c4  FontCache - ok
15:36:10.0420 0x08c4  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:36:10.0435 0x08c4  FontCache3.0.0.0 - ok
15:36:10.0451 0x08c4  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
15:36:10.0482 0x08c4  FsDepends - ok
15:36:10.0498 0x08c4  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
15:36:10.0513 0x08c4  Fs_Rec - ok
15:36:10.0544 0x08c4  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
15:36:10.0576 0x08c4  fvevol - ok
15:36:10.0591 0x08c4  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
15:36:10.0591 0x08c4  gagp30kx - ok
15:36:10.0638 0x08c4  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
15:36:10.0700 0x08c4  gpsvc - ok
15:36:10.0716 0x08c4  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B, F9995CFEC7BBFE10B06EEE04CA6B49658275C43096E57747BFF9C2C31A0F9011 ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
15:36:10.0716 0x08c4  hamachi - ok
15:36:10.0763 0x08c4  [ 6E02DDFFA0E8C069A92A0888B0CB8415, 44816EA24121AD0C9EB8048BED9250D7992CD0C0ABA69C3269A633D48297B7A7 ] hcmon           C:\Windows\system32\drivers\hcmon.sys
15:36:10.0778 0x08c4  hcmon - ok
15:36:10.0794 0x08c4  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
15:36:10.0856 0x08c4  hcw85cir - ok
15:36:10.0872 0x08c4  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
15:36:10.0903 0x08c4  HDAudBus - ok
15:36:10.0903 0x08c4  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
15:36:10.0919 0x08c4  HidBatt - ok
15:36:10.0934 0x08c4  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
15:36:10.0966 0x08c4  HidBth - ok
15:36:10.0981 0x08c4  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
15:36:11.0012 0x08c4  HidIr - ok
15:36:11.0044 0x08c4  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\System32\hidserv.dll
15:36:11.0106 0x08c4  hidserv - ok
15:36:11.0122 0x08c4  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
15:36:11.0184 0x08c4  HidUsb - ok
15:36:11.0215 0x08c4  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
15:36:11.0278 0x08c4  hkmsvc - ok
15:36:11.0309 0x08c4  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:36:11.0340 0x08c4  HomeGroupListener - ok
15:36:11.0371 0x08c4  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:36:11.0387 0x08c4  HomeGroupProvider - ok
15:36:11.0402 0x08c4  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
15:36:11.0418 0x08c4  HpSAMD - ok
15:36:11.0449 0x08c4  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
15:36:11.0558 0x08c4  HTTP - ok
15:36:11.0574 0x08c4  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
15:36:11.0590 0x08c4  hwpolicy - ok
15:36:11.0621 0x08c4  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
15:36:11.0636 0x08c4  i8042prt - ok
15:36:11.0683 0x08c4  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
15:36:11.0714 0x08c4  iaStorV - ok
15:36:11.0761 0x08c4  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:36:11.0792 0x08c4  idsvc - ok
15:36:11.0824 0x08c4  IEEtwCollectorService - ok
15:36:11.0855 0x08c4  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
15:36:11.0870 0x08c4  iirsp - ok
15:36:11.0917 0x08c4  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
15:36:11.0948 0x08c4  IKEEXT - ok
15:36:11.0964 0x08c4  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
15:36:11.0964 0x08c4  intelide - ok
15:36:11.0980 0x08c4  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
15:36:12.0011 0x08c4  intelppm - ok
15:36:12.0026 0x08c4  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
15:36:12.0104 0x08c4  IPBusEnum - ok
15:36:12.0136 0x08c4  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:36:12.0198 0x08c4  IpFilterDriver - ok
15:36:12.0276 0x08c4  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
15:36:12.0354 0x08c4  iphlpsvc - ok
15:36:12.0370 0x08c4  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
15:36:12.0401 0x08c4  IPMIDRV - ok
15:36:12.0416 0x08c4  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
15:36:12.0463 0x08c4  IPNAT - ok
15:36:12.0479 0x08c4  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
15:36:12.0526 0x08c4  IRENUM - ok
15:36:12.0557 0x08c4  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
15:36:12.0572 0x08c4  isapnp - ok
15:36:12.0619 0x08c4  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
15:36:12.0635 0x08c4  iScsiPrt - ok
15:36:12.0650 0x08c4  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
15:36:12.0666 0x08c4  kbdclass - ok
15:36:12.0697 0x08c4  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
15:36:12.0728 0x08c4  kbdhid - ok
15:36:12.0744 0x08c4  [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] KeyIso          C:\Windows\system32\lsass.exe
15:36:12.0760 0x08c4  KeyIso - ok
15:36:12.0822 0x08c4  [ 795EC29BA21F1D948FD6FD740C00B599, 780900717A812C5DB78C67057010BD62DF2C756C087599A6F8C67CB4EFA7518C ] kl1             C:\Windows\system32\DRIVERS\kl1.sys
15:36:12.0853 0x08c4  kl1 - ok
15:36:12.0884 0x08c4  [ D0C3AEF67932D2A80736FBCB956C017D, 166C2FD5F1B6FFE7A71CD821DFDD02B68D25CBF0D44BD6F2522C65CF1DEB363C ] klflt           C:\Windows\system32\DRIVERS\klflt.sys
15:36:12.0900 0x08c4  klflt - ok
15:36:12.0962 0x08c4  [ 41DF293A7F0418F5DDED9F0297DC68F3, 25DE4BB7F2D915FCF576ABD46EEDC5574B694A2D1E5CB7AB565792C7BB57C76B ] KLIF            C:\Windows\system32\DRIVERS\klif.sys
15:36:12.0994 0x08c4  KLIF - ok
15:36:13.0009 0x08c4  [ 31B69BFF28348503E4BD10C2A4F66D05, 891318C2DDF85E43DFCEE73717AEFCE79BC3DCD83FCD58E6F794AB6BF1739688 ] KLIM6           C:\Windows\system32\DRIVERS\klim6.sys
15:36:13.0009 0x08c4  KLIM6 - ok
15:36:13.0056 0x08c4  [ 8DA5BC75C3E8A995335642F26CAEA54B, 3995AAB499A37077AA4FB372E75CD9259BA3EA7020B961CF482AC948D2D47AB4 ] klkbdflt        C:\Windows\system32\DRIVERS\klkbdflt.sys
15:36:13.0072 0x08c4  klkbdflt - ok
15:36:13.0087 0x08c4  [ 72CF64FBF38CD681FA7F37176047E967, BE5683C119DCEF7E678EE477D6CADF873E32D42372A253B7E86B8C335DF28E1C ] klmouflt        C:\Windows\system32\DRIVERS\klmouflt.sys
15:36:13.0103 0x08c4  klmouflt - ok
15:36:13.0118 0x08c4  [ 8C0EC95AD65A0DE3D6C040591D02BF02, 272FB83752B73684FA7BDBE256FAFD56138E4755AAEFED9E7EF8F0E3D0ACFAF2 ] klpd            C:\Windows\system32\DRIVERS\klpd.sys
15:36:13.0134 0x08c4  klpd - ok
15:36:13.0196 0x08c4  [ 4828B3D2BC89B05E07101C6E60CE0A6A, C2D40EA03A526286AEDF27DE80CB0576EB59EB7581C9E9ECFCB867349593D7CE ] kltdi           C:\Windows\system32\DRIVERS\kltdi.sys
15:36:13.0212 0x08c4  kltdi - ok
15:36:13.0259 0x08c4  [ 91BC1C5B00275A4D7FD669EFF0DDEB2A, B745518E1916441A49565478EA77C8DBC784E7B4D9DAD1EA1F648ED1727F413D ] kneps           C:\Windows\system32\DRIVERS\kneps.sys
15:36:13.0274 0x08c4  kneps - ok
15:36:13.0337 0x08c4  [ 3209D40399078C1091398F43215EDD1A, 4F4A5D85D06352DAD09ECB5BD272FC011DF23F6787CCE51AC9BCDD2A48DDA16F ] KOBCCID         C:\Windows\system32\drivers\KOBCCID.sys
15:36:13.0352 0x08c4  KOBCCID - detected UnsignedFile.Multi.Generic ( 1 )
15:36:16.0238 0x08c4  Detect skipped due to KSN trusted
15:36:16.0238 0x08c4  KOBCCID - ok
15:36:16.0270 0x08c4  [ 063C09DB965E3DFD6F4F08416F6DB8F5, 0BE015C59288397536B3941BA55EFE0CF06714BC43FF3A33A1D844B4E0F16097 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
15:36:16.0285 0x08c4  KSecDD - ok
15:36:16.0301 0x08c4  [ 1FA627E63195BF3BF636BFEF0D7190D4, 794456605303F4916E81BE899E0B05CB070094E719ADA8BE8072A761E35CA8E9 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
15:36:16.0301 0x08c4  KSecPkg - ok
15:36:16.0332 0x08c4  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
15:36:16.0348 0x08c4  ksthunk - ok
15:36:16.0379 0x08c4  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
15:36:16.0410 0x08c4  KtmRm - ok
15:36:16.0426 0x08c4  [ 883E2BC3E28458F17B02DF95CE46C4D6, 9CA21A876BD1AECB83F75883845610E7DE4ECAAE742DFE6DF6A0B687D842D8F3 ] LADF_DHP2       C:\Windows\system32\DRIVERS\ladfDHP2amd64.sys
15:36:16.0426 0x08c4  LADF_DHP2 - ok
15:36:16.0457 0x08c4  [ B012B0402856EEFE7E9527B4086A1388, 9D4290C9FFA01718E72F64E0019FEAD79B7619CD0F3E9CC20E2D42DAA828549A ] LADF_SBVM       C:\Windows\system32\DRIVERS\ladfSBVMamd64.sys
15:36:16.0472 0x08c4  LADF_SBVM - ok
15:36:16.0504 0x08c4  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\System32\srvsvc.dll
15:36:16.0566 0x08c4  LanmanServer - ok
15:36:16.0597 0x08c4  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:36:16.0644 0x08c4  LanmanWorkstation - ok
15:36:16.0722 0x08c4  [ 88E52495B47C67126B510AF53FDB0BC7, 75027CE5F578592BBA29F4FB8D820AC5D4E5C8F3095CAF9441818B14128BB4E4 ] LBTServ         C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
15:36:16.0738 0x08c4  LBTServ - ok
15:36:16.0753 0x08c4  [ B6552D382FF070B4ED34CBD6737277C0, 7C2C24454037170311B0267DEFB797E8DF8D157D62157D271BF7F5F74B2A12F3 ] LHidFilt        C:\Windows\system32\DRIVERS\LHidFilt.Sys
15:36:16.0753 0x08c4  LHidFilt - ok
15:36:16.0784 0x08c4  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
15:36:16.0831 0x08c4  lltdio - ok
15:36:16.0862 0x08c4  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
15:36:16.0925 0x08c4  lltdsvc - ok
15:36:16.0956 0x08c4  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
15:36:16.0987 0x08c4  lmhosts - ok
15:36:17.0018 0x08c4  [ 73C1F563AB73D459DFFE682D66476558, 9B8BEE384C968DC6C37DD54B9128D9C2BA92EDBF7BDF49D753AA7DB165F18D00 ] LMouFilt        C:\Windows\system32\DRIVERS\LMouFilt.Sys
15:36:17.0018 0x08c4  LMouFilt - ok
15:36:17.0034 0x08c4  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
15:36:17.0050 0x08c4  LSI_FC - ok
15:36:17.0065 0x08c4  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
15:36:17.0081 0x08c4  LSI_SAS - ok
15:36:17.0096 0x08c4  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:36:17.0112 0x08c4  LSI_SAS2 - ok
15:36:17.0128 0x08c4  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:36:17.0128 0x08c4  LSI_SCSI - ok
15:36:17.0143 0x08c4  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
15:36:17.0190 0x08c4  luafv - ok
15:36:17.0221 0x08c4  [ 9D9714E78EAC9E5368208649489C920E, 56DF5DBDF4963758A1E6BAD6210F8682A846DA9E5924CFA5879AC89CA7223C93 ] LUsbFilt        C:\Windows\system32\Drivers\LUsbFilt.Sys
15:36:17.0221 0x08c4  LUsbFilt - ok
15:36:17.0299 0x08c4  [ 1E9E32AEC3E1EB1B31B8169F33168B56, 39114585E1FDBBA31E1F781C6A627281907183F94626EB347B08D1F78992ED2A ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
15:36:17.0299 0x08c4  MBAMProtector - ok
15:36:17.0408 0x08c4  [ 516E29AD03BDF610CC36A95AE692FE42, 09F913B169AD775FF587AE59AEC5DD2A2D8646803F48BF616C74EEC0DE3BE7A2 ] MBAMScheduler   C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
15:36:17.0455 0x08c4  MBAMScheduler - ok
15:36:17.0518 0x08c4  [ 2B983F067AEE3F9EB4DF5E97F45D21D1, 0B9ED0E91FF01A5445927650113E320C3C0EA16F1401AA55A509DDBF704DF22F ] MBAMService     C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
15:36:17.0549 0x08c4  MBAMService - ok
15:36:17.0580 0x08c4  [ F49FB3C88E263AE9A246593B0BB29294, FB53D6FA4A98B98334DCFF81E40712265256D31A9E9FF36022887BABD50F39EB ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
15:36:17.0596 0x08c4  MBAMWebAccessControl - ok
15:36:17.0627 0x08c4  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
15:36:17.0674 0x08c4  Mcx2Svc - ok
15:36:17.0705 0x08c4  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
15:36:17.0705 0x08c4  megasas - ok
15:36:17.0736 0x08c4  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
15:36:17.0767 0x08c4  MegaSR - ok
15:36:17.0783 0x08c4  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
15:36:17.0814 0x08c4  MMCSS - ok
15:36:17.0830 0x08c4  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
15:36:17.0892 0x08c4  Modem - ok
15:36:17.0908 0x08c4  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
15:36:17.0923 0x08c4  monitor - ok
15:36:17.0939 0x08c4  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
15:36:17.0954 0x08c4  mouclass - ok
15:36:17.0970 0x08c4  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
15:36:17.0986 0x08c4  mouhid - ok
15:36:18.0017 0x08c4  [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
15:36:18.0032 0x08c4  mountmgr - ok
15:36:18.0095 0x08c4  [ 26EA1DAD601EE3ACAC301D66F07BA219, C9594BB15D53D4AC2156CCCD2DB65B2C20620F1F60DA85F48D1586FC10028096 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:36:18.0126 0x08c4  MozillaMaintenance - ok
15:36:18.0142 0x08c4  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
15:36:18.0157 0x08c4  mpio - ok
15:36:18.0173 0x08c4  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
15:36:18.0220 0x08c4  mpsdrv - ok
15:36:18.0266 0x08c4  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
15:36:18.0313 0x08c4  MpsSvc - ok
15:36:18.0391 0x08c4  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
15:36:18.0422 0x08c4  MRxDAV - ok
15:36:18.0454 0x08c4  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
15:36:18.0532 0x08c4  mrxsmb - ok
15:36:18.0563 0x08c4  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:36:18.0594 0x08c4  mrxsmb10 - ok
15:36:18.0625 0x08c4  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:36:18.0641 0x08c4  mrxsmb20 - ok
15:36:18.0656 0x08c4  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
15:36:18.0672 0x08c4  msahci - ok
15:36:18.0688 0x08c4  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
15:36:18.0703 0x08c4  msdsm - ok
15:36:18.0719 0x08c4  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
15:36:18.0766 0x08c4  MSDTC - ok
15:36:18.0781 0x08c4  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
15:36:18.0812 0x08c4  Msfs - ok
15:36:18.0844 0x08c4  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
15:36:18.0875 0x08c4  mshidkmdf - ok
15:36:18.0906 0x08c4  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
15:36:18.0906 0x08c4  msisadrv - ok
15:36:18.0937 0x08c4  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
15:36:18.0984 0x08c4  MSiSCSI - ok
15:36:18.0984 0x08c4  msiserver - ok
15:36:19.0015 0x08c4  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
15:36:19.0062 0x08c4  MSKSSRV - ok
15:36:19.0078 0x08c4  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
15:36:19.0109 0x08c4  MSPCLOCK - ok
15:36:19.0124 0x08c4  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
15:36:19.0156 0x08c4  MSPQM - ok
15:36:19.0187 0x08c4  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
15:36:19.0202 0x08c4  MsRPC - ok
15:36:19.0234 0x08c4  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
15:36:19.0249 0x08c4  mssmbios - ok
15:36:19.0249 0x08c4  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
15:36:19.0296 0x08c4  MSTEE - ok
15:36:19.0312 0x08c4  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
15:36:19.0343 0x08c4  MTConfig - ok
15:36:19.0374 0x08c4  [ 6936198F2CC25B39CF5262436C80DF46, 20205040A5E0AFE5F94AC226D2DD8BF89029F62C7E7AF6D4B048D3D4D5827A8F ] MTsensor        C:\Windows\system32\DRIVERS\ASACPI.sys
15:36:19.0390 0x08c4  MTsensor - ok
15:36:19.0405 0x08c4  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
15:36:19.0421 0x08c4  Mup - ok
15:36:19.0452 0x08c4  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
15:36:19.0514 0x08c4  napagent - ok
15:36:19.0546 0x08c4  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
15:36:19.0561 0x08c4  NativeWifiP - ok
15:36:19.0608 0x08c4  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
15:36:19.0639 0x08c4  NDIS - ok
15:36:19.0655 0x08c4  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
15:36:19.0686 0x08c4  NdisCap - ok
15:36:19.0717 0x08c4  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
15:36:19.0748 0x08c4  NdisTapi - ok
15:36:19.0764 0x08c4  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
15:36:19.0811 0x08c4  Ndisuio - ok
15:36:19.0842 0x08c4  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
15:36:19.0904 0x08c4  NdisWan - ok
15:36:19.0936 0x08c4  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
15:36:19.0967 0x08c4  NDProxy - ok
15:36:19.0998 0x08c4  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
15:36:20.0029 0x08c4  NetBIOS - ok
15:36:20.0076 0x08c4  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
15:36:20.0107 0x08c4  NetBT - ok
15:36:20.0107 0x08c4  [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] Netlogon        C:\Windows\system32\lsass.exe
15:36:20.0107 0x08c4  Netlogon - ok
15:36:20.0138 0x08c4  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
15:36:20.0201 0x08c4  Netman - ok
15:36:20.0248 0x08c4  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:36:20.0294 0x08c4  NetMsmqActivator - ok
15:36:20.0310 0x08c4  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:36:20.0326 0x08c4  NetPipeActivator - ok
15:36:20.0357 0x08c4  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
15:36:20.0388 0x08c4  netprofm - ok
15:36:20.0435 0x08c4  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:36:20.0450 0x08c4  NetTcpActivator - ok
15:36:20.0466 0x08c4  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:36:20.0466 0x08c4  NetTcpPortSharing - ok
15:36:20.0482 0x08c4  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
15:36:20.0497 0x08c4  nfrd960 - ok
15:36:20.0528 0x08c4  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
15:36:20.0591 0x08c4  NlaSvc - ok
15:36:20.0622 0x08c4  [ C31FA031335EFF434B2D94278E74BCCE, F5DFD40C16E4013CBAD0E4FB8EF2B4419702B9C215218F69C4A2DD7C4C4C1E2B ] NPF             C:\Windows\system32\drivers\npf.sys
15:36:20.0638 0x08c4  NPF - ok
15:36:20.0653 0x08c4  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
15:36:20.0684 0x08c4  Npfs - ok
15:36:20.0716 0x08c4  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
15:36:20.0762 0x08c4  nsi - ok
15:36:20.0778 0x08c4  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
15:36:20.0825 0x08c4  nsiproxy - ok
15:36:20.0887 0x08c4  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
15:36:20.0934 0x08c4  Ntfs - ok
15:36:20.0950 0x08c4  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
15:36:20.0965 0x08c4  Null - ok
15:36:21.0355 0x08c4  [ 5D89C0070BC2643117CF33D0367AFABA, C245E0C0DB6665B6226B4D188F620272C175F0FEA63617ECA45B4FA86273E20C ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:36:21.0792 0x08c4  nvlddmkm - ok
15:36:21.0917 0x08c4  [ 45D6780D0525D7BC29E2E3605CA73C18, C8BBE8BE9824CD1D3C4314FE370FA03BD6000187B4FC4FC935F8342E1A02FA7E ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
15:36:21.0948 0x08c4  NvNetworkService - ok
15:36:21.0979 0x08c4  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
15:36:21.0979 0x08c4  nvraid - ok
15:36:22.0010 0x08c4  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
15:36:22.0042 0x08c4  nvstor - ok
15:36:22.0104 0x08c4  [ A0D870DCE152EE5B92A41AD927201D19, 67FB025CB380D933BF0FDD4AFE9BE4E3C1D69A59865E02A96533BBE9EC260D71 ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
15:36:22.0120 0x08c4  NvStreamKms - ok
15:36:22.0681 0x08c4  [ E5597D09E5239C0F908948DB7057AC26, A6045D4D9D2F8007B0F75DAAABB2AD9FEB4A898E33A51ECE9A9D788D8E8F84A4 ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
15:36:23.0118 0x08c4  NvStreamSvc - ok
15:36:23.0180 0x08c4  [ C5647FB500C2A1F946B77C953528042D, E0A53D158B2141EBBE6762165154B4DE9524E6BD3AD7247B6D25AC96E0A34AA0 ] nvsvc           C:\Windows\system32\nvvsvc.exe
15:36:23.0212 0x08c4  nvsvc - ok
15:36:23.0243 0x08c4  [ 75034A4D7C02327D150B617571D4196A, 8E7DAFEC4307E883D52BD0B5F0732E26E019C953770B52ACBBAD3074A66393CB ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
15:36:23.0258 0x08c4  nvvad_WaveExtensible - ok
15:36:23.0290 0x08c4  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
15:36:23.0305 0x08c4  nv_agp - ok
15:36:23.0321 0x08c4  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
15:36:23.0336 0x08c4  ohci1394 - ok
15:36:23.0368 0x08c4  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
15:36:23.0430 0x08c4  p2pimsvc - ok
15:36:23.0461 0x08c4  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
15:36:23.0492 0x08c4  p2psvc - ok
15:36:23.0524 0x08c4  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
15:36:23.0555 0x08c4  Parport - ok
15:36:23.0586 0x08c4  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
15:36:23.0602 0x08c4  partmgr - ok
15:36:23.0633 0x08c4  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
15:36:23.0695 0x08c4  PcaSvc - ok
15:36:23.0726 0x08c4  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
15:36:23.0742 0x08c4  pci - ok
15:36:23.0758 0x08c4  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
15:36:23.0773 0x08c4  pciide - ok
15:36:23.0804 0x08c4  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
15:36:23.0804 0x08c4  pcmcia - ok
15:36:23.0836 0x08c4  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
15:36:23.0851 0x08c4  pcw - ok
15:36:23.0867 0x08c4  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
15:36:23.0898 0x08c4  PEAUTH - ok
15:36:23.0945 0x08c4  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
15:36:24.0023 0x08c4  PeerDistSvc - ok
15:36:24.0101 0x08c4  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
15:36:24.0132 0x08c4  PerfHost - ok
15:36:24.0226 0x08c4  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
15:36:24.0288 0x08c4  pla - ok
15:36:24.0304 0x08c4  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
15:36:24.0397 0x08c4  PlugPlay - ok
15:36:24.0413 0x08c4  PnkBstrA - ok
15:36:24.0428 0x08c4  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
15:36:24.0444 0x08c4  PNRPAutoReg - ok
15:36:24.0475 0x08c4  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
15:36:24.0506 0x08c4  PNRPsvc - ok
15:36:24.0538 0x08c4  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
15:36:24.0584 0x08c4  PolicyAgent - ok
15:36:24.0616 0x08c4  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
15:36:24.0647 0x08c4  Power - ok
15:36:24.0678 0x08c4  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
15:36:24.0709 0x08c4  PptpMiniport - ok
15:36:24.0725 0x08c4  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
15:36:24.0756 0x08c4  Processor - ok
15:36:24.0787 0x08c4  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
15:36:24.0865 0x08c4  ProfSvc - ok
15:36:24.0881 0x08c4  [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:36:24.0896 0x08c4  ProtectedStorage - ok
15:36:24.0928 0x08c4  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
15:36:24.0959 0x08c4  Psched - ok
15:36:25.0037 0x08c4  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
15:36:25.0068 0x08c4  ql2300 - ok
15:36:25.0115 0x08c4  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
15:36:25.0130 0x08c4  ql40xx - ok
15:36:25.0193 0x08c4  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
15:36:25.0224 0x08c4  QWAVE - ok
15:36:25.0240 0x08c4  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
15:36:25.0271 0x08c4  QWAVEdrv - ok
15:36:25.0302 0x08c4  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
15:36:25.0333 0x08c4  RasAcd - ok
15:36:25.0349 0x08c4  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
15:36:25.0396 0x08c4  RasAgileVpn - ok
15:36:25.0411 0x08c4  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
15:36:25.0458 0x08c4  RasAuto - ok
15:36:25.0489 0x08c4  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
15:36:25.0520 0x08c4  Rasl2tp - ok
15:36:25.0536 0x08c4  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
15:36:25.0583 0x08c4  RasMan - ok
15:36:25.0598 0x08c4  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
15:36:25.0661 0x08c4  RasPppoe - ok
15:36:25.0676 0x08c4  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
15:36:25.0723 0x08c4  RasSstp - ok
15:36:25.0770 0x08c4  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
15:36:25.0817 0x08c4  rdbss - ok
15:36:25.0832 0x08c4  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
15:36:25.0848 0x08c4  rdpbus - ok
15:36:25.0864 0x08c4  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
15:36:25.0910 0x08c4  RDPCDD - ok
15:36:25.0942 0x08c4  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
15:36:26.0020 0x08c4  RDPDR - ok
15:36:26.0035 0x08c4  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
15:36:26.0082 0x08c4  RDPENCDD - ok
15:36:26.0082 0x08c4  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
15:36:26.0144 0x08c4  RDPREFMP - ok
15:36:26.0222 0x08c4  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
15:36:26.0316 0x08c4  RdpVideoMiniport - ok
15:36:26.0332 0x08c4  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
15:36:26.0378 0x08c4  RDPWD - ok
15:36:26.0410 0x08c4  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
15:36:26.0425 0x08c4  rdyboost - ok
15:36:26.0456 0x08c4  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
15:36:26.0550 0x08c4  RemoteAccess - ok
15:36:26.0581 0x08c4  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
15:36:26.0628 0x08c4  RemoteRegistry - ok
15:36:26.0659 0x08c4  [ A780D3EAA74582EA1DEB6BD9C7A3D9C9, 9F66C47D49AADDC946C20945685C1B8BDFAF011D9CD840AC9F3130B5BA09946C ] rpcapd          C:\Program Files (x86)\WinPcap\rpcapd.exe
15:36:26.0659 0x08c4  rpcapd - ok
15:36:26.0675 0x08c4  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
15:36:26.0706 0x08c4  RpcEptMapper - ok
15:36:26.0737 0x08c4  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
15:36:26.0753 0x08c4  RpcLocator - ok
15:36:26.0784 0x08c4  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
15:36:26.0815 0x08c4  RpcSs - ok
15:36:26.0846 0x08c4  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
15:36:26.0878 0x08c4  rspndr - ok
15:36:26.0893 0x08c4  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
15:36:26.0940 0x08c4  s3cap - ok
15:36:26.0956 0x08c4  [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] SamSs           C:\Windows\system32\lsass.exe
15:36:26.0971 0x08c4  SamSs - ok
15:36:27.0002 0x08c4  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
15:36:27.0002 0x08c4  sbp2port - ok
15:36:27.0034 0x08c4  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
15:36:27.0080 0x08c4  SCardSvr - ok
15:36:27.0096 0x08c4  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
15:36:27.0143 0x08c4  scfilter - ok
15:36:27.0190 0x08c4  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
15:36:27.0252 0x08c4  Schedule - ok
15:36:27.0283 0x08c4  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
15:36:27.0314 0x08c4  SCPolicySvc - ok
15:36:27.0330 0x08c4  [ E03B9294A9B70A214328B2B518F20DB0, 83586F8F0E75A5CCAD0616C4F5B726F5161BE33588E1B50EADA7EA7CB10185FB ] ScreamBAudioSvc C:\Windows\system32\drivers\ScreamingBAudio64.sys
15:36:27.0346 0x08c4  ScreamBAudioSvc - ok
15:36:27.0361 0x08c4  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
15:36:27.0424 0x08c4  SDRSVC - ok
15:36:27.0439 0x08c4  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
15:36:27.0470 0x08c4  seclogon - ok
15:36:27.0502 0x08c4  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\system32\sens.dll
15:36:27.0548 0x08c4  SENS - ok
15:36:27.0580 0x08c4  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
15:36:27.0611 0x08c4  SensrSvc - ok
15:36:27.0642 0x08c4  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
15:36:27.0642 0x08c4  Serenum - ok
15:36:27.0673 0x08c4  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
15:36:27.0673 0x08c4  Serial - ok
15:36:27.0689 0x08c4  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
15:36:27.0704 0x08c4  sermouse - ok
15:36:27.0736 0x08c4  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
15:36:27.0767 0x08c4  SessionEnv - ok
15:36:27.0798 0x08c4  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
15:36:27.0829 0x08c4  sffdisk - ok
15:36:27.0860 0x08c4  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
15:36:27.0876 0x08c4  sffp_mmc - ok
15:36:27.0892 0x08c4  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
15:36:27.0923 0x08c4  sffp_sd - ok
15:36:27.0938 0x08c4  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
15:36:27.0970 0x08c4  sfloppy - ok
15:36:28.0016 0x08c4  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
15:36:28.0079 0x08c4  SharedAccess - ok
15:36:28.0126 0x08c4  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:36:28.0172 0x08c4  ShellHWDetection - ok
15:36:28.0188 0x08c4  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:36:28.0204 0x08c4  SiSRaid2 - ok
15:36:28.0219 0x08c4  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
15:36:28.0219 0x08c4  SiSRaid4 - ok
15:36:28.0282 0x08c4  [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
15:36:28.0313 0x08c4  SkypeUpdate - ok
15:36:28.0328 0x08c4  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
15:36:28.0344 0x08c4  Smb - ok
15:36:28.0375 0x08c4  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
15:36:28.0406 0x08c4  SNMPTRAP - ok
15:36:28.0422 0x08c4  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
15:36:28.0438 0x08c4  spldr - ok
15:36:28.0469 0x08c4  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
15:36:28.0531 0x08c4  Spooler - ok
15:36:28.0656 0x08c4  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
15:36:28.0765 0x08c4  sppsvc - ok
15:36:28.0796 0x08c4  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
15:36:28.0843 0x08c4  sppuinotify - ok
15:36:28.0874 0x08c4  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
15:36:28.0921 0x08c4  srv - ok
15:36:28.0937 0x08c4  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
15:36:28.0968 0x08c4  srv2 - ok
15:36:28.0984 0x08c4  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
15:36:28.0984 0x08c4  srvnet - ok
15:36:29.0015 0x08c4  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
15:36:29.0062 0x08c4  SSDPSRV - ok
15:36:29.0093 0x08c4  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
15:36:29.0124 0x08c4  SstpSvc - ok
15:36:29.0124 0x08c4  Steam Client Service - ok
15:36:29.0202 0x08c4  [ 32B37DD6E7D423DF3CF3B196C8005F85, 5989DD72AB03009625D5A49CC05D7955D07E3A933AEB292882F22928C5D60565 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
15:36:29.0233 0x08c4  Stereo Service - ok
15:36:29.0264 0x08c4  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
15:36:29.0264 0x08c4  stexstor - ok
15:36:29.0358 0x08c4  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
15:36:29.0389 0x08c4  stisvc - ok
15:36:29.0420 0x08c4  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
15:36:29.0420 0x08c4  storflt - ok
15:36:29.0452 0x08c4  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
15:36:29.0452 0x08c4  storvsc - ok
15:36:29.0483 0x08c4  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
15:36:29.0483 0x08c4  swenum - ok
15:36:29.0514 0x08c4  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
15:36:29.0561 0x08c4  swprv - ok
15:36:29.0576 0x08c4  Synth3dVsc - ok
15:36:29.0670 0x08c4  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
15:36:29.0764 0x08c4  SysMain - ok
15:36:29.0795 0x08c4  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:36:29.0826 0x08c4  TabletInputService - ok
15:36:29.0857 0x08c4  [ 4EF44915E522F3ECD1A3FF540AA64126, 3B7ABB4B263F5DC7E12BEBD0512A13877236E0C020B7FE618EE84FAB3E3BF991 ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys
15:36:29.0904 0x08c4  tap0901 - ok
15:36:29.0935 0x08c4  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
15:36:29.0998 0x08c4  TapiSrv - ok
15:36:30.0029 0x08c4  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
15:36:30.0076 0x08c4  TBS - ok
15:36:30.0154 0x08c4  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
15:36:30.0200 0x08c4  Tcpip - ok
15:36:30.0247 0x08c4  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
15:36:30.0294 0x08c4  TCPIP6 - ok
15:36:30.0325 0x08c4  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
15:36:30.0325 0x08c4  tcpipreg - ok
15:36:30.0341 0x08c4  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
15:36:30.0419 0x08c4  TDPIPE - ok
15:36:30.0434 0x08c4  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
15:36:30.0466 0x08c4  TDTCP - ok
15:36:30.0497 0x08c4  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
15:36:30.0559 0x08c4  tdx - ok
15:36:30.0590 0x08c4  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
15:36:30.0606 0x08c4  TermDD - ok
15:36:30.0653 0x08c4  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
15:36:30.0684 0x08c4  TermService - ok
15:36:30.0700 0x08c4  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
15:36:30.0746 0x08c4  Themes - ok
15:36:30.0762 0x08c4  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
15:36:30.0793 0x08c4  THREADORDER - ok
15:36:30.0809 0x08c4  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
15:36:30.0840 0x08c4  TrkWks - ok
15:36:30.0887 0x08c4  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:36:30.0934 0x08c4  TrustedInstaller - ok
15:36:30.0965 0x08c4  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
15:36:30.0980 0x08c4  tssecsrv - ok
15:36:31.0012 0x08c4  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
15:36:31.0058 0x08c4  TsUsbFlt - ok
15:36:31.0058 0x08c4  tsusbhub - ok
15:36:31.0090 0x08c4  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
15:36:31.0136 0x08c4  tunnel - ok
15:36:31.0152 0x08c4  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
15:36:31.0168 0x08c4  uagp35 - ok
15:36:31.0199 0x08c4  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
15:36:31.0230 0x08c4  udfs - ok
15:36:31.0246 0x08c4  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
15:36:31.0277 0x08c4  UI0Detect - ok
15:36:31.0308 0x08c4  [ B1D1FE35303E3AEE6D5AF69F09F12E87, 3F7C5F93077E056995F73E906FA86F8CE9EB4435DBBD763648FB9D1265DF11FA ] uisp            C:\Windows\system32\Drivers\usbicp.sys
15:36:31.0355 0x08c4  uisp - ok
15:36:31.0386 0x08c4  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
15:36:31.0402 0x08c4  uliagpkx - ok
15:36:31.0433 0x08c4  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\drivers\umbus.sys
15:36:31.0464 0x08c4  umbus - ok
15:36:31.0480 0x08c4  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
15:36:31.0511 0x08c4  UmPass - ok
15:36:31.0542 0x08c4  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
15:36:31.0589 0x08c4  UmRdpService - ok
15:36:31.0620 0x08c4  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
15:36:31.0667 0x08c4  upnphost - ok
15:36:31.0729 0x08c4  [ D4531B9B73B990DC53B4A765E3BD070A, 6BABBD203658A9DE011AC4F34608E5A5A921D7E3B50B920381F69F2B152B1F1A ] UPnPService     C:\Program Files (x86)\Common Files\MAGIX Shared\UPnPService\UPnPService.exe
15:36:31.0745 0x08c4  UPnPService - detected UnsignedFile.Multi.Generic ( 1 )
15:36:34.0615 0x08c4  Detect skipped due to KSN trusted
15:36:34.0615 0x08c4  UPnPService - ok
15:36:34.0646 0x08c4  [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
15:36:34.0678 0x08c4  USBAAPL64 - detected UnsignedFile.Multi.Generic ( 1 )
15:36:37.0548 0x08c4  Detect skipped due to KSN trusted
15:36:37.0548 0x08c4  USBAAPL64 - ok
15:36:37.0564 0x08c4  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
15:36:37.0610 0x08c4  usbaudio - ok
15:36:37.0642 0x08c4  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
15:36:37.0673 0x08c4  usbccgp - ok
15:36:37.0704 0x08c4  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
15:36:37.0735 0x08c4  usbcir - ok
15:36:37.0751 0x08c4  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
15:36:37.0766 0x08c4  usbehci - ok
15:36:37.0798 0x08c4  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
15:36:37.0829 0x08c4  usbhub - ok
15:36:37.0860 0x08c4  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
15:36:37.0876 0x08c4  usbohci - ok
15:36:37.0891 0x08c4  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
15:36:37.0922 0x08c4  usbprint - ok
15:36:37.0954 0x08c4  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:36:38.0032 0x08c4  USBSTOR - ok
15:36:38.0063 0x08c4  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
15:36:38.0094 0x08c4  usbuhci - ok
15:36:38.0125 0x08c4  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
15:36:38.0172 0x08c4  UxSms - ok
15:36:38.0203 0x08c4  [ 81A9F455BF2C9180348949F7C8D93E66, 77D3DE9CA7103235695D2B7D91D8D836CF364985280020900267615ABE133B37 ] VaneFltr        C:\Windows\system32\drivers\Lachesis.sys
15:36:38.0234 0x08c4  VaneFltr - ok
15:36:38.0250 0x08c4  [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] VaultSvc        C:\Windows\system32\lsass.exe
15:36:38.0266 0x08c4  VaultSvc - ok
15:36:38.0281 0x08c4  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
15:36:38.0281 0x08c4  vdrvroot - ok
15:36:38.0312 0x08c4  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
15:36:38.0375 0x08c4  vds - ok
15:36:38.0390 0x08c4  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
15:36:38.0406 0x08c4  vga - ok
15:36:38.0422 0x08c4  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
15:36:38.0453 0x08c4  VgaSave - ok
15:36:38.0453 0x08c4  VGPU - ok
15:36:38.0484 0x08c4  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
15:36:38.0500 0x08c4  vhdmp - ok
15:36:38.0515 0x08c4  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
15:36:38.0531 0x08c4  viaide - ok
15:36:38.0578 0x08c4  [ 549CD7035F5CF5CEE4DE11539C9715F4, 6FED4D5161420890A92C3B811B4CBD18A1A106D5F5E674166E538E65A1C68E04 ] VMAuthdService  C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
15:36:38.0593 0x08c4  VMAuthdService - ok
15:36:38.0624 0x08c4  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
15:36:38.0640 0x08c4  vmbus - ok
15:36:38.0656 0x08c4  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
15:36:38.0687 0x08c4  VMBusHID - ok
15:36:38.0702 0x08c4  [ BE8E5E5D53ACF71D4E8E686B68C99B04, 4F30A360095FCB2627068FA6A65A951688058E8FDDF5CE895E2AE39500A413B1 ] vmci            C:\Windows\system32\DRIVERS\vmci.sys
15:36:38.0718 0x08c4  vmci - ok
15:36:38.0734 0x08c4  [ CCB2A61113D093B9B5CCCF1D60D65E7A, 4459DD26ACF1B7675016B16BA02814E2A35FE862DEDA31AC7110CE2C2E3947AA ] vmkbd           C:\Windows\system32\drivers\VMkbd.sys
15:36:38.0749 0x08c4  vmkbd - ok
15:36:38.0765 0x08c4  [ 18AA5F4A3B1204AD00045EE5AD39BCDB, 0211A8E94F169A2A52CD39CD580293907EBE104E52038DC36B988DE1CA7F2392 ] VMnetAdapter    C:\Windows\system32\DRIVERS\vmnetadapter.sys
15:36:38.0765 0x08c4  VMnetAdapter - ok
15:36:38.0780 0x08c4  [ 04CD4347CD9E8C40F78AD51F7FF426D0, BCA3E593E118BCA30142B23CD1CBE6905442D31C3DEB4C71B06D721E601F7BD8 ] VMnetBridge     C:\Windows\system32\DRIVERS\vmnetbridge.sys
15:36:38.0796 0x08c4  VMnetBridge - ok
15:36:38.0796 0x08c4  VMnetDHCP - ok
15:36:38.0827 0x08c4  [ 668C12E04D5AB4981864B12494AF907F, 20D94E5E060EB04558B39B33A81C989D7F9DB52C7378FECF9D430F1DC385E4E0 ] VMnetuserif     C:\Windows\system32\drivers\vmnetuserif.sys
15:36:38.0827 0x08c4  VMnetuserif - ok
15:36:38.0843 0x08c4  [ F347A28F63162FF82BDDAADC14935BA4, 44C11B483CCA161E7097ED74C819464FE99C1E6AA9B1AB6A637BACDA6EF48519 ] vmusb           C:\Windows\system32\DRIVERS\vmusb.sys
15:36:38.0858 0x08c4  vmusb - ok
15:36:38.0921 0x08c4  [ 093B967896BA9EF2ADFCD75E185B9DA9, 3D6F5FF56311D4B506D02F77620B80EDB54E6E560BDF53AC9F3CDBB037D0ACA0 ] VMUSBArbService C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
15:36:38.0952 0x08c4  VMUSBArbService - ok
15:36:38.0952 0x08c4  VMware NAT Service - ok
15:36:38.0968 0x08c4  [ EBAC38A198308359FD89C10704265E5E, 7C234FE34D6A65D754F8B2EA0458365997CF97B88779B01551E5227910943224 ] vmx86           C:\Windows\system32\drivers\vmx86.sys
15:36:38.0983 0x08c4  vmx86 - ok
15:36:38.0983 0x08c4  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
15:36:38.0999 0x08c4  volmgr - ok
15:36:39.0014 0x08c4  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
15:36:39.0030 0x08c4  volmgrx - ok
15:36:39.0061 0x08c4  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
15:36:39.0077 0x08c4  volsnap - ok
15:36:39.0092 0x08c4  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
15:36:39.0108 0x08c4  vsmraid - ok
15:36:39.0108 0x08c4  [ CB4D2E3C5E8BFA3CF6AFFF6DDC6CC70D, 32A891045AF36FEAC62373894B98ABDCEA437978BDE027169C22EBC2C72D586E ] vsock           C:\Windows\system32\drivers\vsock.sys
15:36:39.0124 0x08c4  vsock - ok
15:36:39.0186 0x08c4  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
15:36:39.0248 0x08c4  VSS - ok
15:36:39.0264 0x08c4  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
15:36:39.0295 0x08c4  vwifibus - ok
15:36:39.0326 0x08c4  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
15:36:39.0373 0x08c4  W32Time - ok
15:36:39.0404 0x08c4  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
15:36:39.0420 0x08c4  WacomPen - ok
15:36:39.0451 0x08c4  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
15:36:39.0467 0x08c4  WANARP - ok
15:36:39.0482 0x08c4  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
15:36:39.0498 0x08c4  Wanarpv6 - ok
15:36:39.0545 0x08c4  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
15:36:39.0670 0x08c4  wbengine - ok
15:36:39.0685 0x08c4  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
15:36:39.0716 0x08c4  WbioSrvc - ok
15:36:39.0748 0x08c4  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
15:36:39.0779 0x08c4  wcncsvc - ok
15:36:39.0794 0x08c4  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:36:39.0872 0x08c4  WcsPlugInService - ok
15:36:39.0888 0x08c4  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
15:36:39.0904 0x08c4  Wd - ok
15:36:39.0935 0x08c4  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
15:36:39.0966 0x08c4  Wdf01000 - ok
15:36:39.0997 0x08c4  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
15:36:40.0044 0x08c4  WdiServiceHost - ok
15:36:40.0044 0x08c4  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
15:36:40.0060 0x08c4  WdiSystemHost - ok
15:36:40.0091 0x08c4  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
15:36:40.0138 0x08c4  WebClient - ok
15:36:40.0153 0x08c4  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
15:36:40.0200 0x08c4  Wecsvc - ok
15:36:40.0216 0x08c4  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
15:36:40.0247 0x08c4  wercplsupport - ok
15:36:40.0262 0x08c4  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
15:36:40.0278 0x08c4  WerSvc - ok
15:36:40.0294 0x08c4  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
15:36:40.0325 0x08c4  WfpLwf - ok
15:36:40.0340 0x08c4  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
15:36:40.0340 0x08c4  WIMMount - ok
15:36:40.0356 0x08c4  WinDefend - ok
15:36:40.0372 0x08c4  WinHttpAutoProxySvc - ok
15:36:40.0418 0x08c4  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
15:36:40.0481 0x08c4  Winmgmt - ok
15:36:40.0590 0x08c4  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
15:36:40.0684 0x08c4  WinRM - ok
15:36:40.0746 0x08c4  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\drivers\WinUsb.sys
15:36:40.0762 0x08c4  WinUsb - ok
15:36:40.0824 0x08c4  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
15:36:40.0855 0x08c4  Wlansvc - ok
15:36:40.0886 0x08c4  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
15:36:40.0886 0x08c4  WmiAcpi - ok
15:36:40.0918 0x08c4  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
15:36:40.0918 0x08c4  wmiApSrv - ok
15:36:40.0949 0x08c4  WMPNetworkSvc - ok
15:36:40.0964 0x08c4  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
15:36:40.0980 0x08c4  WPCSvc - ok
15:36:41.0027 0x08c4  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
15:36:41.0058 0x08c4  WPDBusEnum - ok
15:36:41.0089 0x08c4  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
15:36:41.0136 0x08c4  ws2ifsl - ok
15:36:41.0152 0x08c4  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
15:36:41.0167 0x08c4  wscsvc - ok
15:36:41.0167 0x08c4  WSearch - ok
15:36:41.0276 0x08c4  [ 0814A74C853F50B354F08F83DDA9F7FB, 0A63BAA8DE451B8C2C71FEF961718E769B9BAC305C76D24048C664CB27D0DF28 ] wuauserv        C:\Windows\system32\wuaueng.dll
15:36:41.0666 0x08c4  wuauserv - ok
15:36:41.0713 0x08c4  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
15:36:41.0791 0x08c4  WudfPf - ok
15:36:41.0822 0x08c4  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\drivers\WUDFRd.sys
15:36:41.0869 0x08c4  WUDFRd - ok
15:36:41.0885 0x08c4  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
15:36:41.0916 0x08c4  wudfsvc - ok
15:36:41.0947 0x08c4  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
15:36:42.0010 0x08c4  WwanSvc - ok
15:36:42.0056 0x08c4  [ 64F88AF327AA74E03658AE32B48CCB8B, 52C8941D96F2EF89BBC4A4268DC59E5BC89AE2DAB199C13BBFF11C2606BE7FFA ] yukonw7         C:\Windows\system32\DRIVERS\yk62x64.sys
15:36:42.0103 0x08c4  yukonw7 - ok
15:36:42.0119 0x08c4  ================ Scan global ===============================
15:36:42.0166 0x08c4  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
15:36:42.0197 0x08c4  [ EA32F4EA3AE06EDD122FBCD5A489E457, C6E464170121D1714A367CFC80C5EA15D42AD34909039FDB114EAD3B878A47F6 ] C:\Windows\system32\winsrv.dll
15:36:42.0212 0x08c4  [ EA32F4EA3AE06EDD122FBCD5A489E457, C6E464170121D1714A367CFC80C5EA15D42AD34909039FDB114EAD3B878A47F6 ] C:\Windows\system32\winsrv.dll
15:36:42.0244 0x08c4  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
15:36:42.0275 0x08c4  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
15:36:42.0275 0x08c4  [ Global ] - ok
15:36:42.0275 0x08c4  ================ Scan MBR ==================================
15:36:42.0290 0x08c4  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:36:42.0524 0x08c4  \Device\Harddisk0\DR0 - ok
15:36:42.0540 0x08c4  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
15:36:42.0571 0x08c4  \Device\Harddisk1\DR1 - ok
15:36:42.0571 0x08c4  ================ Scan VBR ==================================
15:36:42.0571 0x08c4  [ C9B5C35980B07EC7467A73BD4AF8AEF9 ] \Device\Harddisk0\DR0\Partition1
15:36:42.0587 0x08c4  \Device\Harddisk0\DR0\Partition1 - ok
15:36:42.0587 0x08c4  [ 4330A224263685189FE9697220A99609 ] \Device\Harddisk1\DR1\Partition1
15:36:42.0634 0x08c4  \Device\Harddisk1\DR1\Partition1 - ok
15:36:42.0634 0x08c4  ================ Scan generic autorun ======================
15:36:42.0634 0x08c4  Nvtmru - ok
15:36:42.0649 0x08c4  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
15:36:42.0680 0x08c4  ShadowPlay - ok
15:36:42.0805 0x08c4  [ 05470C684B62C2F86325D8685E4513CB, EDE70A162AFA104D774AE1D8D3A077F2C12940851EC5BA785242F4032EEA902E ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
15:36:42.0852 0x08c4  NvBackend - ok
15:36:42.0883 0x08c4  [ 8784236EED5079493DA9FC95B28B89F8, E59C349B964F585C27F63FBF7C1B5D7C6CF8CC958BD35100A36D57542DC13972 ] C:\Windows\SYSTEM32\WerFault.exe
15:36:42.0899 0x08c4  *WerKernelReporting - ok
15:36:43.0055 0x08c4  [ 3A7A557842C12732541D3B739F3623F9, 36ADDE9800C8DA7661BF3FB2446F79EA0E9A6AD04324C923531D716857FACEC6 ] C:\Program Files (x86)\ASUS\TurboV\TurboV.exe
15:36:43.0148 0x08c4  TurboV - detected UnsignedFile.Multi.Generic ( 1 )
15:36:46.0034 0x08c4  Detect skipped due to KSN trusted
15:36:46.0034 0x08c4  TurboV - ok
15:36:46.0081 0x08c4  [ C2043BDBC6E22F1AB17C928E0C272201, 1D601902B665CD3B9532A73AC1985FD3C5716A9C28A9E95131CB7823F8022FA8 ] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
15:36:46.0128 0x08c4  SoundMAXPnP - ok
15:36:46.0159 0x08c4  [ 10035E4C014522FE740172FF0B4FF43E, B09DCF7E147990C723EF044FB064D8793D18131519D292D88B71920C127AEF86 ] C:\Windows\ehome\ehTray.exe
15:36:46.0190 0x08c4  ehTray.exe - ok
15:36:46.0284 0x08c4  [ 19A47361CAC553B2B53F39CC2F1C7EDE, C8A99C74250794609B1CF852912A08E02D0917A28A0C55B20CA8BB3730B0A9E1 ] C:\Program Files (x86)\EXPERTool\TBPanel.exe
15:36:46.0331 0x08c4  GAINWARD - ok
15:36:46.0440 0x08c4  [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
15:36:46.0502 0x08c4  Sidebar - ok
15:36:46.0658 0x08c4  [ A7124640B9F40494D0E8B5E6FD257929, 5358CC58C73F39486E04CF20F4FE666C836978E9105E3CC3565300B26BC98DE3 ] C:\Program Files (x86)\Analog Devices\SoundMAX\SoundMAX.exe
15:36:46.0768 0x08c4  SoundMax - detected UnsignedFile.Multi.Generic ( 1 )
15:36:49.0638 0x08c4  Detect skipped due to KSN trusted
15:36:49.0638 0x08c4  SoundMax - ok
15:36:49.0747 0x08c4  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] C:\Users\Robert\AppData\Local\Google\Update\GoogleUpdate.exe
15:36:49.0763 0x08c4  Google Update - ok
15:36:49.0841 0x08c4  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:36:49.0872 0x08c4  Sidebar - ok
15:36:49.0888 0x08c4  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:36:49.0919 0x08c4  mctadmin - ok
15:36:49.0919 0x08c4  Waiting for KSN requests completion. In queue: 7
15:36:50.0933 0x08c4  Waiting for KSN requests completion. In queue: 7
15:36:51.0947 0x08c4  Waiting for KSN requests completion. In queue: 7
15:36:53.0008 0x08c4  AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\wmiav.exe ( 14.0.0.4651 ), 0x41000 ( enabled : updated )
15:36:53.0008 0x08c4  FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\wmifw.exe ( 14.0.0.4651 ), 0x41010 ( enabled )
15:37:06.0767 0x08c4  ============================================================
15:37:06.0767 0x08c4  Scan finished
15:37:06.0767 0x08c4  ============================================================
15:37:06.0767 0x0adc  Detected object count: 0
15:37:06.0767 0x0adc  Actual detected object count: 0

Alt 04.05.2015, 11:23   #7
schrauber
/// the machine
/// TB-Ausbilder
 
Windows 7: Spiele starten nicht mehr und PC starten funktioniert manchmal nicht - Standard

Windows 7: Spiele starten nicht mehr und PC starten funktioniert manchmal nicht


hi,

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 04.05.2015, 12:45   #8
Necro0
 
Windows 7: Spiele starten nicht mehr und PC starten funktioniert manchmal nicht - Standard

Windows 7: Spiele starten nicht mehr und PC starten funktioniert manchmal nicht


Hi schrauber,

Hier der Combofix log

Code:
ATTFilter
ComboFix 15-04-28.01 - Admin 04.05.2015  12:58:16.1.8 - x64
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.49.1031.18.6135.3439 [GMT 2:00]
ausgeführt von:: c:\users\Robert\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *Disabled/Updated* {179979E8-273D-D14E-0543-2861940E4886}
FW: Kaspersky Internet Security *Disabled* {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
SP: Kaspersky Internet Security *Disabled/Updated* {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\ntuser.pol
.
.
(((((((((((((((((((((((   Dateien erstellt von 2015-04-04 bis 2015-05-04  ))))))))))))))))))))))))))))))
.
.
2015-05-03 13:03 . 2015-05-03 13:33	--------	d-----w-	c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-05-03 00:13 . 2015-02-04 00:00	608072	----a-w-	c:\windows\SysWow64\nvStreaming.exe
2015-05-02 15:14 . 2015-05-02 23:40	--------	d-----w-	C:\FRST
2015-05-01 15:47 . 2015-05-01 15:47	--------	d-sh--w-	c:\users\Admin\AppData\Local\EmieBrowserModeList
2015-05-01 15:02 . 2015-04-04 06:25	12032440	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{0C02DE10-A76D-450F-AEA4-7D9D5EA3F8AF}\mpengine.dll
2015-04-15 00:18 . 2015-04-15 00:18	--------	d-----w-	c:\program files (x86)\Common Files\Skype
2015-04-14 20:53 . 2015-03-04 04:55	367552	----a-w-	c:\windows\system32\clfs.sys
2015-04-14 20:53 . 2015-03-04 04:41	79360	----a-w-	c:\windows\system32\clfsw32.dll
2015-04-14 20:53 . 2015-03-04 04:10	58880	----a-w-	c:\windows\SysWow64\clfsw32.dll
2015-04-07 01:00 . 2015-04-07 01:00	--------	d-s---w-	c:\windows\system32\GWX
2015-04-07 01:00 . 2015-04-07 01:00	--------	d-s---w-	c:\windows\SysWow64\GWX
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-05-03 13:17 . 2014-05-24 12:30	136408	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-05-03 13:17 . 2014-05-24 12:30	107736	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2015-04-14 23:58 . 2010-01-14 16:47	128913832	----a-w-	c:\windows\system32\MRT.exe
2015-04-14 07:37 . 2014-05-24 12:30	63704	----a-w-	c:\windows\system32\drivers\mwac.sys
2015-04-14 07:37 . 2014-01-26 13:10	25816	----a-w-	c:\windows\system32\drivers\mbam.sys
2015-03-17 04:56 . 2015-04-14 20:54	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2015-03-04 04:41 . 2015-05-03 00:07	309248	----a-w-	c:\windows\apppatch\AppPatch64\AcGenral.dll
2015-03-04 04:41 . 2015-05-03 00:07	103424	----a-w-	c:\windows\apppatch\AppPatch64\acspecfc.dll
2015-03-04 04:10 . 2015-05-03 00:07	470528	----a-w-	c:\windows\apppatch\AcSpecfc.dll
2015-03-04 04:10 . 2015-05-03 00:07	2178560	----a-w-	c:\windows\apppatch\AcGenral.dll
2015-03-04 04:06 . 2015-05-03 00:07	2560	----a-w-	c:\windows\apppatch\AcRes.dll
2015-02-26 03:25 . 2015-03-12 20:16	3204096	----a-w-	c:\windows\system32\win32k.sys
2015-02-24 02:17 . 2009-10-03 00:08	295552	------w-	c:\windows\system32\MpSigStub.exe
2015-02-20 04:41 . 2015-03-12 20:18	41984	----a-w-	c:\windows\system32\lpk.dll
2015-02-20 04:40 . 2015-03-12 20:18	100864	----a-w-	c:\windows\system32\fontsub.dll
2015-02-20 04:40 . 2015-03-12 20:18	14336	----a-w-	c:\windows\system32\dciman32.dll
2015-02-20 04:40 . 2015-03-12 20:18	46080	----a-w-	c:\windows\system32\atmlib.dll
2015-02-20 04:13 . 2015-03-12 20:18	70656	----a-w-	c:\windows\SysWow64\fontsub.dll
2015-02-20 04:13 . 2015-03-12 20:18	10240	----a-w-	c:\windows\SysWow64\dciman32.dll
2015-02-20 04:13 . 2015-03-12 20:18	34304	----a-w-	c:\windows\SysWow64\atmlib.dll
2015-02-20 04:12 . 2015-03-12 20:18	25600	----a-w-	c:\windows\SysWow64\lpk.dll
2015-02-20 03:29 . 2015-03-12 20:18	372224	----a-w-	c:\windows\system32\atmfd.dll
2015-02-20 03:09 . 2015-03-12 20:18	299008	----a-w-	c:\windows\SysWow64\atmfd.dll
2015-02-19 22:43 . 2015-02-19 22:43	18634072	----a-w-	c:\windows\system32\nvwgf2umx.dll
2015-02-19 22:43 . 2014-08-04 03:48	16128576	----a-w-	c:\windows\SysWow64\nvwgf2um.dll
2015-02-19 22:43 . 2015-02-19 22:43	13916280	----a-w-	c:\windows\system32\nvopencl.dll
2015-02-19 22:43 . 2015-02-19 22:43	31515280	----a-w-	c:\windows\system32\nvoglv64.dll
2015-02-19 22:43 . 2015-02-19 22:43	11272240	----a-w-	c:\windows\SysWow64\nvopencl.dll
2015-02-19 22:43 . 2015-02-19 22:43	24198856	----a-w-	c:\windows\SysWow64\nvoglv32.dll
2015-02-19 22:43 . 2015-02-19 22:43	12894024	----a-w-	c:\windows\system32\drivers\nvlddmkm.sys
2015-02-19 22:43 . 2015-02-19 22:43	944328	----a-w-	c:\windows\system32\NvIFR64.dll
2015-02-19 22:43 . 2015-02-19 22:43	907464	----a-w-	c:\windows\SysWow64\NvIFR.dll
2015-02-19 22:43 . 2015-02-19 22:43	902344	----a-w-	c:\windows\system32\NvFBC64.dll
2015-02-19 22:43 . 2015-02-19 22:43	870032	----a-w-	c:\windows\SysWow64\NvFBC.dll
2015-02-19 22:43 . 2015-02-19 22:43	1907400	----a-w-	c:\windows\system32\nvdispco6434144.dll
2015-02-19 22:43 . 2015-02-19 22:43	1555656	----a-w-	c:\windows\system32\nvdispgenco6434144.dll
2015-02-19 22:43 . 2014-08-04 03:48	14497568	----a-w-	c:\windows\SysWow64\nvd3dum.dll
2015-02-19 22:43 . 2014-05-28 22:26	17559432	----a-w-	c:\windows\system32\nvd3dumx.dll
2015-02-19 22:43 . 2015-02-19 22:43	4244680	----a-w-	c:\windows\system32\nvcuvid.dll
2015-02-19 22:43 . 2015-02-19 22:43	3987600	----a-w-	c:\windows\SysWow64\nvcuvid.dll
2015-02-19 22:43 . 2015-02-19 22:43	13828032	----a-w-	c:\windows\system32\nvcuda.dll
2015-02-19 22:43 . 2015-02-19 22:43	11209192	----a-w-	c:\windows\SysWow64\nvcuda.dll
2015-02-19 22:43 . 2015-02-19 22:43	15294280	----a-w-	c:\windows\SysWow64\nvcompiler.dll
2015-02-19 22:42 . 2015-02-19 22:42	22993224	----a-w-	c:\windows\system32\nvcompiler.dll
2015-02-19 22:42 . 2009-09-27 14:12	3209736	----a-w-	c:\windows\system32\nvapi64.dll
2015-02-19 22:42 . 2009-09-27 14:12	2823992	----a-w-	c:\windows\SysWow64\nvapi.dll
2015-02-13 05:22 . 2015-03-12 20:17	14177280	----a-w-	c:\windows\system32\shell32.dll
2015-02-04 10:23 . 2015-02-04 10:23	875688	----a-w-	c:\windows\SysWow64\msvcr120_clr0400.dll
2015-02-04 10:13 . 2015-02-04 10:13	869536	----a-w-	c:\windows\system32\msvcr120_clr0400.dll
2015-02-04 03:16 . 2015-03-12 20:16	465920	----a-w-	c:\windows\system32\WMPhoto.dll
2015-02-04 02:54 . 2015-03-12 20:16	417792	----a-w-	c:\windows\SysWow64\WMPhoto.dll
2015-02-04 02:21 . 2010-10-16 11:13	6782152	----a-w-	c:\windows\system32\nvcpl.dll
2015-02-04 02:21 . 2010-10-16 11:13	3522376	----a-w-	c:\windows\system32\nvsvc64.dll
2015-02-04 02:21 . 2010-10-16 11:13	932040	----a-w-	c:\windows\system32\nvvsvc.exe
2015-02-04 02:21 . 2010-10-16 11:13	2558792	----a-w-	c:\windows\system32\nvsvcr.dll
2015-02-04 02:21 . 2009-05-01 00:46	62792	----a-w-	c:\windows\system32\nvshext.dll
2015-02-04 02:21 . 2010-10-16 11:13	384200	----a-w-	c:\windows\system32\nvmctray.dll
2015-02-03 16:18 . 2014-05-28 22:30	4229086	----a-w-	c:\windows\system32\nvcoproc.bin
2012-07-03 14:41 . 2011-07-06 18:20	168864	----a-w-	c:\program files\Common Files\WireHelpSvc.exe
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files (x86)\Windows Sidebar\Sidebar.exe" [2010-11-20 1174016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"TurboV"="c:\program files (x86)\ASUS\TurboV\TurboV.exe" [2008-10-21 4040192]
"SoundMAXPnP"="c:\program files (x86)\Analog Devices\Core\smax4pnp.exe" [2008-04-15 1310720]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-03-17 224128]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
c:\users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
CurseClientStartup.ccip [2014-1-30 0]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Logitech SetPoint.lnk - c:\program files (x86)\Logitech\SetPoint\SetPoint.exe [2009-8-13 1207312]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableSecureUIAPath"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"DivXMediaServer"=c:\program files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.00\AsSysCtrlService.exe;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.00\AsSysCtrlService.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 cjusb;REINER SCT cyberJack USB Driver;c:\windows\system32\DRIVERS\cjusb.sys;c:\windows\SYSNATIVE\DRIVERS\cjusb.sys [x]
R3 ESLvnic1;ESLvnic Virtual Network 64 Bit;c:\windows\system32\DRIVERS\ESLvnic.sys;c:\windows\SYSNATIVE\DRIVERS\ESLvnic.sys [x]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 KOBCCID;KOBCCID;c:\windows\system32\drivers\KOBCCID.sys;c:\windows\SYSNATIVE\drivers\KOBCCID.sys [x]
R3 LADF_DHP2;G35 DHP2 Filter Driver;c:\windows\system32\DRIVERS\ladfDHP2amd64.sys;c:\windows\SYSNATIVE\DRIVERS\ladfDHP2amd64.sys [x]
R3 LADF_SBVM;G35 SBVM Filter Driver;c:\windows\system32\DRIVERS\ladfSBVMamd64.sys;c:\windows\SYSNATIVE\DRIVERS\ladfSBVMamd64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 ScreamBAudioSvc;ScreamBee Audio;c:\windows\system32\drivers\ScreamingBAudio64.sys;c:\windows\SYSNATIVE\drivers\ScreamingBAudio64.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 UPnPService;UPnPService;c:\program files (x86)\Common Files\MAGIX Shared\UPnPService\UPnPService.exe;c:\program files (x86)\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VaneFltr;Lachesis Mouse Driver;c:\windows\system32\drivers\Lachesis.sys;c:\windows\SYSNATIVE\drivers\Lachesis.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R4 klflt;klflt;c:\windows\system32\DRIVERS\klflt.sys;c:\windows\SYSNATIVE\DRIVERS\klflt.sys [x]
S0 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys;c:\windows\SYSNATIVE\DRIVERS\vmci.sys [x]
S0 vsock;vSockets Driver;c:\windows\system32\drivers\vsock.sys;c:\windows\SYSNATIVE\drivers\vsock.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
S1 klpd;klpd;c:\windows\system32\DRIVERS\klpd.sys;c:\windows\SYSNATIVE\DRIVERS\klpd.sys [x]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys;c:\windows\SYSNATIVE\DRIVERS\kltdi.sys [x]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys;c:\windows\SYSNATIVE\DRIVERS\kneps.sys [x]
S2 cjpcsc;cyberJack PC/SC COM Service ;c:\windows\SysWOW64\cjpcsc.exe;c:\windows\SysWOW64\cjpcsc.exe [x]
S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [x]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys;c:\windows\SYSNATIVE\drivers\npf.sys [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [x]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\klkbdflt.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*Deregistered* - KLBG
.
Inhalt des "geplante Tasks" Ordners
.
2015-05-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-09 18:37]
.
2015-05-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-908869703-3165420859-1136871304-1000Core.job
- c:\users\Robert\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-16 13:20]
.
2015-05-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-908869703-3165420859-1136871304-1000UA.job
- c:\users\Robert\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-16 13:20]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-07-25 1283136]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-07-25 2403104]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"*WerKernelReporting"="c:\windows\SYSTEM32\WerFault.exe" [2009-07-14 415232]
.
------- Zusätzlicher Suchlauf -------
.
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Zu Anti-Banner hinzufügen - c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ie_banner_deny.htm
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - 
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM-Run-Nvtmru - c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{95B7759C-8C7F-4BF1-B163-73684A933233}"=hex:51,66,7a,6c,4c,1d,38,12,f2,76,a4,
   91,4d,c2,9f,0e,ce,75,30,28,4f,cd,76,27
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
   1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{326E768D-4182-46FD-9C16-1449A49795F4}"=hex:51,66,7a,6c,4c,1d,38,12,e3,75,7d,
   36,b0,0f,93,03,e3,00,57,09,a1,c9,d1,e0
"{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}"=hex:51,66,7a,6c,4c,1d,38,12,da,39,34,
   5d,e1,a9,97,05,de,be,2c,e9,c9,ff,c2,38
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
   94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}"=hex:51,66,7a,6c,4c,1d,38,12,07,5b,93,
   aa,6e,60,ba,0b,f0,6d,b2,b7,80,44,00,83
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
   df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{E33CF602-D945-461A-83F0-819F76A199F8}"=hex:51,66,7a,6c,4c,1d,38,12,6c,f5,2f,
   e7,77,97,74,03,fc,e6,c2,df,73,ff,dd,ec
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:45,db,33,83,59,26,cd,01
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{03a16c15-e889-4886-9e08-4f2b34ebe626}]
@DACL=(02 0000)
@="Shell Icon Handler For Curse Client Install Package"
"DeploymentProviderUrl"="hxxp://clientupdate-v5.curse.com/CurseClient.application"
"IconFile"="ClientIcons\\CCIP.ico"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{03a16c15-e889-4886-9e08-4f2b34ebe626}\InProcServer32]
@DACL=(02 0000)
@="dfshim.dll"
"ThreadingModel"="Apartment"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{052dc0fb-a6f0-4b19-b059-94a80609d30f}]
@DACL=(02 0000)
@="Shell Icon Handler For Curse Client Install Package"
"DeploymentProviderUrl"="hxxp://clientupdate-v5.curse.com/CurseClient.application"
"IconFile"="ClientIcons\\CCIP.ico"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{052dc0fb-a6f0-4b19-b059-94a80609d30f}\InProcServer32]
@DACL=(02 0000)
@="dfshim.dll"
"ThreadingModel"="Apartment"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{0a47ba4e-e665-4760-a23b-30bbb1b6aded}]
@DACL=(02 0000)
@="Shell Icon Handler For Curse Client Install Package"
"DeploymentProviderUrl"="hxxp://clientupdate-v5.curse.com/CurseClient.application"
"IconFile"="ClientIcons\\CCIP.ico"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{0a47ba4e-e665-4760-a23b-30bbb1b6aded}\InProcServer32]
@DACL=(02 0000)
@="dfshim.dll"
"ThreadingModel"="Apartment"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{0c9106a8-576d-4413-82fa-3d242359c9aa}]
@DACL=(02 0000)
@="Shell Icon Handler For Curse Client Install Package"
"DeploymentProviderUrl"="hxxp://clientupdate-v5.curse.com/CurseClient.application"
"IconFile"="ClientIcons\\CCIP.ico"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{0c9106a8-576d-4413-82fa-3d242359c9aa}\InProcServer32]
@DACL=(02 0000)
@="dfshim.dll"
"ThreadingModel"="Apartment"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{0d91466e-5010-44f2-ad14-250f4a41f84b}]
@DACL=(02 0000)
@="Shell Icon Handler For Curse Client Install Package"
"DeploymentProviderUrl"="hxxp://clientupdate-v5.curse.com/CurseClient.application"
"IconFile"="ClientIcons\\CCIP.ico"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{0d91466e-5010-44f2-ad14-250f4a41f84b}\InProcServer32]
@DACL=(02 0000)
@="dfshim.dll"
"ThreadingModel"="Apartment"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{14dafb24-b8ca-4b12-8504-8045931e2373}]
@DACL=(02 0000)
@="Shell Icon Handler For Curse Client Install Package"
"DeploymentProviderUrl"="hxxp://clientupdate-v5.curse.com/CurseClient.application"
"IconFile"="ClientIcons\\CCIP.ico"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{14dafb24-b8ca-4b12-8504-8045931e2373}\InProcServer32]
@DACL=(02 0000)
@="dfshim.dll"
"ThreadingModel"="Apartment"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{1593e8cd-b844-4047-8d2b-ab7969eb8359}]
@DACL=(02 0000)
@="Shell Icon Handler For Curse Client Install Package"
"DeploymentProviderUrl"="hxxp://clientupdate-v5.curse.com/CurseClient.application"
"IconFile"="ClientIcons\\CCIP.ico"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{1593e8cd-b844-4047-8d2b-ab7969eb8359}\InProcServer32]
@DACL=(02 0000)
@="dfshim.dll"
"ThreadingModel"="Apartment"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{18cb739e-5746-4f12-802f-9b1a50f8703d}]
@DACL=(02 0000)
@="Shell Icon Handler For Curse Client Install Package"
"DeploymentProviderUrl"="hxxp://clientupdate-v5.curse.com/CurseClient.application"
"IconFile"="ClientIcons\\CCIP.ico"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{18cb739e-5746-4f12-802f-9b1a50f8703d}\InProcServer32]
@DACL=(02 0000)
@="dfshim.dll"
"ThreadingModel"="Apartment"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{1ad03479-a3d4-4981-8195-21e0a752dda0}]
@DACL=(02 0000)
@="Shell Icon Handler For Curse Client Install Package"
"DeploymentProviderUrl"="hxxp://clientupdate-v5.curse.com/CurseClient.application"
"IconFile"="ClientIcons\\CCIP.ico"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{1ad03479-a3d4-4981-8195-21e0a752dda0}\InProcServer32]
@DACL=(02 0000)
@="dfshim.dll"
"ThreadingModel"="Apartment"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{1b7467c4-faf8-4379-9471-f1dbafd9e8c4}]
@DACL=(02 0000)
@="Shell Icon Handler For Curse Client Install Package"
"DeploymentProviderUrl"="hxxp://clientupdate-v5.curse.com/CurseClient.application"
"IconFile"="ClientIcons\\CCIP.ico"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{1b7467c4-faf8-4379-9471-f1dbafd9e8c4}\InProcServer32]
@DACL=(02 0000)
@="dfshim.dll"
"ThreadingModel"="Apartment"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{2eb98ce4-f660-4df4-80a4-8f09800c9144}]
@DACL=(02 0000)
@="Shell Icon Handler For Curse Client Install Package"
"DeploymentProviderUrl"="hxxp://clientupdate-v5.curse.com/CurseClient.application"
"IconFile"="ClientIcons\\CCIP.ico"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{2eb98ce4-f660-4df4-80a4-8f09800c9144}\InProcServer32]
@DACL=(02 0000)
@="dfshim.dll"
"ThreadingModel"="Apartment"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{377c3c20-8bc0-47ab-ba0c-8ad13b1bf3b6}]
@DACL=(02 0000)
@="Shell Icon Handler For Curse Client Install Package"
"DeploymentProviderUrl"="hxxp://clientupdate-v5.curse.com/CurseClient.application"
"IconFile"="ClientIcons\\CCIP.ico"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{377c3c20-8bc0-47ab-ba0c-8ad13b1bf3b6}\InProcServer32]
@DACL=(02 0000)
@="dfshim.dll"
"ThreadingModel"="Apartment"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{3ca82141-4752-4b00-a32f-eb95a1357b05}]
@DACL=(02 0000)
@="Shell Icon Handler For Curse Client Install Package"
"DeploymentProviderUrl"="hxxp://clientupdate-v5.curse.com/CurseClient.application"
"IconFile"="ClientIcons\\CCIP.ico"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{3ca82141-4752-4b00-a32f-eb95a1357b05}\InProcServer32]
@DACL=(02 0000)
@="dfshim.dll"
"ThreadingModel"="Apartment"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{3fe2673d-d0b6-4d76-a06c-4f894140af8f}]
@DACL=(02 0000)
@="Shell Icon Handler For Curse Client Install Package"
"DeploymentProviderUrl"="hxxp://clientupdate-v5.curse.com/CurseClient.application"
"IconFile"="ClientIcons\\CCIP.ico"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{3fe2673d-d0b6-4d76-a06c-4f894140af8f}\InProcServer32]
@DACL=(02 0000)
@="dfshim.dll"
"ThreadingModel"="Apartment"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{49b5347a-e59b-4ebc-a85c-41da0249c2fb}]
@DACL=(02 0000)
@="Shell Icon Handler For Curse Client Install Package"
"DeploymentProviderUrl"="hxxp://clientupdate-v5.curse.com/CurseClient.application"
"IconFile"="ClientIcons\\CCIP.ico"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{49b5347a-e59b-4ebc-a85c-41da0249c2fb}\InProcServer32]
@DACL=(02 0000)
@="dfshim.dll"
"ThreadingModel"="Apartment"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{4e831853-bb1f-415e-a921-5d5a56a4ca78}]
@DACL=(02 0000)
@="Shell Icon Handler For Curse Client Install Package"
"DeploymentProviderUrl"="hxxp://clientupdate-v5.curse.com/CurseClient.application"
"IconFile"="ClientIcons\\CCIP.ico"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{4e831853-bb1f-415e-a921-5d5a56a4ca78}\InProcServer32]
@DACL=(02 0000)
@="dfshim.dll"
"ThreadingModel"="Apartment"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{601087a2-45fa-46da-b142-6eb91b8c7eef}]
@DACL=(02 0000)
@="Shell Icon Handler For Curse Client Install Package"
"DeploymentProviderUrl"="hxxp://clientupdate-v5.curse.com/CurseClient.application"
"IconFile"="ClientIcons\\CCIP.ico"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{601087a2-45fa-46da-b142-6eb91b8c7eef}\InProcServer32]
@DACL=(02 0000)
@="dfshim.dll"
"ThreadingModel"="Apartment"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{6662b765-a138-4f68-a1f2-175754ce7ec5}]
@DACL=(02 0000)
@="Shell Icon Handler For Curse Client Install Package"
"DeploymentProviderUrl"="hxxp://clientupdate-v5.curse.com/CurseClient.application"
"IconFile"="ClientIcons\\CCIP.ico"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{6662b765-a138-4f68-a1f2-175754ce7ec5}\InProcServer32]
@DACL=(02 0000)
@="dfshim.dll"
"ThreadingModel"="Apartment"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{6960ee1e-05fd-4f08-ad5e-004970c5322c}]
@DACL=(02 0000)
@="Shell Icon Handler For Curse Client Install Package"
"DeploymentProviderUrl"="hxxp://clientupdate-v5.curse.com/CurseClient.application"
"IconFile"="ClientIcons\\CCIP.ico"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{6960ee1e-05fd-4f08-ad5e-004970c5322c}\InProcServer32]
@DACL=(02 0000)
@="dfshim.dll"
"ThreadingModel"="Apartment"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{6d1eeb60-ae5a-4cdd-b57b-b4ab72871e41}]
@DACL=(02 0000)
@="Shell Icon Handler For Curse Client Install Package"
"DeploymentProviderUrl"="hxxp://clientupdate-v5.curse.com/CurseClient.application"
"IconFile"="ClientIcons\\CCIP.ico"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{6d1eeb60-ae5a-4cdd-b57b-b4ab72871e41}\InProcServer32]
@DACL=(02 0000)
@="dfshim.dll"
"ThreadingModel"="Apartment"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{714efa1d-7bbb-45a9-9080-fb3f14e15df8}]
@DACL=(02 0000)
@="Shell Icon Handler For Curse Client Install Package"
"DeploymentProviderUrl"="hxxp://clientupdate-v5.curse.com/CurseClient.application"
"IconFile"="ClientIcons\\CCIP.ico"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{714efa1d-7bbb-45a9-9080-fb3f14e15df8}\InProcServer32]
@DACL=(02 0000)
@="dfshim.dll"
"ThreadingModel"="Apartment"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{7659aa1e-73b3-48ea-a3d5-bee8deb84c53}]
@DACL=(02 0000)
@="Shell Icon Handler For Curse Client Install Package"
"DeploymentProviderUrl"="hxxp://clientupdate-v5.curse.com/CurseClient.application"
"IconFile"="ClientIcons\\CCIP.ico"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{7659aa1e-73b3-48ea-a3d5-bee8deb84c53}\InProcServer32]
@DACL=(02 0000)
@="dfshim.dll"
"ThreadingModel"="Apartment"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{7D4733C0-C43B-4A81-AF43-F9B20D1F8348}]
@DACL=(02 0000)
@="client Object"
"AppID"="{5732DDC8-74AD-4C63-B44C-B13382FBAA07}"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{7D4733C0-C43B-4A81-AF43-F9B20D1F8348}\ProgID]
@DACL=(02 0000)
@="octoshapeplugin.client.1"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{7D4733C0-C43B-4A81-AF43-F9B20D1F8348}\Programmable]
@DACL=(02 0000)
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{7D4733C0-C43B-4A81-AF43-F9B20D1F8348}\VersionIndependentProgID]
@DACL=(02 0000)
@="octoshapeplugin.client"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{8d9e17f4-78a5-4723-9b7a-13090bcb3073}]
@DACL=(02 0000)
@="Shell Icon Handler For Curse Client Install Package"
"DeploymentProviderUrl"="hxxp://clientupdate-v5.curse.com/CurseClient.application"
"IconFile"="ClientIcons\\CCIP.ico"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{8d9e17f4-78a5-4723-9b7a-13090bcb3073}\InProcServer32]
@DACL=(02 0000)
@="dfshim.dll"
"ThreadingModel"="Apartment"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{960cb439-3ed3-48e7-836b-1a42b4bc0b38}]
@DACL=(02 0000)
@="Shell Icon Handler For Curse Client Install Package"
"DeploymentProviderUrl"="hxxp://clientupdate-v5.curse.com/CurseClient.application"
"IconFile"="ClientIcons\\CCIP.ico"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{960cb439-3ed3-48e7-836b-1a42b4bc0b38}\InProcServer32]
@DACL=(02 0000)
@="dfshim.dll"
"ThreadingModel"="Apartment"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{9E385F0A-0BA2-430C-96AA-4399C5E40F6C}]
@DACL=(02 0000)
@=""
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{9E385F0A-0BA2-430C-96AA-4399C5E40F6C}\LocalServer32]
@DACL=(02 0000)
@="c:\\PROGRA~2\\Skype\\Phone\\Skype.exe"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{9E385F0A-0BA2-430C-96AA-4399C5E40F6C}\ProgID]
@DACL=(02 0000)
@="Skype.Detection"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{9E385F0A-0BA2-430C-96AA-4399C5E40F6C}\Version]
@DACL=(02 0000)
@="1.0"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{a192fab3-d318-44b0-af95-bdd88a5c031b}]
@DACL=(02 0000)
@="Shell Icon Handler For Curse Client Install Package"
"DeploymentProviderUrl"="hxxp://clientupdate-v5.curse.com/CurseClient.application"
"IconFile"="ClientIcons\\CCIP.ico"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{a192fab3-d318-44b0-af95-bdd88a5c031b}\InProcServer32]
@DACL=(02 0000)
@="dfshim.dll"
"ThreadingModel"="Apartment"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{ae78a4d7-ac43-498c-8b03-5934aad8da38}]
@DACL=(02 0000)
@="Shell Icon Handler For Curse Client Install Package"
"DeploymentProviderUrl"="hxxp://clientupdate-v5.curse.com/CurseClient.application"
"IconFile"="ClientIcons\\CCIP.ico"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{ae78a4d7-ac43-498c-8b03-5934aad8da38}\InProcServer32]
@DACL=(02 0000)
@="dfshim.dll"
"ThreadingModel"="Apartment"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{b36a069e-aa46-467a-9aef-433b78b82d78}]
@DACL=(02 0000)
@="Shell Icon Handler For Curse Client Install Package"
"DeploymentProviderUrl"="hxxp://clientupdate-v5.curse.com/CurseClient.application"
"IconFile"="ClientIcons\\CCIP.ico"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{b36a069e-aa46-467a-9aef-433b78b82d78}\InProcServer32]
@DACL=(02 0000)
@="dfshim.dll"
"ThreadingModel"="Apartment"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{bcfa6e70-42b9-4186-bc14-deda073c6eba}]
@DACL=(02 0000)
@="Shell Icon Handler For Curse Client Install Package"
"DeploymentProviderUrl"="hxxp://clientupdate-v5.curse.com/CurseClient.application"
"IconFile"="ClientIcons\\CCIP.ico"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{bcfa6e70-42b9-4186-bc14-deda073c6eba}\InProcServer32]
@DACL=(02 0000)
@="dfshim.dll"
"ThreadingModel"="Apartment"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{c70f00b8-de63-462b-95d2-c580b43c201e}]
@DACL=(02 0000)
@="Shell Icon Handler For Curse Client Install Package"
"DeploymentProviderUrl"="hxxp://clientupdate-v5.curse.com/CurseClient.application"
"IconFile"="ClientIcons\\CCIP.ico"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{c70f00b8-de63-462b-95d2-c580b43c201e}\InProcServer32]
@DACL=(02 0000)
@="dfshim.dll"
"ThreadingModel"="Apartment"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{c8c8d114-2cb6-4c40-96d4-ccbe2196ab5c}]
@DACL=(02 0000)
@="Shell Icon Handler For Curse Client Install Package"
"DeploymentProviderUrl"="hxxp://clientupdate-v5.curse.com/CurseClient.application"
"IconFile"="ClientIcons\\CCIP.ico"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{c8c8d114-2cb6-4c40-96d4-ccbe2196ab5c}\InProcServer32]
@DACL=(02 0000)
@="dfshim.dll"
"ThreadingModel"="Apartment"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{c9d24b5c-6006-435f-93f6-7ba0aff8795a}]
@DACL=(02 0000)
@="Shell Icon Handler For Curse Client Install Package"
"DeploymentProviderUrl"="hxxp://clientupdate-v5.curse.com/CurseClient.application"
"IconFile"="ClientIcons\\CCIP.ico"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{c9d24b5c-6006-435f-93f6-7ba0aff8795a}\InProcServer32]
@DACL=(02 0000)
@="dfshim.dll"
"ThreadingModel"="Apartment"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{c9f50843-f825-4682-a008-2ac9cd9441b7}]
@DACL=(02 0000)
@="Shell Icon Handler For Curse Client Install Package"
"DeploymentProviderUrl"="hxxp://clientupdate-v5.curse.com/CurseClient.application"
"IconFile"="ClientIcons\\CCIP.ico"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{c9f50843-f825-4682-a008-2ac9cd9441b7}\InProcServer32]
@DACL=(02 0000)
@="dfshim.dll"
"ThreadingModel"="Apartment"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.0_03"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.0_04"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.0_05"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_01"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_01"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_02"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_02"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_03"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_03"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_04"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_04"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_05"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_05"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_06"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_06"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_07"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_07"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_08"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_08"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_09"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_09"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_10"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_10"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_11"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_11"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_12"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_12"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_13"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_13"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_14"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_14"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_15"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_15"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_16"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_16"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_17"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_17"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_18"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_18"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_19"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_19"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_20"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_20"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_21"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_21"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_01"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_01"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_02"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_02"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_03"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_03"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_04"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_04"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_01"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_01"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_02"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_02"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_03"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_03"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_04"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_04"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_05"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_05"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_06"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_06"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_07"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_07"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_01"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_01"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_02"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_02"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_03"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_03"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_04"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_04"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_05"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_05"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_06"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_06"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_07"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_07"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_08"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_08"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_09"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_09"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_10"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_10"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_11"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_11"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_12"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_12"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_13"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_13"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_14"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_14"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_15"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_15"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_16"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_16"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_17"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_17"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_18"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_18"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_19"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_19"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_20"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_20"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_21"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_21"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_22"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_22"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_23"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_23"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_24"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_24"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_25"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_25"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_26"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_26"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_27"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_27"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_28"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_28"
.
Der Log passte leider nicht in einen Beitrag deshal splitte ich ihn in 2.
Zusätzlich füge ich ihn hier noch als zip an.

Alt 04.05.2015, 12:48   #9
Necro0
 
Windows 7: Spiele starten nicht mehr und PC starten funktioniert manchmal nicht - Standard

Windows 7: Spiele starten nicht mehr und PC starten funktioniert manchmal nicht


Code:
ATTFilter
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_29"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_29"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_30"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_30"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_31"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_31"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0032-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_32"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0032-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_32"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0033-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_33"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0033-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_33"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_34"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_34"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0035-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_35"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0035-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_35"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0036-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_36"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0036-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_36"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0037-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_37"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0037-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_37"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0038-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_38"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0038-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_38"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0039-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_39"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0039-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_39"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0040-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_40"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0040-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_40"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0041-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_41"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0041-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_41"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0042-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_42"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0042-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_42"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0043-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_43"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0043-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_43"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0014-0002-FFFF-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_01"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_01"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_01"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_02"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_02"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_02"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_03"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_03"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_03"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_04"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_04"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_04"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_05"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_05"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_05"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_06"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_06"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_06"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_07"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_07"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_07"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_08"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_08"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_08"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_09"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_09"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_09"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_10"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_10"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_10"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_11"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_11"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_11"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_12"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_12"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_12"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_13"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_13"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_13"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_14"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_14"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_14"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_15"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_15"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_15"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_16"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_16"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_16"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_17"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_17"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_17"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_18"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_18"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_18"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_19"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_19"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_19"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_20"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_20"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_20"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_21"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_21"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_21"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_22"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_22"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_22"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_23"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_23"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_23"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_24"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_24"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_24"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_25"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_25"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_25"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_26"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_26"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_26"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_27"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_27"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_27"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_28"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_28"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_28"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_29"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_29"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_29"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_30"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_30"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_30"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_31"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_31"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_31"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_32"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_32"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_32"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_33"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_33"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_33"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_34"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_34"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_34"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_35"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_35"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_35"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_36"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_36"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_36"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_37"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_37"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_37"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_38"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_38"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_38"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_39"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_39"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_39"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_40"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_40"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_40"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_41"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_41"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_41"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0042-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_42"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0042-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_42"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0042-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_42"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0043-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_43"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0043-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_43"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0043-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_43"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0044-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_44"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0044-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_44"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0044-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_44"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0045-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_45"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0045-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_45"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0045-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_45"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0046-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_46"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0046-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_46"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0046-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_46"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0047-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_47"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0047-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_47"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0047-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_47"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0048-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_48"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0048-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_48"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0048-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_48"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0049-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_49"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0049-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_49"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0049-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_49"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0050-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_50"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0050-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_50"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0050-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_50"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0051-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_51"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0051-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_51"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0051-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_51"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0052-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_52"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0052-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_52"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0052-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_52"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0053-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_53"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0053-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_53"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0053-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_53"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0054-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_54"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0054-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_54"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0054-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_54"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0055-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_55"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0055-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_55"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0055-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_55"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0056-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_56"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0056-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_56"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0056-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_56"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0057-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_57"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0057-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_57"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0057-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_57"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0058-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_58"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0058-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_58"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0058-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_58"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0059-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_59"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0059-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_59"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0059-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_59"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0060-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_60"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0060-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_60"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0060-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_60"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0061-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_61"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0061-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_61"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0061-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_61"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0015-0000-FFFF-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_01"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_01"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_01"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_02"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_02"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_02"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_03"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_03"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_03"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_04"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_04"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_04"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_05"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_05"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_05"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_06"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_06"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_06"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_07"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_07"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_07"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_08"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_08"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_08"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_09"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_09"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_09"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_10"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_10"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_10"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_11"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_11"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_11"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_12"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_12"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_12"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_13"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_13"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_13"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_14"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_14"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_14"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_15"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_15"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_15"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_16"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_16"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_16"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_17"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_17"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_17"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_18"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_18"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_18"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_19"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_19"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_19"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_20"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_20"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_20"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_21"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_21"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_21"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_22"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_22"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_22"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_23"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_23"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_23"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_24"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_24"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_24"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_25"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_25"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_25"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_26"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_26"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_26"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_27"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_27"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_27"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_28"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_28"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_28"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_29"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_29"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_29"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_30"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_30"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_30"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_31"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_31"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_31"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_32"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_32"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_32"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_33"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_33"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_33"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_34"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_34"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_34"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_35"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_35"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_35"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_36"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_36"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_36"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_37"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_37"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_37"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_38"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_38"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_38"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_39"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_39"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_39"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_40"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_40"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_40"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_41"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_41"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_41"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_42"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_42"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_42"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_43"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_43"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_43"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0044-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_44"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0044-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_44"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0044-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_44"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_45"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_45"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_45"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0046-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_46"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0046-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_46"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0046-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_46"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0047-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_47"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0047-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_47"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0047-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_47"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0048-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_48"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0048-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_48"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0048-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_48"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0049-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_49"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0049-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_49"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0049-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_49"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0050-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_50"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0050-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_50"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0050-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_50"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0051-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_51"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0051-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_51"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0051-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_51"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0052-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_52"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0052-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_52"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0052-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_52"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0053-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_53"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0053-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_53"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0053-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_53"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0054-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_54"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0054-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_54"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0054-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_54"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0055-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_55"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0055-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_55"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0055-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_55"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0056-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_56"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0056-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_56"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0056-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_56"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0057-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_57"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0057-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_57"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0057-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_57"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0058-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_58"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0058-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_58"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0058-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_58"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0059-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_59"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0059-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_59"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0059-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_59"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0060-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_60"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0060-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_60"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0060-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_60"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0061-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_61"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0061-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_61"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0061-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_61"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0062-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_62"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0062-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_62"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0062-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_62"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0063-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_63"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0063-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_63"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0063-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_63"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0064-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_64"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0064-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_64"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0064-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_64"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0065-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_65"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0065-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_65"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0065-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_65"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0066-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_66"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0066-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_66"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0066-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_66"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0067-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_67"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0067-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_67"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0067-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_67"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0068-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_68"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0068-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_68"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0068-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_68"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0069-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_69"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0069-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_69"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0069-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_69"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0070-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_70"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0070-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_70"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0070-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_70"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0071-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_71"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0071-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_71"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0071-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_71"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0016-0000-FFFF-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_01"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_01"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_01"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_02"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_02"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_02"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_03"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_03"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_03"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_04"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_04"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_04"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_05"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_05"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_05"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_06"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_06"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_06"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_07"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_07"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_07"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_08"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_08"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_08"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_09"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_09"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_09"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_10"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_10"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_10"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_11"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_11"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_11"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_12"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_12"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_12"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_13"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_13"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_13"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_14"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_14"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_14"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_15"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_15"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_15"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_16"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_16"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_16"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_17"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_17"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_17"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0018-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_18"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0018-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_18"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0018-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_18"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0019-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_19"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0019-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_19"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0019-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_19"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0020-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_20"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0020-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_20"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0020-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_20"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_21"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_21"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_21"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0022-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_22"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0022-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_22"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0022-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_22"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0023-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_23"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0023-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_23"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0023-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_23"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0024-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_24"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0024-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_24"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0024-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_24"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_25"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_25"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_25"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0026-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_26"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0026-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_26"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0026-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_26"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0027-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_27"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0027-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_27"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0027-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_27"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0028-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_28"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0028-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_28"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0028-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_28"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0029-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_29"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0029-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_29"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0029-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_29"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0030-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_30"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0030-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_30"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0030-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_30"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0031-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_31"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0031-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_31"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0031-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_31"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0032-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_32"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0032-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_32"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0032-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_32"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0033-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_33"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0033-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_33"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0033-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_33"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0034-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_34"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0034-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_34"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0034-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_34"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0035-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_35"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0035-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_35"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0035-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_35"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0036-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_36"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0036-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_36"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0036-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_36"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0037-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_37"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0037-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_37"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0037-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_37"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0038-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_38"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0038-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_38"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0038-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_38"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0039-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_39"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0039-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_39"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0039-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_39"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0040-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_40"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0040-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_40"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0040-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_40"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0041-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_41"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0041-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_41"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0041-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_41"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0042-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_42"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0042-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_42"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0042-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_42"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0043-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_43"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0043-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_43"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0043-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_43"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0044-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_44"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0044-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_44"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0044-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_44"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0045-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_45"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0045-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_45"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0045-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_45"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0046-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_46"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0046-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_46"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0046-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_46"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0047-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_47"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0047-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_47"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0047-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_47"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0048-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_48"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0048-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_48"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0048-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_48"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0049-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_49"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0049-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_49"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0049-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_49"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0050-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_50"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0050-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_50"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0050-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_50"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0051-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_51"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0051-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_51"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0051-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_51"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{CAFEEFAC-0017-0000-FFFF-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{cc8413ec-a10d-4716-800e-f1aa0724ac80}]
@DACL=(02 0000)
@="Shell Icon Handler For Curse Client Install Package"
"DeploymentProviderUrl"="hxxp://clientupdate-v5.curse.com/CurseClient.application"
"IconFile"="ClientIcons\\CCIP.ico"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{cc8413ec-a10d-4716-800e-f1aa0724ac80}\InProcServer32]
@DACL=(02 0000)
@="dfshim.dll"
"ThreadingModel"="Apartment"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{cefe1cf2-f16d-4aac-b8c8-7671e46fe10e}]
@DACL=(02 0000)
@="Shell Icon Handler For Curse Client Install Package"
"DeploymentProviderUrl"="hxxp://clientupdate-v5.curse.com/CurseClient.application"
"IconFile"="ClientIcons\\CCIP.ico"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{cefe1cf2-f16d-4aac-b8c8-7671e46fe10e}\InProcServer32]
@DACL=(02 0000)
@="dfshim.dll"
"ThreadingModel"="Apartment"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{d935ca4f-b355-4d11-b0c0-4802c556fc53}]
@DACL=(02 0000)
@="Shell Icon Handler For Curse Client Install Package"
"DeploymentProviderUrl"="hxxp://clientupdate-v5.curse.com/CurseClient.application"
"IconFile"="ClientIcons\\CCIP.ico"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{d935ca4f-b355-4d11-b0c0-4802c556fc53}\InProcServer32]
@DACL=(02 0000)
@="dfshim.dll"
"ThreadingModel"="Apartment"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{da9274df-81af-4176-aecc-7405eeddf62e}]
@DACL=(02 0000)
@="Shell Icon Handler For Curse Client Install Package"
"DeploymentProviderUrl"="hxxp://clientupdate-v5.curse.com/CurseClient.application"
"IconFile"="ClientIcons\\CCIP.ico"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{da9274df-81af-4176-aecc-7405eeddf62e}\InProcServer32]
@DACL=(02 0000)
@="dfshim.dll"
"ThreadingModel"="Apartment"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{E19F9331-3110-11D4-991C-005004D3B3DB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.0_02"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{e6fad535-fcdb-4989-a813-62d1ca739391}]
@DACL=(02 0000)
@="Shell Icon Handler For Curse Client Install Package"
"DeploymentProviderUrl"="hxxp://clientupdate-v5.curse.com/CurseClient.application"
"IconFile"="ClientIcons\\CCIP.ico"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{e6fad535-fcdb-4989-a813-62d1ca739391}\InProcServer32]
@DACL=(02 0000)
@="dfshim.dll"
"ThreadingModel"="Apartment"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{e758485a-02a2-4124-a8a4-88fd4c34766c}]
@DACL=(02 0000)
@="Shell Icon Handler For Curse Client Install Package"
"DeploymentProviderUrl"="hxxp://clientupdate-v5.curse.com/CurseClient.application"
"IconFile"="ClientIcons\\CCIP.ico"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{e758485a-02a2-4124-a8a4-88fd4c34766c}\InProcServer32]
@DACL=(02 0000)
@="dfshim.dll"
"ThreadingModel"="Apartment"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{ecbdd129-c807-4165-a4b4-4cd7c34d4f92}]
@DACL=(02 0000)
@="Shell Icon Handler For Curse Client Install Package"
"DeploymentProviderUrl"="hxxp://clientupdate-v5.curse.com/CurseClient.application"
"IconFile"="ClientIcons\\CCIP.ico"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{ecbdd129-c807-4165-a4b4-4cd7c34d4f92}\InProcServer32]
@DACL=(02 0000)
@="dfshim.dll"
"ThreadingModel"="Apartment"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{ed002f02-c893-4139-836e-567b7181beff}]
@DACL=(02 0000)
@="Shell Icon Handler For Curse Client Install Package"
"DeploymentProviderUrl"="hxxp://clientupdate-v5.curse.com/CurseClient.application"
"IconFile"="ClientIcons\\CCIP.ico"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{ed002f02-c893-4139-836e-567b7181beff}\InProcServer32]
@DACL=(02 0000)
@="dfshim.dll"
"ThreadingModel"="Apartment"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{ee88464b-5f6d-44a3-b23a-d2629665d7b4}]
@DACL=(02 0000)
@="Shell Icon Handler For Curse Client Install Package"
"DeploymentProviderUrl"="hxxp://clientupdate-v5.curse.com/CurseClient.application"
"IconFile"="ClientIcons\\CCIP.ico"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{ee88464b-5f6d-44a3-b23a-d2629665d7b4}\InProcServer32]
@DACL=(02 0000)
@="dfshim.dll"
"ThreadingModel"="Apartment"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{f4163184-d42f-44a7-861d-b581554f71b7}]
@DACL=(02 0000)
@="Shell Icon Handler For Curse Client Install Package"
"DeploymentProviderUrl"="hxxp://clientupdate-v5.curse.com/CurseClient.application"
"IconFile"="ClientIcons\\CCIP.ico"
.
[HKEY_USERS\S-1-5-21-908869703-3165420859-1136871304-1000_Classes\CLSID\{f4163184-d42f-44a7-861d-b581554f71b7}\InProcServer32]
@DACL=(02 0000)
@="dfshim.dll"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2015-05-04  13:19:02
ComboFix-quarantined-files.txt  2015-05-04 11:18
.
Vor Suchlauf: 14 Verzeichnis(se), 128.848.687.104 Bytes frei
Nach Suchlauf: 17 Verzeichnis(se), 130.127.552.512 Bytes frei
.
- - End Of File - - F409ED4F4B5302F260D724B1278F17BC
A36C5E4F47E84449FF07ED3517B43A31
Ich konnte es leider nicht an einer anderen Stelle kürzen tut mir leid.

Alt 05.05.2015, 07:33   #10
schrauber
/// the machine
/// TB-Ausbilder
 
Windows 7: Spiele starten nicht mehr und PC starten funktioniert manchmal nicht - Standard

Windows 7: Spiele starten nicht mehr und PC starten funktioniert manchmal nicht


Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 05.05.2015, 17:43   #11
Necro0
 
Windows 7: Spiele starten nicht mehr und PC starten funktioniert manchmal nicht - Standard

Windows 7: Spiele starten nicht mehr und PC starten funktioniert manchmal nicht


Hi Schrauber,

mir ist leider ein Fehler, bei der Abarbeitung der einzelnen Schritte, unterlaufen.
Irgendwie ist mein 1. Scan mit MBAM ohne Adminrechte durchgeführt worden.
Das ist mir allerdings erst aufgefallen nachdem ich Adwcleaner benutzt habe.
Nach dem Neustart von Adwcleaner hat es mit Adminrechten funktioniert.

Hier die Logs:
MBAM o. Admin

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 05.05.2015
Suchlauf-Zeit: 17:21:08
Logdatei: mbam.txt
Administrator: Nein

Version: 2.01.6.1022
Malware Datenbank: v2015.05.05.03
Rootkit Datenbank: v2015.04.21.01
Lizenz: Premium
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Robert

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 303394
Verstrichene Zeit: 8 Min, 2 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente gefunden)

Module: 0
(Keine schädliche Elemente gefunden)

Registrierungsschlüssel: 0
(Keine schädliche Elemente gefunden)

Registrierungswerte: 0
(Keine schädliche Elemente gefunden)

Registrierungsdaten: 0
(Keine schädliche Elemente gefunden)

Ordner: 0
(Keine schädliche Elemente gefunden)

Dateien: 0
(Keine schädliche Elemente gefunden)

Physische Sektoren: 0
(Keine schädliche Elemente gefunden)


(end)
MBAM m. Admin

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 05.05.2015
Suchlauf-Zeit: 17:48:24
Logdatei: mbam2.txt
Administrator: Ja

Version: 2.01.6.1022
Malware Datenbank: v2015.05.05.03
Rootkit Datenbank: v2015.04.21.01
Lizenz: Premium
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Admin

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 407911
Verstrichene Zeit: 12 Min, 27 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente gefunden)

Module: 0
(Keine schädliche Elemente gefunden)

Registrierungsschlüssel: 0
(Keine schädliche Elemente gefunden)

Registrierungswerte: 0
(Keine schädliche Elemente gefunden)

Registrierungsdaten: 0
(Keine schädliche Elemente gefunden)

Ordner: 0
(Keine schädliche Elemente gefunden)

Dateien: 0
(Keine schädliche Elemente gefunden)

Physische Sektoren: 0
(Keine schädliche Elemente gefunden)


(end)
Adwcleaner

Code:
ATTFilter
# AdwCleaner v4.203 - Bericht erstellt 05/05/2015 um 17:39:25
# Aktualisiert 30/04/2015 von Xplode
# Datenbank : 2015-05-02.1 [Server]
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (x64)
# Benutzername : Admin - ROBERT-PC
# Gestarted von : C:\Users\Robert\Desktop\AdwCleaner_4.203.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Geplante Tasks ] *****

Task Gelöscht : Scheduled Update for Ask Toolbar

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKLM\SOFTWARE\APN
Schlüssel Gelöscht : HKU\.DEFAULT\Software\AVG Secure Search
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9

***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17728


*************************

AdwCleaner[R0].txt - [4210 Bytes] - [05/05/2015 17:37:18]
AdwCleaner[S0].txt - [3994 Bytes] - [05/05/2015 17:39:25]

########## EOF - \AdwCleaner\AdwCleaner[S0].txt - [4053  Bytes] ##########
JRT

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.6.7 (04.30.2015:1)
OS: Windows 7 Ultimate x64
Ran by Admin on 05.05.2015 at 18:31:09,12
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 05.05.2015 at 18:32:54,55
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-04-2015 01
Ran by Admin (administrator) on ROBERT-PC on 05-05-2015 18:35:01
Running from C:\Users\Robert\Desktop
Loaded Profiles: Robert & Admin (Available profiles: Robert & Admin)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Andrea Electronics Corporation) C:\Windows\System32\AEADISRV.EXE
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM-x32\...\Run: [TurboV] => C:\Program Files (x86)\ASUS\TurboV\TurboV.exe [4040192 2008-10-21] ()
HKLM-x32\...\Run: [SoundMAXPnP] => C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [1310720 2008-04-16] (Analog Devices, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [224128 2014-03-18] (Oracle Corporation)
HKLM\...\RunOnce: [*WerKernelReporting] => C:\Windows\SYSTEM32\WerFault.exe [415232 2009-07-14] (Microsoft Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logitech\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [163328 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\Run: [GAINWARD] => C:\Program Files (x86)\EXPERTool\TBPanel.exe [2181672 2009-05-12] (Gainward Co.)
HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\Run: [SoundMax] => C:\Program Files (x86)\Analog Devices\SoundMAX\SoundMAX.exe [3858432 2008-08-20] (Analog Devices, Inc.)
HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\Run: [Google Update] => C:\Users\Robert\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-09-16] (Google Inc.)
HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-908869703-3165420859-1136871304-1012\...\RunOnce: [Report] => \AdwCleaner\AdwCleaner[S0].txt [4219 2015-05-05] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech SetPoint.lnk [2009-08-13]
ShortcutTarget: Logitech SetPoint.lnk -> C:\Program Files (x86)\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
Startup: C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2014-01-30] ()
GroupPolicyUsers\S-1-5-21-908869703-3165420859-1136871304-1002\User: Group Policy restriction detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-908869703-3165420859-1136871304-1000\User: Group Policy restriction detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-908869703-3165420859-1136871304-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-908869703-3165420859-1136871304-1012\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-908869703-3165420859-1136871304-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-908869703-3165420859-1136871304-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-908869703-3165420859-1136871304-1012\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
URLSearchHook: HKU\S-1-5-21-908869703-3165420859-1136871304-1000 - (No Name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - No File
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-908869703-3165420859-1136871304-1000 -> {7DDC945D-68E7-480A-B922-594CD4878A41} URL = hxxp://www.google.de/search?q={searchTerms}
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-01-30] (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-12-17] (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll [2014-01-30] (Kaspersky Lab ZAO)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll [2014-02-18] (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-01-30] (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-12-17] (Kaspersky Lab ZAO)
BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll [2014-01-30] (Kaspersky Lab ZAO)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll [2014-02-18] (Kaspersky Lab ZAO)
DPF: HKLM {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: HKLM-x32 {D0C0F75C-683A-4390-A791-1ACFD5599AB8} hxxp://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-10-10] (Skype Technologies S.A.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll [2014-12-09] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll [2014-12-09] ()
FF Plugin-x32: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll No File
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-02-18] (DivX, LLC)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.0 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.104.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.122.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.96.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.96.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.1.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.2\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-04] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-04] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2011-06-27] (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-908869703-3165420859-1136871304-1000: @octoshape.com/Octoshape Streaming Services,version=1.0 -> C:\Users\Robert\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1002170-0-npoctoshape.dll No File
FF Plugin HKU\S-1-5-21-908869703-3165420859-1136871304-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Robert\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin HKU\S-1-5-21-908869703-3165420859-1136871304-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Robert\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin HKU\S-1-5-21-908869703-3165420859-1136871304-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2011-06-27] (Pando Networks)
FF Plugin HKU\S-1-5-21-908869703-3165420859-1136871304-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npDivxPlayerPlugin.dll [2009-09-25] (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npijjiFFPlugin1.dll [2010-07-28] (NHN USA Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2014-10-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2014-10-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2014-10-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2014-10-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2014-10-25] (Apple Inc.)
FF Extension: Anti-Banner - C:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak [2014-05-03]
FF Extension: Anti-Banner - C:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak2 [2014-05-03]
FF Extension: Modul zur Link-Untersuchung - C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak [2014-05-03]
FF Extension: Modul zur Link-Untersuchung - C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak2 [2014-05-03]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-05-03]
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-08-05]
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2014-01-30]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-01-30]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2014-01-30]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2014-01-30]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2014-01-30]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa
CHR HKLM-x32\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx [2013-10-17]
StartMenuInternet: Google Chrome.DMG6G4FT2SXSVYP5L36MOYKJ2E - C:\Users\Robert\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AEADIFilters; C:\Windows\system32\AEADISRV.EXE [111616 2008-07-15] (Andrea Electronics Corporation)
S2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.00\AsSysCtrlService.exe [86016 2008-08-15] () [File not signed]
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-17] (Kaspersky Lab ZAO)
S2 cjpcsc; C:\Windows\SysWOW64\cjpcsc.exe [514128 2012-03-19] (REINER SCT)
S2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1155072 2009-02-03] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [3276800 2008-08-07] (MAGIX®) [File not signed]
S3 LBTServ; C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe [160784 2009-07-20] (Logitech, Inc.)
S2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-02-22] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2009-10-20] (CACE Technologies, Inc.)
S3 UPnPService; C:\Program Files (x86)\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [548864 2008-10-21] (Magix AG) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 Steam Client Service; "C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Cardex; C:\Windows\SysWOW64\drivers\TBPANELX64.SYS [15648 2007-03-16] (Windows (R) Server 2003 DDK provider)
S3 cjusb; C:\Windows\System32\DRIVERS\cjusb.sys [34672 2011-03-29] (REINER SCT)
S3 ESLvnic1; C:\Windows\System32\DRIVERS\ESLvnic.sys [25528 2009-12-03] (Turtle Entertainment GmbH)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-01-30] (Kaspersky Lab ZAO)
S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [115296 2014-03-28] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625248 2014-03-28] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-10-17] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2014-02-18] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178272 2014-01-30] (Kaspersky Lab ZAO)
S3 KOBCCID; C:\Windows\System32\drivers\KOBCCID.sys [116864 2014-02-27] (KOBIL Systems GmbH) [File not signed]
S3 LADF_DHP2; C:\Windows\System32\DRIVERS\ladfDHP2amd64.sys [61712 2009-05-28] (Logitech)
S3 LADF_SBVM; C:\Windows\System32\DRIVERS\ladfSBVMamd64.sys [376848 2009-05-28] (Logitech)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-05-05] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15680 2006-11-01] ()
R2 NPF; C:\Windows\System32\drivers\npf.sys [47632 2009-10-20] (CACE Technologies, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 uisp; C:\Windows\System32\Drivers\usbicp.sys [20480 2010-08-24] (Motorola)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2013-03-18] (Apple, Inc.) [File not signed]
S3 VaneFltr; C:\Windows\System32\drivers\Lachesis.sys [30336 2007-08-17] (Razer (Asia-Pacific) Pte Ltd)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.)
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-05 18:35 - 2015-05-05 18:35 - 00023412 _____ () C:\Users\Robert\Desktop\FRST.txt
2015-05-05 18:32 - 2015-05-05 18:32 - 00000596 _____ () C:\Users\Robert\Desktop\JRT.txt
2015-05-05 18:31 - 2015-05-05 18:31 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-ROBERT-PC-Windows-7-Ultimate-(64-bit).dat
2015-05-05 18:31 - 2015-05-05 18:31 - 00000000 ____D () C:\RegBackup
2015-05-05 18:27 - 2015-05-05 18:27 - 00001204 _____ () C:\Users\Robert\Desktop\mbam2.txt
2015-05-05 17:47 - 2015-05-05 17:39 - 00004219 _____ () C:\Users\Robert\Desktop\AdwCleaner[S0].txt
2015-05-05 17:37 - 2015-05-05 17:39 - 00000000 ____D () C:\AdwCleaner
2015-05-05 17:29 - 2015-05-05 17:29 - 00001204 _____ () C:\Users\Robert\Desktop\mbam.txt
2015-05-05 17:18 - 2015-05-05 17:18 - 02716306 _____ (Thisisu) C:\Users\Robert\Desktop\JRT.exe
2015-05-05 17:17 - 2015-05-05 17:17 - 02204160 _____ () C:\Users\Robert\Desktop\AdwCleaner_4.203.exe
2015-05-04 13:43 - 2015-05-04 13:42 - 00011775 _____ () C:\Users\Robert\Desktop\ComboFix.zip
2015-05-04 13:20 - 2015-05-04 13:20 - 00001421 _____ () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-05-04 13:19 - 2015-05-04 13:19 - 00156788 _____ () C:\ComboFix.txt
2015-05-04 12:56 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-05-04 12:56 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-05-04 12:56 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-05-04 12:56 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-05-04 12:56 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-05-04 12:56 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2015-05-04 12:56 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2015-05-04 12:56 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2015-05-04 12:55 - 2015-05-04 13:19 - 00000000 ____D () C:\Qoobox
2015-05-04 12:51 - 2015-05-04 12:51 - 05619691 ____R (Swearware) C:\Users\Robert\Desktop\ComboFix.exe
2015-05-03 15:03 - 2015-05-03 15:33 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-05-03 15:01 - 2015-05-03 15:33 - 00000000 ____D () C:\Users\Admin\Desktop\mbar
2015-05-03 15:00 - 2015-05-03 15:00 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Robert\Desktop\tdsskiller.exe
2015-05-03 14:59 - 2015-05-03 14:59 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Robert\Desktop\mbar-1.09.1.1004.exe
2015-05-03 02:13 - 2015-02-04 02:00 - 00608072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-05-03 02:07 - 2015-03-14 05:21 - 01632768 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-05-03 02:07 - 2015-03-14 05:21 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-05-03 02:07 - 2015-03-14 05:04 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-05-03 02:07 - 2015-03-14 05:04 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2015-05-03 02:07 - 2015-03-04 06:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-05-03 02:07 - 2015-03-04 06:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-05-03 02:07 - 2015-03-04 06:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-03 02:07 - 2015-03-04 06:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-05-03 02:07 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-05-03 02:07 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-05-03 02:07 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-03 02:07 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-05-03 02:07 - 2015-02-18 09:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-05-03 02:07 - 2015-01-29 05:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-03 02:07 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-05-02 18:20 - 2015-05-02 18:20 - 00077418 _____ () C:\Users\Robert\Desktop\Board.txt
2015-05-02 17:44 - 2015-05-02 17:44 - 01598240 _____ () C:\Windows\Minidump\050215-21746-01.dmp
2015-05-02 17:14 - 2015-05-05 18:35 - 00000000 ____D () C:\FRST
2015-05-02 17:13 - 2015-05-02 17:13 - 00000000 _____ () C:\Users\Admin\defogger_reenable
2015-05-02 00:55 - 2015-05-02 00:55 - 00380416 _____ () C:\Users\Robert\Desktop\Gmer-19357.exe
2015-05-02 00:53 - 2015-05-02 00:53 - 02101248 _____ (Farbar) C:\Users\Robert\Desktop\FRST64.exe
2015-05-02 00:52 - 2015-05-02 00:52 - 00050477 _____ () C:\Users\Robert\Desktop\Defogger.exe
2015-05-01 17:47 - 2015-05-01 17:47 - 00000000 __SHD () C:\Users\Admin\AppData\Local\EmieBrowserModeList
2015-04-15 02:18 - 2015-04-15 02:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-04-14 22:54 - 2015-04-02 02:17 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-14 22:54 - 2015-04-02 01:49 - 00342704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-04-14 22:54 - 2015-03-25 05:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-14 22:54 - 2015-03-25 05:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-14 22:54 - 2015-03-25 05:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-14 22:54 - 2015-03-25 05:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-14 22:54 - 2015-03-25 05:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-14 22:54 - 2015-03-25 05:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-14 22:54 - 2015-03-25 05:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-14 22:54 - 2015-03-25 05:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-14 22:54 - 2015-03-25 05:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-14 22:54 - 2015-03-25 05:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-14 22:54 - 2015-03-25 05:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-14 22:54 - 2015-03-25 05:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-14 22:54 - 2015-03-25 05:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-14 22:54 - 2015-03-25 05:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-14 22:54 - 2015-03-25 05:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-14 22:54 - 2015-03-25 05:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-14 22:54 - 2015-03-23 05:25 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-14 22:54 - 2015-03-23 05:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-14 22:54 - 2015-03-23 05:24 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-14 22:54 - 2015-03-23 05:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-14 22:54 - 2015-03-23 05:24 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-14 22:54 - 2015-03-23 05:24 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-14 22:54 - 2015-03-23 05:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-14 22:54 - 2015-03-23 05:17 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-14 22:54 - 2015-03-17 07:22 - 05557696 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-14 22:54 - 2015-03-17 07:22 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-14 22:54 - 2015-03-17 07:22 - 00095672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-14 22:54 - 2015-03-17 07:19 - 01727904 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-14 22:54 - 2015-03-17 07:17 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-04-14 22:54 - 2015-03-17 07:17 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-14 22:54 - 2015-03-17 07:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-14 22:54 - 2015-03-17 07:16 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-14 22:54 - 2015-03-17 07:16 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-04-14 22:54 - 2015-03-17 07:16 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-14 22:54 - 2015-03-17 07:16 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-04-14 22:54 - 2015-03-17 07:16 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-04-14 22:54 - 2015-03-17 07:16 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-14 22:54 - 2015-03-17 07:16 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-14 22:54 - 2015-03-17 07:16 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-04-14 22:54 - 2015-03-17 07:16 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-04-14 22:54 - 2015-03-17 07:16 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-04-14 22:54 - 2015-03-17 07:16 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-04-14 22:54 - 2015-03-17 07:16 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-04-14 22:54 - 2015-03-17 07:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-04-14 22:54 - 2015-03-17 07:16 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-04-14 22:54 - 2015-03-17 07:16 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-04-14 22:54 - 2015-03-17 07:16 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-04-14 22:54 - 2015-03-17 07:16 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-04-14 22:54 - 2015-03-17 07:16 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-04-14 22:54 - 2015-03-17 07:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-04-14 22:54 - 2015-03-17 07:16 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-04-14 22:54 - 2015-03-17 07:15 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-04-14 22:54 - 2015-03-17 07:15 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-04-14 22:54 - 2015-03-17 07:15 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-04-14 22:54 - 2015-03-17 07:13 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-14 22:54 - 2015-03-17 07:13 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-04-14 22:54 - 2015-03-17 07:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-04-14 22:54 - 2015-03-17 06:59 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-14 22:54 - 2015-03-17 06:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-04-14 22:54 - 2015-03-17 06:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-04-14 22:54 - 2015-03-17 06:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-04-14 22:54 - 2015-03-17 06:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-04-14 22:54 - 2015-03-17 06:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-04-14 22:54 - 2015-03-17 06:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-04-14 22:54 - 2015-03-17 06:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-04-14 22:54 - 2015-03-17 06:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-04-14 22:54 - 2015-03-17 06:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-04-14 22:54 - 2015-03-17 06:56 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-04-14 22:54 - 2015-03-17 06:56 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-04-14 22:54 - 2015-03-17 06:56 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-04-14 22:54 - 2015-03-17 06:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-04-14 22:54 - 2015-03-17 06:56 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-04-14 22:54 - 2015-03-17 06:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-04-14 22:54 - 2015-03-17 06:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-04-14 22:54 - 2015-03-17 06:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-04-14 22:54 - 2015-03-17 06:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 05:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-04-14 22:54 - 2015-03-17 05:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-04-14 22:54 - 2015-03-17 05:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 05:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 05:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 05:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-14 22:54 - 2015-03-13 06:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-14 22:54 - 2015-03-13 06:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-14 22:54 - 2015-03-13 06:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-04-14 22:54 - 2015-03-13 06:09 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-04-14 22:54 - 2015-03-13 06:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-14 22:54 - 2015-03-13 06:08 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-14 22:54 - 2015-03-13 06:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-04-14 22:54 - 2015-03-13 06:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-14 22:54 - 2015-03-13 06:06 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-04-14 22:54 - 2015-03-13 06:00 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-14 22:54 - 2015-03-13 05:59 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-04-14 22:54 - 2015-03-13 05:55 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-14 22:54 - 2015-03-13 05:54 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-14 22:54 - 2015-03-13 05:54 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-04-14 22:54 - 2015-03-13 05:53 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-04-14 22:54 - 2015-03-13 05:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-14 22:54 - 2015-03-13 05:44 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-14 22:54 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-14 22:54 - 2015-03-13 05:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-04-14 22:54 - 2015-03-13 05:40 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-14 22:54 - 2015-03-13 05:32 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-14 22:54 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-14 22:54 - 2015-03-13 05:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-04-14 22:54 - 2015-03-13 05:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-04-14 22:54 - 2015-03-13 05:27 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-04-14 22:54 - 2015-03-13 05:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-04-14 22:54 - 2015-03-13 05:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-14 22:54 - 2015-03-13 05:26 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-04-14 22:54 - 2015-03-13 05:23 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-14 22:54 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-14 22:54 - 2015-03-13 05:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-04-14 22:54 - 2015-03-13 05:20 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-04-14 22:54 - 2015-03-13 05:17 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-04-14 22:54 - 2015-03-13 05:16 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-04-14 22:54 - 2015-03-13 05:15 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-04-14 22:54 - 2015-03-13 05:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-14 22:54 - 2015-03-13 05:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-14 22:54 - 2015-03-13 05:06 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-04-14 22:54 - 2015-03-13 05:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-14 22:54 - 2015-03-13 05:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-04-14 22:54 - 2015-03-13 05:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-04-14 22:54 - 2015-03-13 05:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-14 22:54 - 2015-03-13 04:57 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-04-14 22:54 - 2015-03-13 04:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-04-14 22:54 - 2015-03-13 04:54 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-04-14 22:54 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-14 22:54 - 2015-03-13 04:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-14 22:54 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-14 22:54 - 2015-03-13 04:43 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-04-14 22:54 - 2015-03-13 04:42 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-04-14 22:54 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-14 22:54 - 2015-03-13 04:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-14 22:54 - 2015-03-13 04:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-14 22:54 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-14 22:54 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-14 22:54 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-14 22:54 - 2015-03-10 05:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-14 22:54 - 2015-03-10 05:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-14 22:54 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-04-14 22:54 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-04-14 22:54 - 2015-03-05 07:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-14 22:54 - 2015-03-05 06:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-04-14 22:54 - 2015-02-25 05:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-14 22:53 - 2015-03-04 06:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-14 22:53 - 2015-03-04 06:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-14 22:53 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-07 03:00 - 2015-04-07 03:00 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-04-07 03:00 - 2015-04-07 03:00 - 00000000 ___SD () C:\Windows\system32\GWX

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-05 18:33 - 2012-09-16 14:47 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-908869703-3165420859-1136871304-1000UA.job
2015-05-05 17:49 - 2009-12-11 17:59 - 00017680 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-05 17:49 - 2009-12-11 17:59 - 00017680 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-05 17:47 - 2014-05-24 14:30 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-05 17:45 - 2009-12-11 18:22 - 01844739 _____ () C:\Windows\WindowsUpdate.log
2015-05-05 17:42 - 2014-01-18 16:26 - 23717325 _____ () C:\Windows\setupact.log
2015-05-05 17:42 - 2012-11-24 17:45 - 00000000 ____D () C:\ProgramData\VMware
2015-05-05 17:42 - 2009-08-13 23:46 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-05-05 17:41 - 2009-08-05 20:07 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-05-05 17:41 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-05 17:37 - 2014-11-26 18:19 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-05 17:18 - 2010-03-07 04:07 - 00003938 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{17212944-8BF8-4509-BFF6-0D177AC05DDE}
2015-05-05 00:33 - 2012-09-16 14:47 - 00001072 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-908869703-3165420859-1136871304-1000Core.job
2015-05-04 13:42 - 2009-08-05 19:41 - 00000000 ____D () C:\Users\Robert\AppData\Local\VirtualStore
2015-05-04 13:22 - 2014-01-18 16:25 - 00019330 _____ () C:\Windows\PFRO.log
2015-05-04 13:20 - 2014-01-30 00:19 - 00000000 ____D () C:\Users\Admin
2015-05-04 13:20 - 2009-07-14 06:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-05-04 13:07 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2015-05-04 12:55 - 2014-01-25 14:10 - 00000000 ____D () C:\Windows\erdnt
2015-05-03 15:17 - 2014-05-24 14:30 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-05-03 15:17 - 2013-04-19 19:24 - 00798720 ___SH () C:\Users\Robert\Thumbs.db
2015-05-03 03:02 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2015-05-03 03:01 - 2012-11-24 17:51 - 00000000 ____D () C:\Users\Robert\AppData\Local\VMware
2015-05-03 02:19 - 2009-12-11 18:02 - 01725292 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-05-03 02:19 - 2009-07-14 19:58 - 00747994 _____ () C:\Windows\system32\perfh007.dat
2015-05-03 02:19 - 2009-07-14 19:58 - 00170676 _____ () C:\Windows\system32\perfc007.dat
2015-05-03 02:18 - 2009-07-14 07:13 - 01725292 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-03 02:13 - 2012-11-02 21:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-05-03 02:13 - 2009-10-24 18:27 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-05-03 02:05 - 2012-11-24 17:51 - 00000000 ____D () C:\Users\Robert\AppData\Roaming\VMware
2015-05-02 17:44 - 2014-05-02 19:13 - 537211074 _____ () C:\Windows\MEMORY.DMP
2015-05-02 17:44 - 2010-12-15 23:23 - 00000000 ____D () C:\Windows\Minidump
2015-05-02 17:14 - 2014-01-18 16:38 - 00067816 _____ () C:\Users\Robert\AppData\Local\GDIPFONTCACHEV1.DAT
2015-05-02 01:54 - 2014-07-30 19:38 - 00000000 ____D () C:\Users\Robert\AppData\Roaming\vlc
2015-05-02 01:05 - 2012-11-04 06:16 - 00000000 ___RD () C:\Users\Robert\Desktop\Desktop für den ganzen Schrott
2015-05-01 20:26 - 2014-01-18 16:25 - 00315456 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-01 20:23 - 2009-08-14 00:20 - 00000000 ____D () C:\Users\Robert\AppData\Local\GameSpy
2015-05-01 18:12 - 2013-07-12 16:37 - 00000000 ____D () C:\Program Files\TortoiseSVN
2015-05-01 18:11 - 2012-11-13 16:40 - 00000000 ____D () C:\Program Files\EslWire
2015-05-01 18:10 - 2011-10-01 15:56 - 00000000 ____D () C:\ProgramData\Origin
2015-05-01 18:05 - 2014-05-29 17:15 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2015-05-01 18:03 - 2014-10-25 17:12 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2015-05-01 18:02 - 2014-04-24 06:53 - 00000000 ____D () C:\ProgramData\Apple
2015-05-01 18:02 - 2013-07-12 15:27 - 00000000 ____D () C:\Users\Robert\AppData\Local\Package Cache
2015-05-01 17:53 - 2010-03-12 21:48 - 00000000 ____D () C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-05-01 17:45 - 2013-09-15 16:53 - 00000000 ____D () C:\Users\Robert\AppData\Local\Deployment
2015-05-01 17:42 - 2009-08-05 19:56 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-05-01 17:41 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-04-30 22:35 - 2012-09-16 15:21 - 00002362 _____ () C:\Users\Robert\Desktop\Google Chrome.lnk
2015-04-26 15:32 - 2014-05-24 14:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-04-26 15:32 - 2014-05-24 14:30 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-04-26 15:32 - 2014-01-30 21:39 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-04-25 09:02 - 2013-07-12 16:42 - 00000000 ____D () C:\Users\Robert\AppData\Local\TSVNCache
2015-04-23 03:29 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-04-16 00:55 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-04-16 00:52 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat
2015-04-15 14:28 - 2014-12-11 23:15 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-15 14:28 - 2014-05-02 23:57 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-15 02:18 - 2013-01-26 17:01 - 00002697 _____ () C:\Users\Public\Desktop\Skype.lnk
2015-04-15 02:18 - 2011-05-12 19:30 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-04-15 02:18 - 2009-08-13 22:42 - 00000000 ____D () C:\ProgramData\Skype
2015-04-15 02:17 - 2013-08-17 04:45 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-15 01:58 - 2010-01-14 18:47 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-14 09:37 - 2014-05-24 14:30 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-04-14 09:37 - 2014-01-26 15:10 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

==================== Files in the root of some directories =======

2011-07-06 20:20 - 2012-07-03 16:41 - 0168864 _____ () C:\Program Files\Common Files\WireHelpSvc.exe
2009-12-27 01:33 - 2009-12-27 01:33 - 0000056 ____H () C:\ProgramData\ezsidmv.dat

Some content of TEMP:
====================
C:\Users\Admin\AppData\Local\temp\Quarantine.exe
C:\Users\Admin\AppData\Local\temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-04 00:05

==================== End Of Log ============================
--- --- ---

--- --- ---

Addition.txt folgt im nächsten Beitrag

mfg

Necro

Alt 05.05.2015, 17:44   #12
Necro0
 
Windows 7: Spiele starten nicht mehr und PC starten funktioniert manchmal nicht - Standard

Windows 7: Spiele starten nicht mehr und PC starten funktioniert manchmal nicht


Addition

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-04-2015 01
Ran by Admin at 2015-05-05 18:35:28
Running from C:\Users\Robert\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Admin (S-1-5-21-908869703-3165420859-1136871304-1012 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-908869703-3165420859-1136871304-500 - Administrator - Disabled)
ASPNET (S-1-5-21-908869703-3165420859-1136871304-1002 - Limited - Enabled)
Gast (S-1-5-21-908869703-3165420859-1136871304-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-908869703-3165420859-1136871304-1005 - Limited - Enabled)
Robert (S-1-5-21-908869703-3165420859-1136871304-1000 - Limited - Enabled) => C:\Users\Robert

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Internet Security (Disabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Disabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Disabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.36 beta (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Flash Player 15 Plugin (HKLM-x32\...\{F1410A0A-8205-4D45-BF2B-9C7ACB2F4B24}) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Badaboom 1.1.1.241 (HKLM-x32\...\Badaboom) (Version: 1.1.1.241 - Elemental Technologies)
CDDRV_Installer (Version: 4.60 - Logitech) Hidden
Cool & Quiet (HKLM-x32\...\{1ADE1AA0-7F82-4BB1-B1BD-727DE438057B}) (Version:  - )
cyberJack Base Components (HKLM-x32\...\{FC338210-F594-11D3-BA24-00001C3AB4DF}) (Version: 6.10.0 - REINER SCT)
DivX Converter (HKLM-x32\...\{B13A7C41581B411290FBC0395694E2A9}) (Version: 7.1.0 - DivX, Inc.)
DivX Plus DirectShow Filters (HKLM-x32\...\DivX Plus DirectShow Filters) (Version:  - DivX, Inc.)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.100 - DivX, LLC)
EasyBits GO (HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\Game Organizer) (Version:  - EasyBits Media)
EPU-6 Engine (HKLM-x32\...\{56B83336-FBC1-4C46-8613-90A9E3B440D6}) (Version: 1.00.28 - )
erLT (x32 Version: 1.20.0137 - Logitech, Inc.) Hidden
EXPERTool 7.5 (HKLM-x32\...\EXPERTool_is1) (Version:  - Gainward Co., Ltd)
Express Gate Updater (HKLM-x32\...\{30E1022C-17EB-482A-8C82-16B79B98C4E4}) (Version: 1.1.1.2 - DeviceVM)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{3E6F0CAD-EE38-42A5-9EEA-AE17A55BF2D4}) (Version: 2.1.23.0 - MAGIX AG)
Google Chrome (HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\Google Chrome) (Version: 42.0.2311.135 - Google Inc.)
Google Update Helper (x32 Version: 1.3.21.111 - Google Inc.) Hidden
Host OpenAL (ADI) (HKLM-x32\...\Host OpenAL (ADI)) (Version:  - )
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{6F6873E3-5C92-4049-B511-231A138DD090}) (Version: 14.0.0.4651 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 14.0.0.4651 - Kaspersky Lab) Hidden
KhalInstallWrapper (Version: 2.00.0000 - Logitech) Hidden
Logitech SetPoint (HKLM-x32\...\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}) (Version: 4.80 - Logitech)
MAGIX Screenshare (HKLM-x32\...\MAGIX Screenshare D) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Speed burnR (HKLM-x32\...\MAGIX Speed burnR D) (Version: 7.0.2.7 - MAGIX AG)
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB953297) (HKLM-x32\...\M953297) (Version:  - )
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NCsoft Launcher (HKLM-x32\...\{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}) (Version: 1.5.19002 - NCsoft)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.5 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.44 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.44 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
OpenOffice 4.0.0 (HKLM-x32\...\{B28DBCBA-60F8-40ED-B35B-F510C327946C}) (Version: 4.00.9702 - Apache Software Foundation)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.3.6.0 - Pando Networks Inc.)
Profi cash (HKLM-x32\...\Profi cash) (Version:  - )
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.6.8442 - Skype Technologies S.A.)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SoundMAX (HKLM-x32\...\{F0A37341-D692-11D4-A984-009027EC0A9C}) (Version: 6.10.2.6520 - Analog Devices)
SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.13.1 - TeamSpeak Systems GmbH)
TuneUp Utilities Language Pack (de-DE) (x32 Version: 10.0.4410.1 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 12.0.2160.11 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 9.0.5100.2 - TuneUp Software) Hidden
TurboV (HKLM-x32\...\{A31951C5-DCD8-4DFE-A525-CFC701F54792}) (Version: 1.00.17 - )
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VMware Player (HKLM-x32\...\VMware_Player) (Version: 6.0.1 - VMware, Inc)
VMware Player (Version: 6.0.1 - VMware, Inc.) Hidden
vReveal (HKLM-x32\...\vReveal) (Version:  - MotionDSP)
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinPcap 4.1.1 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.1753 - CACE Technologies)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

03-04-2015 22:08:37 Windows Update
07-04-2015 03:00:15 Windows Update
10-04-2015 19:53:07 Windows Update
14-04-2015 22:53:17 Windows Update
15-04-2015 01:54:56 Windows Update
21-04-2015 16:31:12 Windows Update
30-04-2015 16:49:27 Windows Update
01-05-2015 17:38:20 Removed TortoiseSVN 1.8.0.24401 (64 bit)
01-05-2015 17:39:39 Removed Bonjour
01-05-2015 17:40:05 Removed Apple Software Update
01-05-2015 17:42:01 Removed Ubisoft Game Launcher
01-05-2015 17:48:13 Removed Apple Mobile Device Support
01-05-2015 17:48:52 Counter-Strike: Source wird entfernt
01-05-2015 17:54:41 Steam(TM) wird entfernt
01-05-2015 17:55:48 Steam(TM) wird entfernt
01-05-2015 18:02:23 Removed Apple Application Support
01-05-2015 18:03:06 Removed QuickTime 7
01-05-2015 18:03:51 Removed iTunes
01-05-2015 18:12:00 Removed TortoiseSVN 1.8.0.24401 (64 bit)
01-05-2015 20:22:43 Removed GameSpy Comrade.
03-05-2015 02:07:44 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 14:34 - 2015-05-04 13:07 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {017BF6ED-054F-4411-8850-485DA80CA0B5} - System32\Tasks\{0E973118-9199-4BDF-8BD9-91C09EABEC8C} => pcalua.exe -a "E:\Programme\Battlefield Bad Company 2\pb\pbsetup.exe" -d "E:\Programme\Battlefield Bad Company 2\pb"
Task: {075D7D6F-7EFB-4F13-BFD5-91EA80696D0B} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation)
Task: {08631979-D016-4152-A093-6D3E4F4E7A12} - System32\Tasks\SVN Update2 => E:\SVN Update2.bat
Task: {09112DFE-1094-4C4C-B798-595E168B9ADA} - System32\Tasks\{8A940E43-868F-4F05-86AE-AE49B3959701} => pcalua.exe -a C:\Windows\system32\Lachesis.cpl -c Lachesis
Task: {0E94E595-D945-471C-B06A-E56FD7FF83C7} - System32\Tasks\{4FFD9F72-D42C-4AAB-98A5-8ED4F6AEEE5C} => pcalua.exe -a C:\Users\Robert\Downloads\installer\bde.exe -d C:\Users\Robert\Downloads\installer
Task: {13A36FA7-B51E-42A7-A24C-6928FFE7F87D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-908869703-3165420859-1136871304-1000Core => C:\Users\Robert\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-16] (Google Inc.)
Task: {15E757FE-CA07-40D1-9F1D-10B27CF947A3} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {18010635-0EE2-4B03-9EA6-30B0C50C7AA2} - System32\Tasks\{90A3A757-3A64-445C-B407-B3956DB512CD} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
Task: {185BBCC6-9B25-4AA5-8140-FEA91F0FDB77} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-12-21] (Adobe Systems Incorporated)
Task: {1F118039-491C-4C69-A79F-079D0C6DB516} - System32\Tasks\{0EBBB489-CB9C-45B4-9BD3-6501EF4B66D8} => pcalua.exe -a C:\Users\Robert\Downloads\installer\WC3Banlist_3.0.exe -d C:\Users\Robert\Downloads\installer
Task: {3A567034-CC11-4DD3-AB1E-6CC06C3E852A} - System32\Tasks\{CAE3D0C9-E6C9-48B2-84E5-8FCD07F042A0} => pcalua.exe -a "C:\Program Files\NVIDIA Corporation\3D Emitter\nvUSBInst.exe" -d "C:\Program Files\NVIDIA Corporation\3D Emitter"
Task: {3BE67737-A7A8-4186-AE85-99C5B26A9113} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-908869703-3165420859-1136871304-1000UA => C:\Users\Robert\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-16] (Google Inc.)
Task: {3EC05D4E-9136-4550-860D-52BB7A855A83} - System32\Tasks\{AE7222BC-ADDD-4759-A859-85B9C2A68C59} => pcalua.exe -a C:\Users\Robert\Desktop\2.17.06\Setup.exe -d C:\Users\Robert\Desktop\2.17.06
Task: {4998CC9B-3709-4B00-8FE1-169FCE83C4D6} - System32\Tasks\{F3B8E413-8909-4156-A231-D8F860CD7D2A} => pcalua.exe -a C:\Users\Robert\Downloads\installer\Lachesis_win7_(compatible_only)_driver_v1.10_Eng.exe -d C:\Users\Robert\Downloads\installer
Task: {4C0E5B45-8EB2-4F5D-B752-ED53133328B6} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe
Task: {4C2F3E75-29AC-4B0E-BB2B-6AE7C8756AF2} - System32\Tasks\{B37E03D7-724D-4ED6-A0C3-B870D6690AA1} => C:\Program Files (x86)\ASUS\EPU-6 Engine\SixEngine.exe [2008-11-13] ()
Task: {4F814AB8-EA3A-4587-B9FD-BBF302E0FE65} - System32\Tasks\{B60632FC-CD32-4786-B57E-6F6D7D05B405} => C:\Program Files (x86)\ASUS\EPU-6 Engine\SixEngine.exe [2008-11-13] ()
Task: {770355DE-8AC5-46CE-BBE4-D713197CD451} - System32\Tasks\{A62795F6-793A-4AC8-9330-D290B3EEBC9A} => pcalua.exe -a "E:\programme\steam\steamapps\common\left 4 dead 2\bin\addoninstaller.exe" -d "e:\programme\steam\steamapps\common\left 4 dead 2" -c /register
Task: {7F5D8CCF-8D6C-49EE-B06A-73A1EAD7D24F} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {830998AC-4D46-484A-AA33-5DF38748633E} - System32\Tasks\DivX-Online-Aktualisierungsprogramm => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2014-01-10] ()
Task: {8B2736AE-5EE0-48DF-8016-40D52DE02B63} - System32\Tasks\{6C51A44D-7FE4-4948-AFED-2C754C2F1F14} => pcalua.exe -a D:\Installer.exe -d D:\
Task: {8F5F9978-92E6-4069-9DE2-9E5F1958EE50} - System32\Tasks\{B652ED8D-E3B5-4152-982C-1382E64A6802} => pcalua.exe -a E:\Programme\WC3Banlist\WC3Banlist.exe -d E:\Programme\WC3Banlist
Task: {90F5E964-C187-40A6-A384-1CF67A1D603D} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-03-18] (Oracle Corporation)
Task: {95C6CA51-3E2A-47DE-9288-024625960618} - System32\Tasks\{DCED82F0-7941-43D4-BB72-5307D26CA57A} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
Task: {9B34B395-2186-49B7-B5EB-CF53607FE0E9} - System32\Tasks\Google Updater and Installer => C:\Users\Robert\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-16] (Google Inc.)
Task: {A6651D8F-83E0-4A57-9E78-6B6803C1E6A8} - System32\Tasks\SVN Update => E:\SVN Update.bat
Task: {AE17272F-8E41-4056-B822-354581F6C6E2} - System32\Tasks\{DCE9D458-5A5C-4C33-B054-1E531B793694} => C:\Program Files (x86)\ASUS\EPU-6 Engine\SixEngine.exe [2008-11-13] ()
Task: {AEF9163C-2714-4A2E-802D-7A436580359D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-09] (Adobe Systems Incorporated)
Task: {AFB39AE5-3A9F-40B0-8E7A-542BCE86D1BA} - System32\Tasks\{3F697A2A-3AEF-4047-8F2E-CA2F16595686} => pcalua.exe -a D:\Setup.exe -d D:\
Task: {C15A9275-9D3A-49A2-9FAE-ECBE177427D5} - System32\Tasks\{862D60CD-E564-4C01-9101-9AF7AD4B6E2B} => E:\Programme\HoN\hon.exe
Task: {C15F8E8F-C064-4FEB-AF1A-4C3ACC1A2649} - System32\Tasks\Microsoft\Windows\Wired\GatherWiredInfo => C:\Windows\system32\gatherWiredInfo.vbs
Task: {C1DA5514-9A37-4F60-BBA6-43C5C089DBE2} - System32\Tasks\{6CF4C697-7C64-4695-96EC-E76CDC33BDAD} => pcalua.exe -a "C:\Users\Robert\Downloads\wow addons\Offi\setup.exe" -d "C:\Users\Robert\Downloads\wow addons\Offi"
Task: {C28278BF-1ABF-4595-BB2A-15201DDF25E3} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs
Task: {C592C51D-489B-4B85-BE20-EF6F489FD5E1} - System32\Tasks\ASUS\ASUS SIX Engine => C:\Program Files (x86)\ASUS\EPU-6 Engine\SixEngine.exe [2008-11-13] ()
Task: {CD093164-F8E4-465C-868B-E0A6ED381B41} - System32\Tasks\{B0D03894-D0B5-4529-8217-8B30C0B70F7B} => pcalua.exe -a C:\Users\Robert\Downloads\installer\DivXInstaller.exe -d C:\Users\Robert\Downloads\installer
Task: {D364ACBB-F916-42B6-B23B-6D2CFFB421F6} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {DC69638B-35B6-4932-A742-8CF09EA335AD} - System32\Tasks\{DFB05294-0DC7-4FEE-9B93-42EC5DC53F4C} => C:\Program Files (x86)\ASUS\EPU-6 Engine\SixEngine.exe [2008-11-13] ()
Task: {DEC6077F-9A09-4C78-B0B7-4810075327AD} - System32\Tasks\{6DD6A043-E231-4A58-BE82-F905C24D3A73} => pcalua.exe -a D:\Installer.exe -d D:\
Task: {E32DBEBF-712F-4796-89E0-2344E2F13E55} - System32\Tasks\{FF3960FF-32B3-4FE0-B52A-6492FB5EB66A} => pcalua.exe -a "C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktopSetup.exe" -c -uninstall
Task: {EAF095B1-6733-4C4C-9EF5-C99A0A422071} - System32\Tasks\{D50278D1-5745-42A5-BC70-BC28F00EC00D} => pcalua.exe -a "C:\Users\Robert\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -c -uninstall -launchrunonce:false
Task: {FC23F25B-C08F-4460-915A-B05E68940A78} - System32\Tasks\{4508EB49-3357-4153-8ED6-C4F285F9B56D} => pcalua.exe -a C:\Windows\SysWOW64\BDEADMIN.CPL -c BDE-Verwaltung
Task: {FE8DADA4-6A6E-4C0D-ABDE-33260E02D8CC} - System32\Tasks\{931A7744-FD78-4DAD-8FC9-8F03E9A1A980} => pcalua.exe -a C:\Users\Robert\Downloads\installer\pbsetup_3.2.exe -d C:\Users\Robert\Downloads\installer
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-908869703-3165420859-1136871304-1000Core.job => C:\Users\Robert\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-908869703-3165420859-1136871304-1000UA.job => C:\Users\Robert\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2012-06-18 17:24 - 2012-06-18 17:24 - 00222720 _____ () E:\Programme\Notepad++\NppShell_05.dll
2013-06-17 13:35 - 2013-06-17 13:35 - 00478400 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\dblite.dll
2013-05-08 15:52 - 2013-05-08 15:52 - 01270464 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\kpcengine.2.3.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:24721E3C
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\100sexlinks.com -> 100sexlinks.com

There are 6052 more restricted sites.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-908869703-3165420859-1136871304-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-908869703-3165420859-1136871304-1012\Control Panel\Desktop\\Wallpaper -> C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: EslWireHelper => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: Secunia PSI Agent => 2
MSCONFIG\Services: Secunia Update Agent => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk => C:\Windows\pss\Secunia PSI Tray.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Robert^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Zahlungserinnerung.lnk => C:\Windows\pss\Zahlungserinnerung.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: DivXMediaServer => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: iTunesHelper => "E:\Programme\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Kernel and Hardware Abstraction Layer => KHALMNPR.EXE
MSCONFIG\startupreg: Lachesis => E:\Programme\Razer\razerhid.exe                                                                                                                                                                                                                                          
MSCONFIG\startupreg: Pando Media Booster => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SoundMAX => "C:\Program Files (x86)\Analog Devices\SoundMAX\soundmax.exe" /tray

==================== FirewallRules (whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [UDP Query User{F91435D9-EFCF-4B87-830F-35F165F16C90}C:\users\robert\temp\teamviewer\version4\teamviewer.exe] => (Allow) C:\users\robert\temp\teamviewer\version4\teamviewer.exe
FirewallRules: [TCP Query User{E63063BD-85C9-4DF0-A724-E3E147D19CE6}C:\users\robert\temp\teamviewer\version4\teamviewer.exe] => (Allow) C:\users\robert\temp\teamviewer\version4\teamviewer.exe
FirewallRules: [UDP Query User{C2C5EBED-5553-4A54-9CDD-D48371624776}C:\program files (x86)\mirc\mirc.exe] => (Allow) C:\program files (x86)\mirc\mirc.exe
FirewallRules: [TCP Query User{82204638-2C30-4051-9520-BC3BF6AB2A31}C:\program files (x86)\mirc\mirc.exe] => (Allow) C:\program files (x86)\mirc\mirc.exe
FirewallRules: [{F9D8C60D-0A2F-4404-97BA-7831E3DEF19C}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [{66742885-3FC3-4A8B-A5A2-15836F425280}] => (Allow) C:\Users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-3.2.2.10482-to-3.2.2.10505-deDE-downloader.exe
FirewallRules: [{1F884B59-E7F4-4485-9B6F-F81DFE97BC6F}] => (Allow) C:\Users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-3.2.2.10482-to-3.2.2.10505-deDE-downloader.exe
FirewallRules: [{E56F2280-E745-41E3-A852-E57E71D1BA19}] => (Allow) C:\Users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-3.2.0.10314-to-3.2.2.10482-deDE-downloader.exe
FirewallRules: [{77893C14-69D7-4848-98E1-0326A99716DD}] => (Allow) C:\Users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-3.2.0.10314-to-3.2.2.10482-deDE-downloader.exe
FirewallRules: [{FE9B1925-B483-4D71-ACF0-7A0FD79C49EE}] => (Allow) C:\Users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-deDE-downloader.exe
FirewallRules: [{BD8666CE-3803-493E-879A-8080BD25FA0E}] => (Allow) C:\Users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-deDE-downloader.exe
FirewallRules: [{0CDCF451-A779-4CA8-8000-1ED097E7B175}] => (Allow) C:\Users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-3.1.3.9947-to-3.2.0.10192-deDE-downloader.exe
FirewallRules: [{1A7A5E6C-C56E-4B42-ADB9-3CC5DD3557D1}] => (Allow) C:\Users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-3.1.3.9947-to-3.2.0.10192-deDE-downloader.exe
FirewallRules: [{71F5ACEA-7C42-4ED7-9E91-18CCFCEFAD36}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{48B7474E-46AD-4543-A5C8-33E81A925AA8}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{4914B35F-7DCC-4390-B404-EA41E11B76AF}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{EA50682F-0A05-40E9-BEC1-D398ACA658B7}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{5878656F-0A36-4CBD-BD15-C8969D86F625}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{5A72A216-F6BC-440E-ABDC-3345A364BB21}] => (Allow) LPort=56858
FirewallRules: [{63350A18-1188-417D-B57E-1BA705215ACF}] => (Allow) LPort=56858
FirewallRules: [{EBE548F9-DF2A-4E59-BCCE-B2E559D1CAC9}] => (Allow) LPort=56858
FirewallRules: [{EE3C615D-F9A0-4C1B-99B9-8B2930424F6D}] => (Allow) LPort=56858
FirewallRules: [{FAAB74B4-9B1B-4E4B-A048-EFEE9DBBD736}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{48FF4247-C741-4CDF-ABCF-B0A750B1C149}] => (Allow) E:\Programme\Steam\SteamApps\faceman765\counter-strike\hl.exe
FirewallRules: [{41D898FB-3FD4-43DB-9570-7E5AB2044CFD}] => (Allow) E:\Programme\Steam\SteamApps\faceman765\counter-strike\hl.exe
FirewallRules: [{02338F63-67B0-4DAB-88FA-9EFC32A08333}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{2E67C032-4394-48F7-99DB-22FDE22F276C}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{48DE4895-3C8F-4B30-ABCF-62517F549A02}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{82EC6C03-9B87-474C-B1FD-548C89E42A21}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{A6D8FA07-2CD0-4D28-84EA-39F264EBB354}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{CFE66C94-772C-475E-8EED-73CD3419B7EF}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{7431BAD5-56DA-4A83-AB8A-211F29DF2CF9}] => (Allow) E:\Programme\Assassins Creed Revelations\ACRSP.exe
FirewallRules: [{C65BC40E-335F-4F57-A68E-8A7EEC9A8219}] => (Allow) E:\Programme\Assassins Creed Revelations\ACRSP.exe
FirewallRules: [{10B42EF3-AC83-42D1-BF2D-21856E8629F2}] => (Allow) E:\Programme\Assassins Creed Revelations\ACRMP.exe
FirewallRules: [{6BCD06D9-FC41-4593-981C-D6C4F653A86A}] => (Allow) E:\Programme\Assassins Creed Revelations\ACRMP.exe
FirewallRules: [{32C18A5B-E2CD-4F20-9C87-170CF26431F2}] => (Allow) E:\Programme\Assassins Creed Revelations\AssassinsCreedRevelations.exe
FirewallRules: [{B8316D37-B419-422B-86B9-B37E23E7823C}] => (Allow) E:\Programme\Assassins Creed Revelations\AssassinsCreedRevelations.exe
FirewallRules: [{89BD3FC3-0271-4212-8F61-033FD952115E}] => (Allow) E:\Programme\Steam\SteamApps\faceman765\counter-strike\hl.exe
FirewallRules: [{6AE83308-54B1-48E0-B28F-1D2BC0F3746D}] => (Allow) E:\Programme\Steam\SteamApps\faceman765\counter-strike\hl.exe
FirewallRules: [{FCB47402-BB77-4866-A553-BDE0F19C8595}] => (Allow) E:\Programme\Battlefield 3\Battlefield 3\bf3.exe
FirewallRules: [{60A1774B-BAEF-46BA-9E6B-FC3EBC040891}] => (Allow) E:\Programme\Battlefield 3\Battlefield 3\bf3.exe
FirewallRules: [{FA4013BB-3800-446E-9311-E653CAB74871}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{3771E463-FEE5-43D0-9F0D-948035B92C5A}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{4B597462-88A5-4C60-AFDF-F015891BB021}] => (Allow) E:\Programme\Steam\SteamApps\common\Sniper Elite V2\bin\SniperEliteV2.exe
FirewallRules: [{D66E25A4-B16B-4C3E-8D51-0A44584228AA}] => (Allow) E:\Programme\Steam\SteamApps\common\Sniper Elite V2\bin\SniperEliteV2.exe
FirewallRules: [{A77A4043-BA06-4A5D-B7ED-4858A10F2B4F}] => (Allow) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
FirewallRules: [{A337226D-7B68-484F-9466-E095117D8425}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{2AD8D3DD-4AD8-4048-8345-3D37E528DBDC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{27A8C16C-BA10-46E4-BE00-AC8BB4DE7A8D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{0BCF7845-D89E-408A-8A0F-EB4128C4DBFC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{44D65810-E33D-4685-8623-B1AFD78360AF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{456D7F90-C137-4E13-9C40-9C66587246FD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{026185A2-534E-41F8-A898-8603B5D0BD3F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{6F6E36DA-2530-485D-BFB7-9697ACE388B0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D7006922-8871-4D32-BBE1-FC32E7F1C2E1}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
FirewallRules: [{6E6826D7-791E-4BD0-B92C-40108BC8FD64}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
FirewallRules: [{E869C5EC-E6DB-490C-AB8F-48D5D1C11A6D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{1221DEF1-5A0E-4F46-8C26-9A0095825751}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{F8CAFBAD-A8C4-489C-ADEE-A0647CF99A64}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{DA4193BF-CE30-4D5A-B82E-F1B864AB9CE9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{62696D86-6B83-4B64-B95C-A88C88D061CA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{DEB90366-F380-4E32-8389-C00F55593FCE}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{37886D58-60FB-4ED8-A03F-8C433025B617}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{405E7D2D-ECA7-4D53-B9E7-3EDAF2DF13AA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{9C6605B1-FE3F-4ABA-B59E-374551AE6897}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D91CBCF8-F6BE-49A6-A3D2-0A3FE24E3D7F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{473D944F-BB8A-4BB5-852E-413EBB655A5C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{4AFB9732-DF57-40B2-8954-65EBF31B0487}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{17B1C777-B812-4FD1-B8B5-9635143F43C4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{E48AA2BD-35FB-4936-85DE-2F13F5A5CE96}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{B485A384-48D7-4D88-B0D5-DF10274C0076}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{70BE2044-2B2A-493B-B984-6819B8CEC8FC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{083D1EF7-926E-4AB2-95F0-C0FBC9C1700B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{6EDA2D60-47B7-46F9-8A29-9D5A5A19646C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{F2CF4B3F-F58A-433B-ABCF-72864FBDA07B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{8ED19118-BD87-4381-801F-F5CF0583E1D1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{B1C6C7EE-94FD-4E62-9D89-6A0A2B8076EF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{9B2DF132-71A0-4C96-8408-76DF35296A26}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{32B86F39-66A3-45FB-9B31-CC8896911AFF}] => (Allow) E:\Programme\Steam\Steam.exe
FirewallRules: [{4441E7F4-C7AA-49C0-AFAB-EAE23100DD9C}] => (Allow) E:\Programme\Steam\Steam.exe
FirewallRules: [{45AEE704-4C54-41C2-B299-51963F6B79CE}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{FD87B08C-8CBD-422F-8DF1-65750EF90C85}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{D48AD544-77EA-45EF-8B10-6017C3B4C845}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{7423AD7A-8403-4D95-BB89-78A3B1A5C192}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{7642A794-A94F-499C-A47C-92EC06C3E262}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D31C8B03-01B1-4985-83F1-4BA51DE20664}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{2136A4FD-28A7-41EB-B424-D8B9B6F2E48A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{3AFBBA99-AECF-4438-9C4C-A7FD686FE403}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{15AB8819-E36E-49EA-8FE3-5D3130B87272}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{43204974-2C1B-4C42-A97E-42B88F9A12F6}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{2690488B-3CB4-4407-A03F-8647D4A4FAC4}] => (Allow) E:\Programme\Steam\bin\steamwebhelper.exe
FirewallRules: [{58BDE336-E03D-46CF-96D5-0249FE6CE4EB}] => (Allow) E:\Programme\Steam\bin\steamwebhelper.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/05/2015 05:43:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/05/2015 05:41:53 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (05/05/2015 05:41:53 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (05/05/2015 05:41:53 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]

Error: (05/05/2015 05:11:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/05/2015 00:29:28 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "UCCAPI,processorArchitecture="x86",type="win32",version="2.0.0.0"1".
Die abhängige Assemblierung "UCCAPI,processorArchitecture="x86",type="win32",version="2.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (05/05/2015 00:29:18 AM) (Source: SideBySide) (EventID: 75) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Mehrere requestedPrivileges-Elemente sind nicht im Manifest zulässig.

Error: (05/04/2015 01:54:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/04/2015 01:24:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/04/2015 00:49:02 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (05/05/2015 06:31:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/05/2015 06:31:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "VMware DHCP Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/05/2015 06:31:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "VMware Authorization Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/05/2015 06:31:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "VMware NAT Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 1000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/05/2015 06:31:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "PnkBstrA" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/05/2015 06:31:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Streamer Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/05/2015 06:31:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Network Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/05/2015 06:31:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "FABS - Helping agent for MAGIX media database" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/05/2015 06:31:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "cyberJack PC/SC COM Service " wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/05/2015 06:31:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "ASUS System Control Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


Microsoft Office Sessions:
=========================
Error: (05/05/2015 05:43:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/05/2015 05:41:53 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (05/05/2015 05:41:53 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (05/05/2015 05:41:53 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]

Error: (05/05/2015 05:11:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/05/2015 00:29:28 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: UCCAPI,processorArchitecture="x86",type="win32",version="2.0.0.0"c:\program files (x86)\windows live\messenger\wlcsdk.exe

Error: (05/05/2015 00:29:18 AM) (Source: SideBySide) (EventID: 75) (User: )
Description: c:\program files (x86)\Skype\Toolbars\internet explorer\SkypeIEPluginBroker.exec:\program files (x86)\Skype\Toolbars\internet explorer\SkypeIEPluginBroker.exe2

Error: (05/04/2015 01:54:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/04/2015 01:24:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/04/2015 00:49:02 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
  Date: 2015-05-04 13:04:39.040
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-05-04 13:04:38.915
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-05-04 13:04:38.791
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-05-04 13:04:38.681
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-10-15 20:29:27.027
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-10-15 20:29:27.027
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-10-15 20:29:27.027
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-10-15 20:29:26.996
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-10-15 20:29:26.996
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-10-15 20:29:26.996
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7 CPU 920 @ 2.67GHz
Percentage of memory in use: 24%
Total physical RAM: 6135.12 MB
Available physical RAM: 4644.04 MB
Total Pagefile: 12268.43 MB
Available Pagefile: 10584.74 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:298.09 GB) (Free:120.85 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (Volume) (Fixed) (Total:698.63 GB) (Free:697.97 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: E7091A42)
Partition 1: (Active) - (Size=298.1 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 114AA6A5)
Partition 1: (Not Active) - (Size=698.6 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Alt 06.05.2015, 08:00   #13
schrauber
/// the machine
/// TB-Ausbilder
 
Windows 7: Spiele starten nicht mehr und PC starten funktioniert manchmal nicht - Standard

Windows 7: Spiele starten nicht mehr und PC starten funktioniert manchmal nicht



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 07.05.2015, 00:39   #14
Necro0
 
Windows 7: Spiele starten nicht mehr und PC starten funktioniert manchmal nicht - Standard

Windows 7: Spiele starten nicht mehr und PC starten funktioniert manchmal nicht


Hi,

hier erstmal die Logs ( Eset hat nichts gefunden. Es waren alle USB-Sticks und die externe Festplatte angeschlossen )

Eset:

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=cc800ab1afc9c2499daf167e727c9a78
# engine=23720
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-05-06 03:35:09
# local_time=2015-05-06 05:35:09 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Kaspersky Internet Security'
# compatibility_mode=1292 16777213 100 100 14567 62400931 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 82440 182556359 0 0
# scanned=266569
# found=0
# cleaned=0
# scan_time=10080
Security Check

Code:
ATTFilter
 Results of screen317's Security Check version 1.001  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Kaspersky Internet Security   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 SpywareBlaster 5.0    
 TuneUp Utilities Language Pack (de-DE) 
 Java version 32-bit out of Date! 
  Adobe Flash Player 15.0.0.246 Flash Player out of Date!  
 Adobe Reader XI  
 Mozilla Firefox 30.0 Firefox out of Date!  
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 Malwarebytes Anti-Malware mbamscheduler.exe   
 Kaspersky Lab Kaspersky Internet Security 14.0.0 avp.exe  
 Kaspersky Lab Kaspersky Internet Security 14.0.0 avpui.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
FRST


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-05-2015 01
Ran by Admin (administrator) on ROBERT-PC on 07-05-2015 01:28:37
Running from C:\Users\Robert\Desktop
Loaded Profiles: Robert & Admin (Available profiles: Robert & Admin)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Andrea Electronics Corporation) C:\Windows\System32\AEADISRV.EXE
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.00\AsSysCtrlService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
(REINER SCT) C:\Windows\SysWOW64\cjpcsc.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Gainward Co.) C:\Program Files (x86)\EXPERTool\TBPANEL.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Analog Devices, Inc.) C:\Program Files (x86)\Analog Devices\SoundMAX\SoundMAX.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Logitech, Inc.) C:\Program Files (x86)\Logitech\SetPoint\SetPoint.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
() C:\Program Files (x86)\ASUS\TurboV\TurboV.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Analog Devices, Inc.) C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
() C:\Program Files (x86)\Logitech\SetPoint\x86\SetPoint32.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM-x32\...\Run: [TurboV] => C:\Program Files (x86)\ASUS\TurboV\TurboV.exe [4040192 2008-10-21] ()
HKLM-x32\...\Run: [SoundMAXPnP] => C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [1310720 2008-04-16] (Analog Devices, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [224128 2014-03-18] (Oracle Corporation)
HKLM\...\RunOnce: [*WerKernelReporting] => C:\Windows\SYSTEM32\WerFault.exe [415232 2009-07-14] (Microsoft Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logitech\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [163328 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\Run: [GAINWARD] => C:\Program Files (x86)\EXPERTool\TBPanel.exe [2181672 2009-05-12] (Gainward Co.)
HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\Run: [SoundMax] => C:\Program Files (x86)\Analog Devices\SoundMAX\SoundMAX.exe [3858432 2008-08-20] (Analog Devices, Inc.)
HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\Run: [Google Update] => C:\Users\Robert\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-09-16] (Google Inc.)
HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-908869703-3165420859-1136871304-1012\...\RunOnce: [Report] => \AdwCleaner\AdwCleaner[S0].txt [4219 2015-05-05] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech SetPoint.lnk [2009-08-13]
ShortcutTarget: Logitech SetPoint.lnk -> C:\Program Files (x86)\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
Startup: C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2014-01-30] ()
GroupPolicyUsers\S-1-5-21-908869703-3165420859-1136871304-1002\User: Group Policy restriction detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-908869703-3165420859-1136871304-1000\User: Group Policy restriction detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-908869703-3165420859-1136871304-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-908869703-3165420859-1136871304-1012\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-908869703-3165420859-1136871304-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-908869703-3165420859-1136871304-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-908869703-3165420859-1136871304-1012\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
URLSearchHook: HKU\S-1-5-21-908869703-3165420859-1136871304-1000 - (No Name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - No File
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-908869703-3165420859-1136871304-1000 -> {7DDC945D-68E7-480A-B922-594CD4878A41} URL = hxxp://www.google.de/search?q={searchTerms}
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-01-30] (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-12-17] (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll [2014-01-30] (Kaspersky Lab ZAO)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll [2014-02-18] (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-01-30] (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-12-17] (Kaspersky Lab ZAO)
BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll [2014-01-30] (Kaspersky Lab ZAO)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll [2014-02-18] (Kaspersky Lab ZAO)
DPF: HKLM {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: HKLM-x32 {D0C0F75C-683A-4390-A791-1ACFD5599AB8} hxxp://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-10-10] (Skype Technologies S.A.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll [2014-12-09] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll [2014-12-09] ()
FF Plugin-x32: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll No File
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-02-18] (DivX, LLC)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.0 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.104.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.122.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.96.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.96.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.1.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.2\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-04] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-04] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2011-06-27] (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-908869703-3165420859-1136871304-1000: @octoshape.com/Octoshape Streaming Services,version=1.0 -> C:\Users\Robert\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1002170-0-npoctoshape.dll No File
FF Plugin HKU\S-1-5-21-908869703-3165420859-1136871304-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Robert\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin HKU\S-1-5-21-908869703-3165420859-1136871304-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Robert\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin HKU\S-1-5-21-908869703-3165420859-1136871304-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2011-06-27] (Pando Networks)
FF Plugin HKU\S-1-5-21-908869703-3165420859-1136871304-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npDivxPlayerPlugin.dll [2009-09-25] (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npijjiFFPlugin1.dll [2010-07-28] (NHN USA Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2014-10-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2014-10-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2014-10-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2014-10-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2014-10-25] (Apple Inc.)
FF Extension: Anti-Banner - C:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak [2014-05-03]
FF Extension: Anti-Banner - C:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak2 [2014-05-03]
FF Extension: Modul zur Link-Untersuchung - C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak [2014-05-03]
FF Extension: Modul zur Link-Untersuchung - C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak2 [2014-05-03]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-05-03]
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-08-05]
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2014-01-30]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-01-30]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2014-01-30]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2014-01-30]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2014-01-30]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa
CHR HKLM-x32\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx [2013-10-17]
StartMenuInternet: Google Chrome.DMG6G4FT2SXSVYP5L36MOYKJ2E - C:\Users\Robert\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AEADIFilters; C:\Windows\system32\AEADISRV.EXE [111616 2008-07-15] (Andrea Electronics Corporation)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.00\AsSysCtrlService.exe [86016 2008-08-15] () [File not signed]
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-17] (Kaspersky Lab ZAO)
R2 cjpcsc; C:\Windows\SysWOW64\cjpcsc.exe [514128 2012-03-19] (REINER SCT)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1155072 2009-02-03] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [3276800 2008-08-07] (MAGIX®) [File not signed]
S3 LBTServ; C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe [160784 2009-07-20] (Logitech, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-02-22] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2009-10-20] (CACE Technologies, Inc.)
S3 UPnPService; C:\Program Files (x86)\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [548864 2008-10-21] (Magix AG) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 Steam Client Service; "C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Cardex; C:\Windows\SysWOW64\drivers\TBPANELX64.SYS [15648 2007-03-16] (Windows (R) Server 2003 DDK provider)
S3 cjusb; C:\Windows\System32\DRIVERS\cjusb.sys [34672 2011-03-29] (REINER SCT)
S3 ESLvnic1; C:\Windows\System32\DRIVERS\ESLvnic.sys [25528 2009-12-03] (Turtle Entertainment GmbH)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-01-30] (Kaspersky Lab ZAO)
S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [115296 2014-03-28] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625248 2014-03-28] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-10-17] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2014-02-18] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178272 2014-01-30] (Kaspersky Lab ZAO)
S3 KOBCCID; C:\Windows\System32\drivers\KOBCCID.sys [116864 2014-02-27] (KOBIL Systems GmbH) [File not signed]
S3 LADF_DHP2; C:\Windows\System32\DRIVERS\ladfDHP2amd64.sys [61712 2009-05-28] (Logitech)
S3 LADF_SBVM; C:\Windows\System32\DRIVERS\ladfSBVMamd64.sys [376848 2009-05-28] (Logitech)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-05-05] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15680 2006-11-01] ()
R2 NPF; C:\Windows\System32\drivers\npf.sys [47632 2009-10-20] (CACE Technologies, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 uisp; C:\Windows\System32\Drivers\usbicp.sys [20480 2010-08-24] (Motorola)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2013-03-18] (Apple, Inc.) [File not signed]
S3 VaneFltr; C:\Windows\System32\drivers\Lachesis.sys [30336 2007-08-17] (Razer (Asia-Pacific) Pte Ltd)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.)
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-07 01:28 - 2015-05-07 01:28 - 00025441 _____ () C:\Users\Robert\Desktop\FRST.txt
2015-05-07 01:27 - 2015-05-07 01:27 - 00000000 ____D () C:\Users\Robert\Desktop\FRST-OlderVersion
2015-05-07 01:23 - 2015-05-07 01:23 - 00001142 _____ () C:\Users\Robert\Desktop\checkup.txt
2015-05-06 14:44 - 2015-05-06 14:44 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-05-06 14:39 - 2015-05-06 14:39 - 02347384 _____ (ESET) C:\Users\Robert\Desktop\esetsmartinstaller_deu.exe
2015-05-06 14:39 - 2015-05-06 14:39 - 00852630 _____ () C:\Users\Robert\Desktop\SecurityCheck.exe
2015-05-05 18:31 - 2015-05-05 18:31 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-ROBERT-PC-Windows-7-Ultimate-(64-bit).dat
2015-05-05 18:31 - 2015-05-05 18:31 - 00000000 ____D () C:\RegBackup
2015-05-05 17:37 - 2015-05-05 17:39 - 00000000 ____D () C:\AdwCleaner
2015-05-05 17:18 - 2015-05-05 17:18 - 02716306 _____ (Thisisu) C:\Users\Robert\Desktop\JRT.exe
2015-05-05 17:17 - 2015-05-05 17:17 - 02204160 _____ () C:\Users\Robert\Desktop\AdwCleaner_4.203.exe
2015-05-04 13:43 - 2015-05-04 13:42 - 00011775 _____ () C:\Users\Robert\Desktop\ComboFix.zip
2015-05-04 13:20 - 2015-05-04 13:20 - 00001421 _____ () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-05-04 13:19 - 2015-05-04 13:19 - 00156788 _____ () C:\ComboFix.txt
2015-05-04 12:56 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-05-04 12:56 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-05-04 12:56 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-05-04 12:56 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-05-04 12:56 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-05-04 12:56 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2015-05-04 12:56 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2015-05-04 12:56 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2015-05-04 12:55 - 2015-05-04 13:19 - 00000000 ____D () C:\Qoobox
2015-05-04 12:51 - 2015-05-04 12:51 - 05619691 ____R (Swearware) C:\Users\Robert\Desktop\ComboFix.exe
2015-05-03 15:03 - 2015-05-03 15:33 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-05-03 15:01 - 2015-05-03 15:33 - 00000000 ____D () C:\Users\Admin\Desktop\mbar
2015-05-03 15:00 - 2015-05-03 15:00 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Robert\Desktop\tdsskiller.exe
2015-05-03 14:59 - 2015-05-03 14:59 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Robert\Desktop\mbar-1.09.1.1004.exe
2015-05-03 02:13 - 2015-02-04 02:00 - 00608072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-05-03 02:07 - 2015-03-14 05:21 - 01632768 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-05-03 02:07 - 2015-03-14 05:21 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-05-03 02:07 - 2015-03-14 05:04 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-05-03 02:07 - 2015-03-14 05:04 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2015-05-03 02:07 - 2015-03-04 06:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-05-03 02:07 - 2015-03-04 06:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-05-03 02:07 - 2015-03-04 06:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-03 02:07 - 2015-03-04 06:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-05-03 02:07 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-05-03 02:07 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-05-03 02:07 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-03 02:07 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-05-03 02:07 - 2015-02-18 09:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-05-03 02:07 - 2015-01-29 05:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-03 02:07 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-05-02 18:20 - 2015-05-02 18:20 - 00077418 _____ () C:\Users\Robert\Desktop\Board.txt
2015-05-02 17:44 - 2015-05-02 17:44 - 01598240 _____ () C:\Windows\Minidump\050215-21746-01.dmp
2015-05-02 17:14 - 2015-05-07 01:28 - 00000000 ____D () C:\FRST
2015-05-02 17:13 - 2015-05-02 17:13 - 00000000 _____ () C:\Users\Admin\defogger_reenable
2015-05-02 00:55 - 2015-05-02 00:55 - 00380416 _____ () C:\Users\Robert\Desktop\Gmer-19357.exe
2015-05-02 00:53 - 2015-05-07 01:27 - 02102272 _____ (Farbar) C:\Users\Robert\Desktop\FRST64.exe
2015-05-02 00:52 - 2015-05-02 00:52 - 00050477 _____ () C:\Users\Robert\Desktop\Defogger.exe
2015-05-01 17:47 - 2015-05-01 17:47 - 00000000 __SHD () C:\Users\Admin\AppData\Local\EmieBrowserModeList
2015-04-15 02:18 - 2015-04-15 02:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-04-14 22:54 - 2015-04-02 02:17 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-14 22:54 - 2015-04-02 01:49 - 00342704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-04-14 22:54 - 2015-03-25 05:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-14 22:54 - 2015-03-25 05:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-14 22:54 - 2015-03-25 05:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-14 22:54 - 2015-03-25 05:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-14 22:54 - 2015-03-25 05:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-14 22:54 - 2015-03-25 05:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-14 22:54 - 2015-03-25 05:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-14 22:54 - 2015-03-25 05:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-14 22:54 - 2015-03-25 05:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-14 22:54 - 2015-03-25 05:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-14 22:54 - 2015-03-25 05:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-14 22:54 - 2015-03-25 05:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-14 22:54 - 2015-03-25 05:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-14 22:54 - 2015-03-25 05:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-14 22:54 - 2015-03-25 05:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-14 22:54 - 2015-03-25 05:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-14 22:54 - 2015-03-23 05:25 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-14 22:54 - 2015-03-23 05:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-14 22:54 - 2015-03-23 05:24 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-14 22:54 - 2015-03-23 05:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-14 22:54 - 2015-03-23 05:24 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-14 22:54 - 2015-03-23 05:24 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-14 22:54 - 2015-03-23 05:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-14 22:54 - 2015-03-23 05:17 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-14 22:54 - 2015-03-17 07:22 - 05557696 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-14 22:54 - 2015-03-17 07:22 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-14 22:54 - 2015-03-17 07:22 - 00095672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-14 22:54 - 2015-03-17 07:19 - 01727904 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-14 22:54 - 2015-03-17 07:17 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-04-14 22:54 - 2015-03-17 07:17 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-14 22:54 - 2015-03-17 07:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-14 22:54 - 2015-03-17 07:16 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-14 22:54 - 2015-03-17 07:16 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-04-14 22:54 - 2015-03-17 07:16 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-14 22:54 - 2015-03-17 07:16 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-04-14 22:54 - 2015-03-17 07:16 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-04-14 22:54 - 2015-03-17 07:16 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-14 22:54 - 2015-03-17 07:16 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-14 22:54 - 2015-03-17 07:16 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-04-14 22:54 - 2015-03-17 07:16 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-04-14 22:54 - 2015-03-17 07:16 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-04-14 22:54 - 2015-03-17 07:16 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-04-14 22:54 - 2015-03-17 07:16 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-04-14 22:54 - 2015-03-17 07:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-04-14 22:54 - 2015-03-17 07:16 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-04-14 22:54 - 2015-03-17 07:16 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-04-14 22:54 - 2015-03-17 07:16 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-04-14 22:54 - 2015-03-17 07:16 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-04-14 22:54 - 2015-03-17 07:16 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-04-14 22:54 - 2015-03-17 07:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-04-14 22:54 - 2015-03-17 07:16 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-04-14 22:54 - 2015-03-17 07:15 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-04-14 22:54 - 2015-03-17 07:15 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-04-14 22:54 - 2015-03-17 07:15 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-04-14 22:54 - 2015-03-17 07:13 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-14 22:54 - 2015-03-17 07:13 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 07:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-04-14 22:54 - 2015-03-17 07:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-04-14 22:54 - 2015-03-17 06:59 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-14 22:54 - 2015-03-17 06:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-04-14 22:54 - 2015-03-17 06:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-04-14 22:54 - 2015-03-17 06:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-04-14 22:54 - 2015-03-17 06:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-04-14 22:54 - 2015-03-17 06:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-04-14 22:54 - 2015-03-17 06:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-04-14 22:54 - 2015-03-17 06:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-04-14 22:54 - 2015-03-17 06:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-04-14 22:54 - 2015-03-17 06:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-04-14 22:54 - 2015-03-17 06:56 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-04-14 22:54 - 2015-03-17 06:56 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-04-14 22:54 - 2015-03-17 06:56 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-04-14 22:54 - 2015-03-17 06:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-04-14 22:54 - 2015-03-17 06:56 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-04-14 22:54 - 2015-03-17 06:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-04-14 22:54 - 2015-03-17 06:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-04-14 22:54 - 2015-03-17 06:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-04-14 22:54 - 2015-03-17 06:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 05:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-04-14 22:54 - 2015-03-17 05:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-04-14 22:54 - 2015-03-17 05:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 05:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 05:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-14 22:54 - 2015-03-17 05:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-14 22:54 - 2015-03-13 06:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-14 22:54 - 2015-03-13 06:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-14 22:54 - 2015-03-13 06:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-04-14 22:54 - 2015-03-13 06:09 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-04-14 22:54 - 2015-03-13 06:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-14 22:54 - 2015-03-13 06:08 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-14 22:54 - 2015-03-13 06:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-04-14 22:54 - 2015-03-13 06:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-14 22:54 - 2015-03-13 06:06 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-04-14 22:54 - 2015-03-13 06:00 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-14 22:54 - 2015-03-13 05:59 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-04-14 22:54 - 2015-03-13 05:55 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-14 22:54 - 2015-03-13 05:54 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-14 22:54 - 2015-03-13 05:54 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-04-14 22:54 - 2015-03-13 05:53 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-04-14 22:54 - 2015-03-13 05:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-14 22:54 - 2015-03-13 05:44 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-14 22:54 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-14 22:54 - 2015-03-13 05:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-04-14 22:54 - 2015-03-13 05:40 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-14 22:54 - 2015-03-13 05:32 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-14 22:54 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-14 22:54 - 2015-03-13 05:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-04-14 22:54 - 2015-03-13 05:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-04-14 22:54 - 2015-03-13 05:27 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-04-14 22:54 - 2015-03-13 05:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-04-14 22:54 - 2015-03-13 05:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-14 22:54 - 2015-03-13 05:26 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-04-14 22:54 - 2015-03-13 05:23 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-14 22:54 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-14 22:54 - 2015-03-13 05:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-04-14 22:54 - 2015-03-13 05:20 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-04-14 22:54 - 2015-03-13 05:17 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-04-14 22:54 - 2015-03-13 05:16 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-04-14 22:54 - 2015-03-13 05:15 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-04-14 22:54 - 2015-03-13 05:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-14 22:54 - 2015-03-13 05:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-14 22:54 - 2015-03-13 05:06 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-04-14 22:54 - 2015-03-13 05:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-14 22:54 - 2015-03-13 05:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-04-14 22:54 - 2015-03-13 05:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-04-14 22:54 - 2015-03-13 05:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-14 22:54 - 2015-03-13 04:57 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-04-14 22:54 - 2015-03-13 04:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-04-14 22:54 - 2015-03-13 04:54 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-04-14 22:54 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-14 22:54 - 2015-03-13 04:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-14 22:54 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-14 22:54 - 2015-03-13 04:43 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-04-14 22:54 - 2015-03-13 04:42 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-04-14 22:54 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-14 22:54 - 2015-03-13 04:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-14 22:54 - 2015-03-13 04:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-14 22:54 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-14 22:54 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-14 22:54 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-14 22:54 - 2015-03-10 05:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-14 22:54 - 2015-03-10 05:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-14 22:54 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-04-14 22:54 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-04-14 22:54 - 2015-03-05 07:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-14 22:54 - 2015-03-05 06:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-04-14 22:54 - 2015-02-25 05:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-14 22:53 - 2015-03-04 06:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-14 22:53 - 2015-03-04 06:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-14 22:53 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-07 03:00 - 2015-04-07 03:00 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-04-07 03:00 - 2015-04-07 03:00 - 00000000 ___SD () C:\Windows\system32\GWX

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-07 00:37 - 2014-11-26 18:19 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-07 00:33 - 2012-09-16 14:47 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-908869703-3165420859-1136871304-1000UA.job
2015-05-07 00:33 - 2012-09-16 14:47 - 00001072 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-908869703-3165420859-1136871304-1000Core.job
2015-05-07 00:31 - 2009-12-11 17:59 - 00017680 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-07 00:31 - 2009-12-11 17:59 - 00017680 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-07 00:26 - 2009-12-11 18:22 - 01905157 _____ () C:\Windows\WindowsUpdate.log
2015-05-07 00:23 - 2014-01-18 16:26 - 23874814 _____ () C:\Windows\setupact.log
2015-05-07 00:23 - 2009-08-13 23:46 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-05-07 00:22 - 2012-11-24 17:45 - 00000000 ____D () C:\ProgramData\VMware
2015-05-07 00:22 - 2009-08-05 20:07 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-05-07 00:22 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-06 19:46 - 2010-03-07 04:07 - 00003938 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{17212944-8BF8-4509-BFF6-0D177AC05DDE}
2015-05-06 14:44 - 2009-07-14 19:58 - 00747994 _____ () C:\Windows\system32\perfh007.dat
2015-05-06 14:44 - 2009-07-14 19:58 - 00170676 _____ () C:\Windows\system32\perfc007.dat
2015-05-06 14:44 - 2009-07-14 07:13 - 01751948 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-05 17:47 - 2014-05-24 14:30 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-04 13:42 - 2009-08-05 19:41 - 00000000 ____D () C:\Users\Robert\AppData\Local\VirtualStore
2015-05-04 13:22 - 2014-01-18 16:25 - 00019330 _____ () C:\Windows\PFRO.log
2015-05-04 13:20 - 2014-01-30 00:19 - 00000000 ____D () C:\Users\Admin
2015-05-04 13:20 - 2009-07-14 06:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-05-04 13:07 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2015-05-04 12:55 - 2014-01-25 14:10 - 00000000 ____D () C:\Windows\erdnt
2015-05-03 15:17 - 2014-05-24 14:30 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-05-03 15:17 - 2013-04-19 19:24 - 00798720 ___SH () C:\Users\Robert\Thumbs.db
2015-05-03 03:02 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2015-05-03 03:01 - 2012-11-24 17:51 - 00000000 ____D () C:\Users\Robert\AppData\Local\VMware
2015-05-03 02:19 - 2009-12-11 18:02 - 01725292 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-05-03 02:13 - 2012-11-02 21:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-05-03 02:13 - 2009-10-24 18:27 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-05-03 02:05 - 2012-11-24 17:51 - 00000000 ____D () C:\Users\Robert\AppData\Roaming\VMware
2015-05-02 17:44 - 2014-05-02 19:13 - 537211074 _____ () C:\Windows\MEMORY.DMP
2015-05-02 17:44 - 2010-12-15 23:23 - 00000000 ____D () C:\Windows\Minidump
2015-05-02 17:14 - 2014-01-18 16:38 - 00067816 _____ () C:\Users\Robert\AppData\Local\GDIPFONTCACHEV1.DAT
2015-05-02 01:54 - 2014-07-30 19:38 - 00000000 ____D () C:\Users\Robert\AppData\Roaming\vlc
2015-05-02 01:05 - 2012-11-04 06:16 - 00000000 ___RD () C:\Users\Robert\Desktop\Desktop für den ganzen Schrott
2015-05-01 20:26 - 2014-01-18 16:25 - 00315456 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-01 20:23 - 2009-08-14 00:20 - 00000000 ____D () C:\Users\Robert\AppData\Local\GameSpy
2015-05-01 18:12 - 2013-07-12 16:37 - 00000000 ____D () C:\Program Files\TortoiseSVN
2015-05-01 18:11 - 2012-11-13 16:40 - 00000000 ____D () C:\Program Files\EslWire
2015-05-01 18:10 - 2011-10-01 15:56 - 00000000 ____D () C:\ProgramData\Origin
2015-05-01 18:05 - 2014-05-29 17:15 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2015-05-01 18:03 - 2014-10-25 17:12 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2015-05-01 18:02 - 2014-04-24 06:53 - 00000000 ____D () C:\ProgramData\Apple
2015-05-01 18:02 - 2013-07-12 15:27 - 00000000 ____D () C:\Users\Robert\AppData\Local\Package Cache
2015-05-01 17:53 - 2010-03-12 21:48 - 00000000 ____D () C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-05-01 17:45 - 2013-09-15 16:53 - 00000000 ____D () C:\Users\Robert\AppData\Local\Deployment
2015-05-01 17:42 - 2009-08-05 19:56 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-05-01 17:41 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-04-30 22:35 - 2012-09-16 15:21 - 00002362 _____ () C:\Users\Robert\Desktop\Google Chrome.lnk
2015-04-26 15:32 - 2014-05-24 14:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-04-26 15:32 - 2014-05-24 14:30 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-04-26 15:32 - 2014-01-30 21:39 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-04-25 09:02 - 2013-07-12 16:42 - 00000000 ____D () C:\Users\Robert\AppData\Local\TSVNCache
2015-04-23 03:29 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-04-16 00:55 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-04-16 00:52 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat
2015-04-15 14:28 - 2014-12-11 23:15 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-15 14:28 - 2014-05-02 23:57 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-15 02:18 - 2013-01-26 17:01 - 00002697 _____ () C:\Users\Public\Desktop\Skype.lnk
2015-04-15 02:18 - 2011-05-12 19:30 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-04-15 02:18 - 2009-08-13 22:42 - 00000000 ____D () C:\ProgramData\Skype
2015-04-15 02:17 - 2013-08-17 04:45 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-15 01:58 - 2010-01-14 18:47 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-14 09:37 - 2014-05-24 14:30 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-04-14 09:37 - 2014-01-26 15:10 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

==================== Files in the root of some directories =======

2011-07-06 20:20 - 2012-07-03 16:41 - 0168864 _____ () C:\Program Files\Common Files\WireHelpSvc.exe
2009-12-27 01:33 - 2009-12-27 01:33 - 0000056 ____H () C:\ProgramData\ezsidmv.dat

Some content of TEMP:
====================
C:\Users\Admin\AppData\Local\temp\Quarantine.exe
C:\Users\Admin\AppData\Local\temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-04 00:05

==================== End Of Log ============================
--- --- ---

--- --- ---


Der Rest folgt in einem 2. Beitrag.

Alt 07.05.2015, 00:45   #15
Necro0
 
Windows 7: Spiele starten nicht mehr und PC starten funktioniert manchmal nicht - Standard

Windows 7: Spiele starten nicht mehr und PC starten funktioniert manchmal nicht


Addition

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-05-2015 01
Ran by Admin at 2015-05-07 01:29:01
Running from C:\Users\Robert\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Admin (S-1-5-21-908869703-3165420859-1136871304-1012 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-908869703-3165420859-1136871304-500 - Administrator - Disabled)
ASPNET (S-1-5-21-908869703-3165420859-1136871304-1002 - Limited - Enabled)
Gast (S-1-5-21-908869703-3165420859-1136871304-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-908869703-3165420859-1136871304-1005 - Limited - Enabled)
Robert (S-1-5-21-908869703-3165420859-1136871304-1000 - Limited - Enabled) => C:\Users\Robert

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.36 beta (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Flash Player 15 Plugin (HKLM-x32\...\{F1410A0A-8205-4D45-BF2B-9C7ACB2F4B24}) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Badaboom 1.1.1.241 (HKLM-x32\...\Badaboom) (Version: 1.1.1.241 - Elemental Technologies)
CDDRV_Installer (Version: 4.60 - Logitech) Hidden
Cool & Quiet (HKLM-x32\...\{1ADE1AA0-7F82-4BB1-B1BD-727DE438057B}) (Version:  - )
cyberJack Base Components (HKLM-x32\...\{FC338210-F594-11D3-BA24-00001C3AB4DF}) (Version: 6.10.0 - REINER SCT)
DivX Converter (HKLM-x32\...\{B13A7C41581B411290FBC0395694E2A9}) (Version: 7.1.0 - DivX, Inc.)
DivX Plus DirectShow Filters (HKLM-x32\...\DivX Plus DirectShow Filters) (Version:  - DivX, Inc.)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.100 - DivX, LLC)
EasyBits GO (HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\Game Organizer) (Version:  - EasyBits Media)
EPU-6 Engine (HKLM-x32\...\{56B83336-FBC1-4C46-8613-90A9E3B440D6}) (Version: 1.00.28 - )
erLT (x32 Version: 1.20.0137 - Logitech, Inc.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
EXPERTool 7.5 (HKLM-x32\...\EXPERTool_is1) (Version:  - Gainward Co., Ltd)
Express Gate Updater (HKLM-x32\...\{30E1022C-17EB-482A-8C82-16B79B98C4E4}) (Version: 1.1.1.2 - DeviceVM)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{3E6F0CAD-EE38-42A5-9EEA-AE17A55BF2D4}) (Version: 2.1.23.0 - MAGIX AG)
Google Chrome (HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\Google Chrome) (Version: 42.0.2311.135 - Google Inc.)
Google Update Helper (x32 Version: 1.3.21.111 - Google Inc.) Hidden
Host OpenAL (ADI) (HKLM-x32\...\Host OpenAL (ADI)) (Version:  - )
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{6F6873E3-5C92-4049-B511-231A138DD090}) (Version: 14.0.0.4651 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 14.0.0.4651 - Kaspersky Lab) Hidden
KhalInstallWrapper (Version: 2.00.0000 - Logitech) Hidden
Logitech SetPoint (HKLM-x32\...\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}) (Version: 4.80 - Logitech)
MAGIX Screenshare (HKLM-x32\...\MAGIX Screenshare D) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Speed burnR (HKLM-x32\...\MAGIX Speed burnR D) (Version: 7.0.2.7 - MAGIX AG)
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB953297) (HKLM-x32\...\M953297) (Version:  - )
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NCsoft Launcher (HKLM-x32\...\{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}) (Version: 1.5.19002 - NCsoft)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.5 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.44 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.44 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
OpenOffice 4.0.0 (HKLM-x32\...\{B28DBCBA-60F8-40ED-B35B-F510C327946C}) (Version: 4.00.9702 - Apache Software Foundation)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.3.6.0 - Pando Networks Inc.)
Profi cash (HKLM-x32\...\Profi cash) (Version:  - )
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.6.8442 - Skype Technologies S.A.)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SoundMAX (HKLM-x32\...\{F0A37341-D692-11D4-A984-009027EC0A9C}) (Version: 6.10.2.6520 - Analog Devices)
SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.13.1 - TeamSpeak Systems GmbH)
TuneUp Utilities Language Pack (de-DE) (x32 Version: 10.0.4410.1 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 12.0.2160.11 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 9.0.5100.2 - TuneUp Software) Hidden
TurboV (HKLM-x32\...\{A31951C5-DCD8-4DFE-A525-CFC701F54792}) (Version: 1.00.17 - )
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VMware Player (HKLM-x32\...\VMware_Player) (Version: 6.0.1 - VMware, Inc)
VMware Player (Version: 6.0.1 - VMware, Inc.) Hidden
vReveal (HKLM-x32\...\vReveal) (Version:  - MotionDSP)
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinPcap 4.1.1 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.1753 - CACE Technologies)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

03-04-2015 22:08:37 Windows Update
07-04-2015 03:00:15 Windows Update
10-04-2015 19:53:07 Windows Update
14-04-2015 22:53:17 Windows Update
15-04-2015 01:54:56 Windows Update
21-04-2015 16:31:12 Windows Update
30-04-2015 16:49:27 Windows Update
01-05-2015 17:38:20 Removed TortoiseSVN 1.8.0.24401 (64 bit)
01-05-2015 17:39:39 Removed Bonjour
01-05-2015 17:40:05 Removed Apple Software Update
01-05-2015 17:42:01 Removed Ubisoft Game Launcher
01-05-2015 17:48:13 Removed Apple Mobile Device Support
01-05-2015 17:48:52 Counter-Strike: Source wird entfernt
01-05-2015 17:54:41 Steam(TM) wird entfernt
01-05-2015 17:55:48 Steam(TM) wird entfernt
01-05-2015 18:02:23 Removed Apple Application Support
01-05-2015 18:03:06 Removed QuickTime 7
01-05-2015 18:03:51 Removed iTunes
01-05-2015 18:12:00 Removed TortoiseSVN 1.8.0.24401 (64 bit)
01-05-2015 20:22:43 Removed GameSpy Comrade.
03-05-2015 02:07:44 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 14:34 - 2015-05-04 13:07 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {017BF6ED-054F-4411-8850-485DA80CA0B5} - System32\Tasks\{0E973118-9199-4BDF-8BD9-91C09EABEC8C} => pcalua.exe -a "E:\Programme\Battlefield Bad Company 2\pb\pbsetup.exe" -d "E:\Programme\Battlefield Bad Company 2\pb"
Task: {075D7D6F-7EFB-4F13-BFD5-91EA80696D0B} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation)
Task: {08631979-D016-4152-A093-6D3E4F4E7A12} - System32\Tasks\SVN Update2 => E:\SVN Update2.bat
Task: {09112DFE-1094-4C4C-B798-595E168B9ADA} - System32\Tasks\{8A940E43-868F-4F05-86AE-AE49B3959701} => pcalua.exe -a C:\Windows\system32\Lachesis.cpl -c Lachesis
Task: {0E94E595-D945-471C-B06A-E56FD7FF83C7} - System32\Tasks\{4FFD9F72-D42C-4AAB-98A5-8ED4F6AEEE5C} => pcalua.exe -a C:\Users\Robert\Downloads\installer\bde.exe -d C:\Users\Robert\Downloads\installer
Task: {13A36FA7-B51E-42A7-A24C-6928FFE7F87D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-908869703-3165420859-1136871304-1000Core => C:\Users\Robert\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-16] (Google Inc.)
Task: {15E757FE-CA07-40D1-9F1D-10B27CF947A3} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {18010635-0EE2-4B03-9EA6-30B0C50C7AA2} - System32\Tasks\{90A3A757-3A64-445C-B407-B3956DB512CD} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
Task: {185BBCC6-9B25-4AA5-8140-FEA91F0FDB77} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-12-21] (Adobe Systems Incorporated)
Task: {1F118039-491C-4C69-A79F-079D0C6DB516} - System32\Tasks\{0EBBB489-CB9C-45B4-9BD3-6501EF4B66D8} => pcalua.exe -a C:\Users\Robert\Downloads\installer\WC3Banlist_3.0.exe -d C:\Users\Robert\Downloads\installer
Task: {3A567034-CC11-4DD3-AB1E-6CC06C3E852A} - System32\Tasks\{CAE3D0C9-E6C9-48B2-84E5-8FCD07F042A0} => pcalua.exe -a "C:\Program Files\NVIDIA Corporation\3D Emitter\nvUSBInst.exe" -d "C:\Program Files\NVIDIA Corporation\3D Emitter"
Task: {3BE67737-A7A8-4186-AE85-99C5B26A9113} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-908869703-3165420859-1136871304-1000UA => C:\Users\Robert\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-16] (Google Inc.)
Task: {3EC05D4E-9136-4550-860D-52BB7A855A83} - System32\Tasks\{AE7222BC-ADDD-4759-A859-85B9C2A68C59} => pcalua.exe -a C:\Users\Robert\Desktop\2.17.06\Setup.exe -d C:\Users\Robert\Desktop\2.17.06
Task: {4998CC9B-3709-4B00-8FE1-169FCE83C4D6} - System32\Tasks\{F3B8E413-8909-4156-A231-D8F860CD7D2A} => pcalua.exe -a C:\Users\Robert\Downloads\installer\Lachesis_win7_(compatible_only)_driver_v1.10_Eng.exe -d C:\Users\Robert\Downloads\installer
Task: {4C0E5B45-8EB2-4F5D-B752-ED53133328B6} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe
Task: {4C2F3E75-29AC-4B0E-BB2B-6AE7C8756AF2} - System32\Tasks\{B37E03D7-724D-4ED6-A0C3-B870D6690AA1} => C:\Program Files (x86)\ASUS\EPU-6 Engine\SixEngine.exe [2008-11-13] ()
Task: {4F814AB8-EA3A-4587-B9FD-BBF302E0FE65} - System32\Tasks\{B60632FC-CD32-4786-B57E-6F6D7D05B405} => C:\Program Files (x86)\ASUS\EPU-6 Engine\SixEngine.exe [2008-11-13] ()
Task: {770355DE-8AC5-46CE-BBE4-D713197CD451} - System32\Tasks\{A62795F6-793A-4AC8-9330-D290B3EEBC9A} => pcalua.exe -a "E:\programme\steam\steamapps\common\left 4 dead 2\bin\addoninstaller.exe" -d "e:\programme\steam\steamapps\common\left 4 dead 2" -c /register
Task: {7F5D8CCF-8D6C-49EE-B06A-73A1EAD7D24F} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {830998AC-4D46-484A-AA33-5DF38748633E} - System32\Tasks\DivX-Online-Aktualisierungsprogramm => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2014-01-10] ()
Task: {8B2736AE-5EE0-48DF-8016-40D52DE02B63} - System32\Tasks\{6C51A44D-7FE4-4948-AFED-2C754C2F1F14} => pcalua.exe -a D:\Installer.exe -d D:\
Task: {8F5F9978-92E6-4069-9DE2-9E5F1958EE50} - System32\Tasks\{B652ED8D-E3B5-4152-982C-1382E64A6802} => pcalua.exe -a E:\Programme\WC3Banlist\WC3Banlist.exe -d E:\Programme\WC3Banlist
Task: {90F5E964-C187-40A6-A384-1CF67A1D603D} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-03-18] (Oracle Corporation)
Task: {95C6CA51-3E2A-47DE-9288-024625960618} - System32\Tasks\{DCED82F0-7941-43D4-BB72-5307D26CA57A} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
Task: {9B34B395-2186-49B7-B5EB-CF53607FE0E9} - System32\Tasks\Google Updater and Installer => C:\Users\Robert\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-16] (Google Inc.)
Task: {A6651D8F-83E0-4A57-9E78-6B6803C1E6A8} - System32\Tasks\SVN Update => E:\SVN Update.bat
Task: {AE17272F-8E41-4056-B822-354581F6C6E2} - System32\Tasks\{DCE9D458-5A5C-4C33-B054-1E531B793694} => C:\Program Files (x86)\ASUS\EPU-6 Engine\SixEngine.exe [2008-11-13] ()
Task: {AEF9163C-2714-4A2E-802D-7A436580359D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-09] (Adobe Systems Incorporated)
Task: {AFB39AE5-3A9F-40B0-8E7A-542BCE86D1BA} - System32\Tasks\{3F697A2A-3AEF-4047-8F2E-CA2F16595686} => pcalua.exe -a D:\Setup.exe -d D:\
Task: {C15A9275-9D3A-49A2-9FAE-ECBE177427D5} - System32\Tasks\{862D60CD-E564-4C01-9101-9AF7AD4B6E2B} => E:\Programme\HoN\hon.exe
Task: {C15F8E8F-C064-4FEB-AF1A-4C3ACC1A2649} - System32\Tasks\Microsoft\Windows\Wired\GatherWiredInfo => C:\Windows\system32\gatherWiredInfo.vbs
Task: {C1DA5514-9A37-4F60-BBA6-43C5C089DBE2} - System32\Tasks\{6CF4C697-7C64-4695-96EC-E76CDC33BDAD} => pcalua.exe -a "C:\Users\Robert\Downloads\wow addons\Offi\setup.exe" -d "C:\Users\Robert\Downloads\wow addons\Offi"
Task: {C28278BF-1ABF-4595-BB2A-15201DDF25E3} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs
Task: {C592C51D-489B-4B85-BE20-EF6F489FD5E1} - System32\Tasks\ASUS\ASUS SIX Engine => C:\Program Files (x86)\ASUS\EPU-6 Engine\SixEngine.exe [2008-11-13] ()
Task: {CD093164-F8E4-465C-868B-E0A6ED381B41} - System32\Tasks\{B0D03894-D0B5-4529-8217-8B30C0B70F7B} => pcalua.exe -a C:\Users\Robert\Downloads\installer\DivXInstaller.exe -d C:\Users\Robert\Downloads\installer
Task: {D364ACBB-F916-42B6-B23B-6D2CFFB421F6} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {DC69638B-35B6-4932-A742-8CF09EA335AD} - System32\Tasks\{DFB05294-0DC7-4FEE-9B93-42EC5DC53F4C} => C:\Program Files (x86)\ASUS\EPU-6 Engine\SixEngine.exe [2008-11-13] ()
Task: {DEC6077F-9A09-4C78-B0B7-4810075327AD} - System32\Tasks\{6DD6A043-E231-4A58-BE82-F905C24D3A73} => pcalua.exe -a D:\Installer.exe -d D:\
Task: {E32DBEBF-712F-4796-89E0-2344E2F13E55} - System32\Tasks\{FF3960FF-32B3-4FE0-B52A-6492FB5EB66A} => pcalua.exe -a "C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktopSetup.exe" -c -uninstall
Task: {EAF095B1-6733-4C4C-9EF5-C99A0A422071} - System32\Tasks\{D50278D1-5745-42A5-BC70-BC28F00EC00D} => pcalua.exe -a "C:\Users\Robert\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -c -uninstall -launchrunonce:false
Task: {FC23F25B-C08F-4460-915A-B05E68940A78} - System32\Tasks\{4508EB49-3357-4153-8ED6-C4F285F9B56D} => pcalua.exe -a C:\Windows\SysWOW64\BDEADMIN.CPL -c BDE-Verwaltung
Task: {FE8DADA4-6A6E-4C0D-ABDE-33260E02D8CC} - System32\Tasks\{931A7744-FD78-4DAD-8FC9-8F03E9A1A980} => pcalua.exe -a C:\Users\Robert\Downloads\installer\pbsetup_3.2.exe -d C:\Users\Robert\Downloads\installer
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-908869703-3165420859-1136871304-1000Core.job => C:\Users\Robert\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-908869703-3165420859-1136871304-1000UA.job => C:\Users\Robert\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2011-10-02 01:24 - 2015-02-04 04:21 - 00115400 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2008-08-15 10:23 - 2008-08-15 10:23 - 00086016 ____R () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.00\AsSysCtrlService.exe
2012-06-18 17:24 - 2012-06-18 17:24 - 00222720 _____ () E:\Programme\Notepad++\NppShell_05.dll
2009-08-13 23:12 - 2014-02-22 01:14 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2009-09-14 14:08 - 2009-07-20 12:35 - 00018960 _____ () C:\Program Files (x86)\Logitech\SetPoint\khalwrapper.dll
2009-08-05 19:58 - 2008-10-21 22:14 - 04040192 _____ () C:\Program Files (x86)\ASUS\TurboV\TurboV.exe
2009-08-13 21:57 - 2009-07-20 04:00 - 00077824 _____ () C:\Program Files (x86)\Logitech\SetPoint\x86\SetPoint32.exe
2013-05-08 15:52 - 2013-05-08 15:52 - 01270464 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\kpcengine.2.3.dll
2013-06-17 13:35 - 2013-06-17 13:35 - 00478400 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\dblite.dll
2014-03-28 19:45 - 2007-05-31 08:38 - 00167936 ____N () C:\Windows\SysWOW64\SerialXP.dll
2009-08-05 20:01 - 1998-10-31 10:55 - 00005120 _____ () C:\Program Files (x86)\EXPERTool\TBManage.dll
2009-08-05 19:58 - 2005-05-11 16:39 - 00565248 _____ () C:\Program Files (x86)\ASUS\TurboV\pngio.dll
2009-08-05 19:58 - 2008-09-04 17:42 - 01126912 _____ () C:\Program Files (x86)\ASUS\TurboV\OcProfile.dll
2009-08-05 19:58 - 2008-08-21 15:19 - 00126976 _____ () C:\Program Files (x86)\ASUS\TurboV\TVOCLIB.DLL
2013-10-18 13:46 - 2013-10-18 13:46 - 01260624 _____ () C:\Program Files (x86)\VMware\VMware Player\libxml2.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:24721E3C
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-908869703-3165420859-1136871304-1000\...\100sexlinks.com -> 100sexlinks.com

There are 6052 more restricted sites.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-908869703-3165420859-1136871304-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-908869703-3165420859-1136871304-1012\Control Panel\Desktop\\Wallpaper -> C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: EslWireHelper => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: Secunia PSI Agent => 2
MSCONFIG\Services: Secunia Update Agent => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk => C:\Windows\pss\Secunia PSI Tray.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Robert^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Zahlungserinnerung.lnk => C:\Windows\pss\Zahlungserinnerung.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: DivXMediaServer => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: iTunesHelper => "E:\Programme\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Kernel and Hardware Abstraction Layer => KHALMNPR.EXE
MSCONFIG\startupreg: Lachesis => E:\Programme\Razer\razerhid.exe                                                                                                                                                                                                                                          
MSCONFIG\startupreg: Pando Media Booster => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SoundMAX => "C:\Program Files (x86)\Analog Devices\SoundMAX\soundmax.exe" /tray

==================== FirewallRules (whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [UDP Query User{F91435D9-EFCF-4B87-830F-35F165F16C90}C:\users\robert\temp\teamviewer\version4\teamviewer.exe] => (Allow) C:\users\robert\temp\teamviewer\version4\teamviewer.exe
FirewallRules: [TCP Query User{E63063BD-85C9-4DF0-A724-E3E147D19CE6}C:\users\robert\temp\teamviewer\version4\teamviewer.exe] => (Allow) C:\users\robert\temp\teamviewer\version4\teamviewer.exe
FirewallRules: [UDP Query User{C2C5EBED-5553-4A54-9CDD-D48371624776}C:\program files (x86)\mirc\mirc.exe] => (Allow) C:\program files (x86)\mirc\mirc.exe
FirewallRules: [TCP Query User{82204638-2C30-4051-9520-BC3BF6AB2A31}C:\program files (x86)\mirc\mirc.exe] => (Allow) C:\program files (x86)\mirc\mirc.exe
FirewallRules: [{F9D8C60D-0A2F-4404-97BA-7831E3DEF19C}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [{66742885-3FC3-4A8B-A5A2-15836F425280}] => (Allow) C:\Users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-3.2.2.10482-to-3.2.2.10505-deDE-downloader.exe
FirewallRules: [{1F884B59-E7F4-4485-9B6F-F81DFE97BC6F}] => (Allow) C:\Users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-3.2.2.10482-to-3.2.2.10505-deDE-downloader.exe
FirewallRules: [{E56F2280-E745-41E3-A852-E57E71D1BA19}] => (Allow) C:\Users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-3.2.0.10314-to-3.2.2.10482-deDE-downloader.exe
FirewallRules: [{77893C14-69D7-4848-98E1-0326A99716DD}] => (Allow) C:\Users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-3.2.0.10314-to-3.2.2.10482-deDE-downloader.exe
FirewallRules: [{FE9B1925-B483-4D71-ACF0-7A0FD79C49EE}] => (Allow) C:\Users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-deDE-downloader.exe
FirewallRules: [{BD8666CE-3803-493E-879A-8080BD25FA0E}] => (Allow) C:\Users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-deDE-downloader.exe
FirewallRules: [{0CDCF451-A779-4CA8-8000-1ED097E7B175}] => (Allow) C:\Users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-3.1.3.9947-to-3.2.0.10192-deDE-downloader.exe
FirewallRules: [{1A7A5E6C-C56E-4B42-ADB9-3CC5DD3557D1}] => (Allow) C:\Users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-3.1.3.9947-to-3.2.0.10192-deDE-downloader.exe
FirewallRules: [{71F5ACEA-7C42-4ED7-9E91-18CCFCEFAD36}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{48B7474E-46AD-4543-A5C8-33E81A925AA8}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{4914B35F-7DCC-4390-B404-EA41E11B76AF}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{EA50682F-0A05-40E9-BEC1-D398ACA658B7}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{5878656F-0A36-4CBD-BD15-C8969D86F625}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{5A72A216-F6BC-440E-ABDC-3345A364BB21}] => (Allow) LPort=56858
FirewallRules: [{63350A18-1188-417D-B57E-1BA705215ACF}] => (Allow) LPort=56858
FirewallRules: [{EBE548F9-DF2A-4E59-BCCE-B2E559D1CAC9}] => (Allow) LPort=56858
FirewallRules: [{EE3C615D-F9A0-4C1B-99B9-8B2930424F6D}] => (Allow) LPort=56858
FirewallRules: [{FAAB74B4-9B1B-4E4B-A048-EFEE9DBBD736}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{48FF4247-C741-4CDF-ABCF-B0A750B1C149}] => (Allow) E:\Programme\Steam\SteamApps\faceman765\counter-strike\hl.exe
FirewallRules: [{41D898FB-3FD4-43DB-9570-7E5AB2044CFD}] => (Allow) E:\Programme\Steam\SteamApps\faceman765\counter-strike\hl.exe
FirewallRules: [{02338F63-67B0-4DAB-88FA-9EFC32A08333}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{2E67C032-4394-48F7-99DB-22FDE22F276C}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{48DE4895-3C8F-4B30-ABCF-62517F549A02}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{82EC6C03-9B87-474C-B1FD-548C89E42A21}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{A6D8FA07-2CD0-4D28-84EA-39F264EBB354}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{CFE66C94-772C-475E-8EED-73CD3419B7EF}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{7431BAD5-56DA-4A83-AB8A-211F29DF2CF9}] => (Allow) E:\Programme\Assassins Creed Revelations\ACRSP.exe
FirewallRules: [{C65BC40E-335F-4F57-A68E-8A7EEC9A8219}] => (Allow) E:\Programme\Assassins Creed Revelations\ACRSP.exe
FirewallRules: [{10B42EF3-AC83-42D1-BF2D-21856E8629F2}] => (Allow) E:\Programme\Assassins Creed Revelations\ACRMP.exe
FirewallRules: [{6BCD06D9-FC41-4593-981C-D6C4F653A86A}] => (Allow) E:\Programme\Assassins Creed Revelations\ACRMP.exe
FirewallRules: [{32C18A5B-E2CD-4F20-9C87-170CF26431F2}] => (Allow) E:\Programme\Assassins Creed Revelations\AssassinsCreedRevelations.exe
FirewallRules: [{B8316D37-B419-422B-86B9-B37E23E7823C}] => (Allow) E:\Programme\Assassins Creed Revelations\AssassinsCreedRevelations.exe
FirewallRules: [{89BD3FC3-0271-4212-8F61-033FD952115E}] => (Allow) E:\Programme\Steam\SteamApps\faceman765\counter-strike\hl.exe
FirewallRules: [{6AE83308-54B1-48E0-B28F-1D2BC0F3746D}] => (Allow) E:\Programme\Steam\SteamApps\faceman765\counter-strike\hl.exe
FirewallRules: [{FCB47402-BB77-4866-A553-BDE0F19C8595}] => (Allow) E:\Programme\Battlefield 3\Battlefield 3\bf3.exe
FirewallRules: [{60A1774B-BAEF-46BA-9E6B-FC3EBC040891}] => (Allow) E:\Programme\Battlefield 3\Battlefield 3\bf3.exe
FirewallRules: [{FA4013BB-3800-446E-9311-E653CAB74871}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{3771E463-FEE5-43D0-9F0D-948035B92C5A}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{4B597462-88A5-4C60-AFDF-F015891BB021}] => (Allow) E:\Programme\Steam\SteamApps\common\Sniper Elite V2\bin\SniperEliteV2.exe
FirewallRules: [{D66E25A4-B16B-4C3E-8D51-0A44584228AA}] => (Allow) E:\Programme\Steam\SteamApps\common\Sniper Elite V2\bin\SniperEliteV2.exe
FirewallRules: [{A337226D-7B68-484F-9466-E095117D8425}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{2AD8D3DD-4AD8-4048-8345-3D37E528DBDC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{27A8C16C-BA10-46E4-BE00-AC8BB4DE7A8D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{0BCF7845-D89E-408A-8A0F-EB4128C4DBFC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{44D65810-E33D-4685-8623-B1AFD78360AF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{456D7F90-C137-4E13-9C40-9C66587246FD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{026185A2-534E-41F8-A898-8603B5D0BD3F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{6F6E36DA-2530-485D-BFB7-9697ACE388B0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D7006922-8871-4D32-BBE1-FC32E7F1C2E1}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
FirewallRules: [{6E6826D7-791E-4BD0-B92C-40108BC8FD64}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
FirewallRules: [{E869C5EC-E6DB-490C-AB8F-48D5D1C11A6D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{1221DEF1-5A0E-4F46-8C26-9A0095825751}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{F8CAFBAD-A8C4-489C-ADEE-A0647CF99A64}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{DA4193BF-CE30-4D5A-B82E-F1B864AB9CE9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{62696D86-6B83-4B64-B95C-A88C88D061CA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{DEB90366-F380-4E32-8389-C00F55593FCE}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{37886D58-60FB-4ED8-A03F-8C433025B617}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{405E7D2D-ECA7-4D53-B9E7-3EDAF2DF13AA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{9C6605B1-FE3F-4ABA-B59E-374551AE6897}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D91CBCF8-F6BE-49A6-A3D2-0A3FE24E3D7F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{473D944F-BB8A-4BB5-852E-413EBB655A5C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{4AFB9732-DF57-40B2-8954-65EBF31B0487}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{17B1C777-B812-4FD1-B8B5-9635143F43C4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{E48AA2BD-35FB-4936-85DE-2F13F5A5CE96}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{B485A384-48D7-4D88-B0D5-DF10274C0076}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{70BE2044-2B2A-493B-B984-6819B8CEC8FC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{083D1EF7-926E-4AB2-95F0-C0FBC9C1700B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{6EDA2D60-47B7-46F9-8A29-9D5A5A19646C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{F2CF4B3F-F58A-433B-ABCF-72864FBDA07B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{8ED19118-BD87-4381-801F-F5CF0583E1D1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{B1C6C7EE-94FD-4E62-9D89-6A0A2B8076EF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{9B2DF132-71A0-4C96-8408-76DF35296A26}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{32B86F39-66A3-45FB-9B31-CC8896911AFF}] => (Allow) E:\Programme\Steam\Steam.exe
FirewallRules: [{4441E7F4-C7AA-49C0-AFAB-EAE23100DD9C}] => (Allow) E:\Programme\Steam\Steam.exe
FirewallRules: [{45AEE704-4C54-41C2-B299-51963F6B79CE}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{FD87B08C-8CBD-422F-8DF1-65750EF90C85}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{D48AD544-77EA-45EF-8B10-6017C3B4C845}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{7423AD7A-8403-4D95-BB89-78A3B1A5C192}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{7642A794-A94F-499C-A47C-92EC06C3E262}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D31C8B03-01B1-4985-83F1-4BA51DE20664}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{2136A4FD-28A7-41EB-B424-D8B9B6F2E48A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{3AFBBA99-AECF-4438-9C4C-A7FD686FE403}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{15AB8819-E36E-49EA-8FE3-5D3130B87272}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{43204974-2C1B-4C42-A97E-42B88F9A12F6}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{2690488B-3CB4-4407-A03F-8647D4A4FAC4}] => (Allow) E:\Programme\Steam\bin\steamwebhelper.exe
FirewallRules: [{58BDE336-E03D-46CF-96D5-0249FE6CE4EB}] => (Allow) E:\Programme\Steam\bin\steamwebhelper.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/07/2015 00:53:03 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "UCCAPI,processorArchitecture="x86",type="win32",version="2.0.0.0"1".
Die abhängige Assemblierung "UCCAPI,processorArchitecture="x86",type="win32",version="2.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (05/07/2015 00:53:02 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (05/07/2015 00:52:53 AM) (Source: SideBySide) (EventID: 75) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Mehrere requestedPrivileges-Elemente sind nicht im Manifest zulässig.

Error: (05/07/2015 00:24:24 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/06/2015 02:44:20 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (05/06/2015 02:44:16 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (05/06/2015 02:44:16 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (05/06/2015 02:40:44 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (05/06/2015 01:51:33 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "UCCAPI,processorArchitecture="x86",type="win32",version="2.0.0.0"1".
Die abhängige Assemblierung "UCCAPI,processorArchitecture="x86",type="win32",version="2.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (05/06/2015 01:51:23 PM) (Source: SideBySide) (EventID: 75) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Mehrere requestedPrivileges-Elemente sind nicht im Manifest zulässig.


System errors:
=============
Error: (05/06/2015 02:43:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "MBAMService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/06/2015 02:43:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "MBAMScheduler" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/06/2015 02:41:57 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk4\DR4 gefunden.

Error: (05/06/2015 02:41:56 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk4\DR4 gefunden.

Error: (05/06/2015 02:41:56 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk4\DR4 gefunden.

Error: (05/06/2015 02:41:55 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk4\DR4 gefunden.

Error: (05/05/2015 06:31:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/05/2015 06:31:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "VMware DHCP Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/05/2015 06:31:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "VMware Authorization Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/05/2015 06:31:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "VMware NAT Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 1000 Millisekunden durchgeführt: Neustart des Diensts.


Microsoft Office Sessions:
=========================
Error: (05/07/2015 00:53:03 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: UCCAPI,processorArchitecture="x86",type="win32",version="2.0.0.0"c:\program files (x86)\windows live\messenger\wlcsdk.exe

Error: (05/07/2015 00:53:02 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (05/07/2015 00:52:53 AM) (Source: SideBySide) (EventID: 75) (User: )
Description: c:\program files (x86)\Skype\Toolbars\internet explorer\SkypeIEPluginBroker.exec:\program files (x86)\Skype\Toolbars\internet explorer\SkypeIEPluginBroker.exe2

Error: (05/07/2015 00:24:24 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/06/2015 02:44:20 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Robert\Desktop\esetsmartinstaller_deu.exe

Error: (05/06/2015 02:44:16 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Robert\Desktop\esetsmartinstaller_deu.exe

Error: (05/06/2015 02:44:16 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Robert\Desktop\esetsmartinstaller_deu.exe

Error: (05/06/2015 02:40:44 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Robert\Desktop\esetsmartinstaller_deu.exe

Error: (05/06/2015 01:51:33 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: UCCAPI,processorArchitecture="x86",type="win32",version="2.0.0.0"c:\program files (x86)\windows live\messenger\wlcsdk.exe

Error: (05/06/2015 01:51:23 PM) (Source: SideBySide) (EventID: 75) (User: )
Description: c:\program files (x86)\Skype\Toolbars\internet explorer\SkypeIEPluginBroker.exec:\program files (x86)\Skype\Toolbars\internet explorer\SkypeIEPluginBroker.exe2


CodeIntegrity Errors:
===================================
  Date: 2015-05-04 13:04:39.040
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-05-04 13:04:38.915
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-05-04 13:04:38.791
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-05-04 13:04:38.681
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-10-15 20:29:27.027
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-10-15 20:29:27.027
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-10-15 20:29:27.027
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-10-15 20:29:26.996
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-10-15 20:29:26.996
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-10-15 20:29:26.996
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7 CPU 920 @ 2.67GHz
Percentage of memory in use: 30%
Total physical RAM: 6135.12 MB
Available physical RAM: 4287.41 MB
Total Pagefile: 12268.43 MB
Available Pagefile: 9994.49 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:298.09 GB) (Free:117.57 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (Volume) (Fixed) (Total:698.63 GB) (Free:697.97 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: E7091A42)
Partition 1: (Active) - (Size=298.1 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 114AA6A5)
Partition 1: (Not Active) - (Size=698.6 GB) - (Type=07 NTFS)

==================== End Of Log ============================
An sich habe ich wenn du mir sagt, dass mein Rechner und meine externen Speicher sauber sind keine Probleme mehr.
Allerdings hätte ich noch kurz eine kleine Frage.

Kennst du ein Programm das einem anzeigt welche Hardware-Treiber man benötigt, mit genauer Hardwarebezeichnung?

MfG

Necro

Antwort
Seite 1 von 2 1 2

Themen zu Windows 7: Spiele starten nicht mehr und PC starten funktioniert manchmal nicht
adware, bonjour, browser, combofix, converter, defender, downloader, ebanking, festplatte, flash player, google, helper, homepage, kaspersky, langsam, launch, mozilla, port, registry, rundll, scan, security, starten, starten nicht, system, udp, virus, windows


« Malware Meldung "Adspy/adspy.gen2" gefunden! | DHL-Phishing-Mail »


Ähnliche Themen: Windows 7: Spiele starten nicht mehr und PC starten funktioniert manchmal nicht


  1. Windows Vista - Abgestürzt und lässt sich nicht mehr starten
    Alles rund um Windows - 28.06.2015 (27)
  2. Einige Programme starten nicht mehr unter Windows 7
    Alles rund um Windows - 26.05.2015 (3)
  3. Einige Programme starten nicht mehr unter Windows 7
    Mülltonne - 25.05.2015 (0)
  4. Programme starten nicht mehr kurz nach Windows-Neustart
    Plagegeister aller Art und deren Bekämpfung - 12.02.2015 (19)
  5. Windows 7 grauer Bildschirm, lässt sich nicht mehr starten
    Log-Analyse und Auswertung - 21.01.2015 (33)
  6. .exe funktionieren nicht mehr. Spiele starten nicht mehr.
    Alles rund um Windows - 26.02.2013 (1)
  7. kann Windows-Firewall nicht mehr starten ...
    Antiviren-, Firewall- und andere Schutzprogramme - 15.01.2013 (19)
  8. Windows XP lässt sich gar nicht mehr starten
    Alles rund um Windows - 22.06.2012 (3)
  9. Windows 7 lässt sich nicht mehr starten
    Alles rund um Windows - 24.03.2012 (8)
  10. die meissten anwendungen von windows aus lassen sich nicht mehr starten
    Log-Analyse und Auswertung - 02.09.2011 (3)
  11. Winlogon Prozess Beendet - Pc starten Windows nicht mehr!
    Plagegeister aller Art und deren Bekämpfung - 02.01.2011 (0)
  12. Spiele lassen sich seit kurzem nicht mehr starten
    Log-Analyse und Auswertung - 27.05.2010 (1)
  13. Windows XP läßt sich nicht mehr starten
    Alles rund um Windows - 26.09.2009 (15)
  14. IE funktioniert nicht mehr, Task-Manager lässt sich nicht starten
    Mülltonne - 27.09.2008 (0)
  15. Kann Windows nicht mehr richtig starten
    Mülltonne - 22.01.2007 (1)
  16. Kann Windows nicht mehr richtig starten
    Plagegeister aller Art und deren Bekämpfung - 22.01.2007 (3)
  17. Windows-Explorer lässt sich nicht mehr starten
    Plagegeister aller Art und deren Bekämpfung - 17.03.2005 (4)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Windows 7: Spiele starten nicht mehr und PC starten funktioniert manchmal nicht - Hallo Trojaner-Board Team, seit einiger Zeit ist mein PC sehr langsam geworden. Zudem starten Spiele nicht mehr ordnungsgemäß, dass bedeutet sie werden nach einem Doppelklick zwar gestartet und sie arbeiten - Windows 7: Spiele starten nicht mehr und PC starten funktioniert manchmal nicht...
Archiv
Du betrachtest: Windows 7: Spiele starten nicht mehr und PC starten funktioniert manchmal nicht auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131