Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Firefox - veralteter Broser? (https://www.trojaner-board.de/147457-firefox-veralteter-broser.html)

user54321 06.01.2014 18:46
Firefox - veralteter Broser?
 
Seit 2 Tagen kommt immer wieder mal jener Tab von allein. Das es ein Fake ist ist klar, aber wie entfernen?

http://abload.de/img/firefoxjdiwy.jpg

Win7 64bit, FF 26.0
Danke schon mal

aharonov 06.01.2014 21:34
Hallo,

mach bitte einen FRST-Scan:


Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


user54321 06.01.2014 23:18
DANKE erstmal!

Die FRST
FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-01-2014
Ran by Munfrosch (administrator) on USG on 06-01-2014 23:15:44
Running from C:\Users\Munfrosch\Downloads
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files (x86)\Gigabyte\EasySaver\essvr.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Windows\svchost.exe
(NEC Electronics Corporation) C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\Windows\SysWOW64\XSrvSetup.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(SafetyNut Inc.) C:\Program Files (x86)\Movies Toolbar\SafetyNut\SafetyNutManager.exe
(StarWind Software) C:\Program Files (x86)\Alcohol 120\StarWind\StarWindServiceAE.exe
(SafetyNut Inc.) C:\Program Files (x86)\Movies Toolbar\SafetyNut\SafetyNutManager.exe
(SafetyNut Inc.) C:\Program Files (x86)\Movies Toolbar\SafetyNut\safetynut.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\scalc.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(mobile concepts GmbH) C:\Program Files\CyberGhost VPN\CGVPNCliService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(VideoLAN) C:\Program Files (x86)\VLC\vlc.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10144288 2010-04-06] (Realtek Semiconductor)
HKLM\...\Run: [a474c6d2b75d64b3ed1078b377b83c48] - C:\Windows\svchost.exe [408064 2013-09-25] ()
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496 2009-11-20] (NEC Electronics Corporation)
HKLM-x32\...\Run: [JMB36X IDE Setup] - C:\Windows\RaidTool\xInsIDE.exe [43632 2010-01-19] ()
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [CloneCDTray] - C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe [57344 2009-01-29] (SlySoft, Inc.)
HKLM-x32\...\Run: [HDD Regenerator] - C:\Program Files (x86)\HDD Regenerator\HDD Regenerator.exe
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKCU\...\Run: [ISUSPM Startup] - C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2005-02-17] (InstallShield Software Corporation)
HKCU\...\Run: [AlcoholAutomount] - C:\Program Files (x86)\Alcohol 120\AxAutoMntSrv.exe [33120 2010-08-20] (Alcohol Soft Development Team)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKCU\...\Run: [icq] - C:\Users\Munfrosch\AppData\Roaming\ICQM\icq.exe [28773224 2013-05-23] (ICQ)
HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1823656 2013-12-11] (Valve Corporation)
HKCU\...\Run: [iLivid] - "C:\Users\Munfrosch\AppData\Local\iLivid\iLivid.exe" -autorun
HKCU\...\Run: [a474c6d2b75d64b3ed1078b377b83c48] - C:\Windows\svchost.exe [408064 2013-09-25] ()
HKCU\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x95000000
MountPoints2: {067a24d7-2ada-11e0-844f-1c6f65845c1c} - H:\setup_vmc_lite.exe /checkApplicationPresence
MountPoints2: {3bdf744c-2703-11e0-8885-806e6f6e6963} - E:\zdata\cobi.exe
MountPoints2: {3bdf7460-2703-11e0-8885-1c6f65845c1c} - E:\setup_vmc_lite.exe /checkApplicationPresence
MountPoints2: {3bdf7470-2703-11e0-8885-1c6f65845c1c} - E:\setup_vmc_lite.exe /checkApplicationPresence
MountPoints2: {7acab6e4-26ff-11e0-b70a-806e6f6e6963} - D:\Run.exe
HKU\UpdatusUser\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\UpdatusUser\...\Run: [Steam] - "C:\Program Files (x86)\SPIELE\Steam.exe" -silent
HKU\UpdatusUser\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10v_Plugin.exe -update plugin
AppInit_DLLs: C:\Program Files (x86)\Movies Toolbar\SafetyNut\x64\safetyldr.dll [22536 2013-10-09] ()
AppInit_DLLs-x32: c:\progra~3\wincert\win32c~1.dll c:\progra~2\movies~1\safety~1\safety~2.dll  [18952 2013-10-09] ()
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\browsemngr.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browsermngr.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\bundlesweetimsetup.exe: [Debugger] tasklist.exe
IFEO\cltmngsvc.exe: [Debugger] tasklist.exe
IFEO\delta babylon.exe: [Debugger] tasklist.exe
IFEO\delta tb.exe: [Debugger] tasklist.exe
IFEO\delta2.exe: [Debugger] tasklist.exe
IFEO\deltainstaller.exe: [Debugger] tasklist.exe
IFEO\deltasetup.exe: [Debugger] tasklist.exe
IFEO\deltatb.exe: [Debugger] tasklist.exe
IFEO\deltatb_2501-c733154b.exe: [Debugger] tasklist.exe
IFEO\iminentsetup.exe: [Debugger] tasklist.exe
IFEO\rjatydimofu.exe: [Debugger] tasklist.exe
IFEO\sweetimsetup.exe: [Debugger] tasklist.exe
IFEO\tbdelta.exetoolbar783881609.exe: [Debugger] tasklist.exe
Startup: C:\Users\Munfrosch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\a474c6d2b75d64b3ed1078b377b83c48.exe ()
HKLM\...\AppCertDlls: [x86] -> C:\Program Files (x86)\Movies Toolbar\SafetyNut\safetycrt.dll [485384 2013-10-09] ()
HKLM\...\AppCertDlls: [x64] -> C:\Program Files (x86)\Movies Toolbar\SafetyNut\x64\safetycrt.dll [657928 2013-10-09] ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.qone8.com/?type=hp&ts=1383497357&from=amt&uid=WDCXWD5000AADS-00S9B0_WD-WCAV9C21372613726
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x01A970B010BBCB01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://start.qone8.com/?type=hp&ts=1383497357&from=amt&uid=WDCXWD5000AADS-00S9B0_WD-WCAV9C21372613726
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://start.qone8.com/web/?type=ds&ts=1383497357&from=amt&uid=WDCXWD5000AADS-00S9B0_WD-WCAV9C21372613726&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://start.qone8.com/?type=hp&ts=1383497357&from=amt&uid=WDCXWD5000AADS-00S9B0_WD-WCAV9C21372613726
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.qone8.com/?type=hp&ts=1383497357&from=amt&uid=WDCXWD5000AADS-00S9B0_WD-WCAV9C21372613726
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://start.qone8.com/web/?type=ds&ts=1383497357&from=amt&uid=WDCXWD5000AADS-00S9B0_WD-WCAV9C21372613726&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://start.qone8.com/web/?type=ds&ts=1383497357&from=amt&uid=WDCXWD5000AADS-00S9B0_WD-WCAV9C21372613726&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://start.qone8.com/?type=hp&ts=1383497357&from=amt&uid=WDCXWD5000AADS-00S9B0_WD-WCAV9C21372613726
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.qone8.com/?type=hp&ts=1383497357&from=amt&uid=WDCXWD5000AADS-00S9B0_WD-WCAV9C21372613726
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://start.qone8.com/web/?type=ds&ts=1383497357&from=amt&uid=WDCXWD5000AADS-00S9B0_WD-WCAV9C21372613726&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe hxxp://start.qone8.com/?type=sc&ts=1383497357&from=amt&uid=WDCXWD5000AADS-00S9B0_WD-WCAV9C21372613726
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://start.qone8.com/web/?type=ds&ts=1383497357&from=amt&uid=WDCXWD5000AADS-00S9B0_WD-WCAV9C21372613726&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://start.qone8.com/web/?type=ds&ts=1383497357&from=amt&uid=WDCXWD5000AADS-00S9B0_WD-WCAV9C21372613726&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://start.qone8.com/web/?type=ds&ts=1383497357&from=amt&uid=WDCXWD5000AADS-00S9B0_WD-WCAV9C21372613726&q={searchTerms}
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://start.qone8.com/web/?type=ds&ts=1383497357&from=amt&uid=WDCXWD5000AADS-00S9B0_WD-WCAV9C21372613726&q={searchTerms}
SearchScopes: HKCU - {0D7562AE-8EF6-416d-A838-AB665251703A} URL = hxxp://start.facemoods.com/?a=ddr&s={searchTerms}&f=4
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://start.qone8.com/web/?type=ds&ts=1383497357&from=amt&uid=WDCXWD5000AADS-00S9B0_WD-WCAV9C21372613726&q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
DPF: HKLM-x32 {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 05 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog5-x64 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 05 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Munfrosch\AppData\Roaming\Mozilla\Firefox\Profiles\p85aww12.default
FF user.js: detected! => C:\Users\Munfrosch\AppData\Roaming\Mozilla\Firefox\Profiles\p85aww12.default\user.js
FF SearchEngineOrder.1: Ask.com
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\Ask.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrchddr.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\qone8.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\Ask.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: German Dictionary - C:\Users\Munfrosch\AppData\Roaming\Mozilla\Firefox\Profiles\p85aww12.default\Extensions\de-DE@dictionaries.addons.mozilla.org
FF Extension: Adblock Plus - C:\Users\Munfrosch\AppData\Roaming\Mozilla\Firefox\Profiles\p85aww12.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKLM-x32\...\Firefox\Extensions: [ocr@babylon.com] - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\ocr@babylon.com
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

==================== Services (Whitelisted) =================

S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R3 CGVPNCliSrvc; C:\Program Files\CyberGhost VPN\CGVPNCliService.exe [2438696 2012-04-26] (mobile concepts GmbH)
R2 ES lite Service; C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE [68136 2009-08-24] ()
S2 HDDlife HDD Access service; C:\Program Files (x86)\Common Files\BinarySense\hldasvc.exe [1836912 2012-11-27] (BinarySense, Inc.)
R2 JMB36X; C:\Windows\SysWOW64\XSrvSetup.exe [72304 2010-01-19] ()
R2 SafetyNutManager; C:\Program Files (x86)\Movies Toolbar\SafetyNut\SafetyNutManager.exe [3422728 2013-10-09] (SafetyNut Inc.)
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software)

==================== Drivers (Whitelisted) ====================

R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [138400 2012-08-26] (SlySoft, Inc.)
R3 AnyDVD; C:\Windows\SysWow64\Drivers\AnyDVD.sys [138400 2012-08-26] (SlySoft, Inc.)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21544 2010-04-27] ()
R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
R3 ElbyCDFL; C:\Windows\SysWow64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [132608 2009-06-29] (Huawei Technologies Co., Ltd.)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2011-01-28] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2012-11-30] (Duplex Secure Ltd.)
S1 UimBus; C:\Windows\System32\DRIVERS\uimx64.sys [59184 2011-11-17] (Windows (R) 2000 DDK provider)
S1 Uim_IM; C:\Windows\System32\Drivers\Uim_IMx64.sys [572336 2011-11-17] (Paragon)
S1 Uim_VIM; C:\Windows\System32\Drivers\uim_vimx64.sys [352816 2011-11-17] (Paragon)
U3 ae1g5fwh; C:\Windows\System32\Drivers\ae1g5fwh.sys [0 ] (Advanced Micro Devices)
S3 ALSysIO; \??\C:\Users\MUNFRO~1\AppData\Local\Temp\ALSysIO64.sys [x]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-06 23:15 - 2014-01-06 23:16 - 00018635 _____ C:\Users\Munfrosch\Downloads\FRST.txt
2014-01-06 23:15 - 2014-01-06 23:15 - 01931762 _____ (Farbar) C:\Users\Munfrosch\Downloads\FRST64.exe
2014-01-06 23:15 - 2014-01-06 23:15 - 00000000 ____D C:\FRST
2014-01-04 15:20 - 2014-01-04 19:08 - 00000096 ____H C:\Users\Munfrosch\Documents\.~lock.panzermodelle.xls#
2014-01-04 13:20 - 2014-01-06 10:32 - 00000096 ____H C:\Users\Munfrosch\Documents\.~lock.grepo.ods#
2014-01-01 14:16 - 2014-01-01 14:26 - 3268147200 _____ C:\Users\Munfrosch\Downloads\X17-59885.iso
2014-01-01 03:19 - 2014-01-01 03:19 - 01283094 _____ C:\Users\Munfrosch\Documents\Geiles We.bmp
2014-01-01 03:18 - 2014-01-01 03:19 - 02084934 _____ C:\Users\Munfrosch\Documents\Hübsche Maus.bmp
2014-01-01 03:18 - 2014-01-01 03:19 - 01066038 _____ C:\Users\Munfrosch\Documents\Sex Spass.bmp
2014-01-01 03:18 - 2014-01-01 03:18 - 00532950 _____ C:\Users\Munfrosch\Documents\Rauch Spass.bmp
2013-12-29 21:07 - 2014-01-04 19:08 - 00018944 _____ C:\Users\Munfrosch\Documents\panzermodelle.xls
2013-12-20 13:49 - 2013-12-20 13:49 - 00002324 _____ C:\Users\Munfrosch\Documents\karten.rar
2013-12-17 21:45 - 2013-12-17 21:45 - 00013824 _____ C:\Users\Munfrosch\Documents\modellliste.xls
2013-12-17 19:15 - 2013-12-17 21:14 - 00012376 _____ C:\Users\Munfrosch\Documents\modellliste.ods
2013-12-17 16:44 - 2013-12-17 16:44 - 03462033 _____ C:\Users\Munfrosch\Downloads\pci_filerecovery.exe
2013-12-17 16:44 - 2013-12-17 16:44 - 00001207 _____ C:\Users\Munfrosch\Desktop\PC Inspector File Recovery.lnk
2013-12-17 16:44 - 2013-12-17 16:44 - 00000000 ____D C:\Users\Munfrosch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Convar
2013-12-17 16:44 - 2013-12-17 16:44 - 00000000 ____D C:\Program Files (x86)\PC Inspector File Recovery
2013-12-17 16:41 - 2013-12-17 19:14 - 00000000 ____D C:\rescuee
2013-12-17 16:17 - 2013-12-17 16:17 - 00614784 _____ C:\Users\Munfrosch\Downloads\Recuva - CHIP-Downloader.exe
2013-12-16 14:15 - 2013-12-16 14:15 - 00002062 _____ C:\Users\Munfrosch\Downloads\install.xpi
2013-12-15 17:33 - 2013-12-15 17:33 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-12-15 17:33 - 2013-12-15 17:33 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-12-15 17:33 - 2013-12-15 17:33 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-12-15 17:33 - 2013-12-15 17:33 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-12-15 17:33 - 2013-12-15 17:33 - 00003088 _____ C:\Windows\System32\Tasks\RegOrganizerQuickLaunch
2013-12-15 17:33 - 2013-12-15 17:33 - 00001584 _____ C:\Windows\system32\rrr.lnk
2013-12-15 17:33 - 2013-12-15 17:33 - 00001170 _____ C:\Users\Munfrosch\Desktop\Reg Organizer - a PC performance improvement utility.lnk
2013-12-15 17:33 - 2013-12-15 17:33 - 00000000 ____D C:\Users\Munfrosch\AppData\Roaming\ChemTable Software
2013-12-15 17:33 - 2013-12-15 17:33 - 00000000 ____D C:\Users\Munfrosch\AppData\Local\ChemTable Software
2013-12-15 17:33 - 2013-12-15 17:33 - 00000000 ____D C:\ProgramData\Oracle
2013-12-15 17:33 - 2013-12-15 17:33 - 00000000 ____D C:\Program Files (x86)\Reg Organizer
2013-12-15 17:33 - 2013-12-15 17:33 - 00000000 ____D C:\Program Files (x86)\Java
2013-12-15 17:27 - 2013-12-15 17:28 - 24097311 _____ C:\Users\Munfrosch\Downloads\vlc-2.1.2-win32.exe
2013-12-15 17:26 - 2013-12-15 17:27 - 29040552 _____ (Oracle Corporation) C:\Users\Munfrosch\Downloads\jre-7u45-windows-i586.exe
2013-12-15 17:16 - 2013-12-15 17:38 - 00000000 ____D C:\Users\Munfrosch\AppData\Local\AnVir
2013-12-15 17:16 - 2013-12-15 17:16 - 09062640 _____ C:\Users\Munfrosch\Downloads\AnVirTaskManager.exe
2013-12-15 17:16 - 2013-12-15 17:16 - 00001082 _____ C:\Users\Munfrosch\AppData\Roaming\Microsoft\Windows\Start Menu\AnVir Task Manager.lnk
2013-12-15 17:16 - 2013-12-15 17:16 - 00001058 _____ C:\Users\UpdatusUser\Desktop\AnVir Task Manager.lnk
2013-12-15 17:16 - 2013-12-15 17:16 - 00001058 _____ C:\Users\Munfrosch\Desktop\AnVir Task Manager.lnk
2013-12-15 17:16 - 2013-12-15 17:16 - 00000000 ____D C:\Users\Munfrosch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnVir Task Manager
2013-12-15 17:16 - 2013-12-15 17:16 - 00000000 ____D C:\Program Files (x86)\AnVir Task Manager

==================== One Month Modified Files and Folders =======

2014-01-06 23:16 - 2014-01-06 23:15 - 00018635 _____ C:\Users\Munfrosch\Downloads\FRST.txt
2014-01-06 23:15 - 2014-01-06 23:15 - 01931762 _____ (Farbar) C:\Users\Munfrosch\Downloads\FRST64.exe
2014-01-06 23:15 - 2014-01-06 23:15 - 00000000 ____D C:\FRST
2014-01-06 23:08 - 2011-05-27 08:02 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-06 23:07 - 2011-03-29 20:13 - 00000000 ____D C:\Users\Munfrosch\AppData\Roaming\Skype
2014-01-06 21:10 - 2013-11-03 19:28 - 00000000 ____D C:\ProgramData\SafetyNut
2014-01-06 17:12 - 2011-02-19 23:40 - 00000000 ____D C:\Users\Munfrosch\AppData\Roaming\vlc
2014-01-06 13:31 - 2009-07-14 18:58 - 12276808 _____ C:\Windows\system32\perfh007.dat
2014-01-06 13:31 - 2009-07-14 18:58 - 03777916 _____ C:\Windows\system32\perfc007.dat
2014-01-06 13:31 - 2009-07-14 06:13 - 00006118 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-06 10:32 - 2014-01-04 13:20 - 00000096 ____H C:\Users\Munfrosch\Documents\.~lock.grepo.ods#
2014-01-06 10:32 - 2013-11-30 08:30 - 00011988 _____ C:\Users\Munfrosch\Documents\grepo.ods
2014-01-06 07:16 - 2011-05-27 08:02 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-04 19:08 - 2014-01-04 15:20 - 00000096 ____H C:\Users\Munfrosch\Documents\.~lock.panzermodelle.xls#
2014-01-04 19:08 - 2013-12-29 21:07 - 00018944 _____ C:\Users\Munfrosch\Documents\panzermodelle.xls
2014-01-02 18:54 - 2012-09-08 10:13 - 00000000 ____D C:\EBAY
2014-01-01 23:24 - 2013-02-05 15:16 - 00000000 ____D C:\Users\Munfrosch\Downloads\FILME
2014-01-01 14:26 - 2014-01-01 14:16 - 3268147200 _____ C:\Users\Munfrosch\Downloads\X17-59885.iso
2014-01-01 03:19 - 2014-01-01 03:19 - 01283094 _____ C:\Users\Munfrosch\Documents\Geiles We.bmp
2014-01-01 03:19 - 2014-01-01 03:18 - 02084934 _____ C:\Users\Munfrosch\Documents\Hübsche Maus.bmp
2014-01-01 03:19 - 2014-01-01 03:18 - 01066038 _____ C:\Users\Munfrosch\Documents\Sex Spass.bmp
2014-01-01 03:18 - 2014-01-01 03:18 - 00532950 _____ C:\Users\Munfrosch\Documents\Rauch Spass.bmp
2014-01-01 03:08 - 2012-11-04 13:07 - 00000000 ____D C:\DCIM
2013-12-29 17:12 - 2009-07-14 05:45 - 00017136 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-29 17:12 - 2009-07-14 05:45 - 00017136 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-29 17:05 - 2013-07-30 13:50 - 00000000 ____D C:\Program Files (x86)\Steam
2013-12-29 17:05 - 2011-01-23 16:01 - 00000144 _____ C:\service.log
2013-12-29 17:05 - 2009-07-14 05:51 - 00090771 _____ C:\Windows\setupact.log
2013-12-29 17:04 - 2013-11-17 06:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-29 17:04 - 2012-11-03 12:31 - 00000000 ____D C:\Program Files\Recuva
2013-12-29 17:04 - 2012-10-02 15:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-29 17:04 - 2011-06-26 17:16 - 00138490 _____ C:\Windows\PFRO.log
2013-12-29 17:04 - 2011-01-28 13:25 - 00000000 ____D C:\ProgramData\NVIDIA
2013-12-29 17:04 - 2011-01-23 16:13 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2013-12-29 17:04 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-20 13:49 - 2013-12-20 13:49 - 00002324 _____ C:\Users\Munfrosch\Documents\karten.rar
2013-12-17 21:45 - 2013-12-17 21:45 - 00013824 _____ C:\Users\Munfrosch\Documents\modellliste.xls
2013-12-17 21:14 - 2013-12-17 19:15 - 00012376 _____ C:\Users\Munfrosch\Documents\modellliste.ods
2013-12-17 19:14 - 2013-12-17 16:41 - 00000000 ____D C:\rescuee
2013-12-17 16:45 - 2013-04-15 16:52 - 00000000 ____D C:\Users\Munfrosch\Desktop\DESKTOP PICS
2013-12-17 16:44 - 2013-12-17 16:44 - 03462033 _____ C:\Users\Munfrosch\Downloads\pci_filerecovery.exe
2013-12-17 16:44 - 2013-12-17 16:44 - 00001207 _____ C:\Users\Munfrosch\Desktop\PC Inspector File Recovery.lnk
2013-12-17 16:44 - 2013-12-17 16:44 - 00000000 ____D C:\Users\Munfrosch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Convar
2013-12-17 16:44 - 2013-12-17 16:44 - 00000000 ____D C:\Program Files (x86)\PC Inspector File Recovery
2013-12-17 16:41 - 2011-01-23 15:53 - 00000000 ____D C:\Users\Munfrosch
2013-12-17 16:18 - 2012-11-03 12:31 - 00001658 _____ C:\Users\Public\Desktop\Recuva.lnk
2013-12-17 16:17 - 2013-12-17 16:17 - 00614784 _____ C:\Users\Munfrosch\Downloads\Recuva - CHIP-Downloader.exe
2013-12-16 14:15 - 2013-12-16 14:15 - 00002062 _____ C:\Users\Munfrosch\Downloads\install.xpi
2013-12-15 17:38 - 2013-12-15 17:16 - 00000000 ____D C:\Users\Munfrosch\AppData\Local\AnVir
2013-12-15 17:33 - 2013-12-15 17:33 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-12-15 17:33 - 2013-12-15 17:33 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-12-15 17:33 - 2013-12-15 17:33 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-12-15 17:33 - 2013-12-15 17:33 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-12-15 17:33 - 2013-12-15 17:33 - 00003088 _____ C:\Windows\System32\Tasks\RegOrganizerQuickLaunch
2013-12-15 17:33 - 2013-12-15 17:33 - 00001584 _____ C:\Windows\system32\rrr.lnk
2013-12-15 17:33 - 2013-12-15 17:33 - 00001170 _____ C:\Users\Munfrosch\Desktop\Reg Organizer - a PC performance improvement utility.lnk
2013-12-15 17:33 - 2013-12-15 17:33 - 00000000 ____D C:\Users\Munfrosch\AppData\Roaming\ChemTable Software
2013-12-15 17:33 - 2013-12-15 17:33 - 00000000 ____D C:\Users\Munfrosch\AppData\Local\ChemTable Software
2013-12-15 17:33 - 2013-12-15 17:33 - 00000000 ____D C:\ProgramData\Oracle
2013-12-15 17:33 - 2013-12-15 17:33 - 00000000 ____D C:\Program Files (x86)\Reg Organizer
2013-12-15 17:33 - 2013-12-15 17:33 - 00000000 ____D C:\Program Files (x86)\Java
2013-12-15 17:29 - 2013-09-21 12:31 - 00000935 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-12-15 17:28 - 2013-12-15 17:27 - 24097311 _____ C:\Users\Munfrosch\Downloads\vlc-2.1.2-win32.exe
2013-12-15 17:28 - 2012-12-19 07:49 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-15 17:28 - 2011-06-07 18:09 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-15 17:28 - 2011-05-27 08:01 - 00000000 ____D C:\Users\Munfrosch\AppData\Local\Adobe
2013-12-15 17:27 - 2013-12-15 17:26 - 29040552 _____ (Oracle Corporation) C:\Users\Munfrosch\Downloads\jre-7u45-windows-i586.exe
2013-12-15 17:16 - 2013-12-15 17:16 - 09062640 _____ C:\Users\Munfrosch\Downloads\AnVirTaskManager.exe
2013-12-15 17:16 - 2013-12-15 17:16 - 00001082 _____ C:\Users\Munfrosch\AppData\Roaming\Microsoft\Windows\Start Menu\AnVir Task Manager.lnk
2013-12-15 17:16 - 2013-12-15 17:16 - 00001058 _____ C:\Users\UpdatusUser\Desktop\AnVir Task Manager.lnk
2013-12-15 17:16 - 2013-12-15 17:16 - 00001058 _____ C:\Users\Munfrosch\Desktop\AnVir Task Manager.lnk
2013-12-15 17:16 - 2013-12-15 17:16 - 00000000 ____D C:\Users\Munfrosch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnVir Task Manager
2013-12-15 17:16 - 2013-12-15 17:16 - 00000000 ____D C:\Program Files (x86)\AnVir Task Manager
2013-12-11 03:09 - 2012-10-10 17:29 - 00002212 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-12-11 03:09 - 2011-05-27 08:02 - 00000000 ____D C:\Program Files (x86)\Google

ZeroAccess:
C:\Windows\Installer\{87215ddf-c91c-20ea-4c50-d3f0e9ab0906}
C:\Windows\Installer\{87215ddf-c91c-20ea-4c50-d3f0e9ab0906}\U\00000008.@
C:\Windows\Installer\{87215ddf-c91c-20ea-4c50-d3f0e9ab0906}\L\00000004.@
C:\Windows\Installer\{87215ddf-c91c-20ea-4c50-d3f0e9ab0906}\L\201d3dde
C:\Windows\Installer\{87215ddf-c91c-20ea-4c50-d3f0e9ab0906}\L\76603ac3
C:\Windows\svchost.exe
ATTENTION ====> Check for partition/boot infection.

Some content of TEMP:
====================
C:\Users\Munfrosch\AppData\Local\Temp\18be6784_.exe
C:\Users\Munfrosch\AppData\Local\Temp\26821-85729-clonecd.exe
C:\Users\Munfrosch\AppData\Local\Temp\294823_.exe
C:\Users\Munfrosch\AppData\Local\Temp\7z920.exe
C:\Users\Munfrosch\AppData\Local\Temp\917b0b87-3358-4e79-93de-3dfc2fc99ed0.exe
C:\Users\Munfrosch\AppData\Local\Temp\AnVir.exe
C:\Users\Munfrosch\AppData\Local\Temp\appshat-distribution.exe
C:\Users\Munfrosch\AppData\Local\Temp\AskSLib.dll
C:\Users\Munfrosch\AppData\Local\Temp\bassmod.dll
C:\Users\Munfrosch\AppData\Local\Temp\binkw32.dll
C:\Users\Munfrosch\AppData\Local\Temp\bi_cleaner.exe
C:\Users\Munfrosch\AppData\Local\Temp\BundleSweetIMSetup.exe
C:\Users\Munfrosch\AppData\Local\Temp\d2l_Install.exe
C:\Users\Munfrosch\AppData\Local\Temp\Delta.exe
C:\Users\Munfrosch\AppData\Local\Temp\DeltaTB.exe
C:\Users\Munfrosch\AppData\Local\Temp\dp.exe
C:\Users\Munfrosch\AppData\Local\Temp\drm_dialogs.dll
C:\Users\Munfrosch\AppData\Local\Temp\drm_dyndata_7330014.dll
C:\Users\Munfrosch\AppData\Local\Temp\drm_dyndata_7370014.dll
C:\Users\Munfrosch\AppData\Local\Temp\DTLite4471-0333.exe
C:\Users\Munfrosch\AppData\Local\Temp\EBU13E2.EXE
C:\Users\Munfrosch\AppData\Local\Temp\EBU15B6.DLL
C:\Users\Munfrosch\AppData\Local\Temp\Facebook Hacker v1.8.exe
C:\Users\Munfrosch\AppData\Local\Temp\FLVPlayerSetup.exe
C:\Users\Munfrosch\AppData\Local\Temp\GUninstaller.exe
C:\Users\Munfrosch\AppData\Local\Temp\htmlayout.dll
C:\Users\Munfrosch\AppData\Local\Temp\iBvIvnoA.exe
C:\Users\Munfrosch\AppData\Local\Temp\ICReinstall_Alcohol120_trial_2.0.2.4713.exe
C:\Users\Munfrosch\AppData\Local\Temp\Installer.exe
C:\Users\Munfrosch\AppData\Local\Temp\InstallerBT.exe
C:\Users\Munfrosch\AppData\Local\Temp\InstallFlashPlayer.exe
C:\Users\Munfrosch\AppData\Local\Temp\instloffer.exe
C:\Users\Munfrosch\AppData\Local\Temp\jre-6u39-windows-i586-iftw.exe
C:\Users\Munfrosch\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\Munfrosch\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Munfrosch\AppData\Local\Temp\LyricsPal.exe
C:\Users\Munfrosch\AppData\Local\Temp\MoviesToolbarSetup_Somoto_9_10_2013.exe
C:\Users\Munfrosch\AppData\Local\Temp\MyBabylonTB.exe
C:\Users\Munfrosch\AppData\Local\Temp\ose00000.exe
C:\Users\Munfrosch\AppData\Local\Temp\pricepeep_90001_0101.exe
C:\Users\Munfrosch\AppData\Local\Temp\propsys.dll
C:\Users\Munfrosch\AppData\Local\Temp\sctmp.exe
C:\Users\Munfrosch\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Munfrosch\AppData\Local\Temp\sfamcc00002.dll
C:\Users\Munfrosch\AppData\Local\Temp\sfareca00002.dll
C:\Users\Munfrosch\AppData\Local\Temp\sfextra.dll
C:\Users\Munfrosch\AppData\Local\Temp\toolbar178583439.exe
C:\Users\Munfrosch\AppData\Local\Temp\toolbar178592066.exe
C:\Users\Munfrosch\AppData\Local\Temp\toolbar9569272.exe
C:\Users\Munfrosch\AppData\Local\Temp\uninst1.exe
C:\Users\Munfrosch\AppData\Local\Temp\uninstall17979723.exe
C:\Users\Munfrosch\AppData\Local\Temp\uninstall17982937.exe
C:\Users\Munfrosch\AppData\Local\Temp\uninstall5713177.exe
C:\Users\Munfrosch\AppData\Local\Temp\uninstall5717467.exe
C:\Users\Munfrosch\AppData\Local\Temp\UpdateCheckerSetup.exe
C:\Users\Munfrosch\AppData\Local\Temp\WSSetup.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-11-04 05:07

==================== End Of Log ============================
--- --- ---

--- --- ---


und die AdditionFRST Additions Logfile:
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-01-2014
Ran by Munfrosch at 2014-01-06 23:16:51
Running from C:\Users\Munfrosch\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

"Sudden Strike - Release 1.0" (x32 Version:  - )
@BIOS (x32 Version: 2.08 - GIGABYTE)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Flash Player 11 ActiveX (x32 Version: 11.6.602.171 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.05) - Deutsch (x32 Version: 11.0.05 - Adobe Systems Incorporated)
AIO_CDA_ProductContext (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_CDA_Software (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_Scan (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AnVir Task Manager (x32 Version:  - AnVir Software)
AnyDVD (x32 Version: 7.1.2.0 - SlySoft)
Arnhem (HKCU Version:  - )
AutoGreen B10.0517.1 (x32 Version: 1.00.0000 - GIGABYTE)
AutoGreen B10.0517.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
AviSynth 2.5 (x32 Version:  - )
AVStoDVD 2.7.0 (x32 Version: 2.7.0 - MrC)
Battle of the Bulge (x32 Version: 3.5.0.0 - Halftrack)
Blitzkrieg Mod (x32 Version: 4.7.0.0 - Blitzkrieg Mod Team)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
C5100 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
c5100_Help (x32 Version: 82.0.256.000 - Hewlett-Packard) Hidden
CloneCD (x32 Version:  - SlySoft)
Command & Conquer Die ersten 10 Jahre (x32 Version: 1.00.0000 - Electronic Arts)
Company of Heroes - FAKEMSI (x32 Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes (New Steam Version) (x32 Version:  - )
Company of Heroes (x32 Version: 2.0.0.1 - THQ Inc.)
Company of Heroes: Opposing Fronts (x32 Version:  - Relic Entertainment)
Company of Heroes: Tales of Valor (x32 Version:  - Relic Entertainment)
Copy (x32 Version: 130.0.428.000 - Hewlett-Packard) Hidden
Core Temp version 0.99.8 (Version: 0.99.8 - Arthur Liberman)
CPUID CPU-Z 1.63.0 (Version:  - )
CPUID HWMonitor 1.23 (Version:  - )
CrystalDiskInfo 5.6.2 (x32 Version: 5.6.2 - Crystal Dew World)
CyberGhost VPN (Version:  - CyberGhost S.R.L.)
DAEMON Tools Lite (x32 Version: 4.47.1.0333 - Disc Soft Ltd)
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
DHTML Editing Component (x32 Version: 6.02.0001 - Microsoft Corporation)
Diablo II (x32 Version:  - )
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
DVD Identifier (x32 Version: 5.2.0 - Kris Schoofs)
DVD Shrink 3.1.3 (x32 Version:  - DVD Shrink)
DVD2one V2.4.2 (x32 Version: 2.4.2 - Eximius B.V.)
DVD-Cover Printmaster 1.4 (x32 Version: 1.4 - biu software)
Eastern Front (x32 Version: 2.2.1.0 - )
Easy Tune 6 B10.0516.1 (x32 Version: 1.00.0000 - GIGABYTE)
Easy Tune 6 B10.0516.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
EasySaver B9.1214.1  (x32 Version: 1.00.0000 - Gigabyte)
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
ffdshow v1.2.4422 [2012-04-09] (x32 Version: 1.2.4422.0 - )
Free Disc Burner version 3.0.19.628 (x32 Version: 3.0.19.628 - DVDVideoSoft Ltd.)
Free Video Call Recorder for Skype version 1.2.2.812 (x32 Version: 1.2.2.812 - DVDVideoSoft Ltd.)
Gigabyte Raid Configurer (x32 Version: 1.00.0001 - GIGABYTE Technologies, Inc.)
Google Earth (x32 Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Haali Media Splitter (x32 Version:  - )
Hard Disk Low Level Format Tool 4.30 (x32 Version:  - HDDGURU)
HD Tune 2.55 (x32 Version:  - EFD Software)
HD Tune Pro 5.00 (x32 Version:  - EFD Software)
HDDlife Pro 4.0 (x32 Version: 4.0.190 - BinarySense Inc.)
HP Customer Participation Program 13.0 (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (Version: 13.0 - HP)
HP Photosmart All-In-One Driver Software 13.0 Rel. A (Version: 13.0 - HP)
HP Solution Center 13.0 (Version: 13.0 - HP)
HP Update (x32 Version: 5.003.001.001 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
ICQ 8.1 (build 6252) (HKCU Version: 8.1.6252.0 - Mail.Ru)
ICQ7.4 (x32 Version: 7.4 - ICQ)
Image Resizer Powertoy Clone for Windows (64 bit) (Version: 2.1.1 - Brice Lambson)
ImageConverter Plus 8.0 (x32 Version:  - fCoder Group, Inc.)
ImgBurn (x32 Version: 2.5.8.0 - LIGHTNING UK!)
IrfanView (remove only) (x32 Version: 4.35 - Irfan Skiljan)
Java 7 Update 25 (64-bit) (Version: 7.0.250 - Oracle)
Java 7 Update 45 (x32 Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JDownloader (x32 Version:  - AppWork UG (haftungsbeschränkt))
LightScribe System Software (x32 Version: 1.18.22.2 - LightScribe)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 DEU Language Pack (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 DEU Language Pack (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft Age of Empires II (x32 Version:  - )
Microsoft Age of Empires II: The Conquerors Expansion (x32 Version:  - )
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
NEC Electronics USB 3.0 Host Controller Driver (x32 Version: 1.0.18.0 - NEC Electronics Corporation)
NEC Electronics USB 3.0 Host Controller Driver (x32 Version: 1.0.18.0 - NEC Electronics Corporation) Hidden
Nero 11 DiscSpeed (x32 Version: 11.0.00400 - Nero AG)
Nero Backup Drivers (Version: 1.0.11100.8.0 - Nero AG)
Nero Core Components 11 (x32 Version: 11.0.15401.1.15 - Nero AG) Hidden
Nero DiscSpeed 11 (x32 Version: 7.0.10400.2.100 - Nero AG) Hidden
Nero DiscSpeed 11 Help (CHM) (x32 Version: 11.0.10000 - Nero AG) Hidden
nero.prerequisites.msi (x32 Version: 11.0.20008 - Nero AG) Hidden
Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
NVIDIA 3D Vision Treiber 306.97 (Version: 306.97 - NVIDIA Corporation)
NVIDIA Grafiktreiber 306.97 (Version: 306.97 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.1.9.0 (Version: 1.1.9.0 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.85.551 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.10.0514 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.10.0514 (Version: 9.10.0514 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.0697 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 306.97 (Version: 306.97 - NVIDIA Corporation) Hidden
NVIDIA Update 1.10.8 (Version: 1.10.8 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.10.8 - NVIDIA Corporation) Hidden
OCR Software by I.R.I.S. 13.0 (Version: 13.0 - HP)
ON_OFF Charge B10.0427.1 (x32 Version: 1.00.0001 - GIGABYTE)
OpenOffice.org 3.4.1 (x32 Version: 3.41.9593 - Apache Software Foundation)
PandoraRecovery (Remove Only) (x32 Version:  - )
Photobucket Backup (x32 Version: 1.0.5.2168 - Photobucket)
Realtek Ethernet Controller Driver For Windows 7 (x32 Version: 7.18.322.2010 - Realtek)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6083 - Realtek Semiconductor Corp.)
Recuva (Version: 1.49 - Piriform)
Reg Organizer version 6.31 (x32 Version: 6.31 - ChemTable Software)
S.T.A.L.K.E.R. - Call of Pripyat [v1.6.02] (x32 Version: 1.6.02 - bitComposer Games)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
SeaTools for Windows (x32 Version: 1.2.0.7 - Seagate Technology)
Skype™ 6.3 (x32 Version: 6.3.107 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
SpeedFan (remove only) (x32 Version:  - )
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
Steam (x32 Version: 1.0.0.0 - Valve Corporation)
System Requirements Lab (x32 Version:  - )
TechPowerUp GPU-Z (x32 Version:  - TechPowerUp)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
TrueCrypt (x32 Version: 7.0a - TrueCrypt Foundation)
Turbo Lister 2 (x32 Version: 2.00.0000 - eBay Inc.)
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
VLC media player 2.0.7 (Version: 2.0.7 - VideoLAN)
VLC media player 2.1.2 (x32 Version: 2.1.2 - VideoLAN)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
WinDFT (x32 Version: 1.0.0 - HGST)
WinRAR 4.00 (64-Bit) (Version: 4.00.0 - win.rar GmbH)

==================== Restore Points  =========================

13-12-2013 07:03:41 Geplanter Prüfpunkt
15-12-2013 16:32:11 Installed Java 7 Update 45

==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {25B43C48-1A6C-4B7C-846A-328480773536} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-05-27] (Google Inc.)
Task: {66D3AC0D-D07E-487B-9BA5-095451CD980F} - System32\Tasks\GoforFilesUpdate => C:\Program Files (x86)\GoforFiles\GFFUpdater.exe <==== ATTENTION
Task: {C64E913D-FB55-4B29-9C13-E2BCFAE1F127} - System32\Tasks\RegOrganizerQuickLaunch => C:\Program Files (x86)\Reg Organizer\RegOrganizer.exe [2013-11-29] (ChemTable Software)
Task: {CAAA56BF-8F76-4C13-9E66-093FC776B8CD} - System32\Tasks\{8FA4ECA9-C683-4277-B515-B23A5BA51D56} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2013-04-19] (Skype Technologies S.A.)
Task: {DF01B471-929E-4DD6-888D-EB791DE04700} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-05-27] (Google Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-11-03 19:28 - 2013-10-09 14:03 - 00657928 _____ () C:\Program Files (x86)\Movies Toolbar\SafetyNut\x64\safetycrt.dll
2011-05-27 23:07 - 2011-03-02 11:40 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2011-01-23 16:01 - 2009-03-13 11:30 - 00109096 _____ () C:\Program Files (x86)\Gigabyte\EasySaver\YCC.DLL
2013-11-03 19:28 - 2013-10-09 14:03 - 00485384 _____ () C:\Program Files (x86)\Movies Toolbar\SafetyNut\safetycrt.dll
2013-11-03 19:28 - 2013-10-09 14:02 - 00018952 _____ () C:\Program Files (x86)\Movies Toolbar\SafetyNut\safetyldr.dll
2012-08-10 15:51 - 2012-08-10 15:51 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2012-08-10 15:50 - 2012-08-10 15:50 - 00170496 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxslt.dll
2013-07-18 17:24 - 2010-07-20 13:39 - 01546781 _____ () C:\Program Files\CyberGhost VPN\libeay32.dll
2013-07-18 17:24 - 2010-07-20 13:39 - 00332987 _____ () C:\Program Files\CyberGhost VPN\ssleay32.dll
2013-11-17 06:00 - 2013-12-15 17:14 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-12-15 17:28 - 2013-12-15 17:28 - 16242056 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll
2013-12-09 01:18 - 2013-12-09 01:18 - 00113664 _____ () C:\Program Files (x86)\VLC\libvlc.dll
2013-12-09 01:19 - 2013-12-09 01:19 - 02342912 _____ () C:\Program Files (x86)\VLC\libvlccore.dll
2013-12-09 01:18 - 2013-12-09 01:18 - 00246784 _____ () C:\Program Files (x86)\VLC\plugins\access\libdshow_plugin.dll
2013-12-09 01:19 - 2013-12-09 01:19 - 00047616 _____ () C:\Program Files (x86)\VLC\plugins\audio_output\libdirectsound_plugin.dll
2013-12-09 01:19 - 2013-12-09 01:19 - 00050688 _____ () C:\Program Files (x86)\VLC\plugins\audio_output\libwaveout_plugin.dll
2013-12-09 01:18 - 2013-12-09 01:18 - 00079360 _____ () C:\Program Files (x86)\VLC\plugins\video_output\libdirectdraw_plugin.dll
2013-12-09 01:18 - 2013-12-09 01:18 - 02029568 _____ () C:\Program Files (x86)\VLC\plugins\access\liblibbluray_plugin.dll
2013-12-09 01:18 - 2013-12-09 01:18 - 00100352 _____ () C:\Program Files (x86)\VLC\plugins\access\libaccess_bd_plugin.dll
2013-12-09 01:18 - 2013-12-09 01:18 - 00258560 _____ () C:\Program Files (x86)\VLC\plugins\access\libdvdnav_plugin.dll
2013-12-09 01:18 - 2013-12-09 01:18 - 00076288 _____ () C:\Program Files (x86)\VLC\plugins\access\libaccess_vdr_plugin.dll
2013-12-09 01:18 - 2013-12-09 01:18 - 00046592 _____ () C:\Program Files (x86)\VLC\plugins\access\libfilesystem_plugin.dll
2013-12-09 01:18 - 2013-12-09 01:18 - 00061440 _____ () C:\Program Files (x86)\VLC\plugins\stream_filter\libsmooth_plugin.dll
2013-12-09 01:18 - 2013-12-09 01:18 - 00465920 _____ () C:\Program Files (x86)\VLC\plugins\stream_filter\libhttplive_plugin.dll
2013-12-09 01:18 - 2013-12-09 01:18 - 00719872 _____ () C:\Program Files (x86)\VLC\plugins\stream_filter\libdash_plugin.dll
2013-12-09 01:18 - 2013-12-09 01:18 - 00114688 _____ () C:\Program Files (x86)\VLC\plugins\access\libzip_plugin.dll
2013-12-09 01:18 - 2013-12-09 01:18 - 00039936 _____ () C:\Program Files (x86)\VLC\plugins\access\libstream_filter_rar_plugin.dll
2013-12-09 01:18 - 2013-12-09 01:18 - 00036864 _____ () C:\Program Files (x86)\VLC\plugins\stream_filter\librecord_plugin.dll
2013-12-09 01:18 - 2013-12-09 01:18 - 00136704 _____ () C:\Program Files (x86)\VLC\plugins\demux\libplaylist_plugin.dll
2013-12-09 01:18 - 2013-12-09 01:18 - 01449472 _____ () C:\Program Files (x86)\VLC\plugins\meta_engine\libtaglib_plugin.dll
2013-12-09 01:18 - 2013-12-09 01:18 - 00300032 _____ () C:\Program Files (x86)\VLC\plugins\lua\liblua_plugin.dll
2013-12-09 01:18 - 2013-12-09 01:18 - 01283584 _____ () C:\Program Files (x86)\VLC\plugins\misc\libxml_plugin.dll
2013-12-09 01:18 - 2013-12-09 01:18 - 00056320 _____ () C:\Program Files (x86)\VLC\plugins\control\libhotkeys_plugin.dll
2013-12-09 01:18 - 2013-12-09 01:18 - 00038912 _____ () C:\Program Files (x86)\VLC\plugins\control\libglobalhotkeys_plugin.dll
2013-12-09 01:19 - 2013-12-09 01:19 - 11747840 _____ () C:\Program Files (x86)\VLC\plugins\gui\libqt4_plugin.dll
2013-12-09 01:18 - 2013-12-09 01:18 - 00378368 _____ () C:\Program Files (x86)\VLC\plugins\services_discovery\libupnp_plugin.dll
2013-12-09 01:18 - 2013-12-09 01:18 - 00118272 _____ () C:\Program Files (x86)\VLC\plugins\services_discovery\libsap_plugin.dll
2013-12-09 01:18 - 2013-12-09 01:18 - 00043520 _____ () C:\Program Files (x86)\VLC\plugins\services_discovery\libpodcast_plugin.dll
2013-12-09 01:18 - 2013-12-09 01:18 - 00039936 _____ () C:\Program Files (x86)\VLC\plugins\services_discovery\libmediadirs_plugin.dll
2013-12-09 01:18 - 2013-12-09 01:18 - 00037376 _____ () C:\Program Files (x86)\VLC\plugins\services_discovery\libwindrive_plugin.dll
2013-12-09 01:18 - 2013-12-09 01:18 - 00048128 _____ () C:\Program Files (x86)\VLC\plugins\demux\libes_plugin.dll
2013-12-09 01:19 - 2013-12-09 01:19 - 00350720 _____ () C:\Program Files (x86)\VLC\plugins\codec\libtheora_plugin.dll
2013-12-09 01:18 - 2013-12-09 01:18 - 00038912 _____ () C:\Program Files (x86)\VLC\plugins\codec\librawvideo_plugin.dll
2013-12-09 01:18 - 2013-12-09 01:18 - 00144896 _____ () C:\Program Files (x86)\VLC\plugins\codec\libspeex_plugin.dll
2013-12-09 01:18 - 2013-12-09 01:18 - 01723904 _____ () C:\Program Files (x86)\VLC\plugins\codec\libvorbis_plugin.dll
2013-12-09 01:18 - 2013-12-09 01:18 - 00192512 _____ () C:\Program Files (x86)\VLC\plugins\demux\libmp4_plugin.dll
2013-12-09 01:18 - 2013-12-09 01:18 - 00091136 _____ () C:\Program Files (x86)\VLC\plugins\demux\libavi_plugin.dll
2013-12-09 01:18 - 2013-12-09 01:18 - 00037888 _____ () C:\Program Files (x86)\VLC\plugins\codec\libaes3_plugin.dll
2013-12-09 01:18 - 2013-12-09 01:18 - 00069120 _____ () C:\Program Files (x86)\VLC\plugins\demux\libasf_plugin.dll
2013-12-09 01:18 - 2013-12-09 01:18 - 00077824 _____ () C:\Program Files (x86)\VLC\plugins\demux\libflacsys_plugin.dll
2013-12-09 01:18 - 2013-12-09 01:18 - 00044032 _____ () C:\Program Files (x86)\VLC\plugins\codec\liblpcm_plugin.dll
2013-12-09 01:19 - 2013-12-09 01:19 - 00044032 _____ () C:\Program Files (x86)\VLC\plugins\packetizer\libpacketizer_flac_plugin.dll
2013-12-09 01:19 - 2013-12-09 01:19 - 00049152 _____ () C:\Program Files (x86)\VLC\plugins\packetizer\libpacketizer_dirac_plugin.dll
2013-12-09 01:19 - 2013-12-09 01:19 - 00043008 _____ () C:\Program Files (x86)\VLC\plugins\packetizer\libpacketizer_mlp_plugin.dll
2013-12-09 01:19 - 2013-12-09 01:19 - 00066048 _____ () C:\Program Files (x86)\VLC\plugins\packetizer\libpacketizer_mpeg4audio_plugin.dll
2013-12-09 01:19 - 2013-12-09 01:19 - 00057856 _____ () C:\Program Files (x86)\VLC\plugins\packetizer\libpacketizer_vc1_plugin.dll
2013-12-09 01:18 - 2013-12-09 01:18 - 00039424 _____ () C:\Program Files (x86)\VLC\plugins\codec\libsvcdsub_plugin.dll
2013-12-09 01:18 - 2013-12-09 01:18 - 00042496 _____ () C:\Program Files (x86)\VLC\plugins\codec\libspudec_plugin.dll
2013-12-09 01:19 - 2013-12-09 01:19 - 00049664 _____ () C:\Program Files (x86)\VLC\plugins\packetizer\libpacketizer_mpeg4video_plugin.dll
2013-12-09 01:19 - 2013-12-09 01:19 - 00047104 _____ () C:\Program Files (x86)\VLC\plugins\packetizer\libpacketizer_mpegvideo_plugin.dll
2013-12-09 01:19 - 2013-12-09 01:19 - 00041472 _____ () C:\Program Files (x86)\VLC\plugins\codec\libcvdsub_plugin.dll
2013-12-09 01:19 - 2013-12-09 01:19 - 00085504 _____ () C:\Program Files (x86)\VLC\plugins\packetizer\libpacketizer_h264_plugin.dll
2013-12-09 01:18 - 2013-12-09 01:18 - 00041472 _____ () C:\Program Files (x86)\VLC\plugins\codec\libmpeg_audio_plugin.dll
2013-12-09 01:19 - 2013-12-09 01:19 - 00292864 _____ () C:\Program Files (x86)\VLC\plugins\codec\libpng_plugin.dll
2013-12-09 01:19 - 2013-12-09 01:19 - 00040448 _____ () C:\Program Files (x86)\VLC\plugins\codec\libcdg_plugin.dll
2013-12-09 01:18 - 2013-12-09 01:18 - 01297920 _____ () C:\Program Files (x86)\VLC\plugins\codec\libschroedinger_plugin.dll
2013-12-09 01:19 - 2013-12-09 01:19 - 00041472 _____ () C:\Program Files (x86)\VLC\plugins\codec\libdts_plugin.dll
2013-12-09 01:18 - 2013-12-09 01:18 - 00359424 _____ () C:\Program Files (x86)\VLC\plugins\codec\libfaad_plugin.dll
2013-12-09 01:18 - 2013-12-09 01:18 - 00209408 _____ () C:\Program Files (x86)\VLC\plugins\codec\libflac_plugin.dll
2013-12-09 01:18 - 2013-12-09 01:18 - 00049152 _____ () C:\Program Files (x86)\VLC\plugins\codec\libg711_plugin.dll
2013-12-09 01:19 - 2013-12-09 01:19 - 01384960 _____ () C:\Program Files (x86)\VLC\plugins\codec\liblibass_plugin.dll
2013-12-09 01:18 - 2013-12-09 01:18 - 00034816 _____ () C:\Program Files (x86)\VLC\plugins\audio_mixer\libfloat_mixer_plugin.dll
2013-12-09 01:18 - 2013-12-09 01:18 - 00040960 _____ () C:\Program Files (x86)\VLC\plugins\audio_filter\libscaletempo_plugin.dll
2013-12-09 01:18 - 2013-12-09 01:18 - 00130560 _____ () C:\Program Files (x86)\VLC\plugins\audio_filter\libmpgatofixed32_plugin.dll
2013-12-09 01:18 - 2013-12-09 01:18 - 00183808 _____ () C:\Program Files (x86)\VLC\plugins\audio_filter\libdtstofloat32_plugin.dll
2013-12-09 01:18 - 2013-12-09 01:18 - 00073728 _____ () C:\Program Files (x86)\VLC\plugins\audio_filter\liba52tofloat32_plugin.dll
2013-12-09 01:18 - 2013-12-09 01:18 - 01518592 _____ () C:\Program Files (x86)\VLC\plugins\audio_filter\libsamplerate_plugin.dll
2013-12-09 01:18 - 2013-12-09 01:18 - 00040960 _____ () C:\Program Files (x86)\VLC\plugins\audio_filter\libsimple_channel_mixer_plugin.dll
2013-12-09 01:18 - 2013-12-09 01:18 - 00035328 _____ () C:\Program Files (x86)\VLC\plugins\audio_filter\liba52tospdif_plugin.dll
2013-12-09 01:18 - 2013-12-09 01:18 - 00037376 _____ () C:\Program Files (x86)\VLC\plugins\audio_filter\libdtstospdif_plugin.dll
2013-12-09 01:18 - 2013-12-09 01:18 - 00036352 _____ () C:\Program Files (x86)\VLC\plugins\audio_filter\libdolby_surround_decoder_plugin.dll
2013-12-09 01:18 - 2013-12-09 01:18 - 00036352 _____ () C:\Program Files (x86)\VLC\plugins\audio_filter\libugly_resampler_plugin.dll
2013-12-09 01:18 - 2013-12-09 01:18 - 00036864 _____ () C:\Program Files (x86)\VLC\plugins\audio_filter\libtrivial_channel_mixer_plugin.dll
2013-12-09 01:18 - 2013-12-09 01:18 - 00046080 _____ () C:\Program Files (x86)\VLC\plugins\audio_filter\libaudio_format_plugin.dll
2013-12-09 01:18 - 2013-12-09 01:18 - 00036864 _____ () C:\Program Files (x86)\VLC\plugins\access\libidummy_plugin.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:55B41E6A

==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/06/2014 01:31:23 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (01/06/2014 01:31:23 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (01/06/2014 01:31:23 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (01/03/2014 08:58:19 AM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (01/03/2014 08:58:19 AM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (01/03/2014 08:58:19 AM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (01/03/2014 08:20:59 AM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (01/03/2014 08:20:59 AM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (01/03/2014 08:20:59 AM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (01/01/2014 08:20:59 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: SHELL32.dll, Version: 6.1.7601.17859, Zeitstempel: 0x4fd2dfec
Ausnahmecode: 0xc000041d
Fehleroffset: 0x00000000000a0ca3
ID des fehlerhaften Prozesses: 0x630
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3


System errors:
=============
Error: (01/02/2014 04:59:15 PM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "J:" wurden verworfen, weil die Bereitsstellungaufhebung von Volume "J:", das einen Schattenkopiespeicher für diese Schattenkopie enthält, erzwungen wurde.

Error: (01/01/2014 08:21:18 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%-2147024891

Error: (01/01/2014 08:21:18 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Funktionssuche-Ressourcenveröffentlichung" wurde mit folgendem Fehler beendet:
%%-2147024891

Error: (01/01/2014 06:42:42 PM) (Source: Microsoft-Windows-BitLocker-Driver) (User: NT-AUTORITÄT)
Description: Überprüfung des verschlüsselten Volumes: Die Volumeinformationen auf "\\?\Volume{2f14de4a-a12e-11e2-9e56-1c6f65845c1c}" können nicht gelesen werden.

Error: (01/01/2014 06:40:30 PM) (Source: Microsoft-Windows-BitLocker-Driver) (User: NT-AUTORITÄT)
Description: Überprüfung des verschlüsselten Volumes: Die Volumeinformationen auf "\\?\Volume{0cbd010c-1914-11e3-851f-1c6f65845c1c}" können nicht gelesen werden.

Error: (01/01/2014 06:38:38 PM) (Source: VDS Basic Provider) (User: )
Description: Unerwarteter Fehler. Fehlercode: 490@01010004

Error: (12/29/2013 05:07:04 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069

Error: (12/29/2013 05:07:04 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (12/29/2013 05:06:15 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Funktionssuche-Ressourcenveröffentlichung" wurde mit folgendem Fehler beendet:
%%-2147024891

Error: (12/29/2013 05:06:15 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%-2147024891


Microsoft Office Sessions:
=========================
Error: (01/06/2014 01:31:23 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (01/06/2014 01:31:23 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000

Error: (01/06/2014 01:31:23 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000

Error: (01/03/2014 08:58:19 AM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (01/03/2014 08:58:19 AM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000

Error: (01/03/2014 08:58:19 AM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000

Error: (01/03/2014 08:20:59 AM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (01/03/2014 08:20:59 AM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000

Error: (01/03/2014 08:20:59 AM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000

Error: (01/01/2014 08:20:59 PM) (Source: Application Error)(User: )
Description: Explorer.EXE6.1.7601.175674d672ee4SHELL32.dll6.1.7601.178594fd2dfecc000041d00000000000a0ca363001cf04afb8b003f6C:\Windows\Explorer.EXEC:\Windows\system32\SHELL32.dlld7cf9263-7319-11e3-94d4-1c6f65845c1c


==================== Memory info ===========================

Percentage of memory in use: 49%
Total physical RAM: 8189.55 MB
Available physical RAM: 4152.78 MB
Total Pagefile: 16377.3 MB
Available Pagefile: 12297.13 MB
Total Virtual: 8192 MB
Available Virtual: 8191.78 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.76 GB) (Free:60.11 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (001) (CDROM) (Total:3.87 GB) (Free:0 GB) UDF
Drive f: (SOLDATEN_DER_APOKALYPSE) (CDROM) (Total:7.24 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 8AFEADDC)
Partition 1: (Active) - (Size=466 GB) - (Type=07 NTFS)

==================== End Of Log ============================
--- --- ---

aharonov 06.01.2014 23:24
Da läuft einiges an Malware..
Mach noch das:


Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

user54321 07.01.2014 00:08
Datei zu groß zum Anhängen und zu viele Zeichen um reinzukopieren :(
Lässt sich auch nicht packen (Winrar) - Zugriff verweigert

aharonov 07.01.2014 00:09
Dann füge das Logfile stückweise ein, indem du es auf 2 oder mehr Posts verteilst.

user54321 07.01.2014 00:14
OK

23:33:29.0942 0x23324 TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50
23:33:40.0023 0x23324 ============================================================
23:33:40.0023 0x23324 Current date / time: 2014/01/06 23:33:40.0023
23:33:40.0023 0x23324 SystemInfo:
23:33:40.0023 0x23324
23:33:40.0023 0x23324 OS Version: 6.1.7601 ServicePack: 1.0
23:33:40.0023 0x23324 Product type: Workstation
23:33:40.0023 0x23324 ComputerName: USG
23:33:40.0023 0x23324 UserName: Munfrosch
23:33:40.0023 0x23324 Windows directory: C:\Windows
23:33:40.0024 0x23324 System windows directory: C:\Windows
23:33:40.0024 0x23324 Running under WOW64
23:33:40.0024 0x23324 Processor architecture: Intel x64
23:33:40.0024 0x23324 Number of processors: 4
23:33:40.0024 0x23324 Page size: 0x1000
23:33:40.0024 0x23324 Boot type: Normal boot
23:33:40.0024 0x23324 ============================================================
23:33:42.0929 0x23324 KLMD registered as C:\Windows\system32\drivers\55614062.sys
23:33:43.0034 0x23324 System UUID: {02DB150E-408D-1B6C-71CE-78663CDD4B3E}
23:33:43.0524 0x23324 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:33:43.0527 0x23324 ============================================================
23:33:43.0527 0x23324 \Device\Harddisk0\DR0:
23:33:43.0527 0x23324 MBR partitions:
23:33:43.0527 0x23324 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384D42
23:33:43.0527 0x23324 ============================================================
23:33:43.0563 0x23324 C: <-> \Device\Harddisk0\DR0\Partition1
23:33:43.0563 0x23324 ============================================================
23:33:43.0563 0x23324 Initialize success
23:33:43.0563 0x23324 ============================================================
23:41:57.0554 0x238a8 ============================================================
23:41:57.0554 0x238a8 Scan started
23:41:57.0554 0x238a8 Mode: Manual; SigCheck; TDLFS;
23:41:57.0554 0x238a8 ============================================================
23:41:57.0554 0x238a8 KSN ping started
23:42:00.0271 0x238a8 KSN ping finished: true
23:42:02.0622 0x238a8 ================ Scan system memory ========================
23:42:02.0622 0x238a8 System memory - ok
23:42:02.0622 0x238a8 ================ Scan services =============================
23:42:02.0910 0x238a8 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
23:42:03.0093 0x238a8 1394ohci - ok
23:42:03.0130 0x238a8 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
23:42:03.0150 0x238a8 ACPI - ok
23:42:03.0215 0x238a8 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
23:42:03.0286 0x238a8 AcpiPmi - ok
23:42:03.0440 0x238a8 [ ADDA5E1951B90D3D23C56D3CF0622ADC, E85E7BFD29F00ED34BF5BE8BD4DA93CBB14278E16809BB55406875F0DA88551E ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
23:42:03.0450 0x238a8 AdobeARMservice - ok
23:42:03.0495 0x238a8 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
23:42:03.0516 0x238a8 adp94xx - ok
23:42:03.0552 0x238a8 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
23:42:03.0568 0x238a8 adpahci - ok
23:42:03.0586 0x238a8 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
23:42:03.0598 0x238a8 adpu320 - ok
23:42:03.0633 0x238a8 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
23:42:03.0763 0x238a8 AeLookupSvc - ok
23:42:03.0847 0x238a8 [ 1C7857B62DE5994A75B054A9FD4C3825, 83F963D7E636532B1AD30B1E727EC429317CA540F6EB3BB268FCC0B163B67767 ] AFD C:\Windows\system32\drivers\afd.sys
23:42:03.0901 0x238a8 AFD - ok
23:42:03.0949 0x238a8 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
23:42:03.0958 0x238a8 agp440 - ok
23:42:03.0983 0x238a8 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
23:42:04.0040 0x238a8 ALG - ok
23:42:04.0057 0x238a8 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
23:42:04.0065 0x238a8 aliide - ok
23:42:04.0169 0x238a8 ALSysIO - ok
23:42:04.0182 0x238a8 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
23:42:04.0191 0x238a8 amdide - ok
23:42:04.0238 0x238a8 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
23:42:04.0316 0x238a8 AmdK8 - ok
23:42:04.0342 0x238a8 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
23:42:04.0381 0x238a8 AmdPPM - ok
23:42:04.0448 0x238a8 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
23:42:04.0459 0x238a8 amdsata - ok
23:42:04.0488 0x238a8 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
23:42:04.0501 0x238a8 amdsbs - ok
23:42:04.0517 0x238a8 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
23:42:04.0525 0x238a8 amdxata - ok
23:42:04.0610 0x238a8 [ B5C0F65D6657C6ADD9ED75EC7583390B, 8EE69F05714A861A0439E1E1BA167A3B71E50E1BFFD20F1239F0FF2F20FA7BF4 ] AnyDVD C:\Windows\system32\Drivers\AnyDVD.sys
23:42:04.0650 0x238a8 AnyDVD - ok
23:42:04.0701 0x238a8 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
23:42:04.0824 0x238a8 AppID - ok
23:42:04.0862 0x238a8 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
23:42:04.0913 0x238a8 AppIDSvc - ok
23:42:04.0960 0x238a8 [ 3977D4A871CA0D4F2ED1E7DB46829731, 2AF1C3225994769C3FD25CD7E9603964B035576F25B0B6D91545566E0722FFAA ] Appinfo C:\Windows\System32\appinfo.dll
23:42:05.0032 0x238a8 Appinfo - ok
23:42:05.0062 0x238a8 [ 301AA64F9643BC453D90A66C4C0E7204, F9EDAD13F865B5F0A89FF59827EECB519F113EB037F2DA8367F1572629B503B1 ] AppleCharger C:\Windows\system32\DRIVERS\AppleCharger.sys
23:42:05.0069 0x238a8 AppleCharger - ok
23:42:05.0082 0x238a8 [ 95EF7247C50C7241FDAE39A9B3AFF4AE, 6E08FB095C04B2E217B139D6431336C0F24C128A2A83082A3085DC8C44AA247D ] AppleChargerSrv C:\Windows\system32\AppleChargerSrv.exe
23:42:05.0089 0x238a8 AppleChargerSrv - ok
23:42:05.0132 0x238a8 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
23:42:05.0193 0x238a8 AppMgmt - ok
23:42:05.0242 0x238a8 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
23:42:05.0252 0x238a8 arc - ok
23:42:05.0269 0x238a8 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
23:42:05.0279 0x238a8 arcsas - ok
23:42:05.0430 0x238a8 [ 108FB6DDB69E537A2EA53F425363FAE5, B12A9F5338D39805E08A44A335FF7AA77F2266F535A2F5C8412CC746C75E5B1D ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
23:42:05.0441 0x238a8 aspnet_state - ok
23:42:05.0469 0x238a8 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
23:42:05.0514 0x238a8 AsyncMac - ok
23:42:05.0554 0x238a8 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
23:42:05.0562 0x238a8 atapi - ok
23:42:05.0618 0x238a8 [ CA4A0176FA380EFD45DE9D0ACB9E1F86, D5CA4A13EE8DCCD5B01A709A808AE51AAC064F7A4C3D4F0A6E272CDB46D28585 ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
23:42:05.0710 0x238a8 Ati External Event Utility - ok
23:42:05.0900 0x238a8 [ AEAE4ABE6419923C037A0B2A157E1FC6, F04A79797AB697AA8316C37DF0D79ED28A9134BD0E1B2C9400619C0A9B3634FF ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
23:42:06.0123 0x238a8 atikmdag - ok
23:42:06.0213 0x238a8 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:42:06.0276 0x238a8 AudioEndpointBuilder - ok
23:42:06.0321 0x238a8 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
23:42:06.0363 0x238a8 AudioSrv - ok
23:42:06.0423 0x238a8 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
23:42:06.0485 0x238a8 AxInstSV - ok
23:42:06.0541 0x238a8 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
23:42:06.0602 0x238a8 b06bdrv - ok
23:42:06.0653 0x238a8 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
23:42:06.0692 0x238a8 b57nd60a - ok
23:42:06.0741 0x238a8 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
23:42:06.0791 0x238a8 BDESVC - ok
23:42:06.0835 0x238a8 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
23:42:06.0882 0x238a8 Beep - ok
23:42:06.0976 0x238a8 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
23:42:07.0035 0x238a8 BFE - ok
23:42:07.0070 0x238a8 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
23:42:07.0102 0x238a8 blbdrive - ok
23:42:07.0155 0x238a8 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
23:42:07.0175 0x238a8 bowser - ok
23:42:07.0193 0x238a8 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
23:42:07.0251 0x238a8 BrFiltLo - ok
23:42:07.0269 0x238a8 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
23:42:07.0295 0x238a8 BrFiltUp - ok
23:42:07.0342 0x238a8 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
23:42:07.0387 0x238a8 Browser - ok
23:42:07.0409 0x238a8 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
23:42:07.0441 0x238a8 Brserid - ok
23:42:07.0454 0x238a8 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
23:42:07.0466 0x238a8 BrSerWdm - ok
23:42:07.0485 0x238a8 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
23:42:07.0509 0x238a8 BrUsbMdm - ok
23:42:07.0536 0x238a8 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
23:42:07.0545 0x238a8 BrUsbSer - ok
23:42:07.0565 0x238a8 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
23:42:07.0592 0x238a8 BTHMODEM - ok
23:42:07.0648 0x238a8 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
23:42:07.0696 0x238a8 bthserv - ok
23:42:07.0737 0x238a8 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
23:42:07.0791 0x238a8 cdfs - ok
23:42:07.0853 0x238a8 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
23:42:07.0881 0x238a8 cdrom - ok
23:42:07.0951 0x238a8 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
23:42:08.0020 0x238a8 CertPropSvc - ok
23:42:08.0247 0x238a8 [ 213B6EC3DE19E35373A1906397588429, C72B74D4840946DC6952B9F6C4A568DA702DD2D6E211AA5BB7F82EF481F449C6 ] CGVPNCliSrvc C:\Program Files\CyberGhost VPN\CGVPNCliService.exe
23:42:08.0345 0x238a8 CGVPNCliSrvc - ok
23:42:08.0389 0x238a8 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
23:42:08.0401 0x238a8 circlass - ok
23:42:08.0426 0x238a8 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
23:42:08.0444 0x238a8 CLFS - ok
23:42:08.0486 0x238a8 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:42:08.0494 0x238a8 clr_optimization_v2.0.50727_32 - ok
23:42:08.0544 0x238a8 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:42:08.0553 0x238a8 clr_optimization_v2.0.50727_64 - ok
23:42:08.0657 0x238a8 [ 6D7C8A951AF6AD6835C029B3CB88D333, 66F3D79887B2449B4C6912D1A258D1A96056888F51A8AA24FEDF37942AD5BDBB ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:42:08.0671 0x238a8 clr_optimization_v4.0.30319_32 - ok
23:42:08.0716 0x238a8 [ 86329C35FF23CFEF0FB6C0023BA06BCE, D915CE7AD564F97A1C3B047D5248B7EF67ADDC59687FBC90F1776C21DAA0D3FD ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
23:42:08.0728 0x238a8 clr_optimization_v4.0.30319_64 - ok
23:42:08.0753 0x238a8 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
23:42:08.0845 0x238a8 CmBatt - ok
23:42:08.0872 0x238a8 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
23:42:08.0881 0x238a8 cmdide - ok
23:42:08.0932 0x238a8 [ AAFCB52FE0037207FB6FBEA070D25EFE, 7D035BFB6DD86944CCDE6D71811891406D7FD08344EF8CF57C4D932E096F1377 ] CNG C:\Windows\system32\Drivers\cng.sys
23:42:08.0962 0x238a8 CNG - ok
23:42:08.0977 0x238a8 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
23:42:08.0986 0x238a8 Compbatt - ok
23:42:09.0012 0x238a8 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
23:42:09.0083 0x238a8 CompositeBus - ok
23:42:09.0108 0x238a8 COMSysApp - ok
23:42:09.0129 0x238a8 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
23:42:09.0138 0x238a8 crcdisk - ok
23:42:09.0189 0x238a8 [ 9C01375BE382E834CC26D1B7EAF2C4FE, B1D1E36B91A3C3CD09428EE3403896F71390A2798323BB406B484D9DB064A219 ] CryptSvc C:\Windows\system32\cryptsvc.dll
23:42:09.0263 0x238a8 CryptSvc - ok
23:42:09.0336 0x238a8 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
23:42:09.0530 0x238a8 CSC - ok
23:42:09.0602 0x238a8 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
23:42:09.0647 0x238a8 CscService - ok
23:42:09.0699 0x238a8 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
23:42:09.0758 0x238a8 DcomLaunch - ok
23:42:09.0806 0x238a8 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
23:42:09.0863 0x238a8 defragsvc - ok
23:42:09.0907 0x238a8 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
23:42:09.0953 0x238a8 DfsC - ok
23:42:10.0026 0x238a8 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
23:42:10.0050 0x238a8 Dhcp - ok
23:42:10.0060 0x238a8 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
23:42:10.0100 0x238a8 discache - ok
23:42:10.0147 0x238a8 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
23:42:10.0157 0x238a8 Disk - ok
23:42:10.0222 0x238a8 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
23:42:10.0280 0x238a8 Dnscache - ok
23:42:10.0327 0x238a8 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
23:42:10.0382 0x238a8 dot3svc - ok
23:42:10.0441 0x238a8 [ B42ED0320C6E41102FDE0005154849BB, 4DB872E23AD049C3C9FDC0759FC58BFA60DA91B18BC82B611BFA300D26DDFC7A ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
23:42:10.0480 0x238a8 Dot4 - ok
23:42:10.0511 0x238a8 [ E9F5969233C5D89F3C35E3A66A52A361, C4BD35795C78FB11E6022372CB25DEB570730EFDAD3DC1584368235FF622638C ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
23:42:10.0544 0x238a8 Dot4Print - ok
23:42:10.0620 0x238a8 [ FD05A02B0370BC3000F402E543CA5814, 089B1113E640F495F470E8F57060B89546270481B309DC8ED3C3D13A849076A3 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
23:42:10.0647 0x238a8 dot4usb - ok
23:42:10.0699 0x238a8 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
23:42:10.0751 0x238a8 DPS - ok
23:42:10.0804 0x238a8 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
23:42:10.0837 0x238a8 drmkaud - ok
23:42:10.0902 0x238a8 [ F5BEE30450E18E6B83A5012C100616FD, 44D0577D159FC2BDF4EAD1DC2C7FD14925D075225EF97608CAC52DEE405B08FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
23:42:10.0950 0x238a8 DXGKrnl - ok
23:42:10.0973 0x238a8 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
23:42:11.0025 0x238a8 EapHost - ok
23:42:11.0172 0x238a8 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
23:42:11.0344 0x238a8 ebdrv - ok
23:42:11.0403 0x238a8 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] EFS C:\Windows\System32\lsass.exe
23:42:11.0419 0x238a8 EFS - ok
23:42:11.0467 0x238a8 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
23:42:11.0509 0x238a8 ehRecvr - ok
23:42:11.0531 0x238a8 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
23:42:11.0584 0x238a8 ehSched - ok
23:42:11.0659 0x238a8 [ 9387A484D31209D7FC3F795A787294DB, 3CAFA3403B8A3547811B7233FB399FA8BB9FF54C82AC317955EDACE2E13519E5 ] ElbyCDFL C:\Windows\system32\Drivers\ElbyCDFL.sys
23:42:11.0668 0x238a8 ElbyCDFL - ok
23:42:11.0718 0x238a8 [ A05FC7ECA0966EBB70E4D17B855A853B, 16A0C8138A3BBD8BE2658261131F9777940CFB1431018A10710E5C1A88AB70EA ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
23:42:11.0726 0x238a8 ElbyCDIO - ok
23:42:11.0772 0x238a8 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
23:42:11.0796 0x238a8 elxstor - ok
23:42:11.0837 0x238a8 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
23:42:11.0869 0x238a8 ErrDev - ok
23:42:11.0939 0x238a8 [ B8FA96995726D1FA58476E352C02AD82, 6BBD49B16A19CC3C3337707EFBEB6BC355CB077CBBBC99D8985A3FBB6E871A89 ] ES lite Service C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE
23:42:11.0947 0x238a8 ES lite Service - ok
23:42:11.0990 0x238a8 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
23:42:12.0043 0x238a8 EventSystem - ok
23:42:12.0103 0x238a8 [ 251AF86E0A4DDF3A6B181ED5103B06B1, 1823E7C87F0D8972A89D71B1FB633C5D43744F9803E6A8B866F6EA610032437C ] ewusbnet C:\Windows\system32\DRIVERS\ewusbnet.sys
23:42:12.0152 0x238a8 ewusbnet - ok
23:42:12.0186 0x238a8 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
23:42:12.0239 0x238a8 exfat - ok
23:42:12.0262 0x238a8 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
23:42:12.0317 0x238a8 fastfat - ok
23:42:12.0419 0x238a8 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
23:42:12.0460 0x238a8 Fax - ok
23:42:12.0473 0x238a8 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
23:42:12.0502 0x238a8 fdc - ok
23:42:12.0549 0x238a8 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
23:42:12.0594 0x238a8 fdPHost - ok
23:42:12.0634 0x238a8 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
23:42:12.0681 0x238a8 FDResPub - ok
23:42:12.0716 0x238a8 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
23:42:12.0725 0x238a8 FileInfo - ok
23:42:12.0733 0x238a8 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
23:42:12.0789 0x238a8 Filetrace - ok
23:42:12.0810 0x238a8 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
23:42:12.0835 0x238a8 flpydisk - ok
23:42:12.0881 0x238a8 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
23:42:12.0985 0x238a8 FltMgr - ok
23:42:13.0154 0x238a8 [ 5C4CB4086FB83115B153E47ADD961A0C, 0C3AB7D04BEB3A8FDE00B0C86E6FE064B1CEBB3E4DE1A29CD27830806FA300B3 ] FontCache C:\Windows\system32\FntCache.dll
23:42:13.0273 0x238a8 FontCache - ok
23:42:13.0348 0x238a8 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:42:13.0356 0x238a8 FontCache3.0.0.0 - ok
23:42:13.0375 0x238a8 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
23:42:13.0385 0x238a8 FsDepends - ok
23:42:13.0434 0x238a8 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
23:42:13.0443 0x238a8 Fs_Rec - ok
23:42:13.0513 0x238a8 [ 1F7B25B858FA27015169FE95E54108ED, 72DD12E924AA7273B3E4BDD2A2C581DECE304C8EF3D44EA79ABB032F3F95DCE5 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
23:42:13.0530 0x238a8 fvevol - ok
23:42:13.0558 0x238a8 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
23:42:13.0567 0x238a8 gagp30kx - ok
23:42:13.0653 0x238a8 [ 7907E14F9BCF3A4689C9A74A1A873CB6, 17927B93B2D6AB4271C158F039CAE2D60591D6A14458F5A5690AEC86F5D54229 ] gdrv C:\Windows\gdrv.sys
23:42:13.0662 0x238a8 gdrv - ok
23:42:13.0736 0x238a8 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
23:42:13.0806 0x238a8 gpsvc - ok
23:42:13.0932 0x238a8 [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:42:13.0942 0x238a8 gupdate - ok
23:42:13.0976 0x238a8 [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:42:13.0985 0x238a8 gupdatem - ok
23:42:14.0019 0x238a8 [ 8126331FBD4ED29EB3B356F9C905064D, A58BCE904591DD762410E99960FD956FB579C2CE78FA7BF1406075D29537EF82 ] GVTDrv64 C:\Windows\GVTDrv64.sys
23:42:14.0027 0x238a8 GVTDrv64 - ok
23:42:14.0037 0x238a8 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
23:42:14.0092 0x238a8 hcw85cir - ok
23:42:14.0156 0x238a8 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:42:14.0176 0x238a8 HdAudAddService - ok
23:42:14.0197 0x238a8 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
23:42:14.0229 0x238a8 HDAudBus - ok
23:42:14.0353 0x238a8 [ E8801690E818F9044EBA63691E4040C4, 8CCA60B1DBE76CC1A19375DB07543B9D0B2D5E4D48EF72E06182830877A98D2B ] HDDlife HDD Access service C:\Program Files (x86)\Common Files\BinarySense\hldasvc.exe
23:42:14.0427 0x238a8 HDDlife HDD Access service - ok
23:42:14.0450 0x238a8 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
23:42:14.0483 0x238a8 HidBatt - ok
23:42:14.0509 0x238a8 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
23:42:14.0542 0x238a8 HidBth - ok
23:42:14.0563 0x238a8 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
23:42:14.0574 0x238a8 HidIr - ok
23:42:14.0603 0x238a8 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
23:42:14.0633 0x238a8 hidserv - ok
23:42:14.0682 0x238a8 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
23:42:14.0691 0x238a8 HidUsb - ok
23:42:14.0740 0x238a8 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
23:42:14.0793 0x238a8 hkmsvc - ok
23:42:14.0849 0x238a8 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
23:42:14.0871 0x238a8 HomeGroupListener - ok
23:42:14.0919 0x238a8 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
23:42:14.0951 0x238a8 HomeGroupProvider - ok
23:42:15.0101 0x238a8 [ 1DAE5C46D42B02A6D5862E1482EFB390, 90B14E0A8376AE51872D89C141E88AE144B742805F94B4F7948E295322C78B9D ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
23:42:15.0125 0x238a8 hpqcxs08 - detected UnsignedFile.Multi.Generic ( 1 )
23:42:17.0517 0x238a8 Detect skipped due to KSN trusted
23:42:17.0517 0x238a8 hpqcxs08 - ok
23:42:17.0550 0x238a8 [ 99E8EEF42FE2F4AF29B08C3355DD7685, D57BC2148653DA5596FB49F1086D165B11C9F6C644608202C08305D3C8499CFE ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
23:42:17.0571 0x238a8 hpqddsvc - detected UnsignedFile.Multi.Generic ( 1 )
23:42:20.0057 0x238a8 Detect skipped due to KSN trusted
23:42:20.0057 0x238a8 hpqddsvc - ok
23:42:20.0119 0x238a8 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
23:42:20.0129 0x238a8 HpSAMD - ok
23:42:20.0202 0x238a8 [ F37882F128EFACEFE353E0BAE2766909, 2F9D21613500F092DFC0DB879180B549EE615D9B07408A5CC1A7F84663B2F47A ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
23:42:20.0266 0x238a8 HPSLPSVC - detected UnsignedFile.Multi.Generic ( 1 )
23:42:22.0672 0x238a8 Detect skipped due to KSN trusted
23:42:22.0672 0x238a8 HPSLPSVC - ok
23:42:22.0766 0x238a8 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
23:42:22.0824 0x238a8 HTTP - ok
23:42:22.0864 0x238a8 [ 4B5C07DB91A0099272FAAE732E1152BD, E0408F85A2E1E310F5143A01A34456F120875D21E0E9D0A9F9EBC96514CFC47C ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys
23:42:22.0922 0x238a8 hwdatacard - ok
23:42:22.0972 0x238a8 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
23:42:22.0979 0x238a8 hwpolicy - ok
23:42:23.0030 0x238a8 [ 9C13A2691AC410CC7469F298684DCA5D, 2B07FE759B479A36AB4DE185AF8B4295396A1F8674587721BE7C92FC31ADFF0D ] hwusbfake C:\Windows\system32\DRIVERS\ewusbfake.sys
23:42:23.0078 0x238a8 hwusbfake - ok
23:42:23.0136 0x238a8 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
23:42:23.0148 0x238a8 i8042prt - ok
23:42:23.0217 0x238a8 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
23:42:23.0234 0x238a8 iaStorV - ok
23:42:23.0294 0x238a8 [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
23:42:23.0300 0x238a8 IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
23:42:25.0781 0x238a8 Detect skipped due to KSN trusted
23:42:25.0781 0x238a8 IDriverT - ok
23:42:25.0879 0x238a8 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:42:25.0925 0x238a8 idsvc - ok
23:42:25.0966 0x238a8 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
23:42:25.0975 0x238a8 iirsp - ok
23:42:26.0060 0x238a8 [ FCD84C381E0140AF901E58D48882D26B, 76955FFC230C801E8ED890E32076075F04CD6E5EC79E594FDE6D23797A36B406 ] IKEEXT C:\Windows\System32\ikeext.dll
23:42:26.0167 0x238a8 IKEEXT - ok
23:42:26.0269 0x238a8 [ 0ADF714079AE174A39D69036143E4C50, 93184D0DB1265D94BA92922783514ADFDAB04557EB0DEF9715D8B1EF06EDD692 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
23:42:26.0381 0x238a8 IntcAzAudAddService - ok
23:42:26.0410 0x238a8 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
23:42:26.0418 0x238a8 intelide - ok
23:42:26.0447 0x238a8 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
23:42:26.0472 0x238a8 intelppm - ok
23:42:26.0493 0x238a8 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
23:42:26.0542 0x238a8 IPBusEnum - ok
23:42:26.0587 0x238a8 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:42:26.0615 0x238a8 IpFilterDriver - ok
23:42:26.0676 0x238a8 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
23:42:26.0707 0x238a8 IPMIDRV - ok
23:42:26.0735 0x238a8 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
23:42:26.0763 0x238a8 IPNAT - ok
23:42:26.0784 0x238a8 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
23:42:26.0815 0x238a8 IRENUM - ok
23:42:26.0864 0x238a8 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
23:42:26.0873 0x238a8 isapnp - ok
23:42:26.0914 0x238a8 [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
23:42:26.0928 0x238a8 iScsiPrt - ok
23:42:27.0030 0x238a8 [ F3A41EC4C6506E76E07A219B3A1DF8D2, B34FDAA453E6E089374B33533A89F76DEE1C2D14F9939AF3669B6F33FA41DD76 ] JMB36X C:\Windows\SysWOW64\XSrvSetup.exe
23:42:27.0039 0x238a8 JMB36X - ok
23:42:27.0073 0x238a8 [ 1C368C1A2733DCC5B8E15420AA2B0F6D, C43A3534E33CEAEB8359D493FDB4663CB7C1E9286862B2CEE2788E9EA060DF1D ] JRAID C:\Windows\system32\DRIVERS\jraid.sys
23:42:27.0082 0x238a8 JRAID - ok
23:42:27.0136 0x238a8 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
23:42:27.0145 0x238a8 kbdclass - ok
23:42:27.0166 0x238a8 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
23:42:27.0191 0x238a8 kbdhid - ok
23:42:27.0219 0x238a8 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] KeyIso C:\Windows\system32\lsass.exe
23:42:27.0227 0x238a8 KeyIso - ok
23:42:27.0273 0x238a8 [ 97A7070AEA4C058B6418519E869A63B4, 15345C2D6CA159BD498002974A0BD21CAB611124D85E3320248B47652AEF23C8 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
23:42:27.0282 0x238a8 KSecDD - ok
23:42:27.0341 0x238a8 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E, 94F1382291BD748BAE7EDBCB56F43B8564A1EE22E2DBEB37066559EE3D065FBA ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
23:42:27.0353 0x238a8 KSecPkg - ok
23:42:27.0387 0x238a8 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
23:42:27.0434 0x238a8 ksthunk - ok
23:42:27.0493 0x238a8 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
23:42:27.0546 0x238a8 KtmRm - ok
23:42:27.0591 0x238a8 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
23:42:27.0624 0x238a8 LanmanServer - ok
23:42:27.0679 0x238a8 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:42:27.0722 0x238a8 LanmanWorkstation - ok
23:42:27.0859 0x238a8 [ C34411A244029F1C08687F7C752C4563, 4FC1D6156D760AE8138547262B33677118BD9369F4930F5C5F9BAA2FE6E78EA3 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
23:42:27.0882 0x238a8 LightScribeService - detected UnsignedFile.Multi.Generic ( 1 )
23:42:30.0297 0x238a8 Detect skipped due to KSN trusted
23:42:30.0297 0x238a8 LightScribeService - ok
23:42:30.0322 0x238a8 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
23:42:30.0364 0x238a8 lltdio - ok
23:42:30.0399 0x238a8 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
23:42:30.0453 0x238a8 lltdsvc - ok
23:42:30.0476 0x238a8 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
23:42:30.0518 0x238a8 lmhosts - ok
23:42:30.0558 0x238a8 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
23:42:30.0568 0x238a8 LSI_FC - ok
23:42:30.0574 0x238a8 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
23:42:30.0585 0x238a8 LSI_SAS - ok
23:42:30.0596 0x238a8 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
23:42:30.0605 0x238a8 LSI_SAS2 - ok
23:42:30.0610 0x238a8 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
23:42:30.0620 0x238a8 LSI_SCSI - ok
23:42:30.0636 0x238a8 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
23:42:30.0665 0x238a8 luafv - ok
23:42:30.0719 0x238a8 [ 23488767CB18FC3FF39E3AF1DB3FB02C, F526B80EDA5309162239741CF1C77957E2F9EDEB223AB3DB6FF0DEA3D473590B ] massfilter C:\Windows\system32\drivers\massfilter.sys
23:42:30.0756 0x238a8 massfilter - ok
23:42:30.0799 0x238a8 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
23:42:30.0834 0x238a8 Mcx2Svc - ok
23:42:30.0859 0x238a8 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
23:42:30.0868 0x238a8 megasas - ok
23:42:30.0897 0x238a8 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
23:42:30.0912 0x238a8 MegaSR - ok
23:42:30.0938 0x238a8 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
23:42:30.0981 0x238a8 MMCSS - ok
23:42:31.0005 0x238a8 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
23:42:31.0046 0x238a8 Modem - ok
23:42:31.0074 0x238a8 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
23:42:31.0111 0x238a8 monitor - ok
23:42:31.0140 0x238a8 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
23:42:31.0148 0x238a8 mouclass - ok
23:42:31.0174 0x238a8 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
23:42:31.0183 0x238a8 mouhid - ok
23:42:31.0234 0x238a8 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
23:42:31.0244 0x238a8 mountmgr - ok
23:42:31.0300 0x238a8 [ 3B9398E0146855B1DC0E3D9769C80F01, DF69DB5CA30A5577648635C27DD468AF98515D07DF379B3FFDCC6B40744EDE66 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
23:42:31.0311 0x238a8 MozillaMaintenance - ok
23:42:31.0357 0x238a8 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
23:42:31.0370 0x238a8 mpio - ok
23:42:31.0407 0x238a8 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
23:42:31.0435 0x238a8 mpsdrv - ok
23:42:31.0515 0x238a8 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
23:42:31.0581 0x238a8 MpsSvc - ok
23:42:31.0627 0x238a8 [ DC722758B8261E1ABAFD31A3C0A66380, 88BBE073E2CCD1DAB4656DDC53D5161E8A91D035ADAC1465D0CEBA86F1BB6D9A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
23:42:31.0642 0x238a8 MRxDAV - ok
23:42:31.0688 0x238a8 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
23:42:31.0714 0x238a8 mrxsmb - ok
23:42:31.0764 0x238a8 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:42:31.0794 0x238a8 mrxsmb10 - ok
23:42:31.0822 0x238a8 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:42:31.0857 0x238a8 mrxsmb20 - ok
23:42:31.0897 0x238a8 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
23:42:31.0910 0x238a8 msahci - ok
23:42:31.0977 0x238a8 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
23:42:31.0989 0x238a8 msdsm - ok
23:42:32.0009 0x238a8 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
23:42:32.0045 0x238a8 MSDTC - ok
23:42:32.0073 0x238a8 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
23:42:32.0100 0x238a8 Msfs - ok
23:42:32.0120 0x238a8 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
23:42:32.0166 0x238a8 mshidkmdf - ok
23:42:32.0202 0x238a8 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
23:42:32.0211 0x238a8 msisadrv - ok
23:42:32.0242 0x238a8 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
23:42:32.0289 0x238a8 MSiSCSI - ok
23:42:32.0292 0x238a8 msiserver - ok
23:42:32.0316 0x238a8 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
23:42:32.0371 0x238a8 MSKSSRV - ok
23:42:32.0404 0x238a8 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
23:42:32.0448 0x238a8 MSPCLOCK - ok
23:42:32.0452 0x238a8 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
23:42:32.0524 0x238a8 MSPQM - ok
23:42:32.0581 0x238a8 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
23:42:32.0598 0x238a8 MsRPC - ok
23:42:32.0628 0x238a8 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
23:42:32.0636 0x238a8 mssmbios - ok
23:42:32.0652 0x238a8 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
23:42:32.0699 0x238a8 MSTEE - ok
23:42:32.0717 0x238a8 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
23:42:32.0725 0x238a8 MTConfig - ok
23:42:32.0740 0x238a8 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
23:42:32.0749 0x238a8 Mup - ok
23:42:32.0807 0x238a8 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
23:42:32.0871 0x238a8 napagent - ok
23:42:32.0919 0x238a8 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
23:42:32.0963 0x238a8 NativeWifiP - ok
23:42:33.0096 0x238a8 [ DACA803A8D732FE5EEAA024EC342F81D, 2DDEA48CD417EDD657D487BADA7C31C05F35DA328AAC5AA63A99FDFD44F2BF02 ] NBVol C:\Windows\system32\DRIVERS\NBVol.sys
23:42:33.0115 0x238a8 NBVol - ok
23:42:33.0144 0x238a8 [ 6208F622E9E35860DFB0753DFF56F0C0, AF7730B4AB642E0E45C05AE1429C7B3D90B0889CF94B21AC7869790D4DB6FDBE ] NBVolUp C:\Windows\system32\DRIVERS\NBVolUp.sys
23:42:33.0150 0x238a8 NBVolUp - ok
23:42:33.0244 0x238a8 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
23:42:33.0292 0x238a8 NDIS - ok
23:42:33.0321 0x238a8 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
23:42:33.0348 0x238a8 NdisCap - ok
23:42:33.0384 0x238a8 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
23:42:33.0410 0x238a8 NdisTapi - ok
23:42:33.0464 0x238a8 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
23:42:33.0490 0x238a8 Ndisuio - ok
23:42:33.0542 0x238a8 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
23:42:33.0592 0x238a8 NdisWan - ok
23:42:33.0645 0x238a8 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
23:42:33.0696 0x238a8 NDProxy - ok
23:42:33.0764 0x238a8 [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
23:42:33.0783 0x238a8 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
23:42:36.0190 0x238a8 Detect skipped due to KSN trusted
23:42:36.0190 0x238a8 Net Driver HPZ12 - ok
23:42:36.0228 0x238a8 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
23:42:36.0272 0x238a8 NetBIOS - ok
23:42:36.0329 0x238a8 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
23:42:36.0382 0x238a8 NetBT - ok
23:42:36.0411 0x238a8 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] Netlogon C:\Windows\system32\lsass.exe
23:42:36.0420 0x238a8 Netlogon - ok
23:42:36.0459 0x238a8 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
23:42:36.0510 0x238a8 Netman - ok
23:42:36.0601 0x238a8 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:42:36.0615 0x238a8 NetMsmqActivator - ok
23:42:36.0637 0x238a8 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:42:36.0650 0x238a8 NetPipeActivator - ok
23:42:36.0663 0x238a8 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
23:42:36.0722 0x238a8 netprofm - ok
23:42:36.0746 0x238a8 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:42:36.0759 0x238a8 NetTcpActivator - ok
23:42:36.0764 0x238a8 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:42:36.0776 0x238a8 NetTcpPortSharing - ok
23:42:36.0815 0x238a8 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
23:42:36.0825 0x238a8 nfrd960 - ok
23:42:36.0878 0x238a8 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
23:42:36.0932 0x238a8 NlaSvc - ok
23:42:36.0955 0x238a8 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
23:42:37.0008 0x238a8 Npfs - ok
23:42:37.0034 0x238a8 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
23:42:37.0075 0x238a8 nsi - ok
23:42:37.0099 0x238a8 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
23:42:37.0149 0x238a8 nsiproxy - ok
23:42:37.0234 0x238a8 [ E453ACF4E7D44E5530B5D5F2B9CA8563, 85EEBCBB3187A21282619A0264C10E9E52EFE4387F3425D3D279EF460DA3AD06 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
23:42:37.0296 0x238a8 Ntfs - ok
23:42:37.0316 0x238a8 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
23:42:37.0343 0x238a8 Null - ok
23:42:37.0365 0x238a8 [ 785298579B5F9B4032152DFBB992FDB6, 873346A9B2C71C4F3F8B9C6B6AF34AD3675D029DAEA93876350ACBCEE19145D5 ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
23:42:37.0382 0x238a8 nusb3hub - ok
23:42:37.0428 0x238a8 [ DF2750481B4964814467C974F2B0EEF1, 573FE5B5867C207355F0D6BBAE744EC5D2539F02DDC25E1470AE2D1E00954C3C ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
23:42:37.0440 0x238a8 nusb3xhc - ok
23:42:37.0469 0x238a8 [ ED9380F201C8126425C09BED96DBE1E5, 84DA862FA505BF6C58F13A5E8913E9D95890C8C3D00C503A8ABFCA9BC1B080A0 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
23:42:37.0480 0x238a8 NVHDA - ok
23:42:37.0921 0x238a8 [ 5104BAC2DA2A5BDD86AC6B0708B00F06, A02501514F8517CB5A6CFE4352A3D0F864153470015589428A6B14477E791514 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
23:42:38.0370 0x238a8 nvlddmkm - ok
23:42:38.0426 0x238a8 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
23:42:38.0438 0x238a8 nvraid - ok
23:42:38.0469 0x238a8 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
23:42:38.0481 0x238a8 nvstor - ok
23:42:38.0571 0x238a8 [ DDFAFCE89A5C93D04712B86F94E9FCBA, 377303D4CAC9E3AD5B58894CF7AECDA4FCD3D721568BE8BACC0A897A0956919A ] NVSvc C:\Windows\system32\nvvsvc.exe
23:42:38.0604 0x238a8 NVSvc - ok
23:42:38.0694 0x238a8 [ 84E035225474E48CD3A6A3CE52332095, C90E1BC112EDED3035F2D440DDA6FC838D5D9B5F0D7CBE5E4672FEB1CC49F449 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
23:42:38.0741 0x238a8 nvUpdatusService - ok
23:42:38.0811 0x238a8 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
23:42:38.0822 0x238a8 nv_agp - ok
23:42:38.0867 0x238a8 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
23:42:38.0878 0x238a8 ohci1394 - ok
23:42:38.0923 0x238a8 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
23:42:39.0010 0x238a8 p2pimsvc - ok
23:42:39.0105 0x238a8 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
23:42:39.0171 0x238a8 p2psvc - ok
23:42:39.0205 0x238a8 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
23:42:39.0236 0x238a8 Parport - ok
23:42:39.0274 0x238a8 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
23:42:39.0283 0x238a8 partmgr - ok
23:42:39.0307 0x238a8 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
23:42:39.0345 0x238a8 PcaSvc - ok
23:42:39.0387 0x238a8 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
23:42:39.0399 0x238a8 pci - ok
23:42:39.0413 0x238a8 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
23:42:39.0421 0x238a8 pciide - ok
23:42:39.0442 0x238a8 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
23:42:39.0456 0x238a8 pcmcia - ok
23:42:39.0478 0x238a8 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
23:42:39.0487 0x238a8 pcw - ok
23:42:39.0512 0x238a8 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
23:42:39.0572 0x238a8 PEAUTH - ok
23:42:39.0636 0x238a8 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
23:42:39.0720 0x238a8 PeerDistSvc - ok
23:42:39.0767 0x238a8 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
23:42:39.0776 0x238a8 PerfHost - ok
23:42:39.0860 0x238a8 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
23:42:39.0942 0x238a8 pla - ok
23:42:39.0999 0x238a8 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
23:42:40.0065 0x238a8 PlugPlay - ok
23:42:40.0100 0x238a8 [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
23:42:40.0105 0x238a8 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
23:42:42.0616 0x238a8 Detect skipped due to KSN trusted
23:42:42.0616 0x238a8 Pml Driver HPZ12 - ok
23:42:42.0620 0x238a8 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
23:42:42.0648 0x238a8 PNRPAutoReg - ok
23:42:42.0679 0x238a8 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
23:42:42.0695 0x238a8 PNRPsvc - ok
23:42:42.0759 0x238a8 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
23:42:42.0817 0x238a8 PolicyAgent - ok
23:42:42.0856 0x238a8 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
23:42:42.0887 0x238a8 Power - ok
23:42:42.0949 0x238a8 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
23:42:42.0978 0x238a8 PptpMiniport - ok
23:42:42.0992 0x238a8 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
23:42:43.0023 0x238a8 Processor - ok
23:42:43.0061 0x238a8 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
23:42:43.0105 0x238a8 ProfSvc - ok
23:42:43.0119 0x238a8 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] ProtectedStorage C:\Windows\system32\lsass.exe
23:42:43.0128 0x238a8 ProtectedStorage - ok
23:42:43.0177 0x238a8 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
23:42:43.0219 0x238a8 Psched - ok
23:42:43.0297 0x238a8 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
23:42:43.0359 0x238a8 ql2300 - ok
23:42:43.0378 0x238a8 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
23:42:43.0388 0x238a8 ql40xx - ok
23:42:43.0419 0x238a8 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
23:42:43.0437 0x238a8 QWAVE - ok
23:42:43.0446 0x238a8 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
23:42:43.0459 0x238a8 QWAVEdrv - ok
23:42:43.0473 0x238a8 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
23:42:43.0522 0x238a8 RasAcd - ok
23:42:43.0561 0x238a8 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
23:42:43.0589 0x238a8 RasAgileVpn - ok
23:42:43.0608 0x238a8 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
23:42:43.0656 0x238a8 RasAuto - ok
23:42:43.0705 0x238a8 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
23:42:43.0756 0x238a8 Rasl2tp - ok
23:42:43.0805 0x238a8 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
23:42:43.0839 0x238a8 RasMan - ok
23:42:43.0859 0x238a8 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
23:42:43.0908 0x238a8 RasPppoe - ok
23:42:43.0926 0x238a8 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
23:42:43.0977 0x238a8 RasSstp - ok
23:42:44.0018 0x238a8 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
23:42:44.0051 0x238a8 rdbss - ok
23:42:44.0063 0x238a8 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
23:42:44.0074 0x238a8 rdpbus - ok
23:42:44.0089 0x238a8 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
23:42:44.0115 0x238a8 RDPCDD - ok
23:42:44.0170 0x238a8 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
23:42:44.0264 0x238a8 RDPDR - ok
23:42:44.0283 0x238a8 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
23:42:44.0309 0x238a8 RDPENCDD - ok
23:42:44.0314 0x238a8 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
23:42:44.0341 0x238a8 RDPREFMP - ok
23:42:44.0418 0x238a8 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
23:42:44.0469 0x238a8 RdpVideoMiniport - ok
23:42:44.0518 0x238a8 [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
23:42:44.0543 0x238a8 RDPWD - ok
23:42:44.0598 0x238a8 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
23:42:44.0611 0x238a8 rdyboost - ok
23:42:44.0658 0x238a8 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
23:42:44.0712 0x238a8 RemoteAccess - ok
23:42:44.0736 0x238a8 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
23:42:44.0794 0x238a8 RemoteRegistry - ok
23:42:44.0810 0x238a8 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
23:42:44.0846 0x238a8 RpcEptMapper - ok
23:42:44.0880 0x238a8 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
23:42:44.0905 0x238a8 RpcLocator - ok
23:42:44.0955 0x238a8 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
23:42:44.0993 0x238a8 RpcSs - ok
23:42:45.0013 0x238a8 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
23:42:45.0064 0x238a8 rspndr - ok
23:42:45.0107 0x238a8 [ 4FBDA07EF0A3097CE14C5CABF723B278, 6F1E21362F0057E9C6A180D9189AEB51761F4C019A6835E50E4AD19ED1F58FE6 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
23:42:45.0123 0x238a8 RTL8167 - ok
23:42:45.0166 0x238a8 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
23:42:45.0207 0x238a8 s3cap - ok
23:42:45.0412 0x238a8 [ DB4721B0BA9D705AADA438B1AB50E53C, 5FB18A9BB7F68701C32123C1209FBB8EC4E5A20EFF7E8A2FED01C93C02BD84D9 ] SafetyNutManager C:\Program Files (x86)\Movies Toolbar\SafetyNut\SafetyNutManager.exe
23:42:45.0529 0x238a8 SafetyNutManager - ok
23:42:45.0543 0x238a8 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] SamSs C:\Windows\system32\lsass.exe
23:42:45.0552 0x238a8 SamSs - ok
23:42:45.0601 0x238a8 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
23:42:45.0613 0x238a8 sbp2port - ok
23:42:45.0638 0x238a8 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
23:42:45.0691 0x238a8 SCardSvr - ok
23:42:45.0734 0x238a8 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
23:42:45.0759 0x238a8 scfilter - ok
23:42:45.0832 0x238a8 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
23:42:45.0902 0x238a8 Schedule - ok
23:42:45.0991 0x238a8 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
23:42:46.0019 0x238a8 SCPolicySvc - ok
23:42:46.0072 0x238a8 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
23:42:46.0127 0x238a8 SDRSVC - ok
23:42:46.0161 0x238a8 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
23:42:46.0207 0x238a8 secdrv - ok
23:42:46.0253 0x238a8 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
23:42:46.0279 0x238a8 seclogon - ok
23:42:46.0323 0x238a8 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
23:42:46.0377 0x238a8 SENS - ok
23:42:46.0381 0x238a8 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
23:42:46.0409 0x238a8 SensrSvc - ok
23:42:46.0432 0x238a8 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
23:42:46.0441 0x238a8 Serenum - ok
23:42:46.0468 0x238a8 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
23:42:46.0478 0x238a8 Serial - ok
23:42:46.0519 0x238a8 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
23:42:46.0528 0x238a8 sermouse - ok
23:42:46.0576 0x238a8 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
23:42:46.0605 0x238a8 SessionEnv - ok
23:42:46.0649 0x238a8 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
23:42:46.0666 0x238a8 sffdisk - ok
23:42:46.0687 0x238a8 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
23:42:46.0709 0x238a8 sffp_mmc - ok
23:42:46.0735 0x238a8 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
23:42:46.0763 0x238a8 sffp_sd - ok
23:42:46.0786 0x238a8 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
23:42:46.0795 0x238a8 sfloppy - ok
23:42:46.0852 0x238a8 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:42:46.0915 0x238a8 ShellHWDetection - ok
23:42:46.0951 0x238a8 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
23:42:46.0960 0x238a8 SiSRaid2 - ok
23:42:46.0979 0x238a8 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
23:42:46.0989 0x238a8 SiSRaid4 - ok
23:42:47.0110 0x238a8 [ CA355B308AA537C6B9D67CD3A5485AF9, 574072A3A52AF35F6293B082D5A4748CB4465CD0406A7E2AF6B5F86D94DE67AD ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
23:42:47.0120 0x238a8 SkypeUpdate - ok
23:42:47.0140 0x238a8 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
23:42:47.0172 0x238a8 Smb - ok
23:42:47.0222 0x238a8 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
23:42:47.0257 0x238a8 SNMPTRAP - ok
23:42:47.0328 0x238a8 [ 0FFE35F0B0CD5A324BBE22F02569AE3B, F4EE803EEFDB4EAEEDB3024C3516F1F9A202C77F4870D6B74356BBDE32B3B560 ] speedfan C:\Windows\syswow64\speedfan.sys
23:42:47.0337 0x238a8 speedfan - ok
23:42:47.0348 0x238a8 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
23:42:47.0357 0x238a8 spldr - ok
23:42:47.0420 0x238a8 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
23:42:47.0483 0x238a8 Spooler - ok
23:42:47.0630 0x238a8 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
23:42:47.0803 0x238a8 sppsvc - ok
23:42:47.0835 0x238a8 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
23:42:47.0879 0x238a8 sppuinotify - ok
23:42:47.0958 0x238a8 [ D6AB7C13FCDD2E4CAC35244D2C172D9A, 64A66368F5336B7A5879D083C2FE57DFD384410ADCC18004F327A4004A4F4300 ] sptd C:\Windows\System32\Drivers\sptd.sys
23:42:47.0979 0x238a8 sptd - ok
23:42:48.0039 0x238a8 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
23:42:48.0079 0x238a8 srv - ok
23:42:48.0104 0x238a8 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
23:42:48.0122 0x238a8 srv2 - ok
23:42:48.0138 0x238a8 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
23:42:48.0151 0x238a8 srvnet - ok
23:42:48.0187 0x238a8 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
23:42:48.0219 0x238a8 SSDPSRV - ok
23:42:48.0229 0x238a8 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
23:42:48.0258 0x238a8 SstpSvc - ok
23:42:48.0377 0x238a8 [ E5C796B621F6FBA8616511063D7F0FFE, 447FA64F552D4B04AD029E01485B4438A70D9B9B98EB49A883D5B17ED4C1D52F ] StarWindServiceAE C:\Program Files (x86)\Alcohol 120\StarWind\StarWindServiceAE.exe
23:42:48.0391 0x238a8 StarWindServiceAE - detected UnsignedFile.Multi.Generic ( 1 )
23:42:50.0892 0x238a8 Detect skipped due to KSN trusted
23:42:50.0892 0x238a8 StarWindServiceAE - ok
23:42:51.0013 0x238a8 [ A87A39F9B42D82F5D60D36BB1D3CC9D3, F609CC721B898B5053FE34B24C94970453BD57441F9A2C93D4F77CB297D56169 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
23:42:51.0034 0x238a8 Steam Client Service - ok
23:42:51.0137 0x238a8 [ F0359F7CE712D69ACEF0886BDB4792ED, 0E638A3F56B1C431A472469E2F47DABD0ABE1CC043FD1673B4CA6E984FE980CF ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
23:42:51.0153 0x238a8 Stereo Service - ok
23:42:51.0173 0x238a8 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
23:42:51.0182 0x238a8 stexstor - ok
23:42:51.0251 0x238a8 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
23:42:51.0299 0x238a8 stisvc - ok
23:42:51.0343 0x238a8 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
23:42:51.0352 0x238a8 storflt - ok
23:42:51.0365 0x238a8 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
23:42:51.0373 0x238a8 storvsc - ok
23:42:51.0424 0x238a8 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
23:42:51.0432 0x238a8 swenum - ok
23:42:51.0455 0x238a8 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
23:42:51.0498 0x238a8 swprv - ok
23:42:51.0522 0x238a8 Synth3dVsc - ok
23:42:51.0620 0x238a8 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
23:42:51.0711 0x238a8 SysMain - ok
23:42:51.0763 0x238a8 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:42:51.0778 0x238a8 TabletInputService - ok
23:42:51.0831 0x238a8 [ 4EF44915E522F3ECD1A3FF540AA64126, 3B7ABB4B263F5DC7E12BEBD0512A13877236E0C020B7FE618EE84FAB3E3BF991 ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys
23:42:51.0877 0x238a8 tap0901 - ok
23:42:51.0933 0x238a8 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
23:42:51.0989 0x238a8 TapiSrv - ok
23:42:52.0010 0x238a8 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
23:42:52.0060 0x238a8 TBS - ok
23:42:52.0155 0x238a8 [ B62A953F2BF3922C8764A29C34A22899, 4A117FF9D1BD58C6A1787DDA7402BAE30E4BA7A70FE3A144F41DD647AA7A3901 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
23:42:52.0228 0x238a8 Tcpip - ok
23:42:52.0289 0x238a8 [ B62A953F2BF3922C8764A29C34A22899, 4A117FF9D1BD58C6A1787DDA7402BAE30E4BA7A70FE3A144F41DD647AA7A3901 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
23:42:52.0336 0x238a8 TCPIP6 - ok
23:42:52.0388 0x238a8 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
23:42:52.0397 0x238a8 tcpipreg - ok
23:42:52.0418 0x238a8 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
23:42:52.0434 0x238a8 TDPIPE - ok
23:42:52.0477 0x238a8 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
23:42:52.0486 0x238a8 TDTCP - ok
23:42:52.0531 0x238a8 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
23:42:52.0560 0x238a8 tdx - ok
23:42:52.0587 0x238a8 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
23:42:52.0597 0x238a8 TermDD - ok
23:42:52.0646 0x238a8 [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll
23:42:52.0690 0x238a8 TermService - ok
23:42:52.0702 0x238a8 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
23:42:52.0717 0x238a8 Themes - ok
23:42:52.0755 0x238a8 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
23:42:52.0783 0x238a8 THREADORDER - ok
23:42:52.0803 0x238a8 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
23:42:52.0835 0x238a8 TrkWks - ok
23:42:52.0886 0x238a8 [ EA43DE1743C1BA0D2D17B8DB90C91D88, 54115F3002D2C87B82DDA62E96AD8296FFC59DC83E9F3D7F22325325DB73C486 ] truecrypt C:\Windows\system32\drivers\truecrypt.sys
23:42:52.0899 0x238a8 truecrypt - ok
23:42:52.0965 0x238a8 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:42:53.0013 0x238a8 TrustedInstaller - ok
23:42:53.0055 0x238a8 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30, CA302C2ED6A6BF4670BAAA4F5C14C0238CF0C80316856AA0DB053F4D593033AC ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
23:42:53.0082 0x238a8 tssecsrv - ok
23:42:53.0139 0x238a8 [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
23:42:53.0185 0x238a8 TsUsbFlt - ok
23:42:53.0188 0x238a8 tsusbhub - ok
23:42:53.0248 0x238a8 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
23:42:53.0299 0x238a8 tunnel - ok
23:42:53.0328 0x238a8 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
23:42:53.0338 0x238a8 uagp35 - ok
23:42:53.0392 0x238a8 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
23:42:53.0451 0x238a8 udfs - ok
23:42:53.0480 0x238a8 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
23:42:53.0517 0x238a8 UI0Detect - ok
23:42:53.0586 0x238a8 [ 34859D3801F4BD3DACFA131DD928455A, 337A111474D28B9B1DE3280925654F941804E4B1F13759B1664C5F7953A27521 ] UimBus C:\Windows\system32\DRIVERS\uimx64.sys
23:42:53.0595 0x238a8 UimBus - ok
23:42:53.0627 0x238a8 [ D3CE4776E7FFB25E6935B1C797F4650C, CF25CB7E596D8E4778E6B4C9D04D3AB7533E20234A76984FE9A010224F4F3EF8 ] Uim_IM C:\Windows\system32\Drivers\Uim_IMx64.sys
23:42:53.0649 0x238a8 Uim_IM - ok
23:42:53.0675 0x238a8 [ 532E4BED5C7803B2EE5681818B2528B7, DF1ED9C44D8DD2AFDDCC8D1F027840DAA560D5B72EB77A64A85541040364BD15 ] Uim_VIM C:\Windows\system32\Drivers\uim_vimx64.sys
23:42:53.0691 0x238a8 Uim_VIM - ok
23:42:53.0715 0x238a8 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
23:42:53.0727 0x238a8 uliagpkx - ok
23:42:53.0785 0x238a8 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys
23:42:53.0811 0x238a8 umbus - ok
23:42:53.0816 0x238a8 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
23:42:53.0824 0x238a8 UmPass - ok
23:42:53.0872 0x238a8 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
23:42:53.0887 0x238a8 UmRdpService - ok
23:42:53.0912 0x238a8 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
23:42:53.0962 0x238a8 upnphost - ok
23:42:54.0040 0x238a8 [ 6F1A3157A1C89435352CEB543CDB359C, 325B46220779C5FE3B6F19FF794474837FAB9675D9C98ACB68CCE47B1CFE5F12 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
23:42:54.0062 0x238a8 usbccgp - ok
23:42:54.0126 0x238a8 [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir C:\Windows\system32\drivers\usbcir.sys
23:42:54.0152 0x238a8 usbcir - ok
23:42:54.0200 0x238a8 [ C025055FE7B87701EB042095DF1A2D7B, D7B34B6C2C5BD3C8141895AC21BB637EA5E3C4F7A85EEF4C4C36E6BB2045A3D9 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
23:42:54.0226 0x238a8 usbehci - ok
23:42:54.0264 0x238a8 [ 287C6C9410B111B68B52CA298F7B8C24, 98900C08FE662A00DF8B37837B2BEBF9ACB7989C387AF36B2109B05A4F462D4E ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
23:42:54.0282 0x238a8 usbhub - ok
23:42:54.0294 0x238a8 [ 9840FC418B4CBD632D3D0A667A725C31, 776D86A032DCA2842EF7AADB35473193CA80547223EFAA7F110F296C377077B0 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
23:42:54.0320 0x238a8 usbohci - ok
23:42:54.0364 0x238a8 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
23:42:54.0395 0x238a8 usbprint - ok
23:42:54.0430 0x238a8 [ AAA2513C8AED8B54B189FD0C6B1634C0, 02FEE0B756AA559C29477A19861AC16D5A3152DC3C897C7D466423438B6A5E42 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
23:42:54.0599 0x238a8 usbscan - ok
23:42:54.0640 0x238a8 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:42:54.0689 0x238a8 USBSTOR - ok
23:42:54.0710 0x238a8 [ 62069A34518BCF9C1FD9E74B3F6DB7CD, C58E21424718729324B285BEE1C96551540FCC3FD650B2D10895EBA48D981E25 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
23:42:54.0751 0x238a8 usbuhci - ok
23:42:54.0786 0x238a8 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
23:42:54.0839 0x238a8 UxSms - ok
23:42:54.0867 0x238a8 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] VaultSvc C:\Windows\system32\lsass.exe
23:42:54.0876 0x238a8 VaultSvc - ok
23:42:54.0931 0x238a8 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
23:42:54.0940 0x238a8 vdrvroot - ok
23:42:55.0003 0x238a8 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
23:42:55.0043 0x238a8 vds - ok
23:42:55.0065 0x238a8 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
23:42:55.0076 0x238a8 vga - ok
23:42:55.0089 0x238a8 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
23:42:55.0134 0x238a8 VgaSave - ok
23:42:55.0170 0x238a8 VGPU - ok
23:42:55.0228 0x238a8 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
23:42:55.0242 0x238a8 vhdmp - ok
23:42:55.0253 0x238a8 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
23:42:55.0261 0x238a8 viaide - ok
23:42:55.0316 0x238a8 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
23:42:55.0329 0x238a8 vmbus - ok
23:42:55.0341 0x238a8 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
23:42:55.0374 0x238a8 VMBusHID - ok
23:42:55.0400 0x238a8 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
23:42:55.0411 0x238a8 volmgr - ok
23:42:55.0464 0x238a8 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
23:42:55.0483 0x238a8 volmgrx - ok
23:42:55.0505 0x238a8 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
23:42:55.0519 0x238a8 volsnap - ok
23:42:55.0546 0x238a8 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
23:42:55.0559 0x238a8 vsmraid - ok
23:42:55.0643 0x238a8 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
23:42:55.0726 0x238a8 VSS - ok
23:42:55.0740 0x238a8 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
23:42:55.0770 0x238a8 vwifibus - ok
23:42:55.0807 0x238a8 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
23:42:55.0860 0x238a8 W32Time - ok
23:42:55.0867 0x238a8 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
23:42:55.0876 0x238a8 WacomPen - ok
23:42:55.0916 0x238a8 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
23:42:55.0943 0x238a8 WANARP - ok
23:42:55.0963 0x238a8 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
23:42:55.0989 0x238a8 Wanarpv6 - ok
23:42:56.0074 0x238a8 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
23:42:56.0174 0x238a8 wbengine - ok
23:42:56.0195 0x238a8 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
23:42:56.0236 0x238a8 WbioSrvc - ok
23:42:56.0287 0x238a8 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
23:42:56.0334 0x238a8 wcncsvc - ok
23:42:56.0359 0x238a8 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:42:56.0382 0x238a8 WcsPlugInService - ok
23:42:56.0386 0x238a8 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
23:42:56.0395 0x238a8 Wd - ok
23:42:56.0470 0x238a8 [ 442783E2CB0DA19873B7A63833FF4CB4, 09254970265476214F3187CC22A4F9C7C2769D419600E83FBE302C3A103E527F ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
23:42:56.0511 0x238a8 Wdf01000 - ok
23:42:56.0549 0x238a8 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
23:42:56.0662 0x238a8 WdiServiceHost - ok
23:42:56.0666 0x238a8 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
23:42:56.0681 0x238a8 WdiSystemHost - ok
23:42:56.0732 0x238a8 [ 3DB6D04E1C64272F8B14EB8BC4616280, 9138642B1C19F895D4ECFD930160C80FBF15813CE63BBF4C899842C300FD3026 ] WebClient C:\Windows\System32\webclnt.dll
23:42:56.0754 0x238a8 WebClient - ok
23:42:56.0769 0x238a8 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
23:42:56.0802 0x238a8 Wecsvc - ok
23:42:56.0821 0x238a8 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
23:42:56.0875 0x238a8 wercplsupport - ok
23:42:56.0898 0x238a8 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
23:42:56.0931 0x238a8 WerSvc - ok
23:42:56.0953 0x238a8 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
23:42:56.0982 0x238a8 WfpLwf - ok
23:42:56.0997 0x238a8 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
23:42:57.0006 0x238a8 WIMMount - ok
23:42:57.0010 0x238a8 WinHttpAutoProxySvc - ok
23:42:57.0077 0x238a8 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
23:42:57.0127 0x238a8 Winmgmt - ok
23:42:57.0228 0x238a8 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
23:42:57.0352 0x238a8 WinRM - ok
23:42:57.0453 0x238a8 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
23:42:57.0467 0x238a8 WinUsb - ok
23:42:57.0515 0x238a8 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
23:42:57.0585 0x238a8 Wlansvc - ok
23:42:57.0621 0x238a8 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
23:42:57.0651 0x238a8 WmiAcpi - ok
23:42:57.0691 0x238a8 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
23:42:57.0731 0x238a8 wmiApSrv - ok
23:42:57.0767 0x238a8 WMPNetworkSvc - ok
23:42:57.0778 0x238a8 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
23:42:57.0789 0x238a8 WPCSvc - ok
23:42:57.0840 0x238a8 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
23:42:57.0864 0x238a8 WPDBusEnum - ok
23:42:57.0887 0x238a8 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
23:42:57.0938 0x238a8 ws2ifsl - ok
23:42:57.0941 0x238a8 WSearch - ok
23:42:57.0984 0x238a8 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
23:42:58.0033 0x238a8 WudfPf - ok
23:42:58.0061 0x238a8 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
23:42:58.0074 0x238a8 WUDFRd - ok
23:42:58.0117 0x238a8 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
23:42:58.0154 0x238a8 wudfsvc - ok
23:42:58.0178 0x238a8 [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc C:\Windows\System32\wwansvc.dll
23:42:58.0196 0x238a8 WwanSvc - ok
23:42:58.0212 0x238a8 ================ Scan global ===============================
23:42:58.0239 0x238a8 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
23:42:58.0288 0x238a8 [ 0C27239FEA4DB8A2AAC9E502186B7264, 102AA14D7A3CCCE913D9887AF4CCE87EA649A21BEF5196DFFCAD7E8F0B6A7293 ] C:\Windows\system32\winsrv.dll
23:42:58.0301 0x238a8 [ 0C27239FEA4DB8A2AAC9E502186B7264, 102AA14D7A3CCCE913D9887AF4CCE87EA649A21BEF5196DFFCAD7E8F0B6A7293 ] C:\Windows\system32\winsrv.dll
23:42:58.0332 0x238a8 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
23:42:58.0360 0x238a8 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
23:42:58.0368 0x238a8 [ Global ] - ok
23:42:58.0368 0x238a8 ================ Scan MBR ==================================
23:42:58.0394 0x238a8 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
23:42:58.0825 0x238a8 \Device\Harddisk0\DR0 - ok
23:42:58.0827 0x238a8 ================ Scan VBR ==================================
23:42:58.0830 0x238a8 [ 40A022035C7F504984A4183EBF029AEF ] \Device\Harddisk0\DR0\Partition1
23:42:58.0831 0x238a8 \Device\Harddisk0\DR0\Partition1 - ok
23:42:58.0831 0x238a8 Waiting for KSN requests completion. In queue: 285
23:42:59.0831 0x238a8 Waiting for KSN requests completion. In queue: 285
23:43:00.0831 0x238a8 Waiting for KSN requests completion. In queue: 285
23:43:01.0854 0x238a8 Win FW state via NFP2: enabled
23:43:04.0259 0x238a8 ============================================================
23:43:04.0259 0x238a8 Scan finished
23:43:04.0259 0x238a8 ============================================================
23:43:04.0266 0x23748 Detected object count: 0
23:43:04.0266 0x23748 Actual detected object count: 0
23:59:41.0808 0x246e4 ============================================================
23:59:41.0809 0x246e4 Scan started
23:59:41.0809 0x246e4 Mode: Manual; SigCheck; TDLFS;
23:59:41.0809 0x246e4 ============================================================
23:59:41.0809 0x246e4 KSN ping started
23:59:44.0474 0x246e4 KSN ping finished: true
23:59:46.0280 0x246e4 ================ Scan system memory ========================
23:59:46.0280 0x246e4 System memory - ok
23:59:46.0280 0x246e4 ================ Scan services =============================
23:59:46.0676 0x246e4 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
23:59:46.0704 0x246e4 1394ohci - ok
23:59:46.0764 0x246e4 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
23:59:46.0778 0x246e4 ACPI - ok
23:59:46.0825 0x246e4 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
23:59:46.0836 0x246e4 AcpiPmi - ok
23:59:46.0930 0x246e4 [ ADDA5E1951B90D3D23C56D3CF0622ADC, E85E7BFD29F00ED34BF5BE8BD4DA93CBB14278E16809BB55406875F0DA88551E ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
23:59:46.0939 0x246e4 AdobeARMservice - ok
23:59:46.0985 0x246e4 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
23:59:47.0004 0x246e4 adp94xx - ok
23:59:47.0030 0x246e4 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
23:59:47.0045 0x246e4 adpahci - ok
23:59:47.0064 0x246e4 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
23:59:47.0075 0x246e4 adpu320 - ok
23:59:47.0099 0x246e4 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
23:59:47.0131 0x246e4 AeLookupSvc - ok
23:59:47.0205 0x246e4 [ 1C7857B62DE5994A75B054A9FD4C3825, 83F963D7E636532B1AD30B1E727EC429317CA540F6EB3BB268FCC0B163B67767 ] AFD C:\Windows\system32\drivers\afd.sys
23:59:47.0227 0x246e4 AFD - ok
23:59:47.0283 0x246e4 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
23:59:47.0291 0x246e4 agp440 - ok
23:59:47.0305 0x246e4 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
23:59:47.0315 0x246e4 ALG - ok
23:59:47.0331 0x246e4 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
23:59:47.0339 0x246e4 aliide - ok
23:59:47.0394 0x246e4 ALSysIO - ok
23:59:47.0408 0x246e4 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
23:59:47.0416 0x246e4 amdide - ok
23:59:47.0428 0x246e4 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
23:59:47.0438 0x246e4 AmdK8 - ok
23:59:47.0459 0x246e4 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
23:59:47.0469 0x246e4 AmdPPM - ok
23:59:47.0518 0x246e4 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
23:59:47.0528 0x246e4 amdsata - ok
23:59:47.0546 0x246e4 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
23:59:47.0558 0x246e4 amdsbs - ok
23:59:47.0575 0x246e4 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
23:59:47.0583 0x246e4 amdxata - ok
23:59:47.0632 0x246e4 [ B5C0F65D6657C6ADD9ED75EC7583390B, 8EE69F05714A861A0439E1E1BA167A3B71E50E1BFFD20F1239F0FF2F20FA7BF4 ] AnyDVD C:\Windows\system32\Drivers\AnyDVD.sys
23:59:47.0646 0x246e4 AnyDVD - ok
23:59:47.0699 0x246e4 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
23:59:47.0727 0x246e4 AppID - ok
23:59:47.0752 0x246e4 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
23:59:47.0779 0x246e4 AppIDSvc - ok
23:59:47.0826 0x246e4 [ 3977D4A871CA0D4F2ED1E7DB46829731, 2AF1C3225994769C3FD25CD7E9603964B035576F25B0B6D91545566E0722FFAA ] Appinfo C:\Windows\System32\appinfo.dll
23:59:47.0852 0x246e4 Appinfo - ok
23:59:47.0880 0x246e4 [ 301AA64F9643BC453D90A66C4C0E7204, F9EDAD13F865B5F0A89FF59827EECB519F113EB037F2DA8367F1572629B503B1 ] AppleCharger C:\Windows\system32\DRIVERS\AppleCharger.sys
23:59:47.0887 0x246e4 AppleCharger - ok
23:59:47.0901 0x246e4 [ 95EF7247C50C7241FDAE39A9B3AFF4AE, 6E08FB095C04B2E217B139D6431336C0F24C128A2A83082A3085DC8C44AA247D ] AppleChargerSrv C:\Windows\system32\AppleChargerSrv.exe
23:59:47.0907 0x246e4 AppleChargerSrv - ok
23:59:47.0926 0x246e4 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
23:59:47.0939 0x246e4 AppMgmt - ok
23:59:47.0964 0x246e4 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
23:59:47.0973 0x246e4 arc - ok
23:59:47.0991 0x246e4 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
23:59:48.0001 0x246e4 arcsas - ok
23:59:48.0140 0x246e4 [ 108FB6DDB69E537A2EA53F425363FAE5, B12A9F5338D39805E08A44A335FF7AA77F2266F535A2F5C8412CC746C75E5B1D ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
23:59:48.0151 0x246e4 aspnet_state - ok
23:59:48.0167 0x246e4 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
23:59:48.0194 0x246e4 AsyncMac - ok
23:59:48.0240 0x246e4 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
23:59:48.0248 0x246e4 atapi - ok
23:59:48.0292 0x246e4 [ CA4A0176FA380EFD45DE9D0ACB9E1F86, D5CA4A13EE8DCCD5B01A709A808AE51AAC064F7A4C3D4F0A6E272CDB46D28585 ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
23:59:48.0323 0x246e4 Ati External Event Utility - ok
23:59:48.0512 0x246e4 [ AEAE4ABE6419923C037A0B2A157E1FC6, F04A79797AB697AA8316C37DF0D79ED28A9134BD0E1B2C9400619C0A9B3634FF ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
23:59:48.0651 0x246e4 atikmdag - ok
23:59:48.0719 0x246e4 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:59:48.0760 0x246e4 AudioEndpointBuilder - ok
23:59:48.0793 0x246e4 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
23:59:48.0836 0x246e4 AudioSrv - ok
23:59:48.0893 0x246e4 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
23:59:48.0910 0x246e4 AxInstSV - ok

user54321 07.01.2014 00:15
Teil 2

23:59:48.0939 0x246e4 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
23:59:48.0957 0x246e4 b06bdrv - ok
23:59:48.0979 0x246e4 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
23:59:48.0994 0x246e4 b57nd60a - ok
23:59:49.0030 0x246e4 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
23:59:49.0041 0x246e4 BDESVC - ok
23:59:49.0053 0x246e4 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
23:59:49.0081 0x246e4 Beep - ok
23:59:49.0134 0x246e4 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
23:59:49.0175 0x246e4 BFE - ok
23:59:49.0192 0x246e4 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
23:59:49.0201 0x246e4 blbdrive - ok
23:59:49.0242 0x246e4 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
23:59:49.0255 0x246e4 bowser - ok
23:59:49.0267 0x246e4 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
23:59:49.0279 0x246e4 BrFiltLo - ok
23:59:49.0296 0x246e4 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
23:59:49.0306 0x246e4 BrFiltUp - ok
23:59:49.0356 0x246e4 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
23:59:49.0368 0x246e4 Browser - ok
23:59:49.0378 0x246e4 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
23:59:49.0393 0x246e4 Brserid - ok
23:59:49.0408 0x246e4 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
23:59:49.0419 0x246e4 BrSerWdm - ok
23:59:49.0439 0x246e4 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
23:59:49.0450 0x246e4 BrUsbMdm - ok
23:59:49.0466 0x246e4 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
23:59:49.0478 0x246e4 BrUsbSer - ok
23:59:49.0495 0x246e4 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
23:59:49.0508 0x246e4 BTHMODEM - ok
23:59:49.0530 0x246e4 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
23:59:49.0558 0x246e4 bthserv - ok
23:59:49.0572 0x246e4 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
23:59:49.0599 0x246e4 cdfs - ok
23:59:49.0651 0x246e4 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
23:59:49.0663 0x246e4 cdrom - ok
23:59:49.0713 0x246e4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
23:59:49.0742 0x246e4 CertPropSvc - ok
23:59:49.0925 0x246e4 [ 213B6EC3DE19E35373A1906397588429, C72B74D4840946DC6952B9F6C4A568DA702DD2D6E211AA5BB7F82EF481F449C6 ] CGVPNCliSrvc C:\Program Files\CyberGhost VPN\CGVPNCliService.exe
23:59:49.0989 0x246e4 CGVPNCliSrvc - ok
23:59:49.0998 0x246e4 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
23:59:50.0010 0x246e4 circlass - ok
23:59:50.0042 0x246e4 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
23:59:50.0057 0x246e4 CLFS - ok
23:59:50.0104 0x246e4 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:59:50.0112 0x246e4 clr_optimization_v2.0.50727_32 - ok
23:59:50.0163 0x246e4 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:59:50.0174 0x246e4 clr_optimization_v2.0.50727_64 - ok
23:59:50.0263 0x246e4 [ 6D7C8A951AF6AD6835C029B3CB88D333, 66F3D79887B2449B4C6912D1A258D1A96056888F51A8AA24FEDF37942AD5BDBB ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:59:50.0275 0x246e4 clr_optimization_v4.0.30319_32 - ok
23:59:50.0322 0x246e4 [ 86329C35FF23CFEF0FB6C0023BA06BCE, D915CE7AD564F97A1C3B047D5248B7EF67ADDC59687FBC90F1776C21DAA0D3FD ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
23:59:50.0334 0x246e4 clr_optimization_v4.0.30319_64 - ok
23:59:50.0348 0x246e4 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
23:59:50.0357 0x246e4 CmBatt - ok
23:59:50.0370 0x246e4 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
23:59:50.0379 0x246e4 cmdide - ok
23:59:50.0430 0x246e4 [ AAFCB52FE0037207FB6FBEA070D25EFE, 7D035BFB6DD86944CCDE6D71811891406D7FD08344EF8CF57C4D932E096F1377 ] CNG C:\Windows\system32\Drivers\cng.sys
23:59:50.0454 0x246e4 CNG - ok
23:59:50.0475 0x246e4 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
23:59:50.0483 0x246e4 Compbatt - ok
23:59:50.0498 0x246e4 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
23:59:50.0510 0x246e4 CompositeBus - ok
23:59:50.0517 0x246e4 COMSysApp - ok
23:59:50.0532 0x246e4 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
23:59:50.0540 0x246e4 crcdisk - ok
23:59:50.0591 0x246e4 [ 9C01375BE382E834CC26D1B7EAF2C4FE, B1D1E36B91A3C3CD09428EE3403896F71390A2798323BB406B484D9DB064A219 ] CryptSvc C:\Windows\system32\cryptsvc.dll
23:59:50.0605 0x246e4 CryptSvc - ok
23:59:50.0678 0x246e4 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
23:59:50.0699 0x246e4 CSC - ok
23:59:50.0765 0x246e4 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
23:59:50.0789 0x246e4 CscService - ok
23:59:50.0849 0x246e4 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
23:59:50.0887 0x246e4 DcomLaunch - ok
23:59:50.0920 0x246e4 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
23:59:50.0953 0x246e4 defragsvc - ok
23:59:51.0009 0x246e4 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
23:59:51.0035 0x246e4 DfsC - ok
23:59:51.0094 0x246e4 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
23:59:51.0111 0x246e4 Dhcp - ok
23:59:51.0116 0x246e4 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
23:59:51.0143 0x246e4 discache - ok
23:59:51.0153 0x246e4 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
23:59:51.0162 0x246e4 Disk - ok
23:59:51.0204 0x246e4 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
23:59:51.0216 0x246e4 Dnscache - ok
23:59:51.0261 0x246e4 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
23:59:51.0295 0x246e4 dot3svc - ok
23:59:51.0339 0x246e4 [ B42ED0320C6E41102FDE0005154849BB, 4DB872E23AD049C3C9FDC0759FC58BFA60DA91B18BC82B611BFA300D26DDFC7A ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
23:59:51.0353 0x246e4 Dot4 - ok
23:59:51.0373 0x246e4 [ E9F5969233C5D89F3C35E3A66A52A361, C4BD35795C78FB11E6022372CB25DEB570730EFDAD3DC1584368235FF622638C ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
23:59:51.0383 0x246e4 Dot4Print - ok
23:59:51.0422 0x246e4 [ FD05A02B0370BC3000F402E543CA5814, 089B1113E640F495F470E8F57060B89546270481B309DC8ED3C3D13A849076A3 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
23:59:51.0433 0x246e4 dot4usb - ok
23:59:51.0489 0x246e4 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
23:59:51.0519 0x246e4 DPS - ok
23:59:51.0546 0x246e4 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
23:59:51.0558 0x246e4 drmkaud - ok
23:59:51.0737 0x246e4 [ F5BEE30450E18E6B83A5012C100616FD, 44D0577D159FC2BDF4EAD1DC2C7FD14925D075225EF97608CAC52DEE405B08FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
23:59:51.0766 0x246e4 DXGKrnl - ok
23:59:51.0799 0x246e4 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
23:59:51.0827 0x246e4 EapHost - ok
23:59:51.0942 0x246e4 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
23:59:52.0032 0x246e4 ebdrv - ok
23:59:52.0073 0x246e4 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] EFS C:\Windows\System32\lsass.exe
23:59:52.0083 0x246e4 EFS - ok
23:59:52.0137 0x246e4 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
23:59:52.0162 0x246e4 ehRecvr - ok
23:59:52.0190 0x246e4 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
23:59:52.0203 0x246e4 ehSched - ok
23:59:52.0245 0x246e4 [ 9387A484D31209D7FC3F795A787294DB, 3CAFA3403B8A3547811B7233FB399FA8BB9FF54C82AC317955EDACE2E13519E5 ] ElbyCDFL C:\Windows\system32\Drivers\ElbyCDFL.sys
23:59:52.0253 0x246e4 ElbyCDFL - ok
23:59:52.0257 0x246e4 [ A05FC7ECA0966EBB70E4D17B855A853B, 16A0C8138A3BBD8BE2658261131F9777940CFB1431018A10710E5C1A88AB70EA ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
23:59:52.0265 0x246e4 ElbyCDIO - ok
23:59:52.0310 0x246e4 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
23:59:52.0329 0x246e4 elxstor - ok
23:59:52.0376 0x246e4 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
23:59:52.0383 0x246e4 ErrDev - ok
23:59:52.0441 0x246e4 [ B8FA96995726D1FA58476E352C02AD82, 6BBD49B16A19CC3C3337707EFBEB6BC355CB077CBBBC99D8985A3FBB6E871A89 ] ES lite Service C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE
23:59:52.0449 0x246e4 ES lite Service - ok
23:59:52.0480 0x246e4 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
23:59:52.0516 0x246e4 EventSystem - ok
23:59:52.0545 0x246e4 [ 251AF86E0A4DDF3A6B181ED5103B06B1, 1823E7C87F0D8972A89D71B1FB633C5D43744F9803E6A8B866F6EA610032437C ] ewusbnet C:\Windows\system32\DRIVERS\ewusbnet.sys
23:59:52.0556 0x246e4 ewusbnet - ok
23:59:52.0580 0x246e4 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
23:59:52.0610 0x246e4 exfat - ok
23:59:52.0633 0x246e4 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
23:59:52.0665 0x246e4 fastfat - ok
23:59:52.0741 0x246e4 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
23:59:52.0765 0x246e4 Fax - ok
23:59:52.0783 0x246e4 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
23:59:52.0792 0x246e4 fdc - ok
23:59:52.0799 0x246e4 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
23:59:52.0826 0x246e4 fdPHost - ok
23:59:52.0837 0x246e4 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
23:59:52.0862 0x246e4 FDResPub - ok
23:59:52.0868 0x246e4 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
23:59:52.0880 0x246e4 FileInfo - ok
23:59:52.0887 0x246e4 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
23:59:52.0915 0x246e4 Filetrace - ok
23:59:52.0928 0x246e4 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
23:59:52.0936 0x246e4 flpydisk - ok
23:59:52.0986 0x246e4 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
23:59:53.0000 0x246e4 FltMgr - ok
23:59:53.0081 0x246e4 [ 5C4CB4086FB83115B153E47ADD961A0C, 0C3AB7D04BEB3A8FDE00B0C86E6FE064B1CEBB3E4DE1A29CD27830806FA300B3 ] FontCache C:\Windows\system32\FntCache.dll
23:59:53.0121 0x246e4 FontCache - ok
23:59:53.0190 0x246e4 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:59:53.0198 0x246e4 FontCache3.0.0.0 - ok
23:59:53.0218 0x246e4 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
23:59:53.0227 0x246e4 FsDepends - ok
23:59:53.0276 0x246e4 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
23:59:53.0284 0x246e4 Fs_Rec - ok
23:59:53.0343 0x246e4 [ 1F7B25B858FA27015169FE95E54108ED, 72DD12E924AA7273B3E4BDD2A2C581DECE304C8EF3D44EA79ABB032F3F95DCE5 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
23:59:53.0358 0x246e4 fvevol - ok
23:59:53.0375 0x246e4 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
23:59:53.0384 0x246e4 gagp30kx - ok
23:59:53.0435 0x246e4 [ 7907E14F9BCF3A4689C9A74A1A873CB6, 17927B93B2D6AB4271C158F039CAE2D60591D6A14458F5A5690AEC86F5D54229 ] gdrv C:\Windows\gdrv.sys
23:59:53.0442 0x246e4 gdrv - ok
23:59:53.0518 0x246e4 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
23:59:53.0561 0x246e4 gpsvc - ok
23:59:53.0655 0x246e4 [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:59:53.0663 0x246e4 gupdate - ok
23:59:53.0669 0x246e4 [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:59:53.0677 0x246e4 gupdatem - ok
23:59:53.0705 0x246e4 [ 8126331FBD4ED29EB3B356F9C905064D, A58BCE904591DD762410E99960FD956FB579C2CE78FA7BF1406075D29537EF82 ] GVTDrv64 C:\Windows\GVTDrv64.sys
23:59:53.0713 0x246e4 GVTDrv64 - ok
23:59:53.0723 0x246e4 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
23:59:53.0732 0x246e4 hcw85cir - ok
23:59:53.0793 0x246e4 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:59:53.0811 0x246e4 HdAudAddService - ok
23:59:53.0835 0x246e4 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
23:59:53.0848 0x246e4 HDAudBus - ok
23:59:53.0954 0x246e4 [ E8801690E818F9044EBA63691E4040C4, 8CCA60B1DBE76CC1A19375DB07543B9D0B2D5E4D48EF72E06182830877A98D2B ] HDDlife HDD Access service C:\Program Files (x86)\Common Files\BinarySense\hldasvc.exe
23:59:54.0000 0x246e4 HDDlife HDD Access service - ok
23:59:54.0041 0x246e4 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
23:59:54.0049 0x246e4 HidBatt - ok
23:59:54.0063 0x246e4 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
23:59:54.0075 0x246e4 HidBth - ok
23:59:54.0093 0x246e4 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
23:59:54.0104 0x246e4 HidIr - ok
23:59:54.0133 0x246e4 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
23:59:54.0160 0x246e4 hidserv - ok
23:59:54.0201 0x246e4 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
23:59:54.0211 0x246e4 HidUsb - ok
23:59:54.0258 0x246e4 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
23:59:54.0285 0x246e4 hkmsvc - ok
23:59:54.0341 0x246e4 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
23:59:54.0354 0x246e4 HomeGroupListener - ok
23:59:54.0411 0x246e4 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
23:59:54.0425 0x246e4 HomeGroupProvider - ok
23:59:54.0579 0x246e4 [ 1DAE5C46D42B02A6D5862E1482EFB390, 90B14E0A8376AE51872D89C141E88AE144B742805F94B4F7948E295322C78B9D ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
23:59:54.0588 0x246e4 hpqcxs08 - detected UnsignedFile.Multi.Generic ( 1 )
23:59:54.0588 0x246e4 Detect skipped due to KSN trusted
23:59:54.0588 0x246e4 hpqcxs08 - ok
23:59:54.0606 0x246e4 [ 99E8EEF42FE2F4AF29B08C3355DD7685, D57BC2148653DA5596FB49F1086D165B11C9F6C644608202C08305D3C8499CFE ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
23:59:54.0612 0x246e4 hpqddsvc - detected UnsignedFile.Multi.Generic ( 1 )
23:59:54.0612 0x246e4 Detect skipped due to KSN trusted
23:59:54.0612 0x246e4 hpqddsvc - ok
23:59:54.0632 0x246e4 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
23:59:54.0641 0x246e4 HpSAMD - ok
23:59:54.0715 0x246e4 [ F37882F128EFACEFE353E0BAE2766909, 2F9D21613500F092DFC0DB879180B549EE615D9B07408A5CC1A7F84663B2F47A ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
23:59:54.0744 0x246e4 HPSLPSVC - detected UnsignedFile.Multi.Generic ( 1 )
23:59:54.0744 0x246e4 Detect skipped due to KSN trusted
23:59:54.0744 0x246e4 HPSLPSVC - ok
23:59:54.0808 0x246e4 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
23:59:54.0850 0x246e4 HTTP - ok
23:59:54.0869 0x246e4 [ 4B5C07DB91A0099272FAAE732E1152BD, E0408F85A2E1E310F5143A01A34456F120875D21E0E9D0A9F9EBC96514CFC47C ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys
23:59:54.0880 0x246e4 hwdatacard - ok
23:59:54.0929 0x246e4 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
23:59:54.0937 0x246e4 hwpolicy - ok
23:59:54.0964 0x246e4 [ 9C13A2691AC410CC7469F298684DCA5D, 2B07FE759B479A36AB4DE185AF8B4295396A1F8674587721BE7C92FC31ADFF0D ] hwusbfake C:\Windows\system32\DRIVERS\ewusbfake.sys
23:59:54.0975 0x246e4 hwusbfake - ok
23:59:55.0022 0x246e4 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
23:59:55.0032 0x246e4 i8042prt - ok
23:59:55.0080 0x246e4 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
23:59:55.0098 0x246e4 iaStorV - ok
23:59:55.0156 0x246e4 [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
23:59:55.0160 0x246e4 IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
23:59:55.0160 0x246e4 Detect skipped due to KSN trusted
23:59:55.0160 0x246e4 IDriverT - ok
23:59:55.0245 0x246e4 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:59:55.0269 0x246e4 idsvc - ok
23:59:55.0296 0x246e4 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
23:59:55.0305 0x246e4 iirsp - ok
23:59:55.0342 0x246e4 [ FCD84C381E0140AF901E58D48882D26B, 76955FFC230C801E8ED890E32076075F04CD6E5EC79E594FDE6D23797A36B406 ] IKEEXT C:\Windows\System32\ikeext.dll
23:59:55.0386 0x246e4 IKEEXT - ok
23:59:55.0466 0x246e4 [ 0ADF714079AE174A39D69036143E4C50, 93184D0DB1265D94BA92922783514ADFDAB04557EB0DEF9715D8B1EF06EDD692 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
23:59:55.0524 0x246e4 IntcAzAudAddService - ok
23:59:55.0559 0x246e4 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
23:59:55.0567 0x246e4 intelide - ok
23:59:55.0585 0x246e4 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
23:59:55.0594 0x246e4 intelppm - ok
23:59:55.0619 0x246e4 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
23:59:55.0647 0x246e4 IPBusEnum - ok
23:59:55.0701 0x246e4 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:59:55.0729 0x246e4 IpFilterDriver - ok
23:59:55.0778 0x246e4 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
23:59:55.0787 0x246e4 IPMIDRV - ok
23:59:55.0800 0x246e4 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
23:59:55.0828 0x246e4 IPNAT - ok
23:59:55.0849 0x246e4 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
23:59:55.0861 0x246e4 IRENUM - ok
23:59:55.0906 0x246e4 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
23:59:55.0914 0x246e4 isapnp - ok
23:59:55.0956 0x246e4 [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
23:59:55.0970 0x246e4 iScsiPrt - ok
23:59:56.0036 0x246e4 [ F3A41EC4C6506E76E07A219B3A1DF8D2, B34FDAA453E6E089374B33533A89F76DEE1C2D14F9939AF3669B6F33FA41DD76 ] JMB36X C:\Windows\SysWOW64\XSrvSetup.exe
23:59:56.0044 0x246e4 JMB36X - ok
23:59:56.0067 0x246e4 [ 1C368C1A2733DCC5B8E15420AA2B0F6D, C43A3534E33CEAEB8359D493FDB4663CB7C1E9286862B2CEE2788E9EA060DF1D ] JRAID C:\Windows\system32\DRIVERS\jraid.sys
23:59:56.0075 0x246e4 JRAID - ok
23:59:56.0094 0x246e4 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
23:59:56.0102 0x246e4 kbdclass - ok
23:59:56.0112 0x246e4 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
23:59:56.0121 0x246e4 kbdhid - ok
23:59:56.0129 0x246e4 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] KeyIso C:\Windows\system32\lsass.exe
23:59:56.0137 0x246e4 KeyIso - ok
23:59:56.0182 0x246e4 [ 97A7070AEA4C058B6418519E869A63B4, 15345C2D6CA159BD498002974A0BD21CAB611124D85E3320248B47652AEF23C8 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
23:59:56.0192 0x246e4 KSecDD - ok
23:59:56.0251 0x246e4 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E, 94F1382291BD748BAE7EDBCB56F43B8564A1EE22E2DBEB37066559EE3D065FBA ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
23:59:56.0262 0x246e4 KSecPkg - ok
23:59:56.0285 0x246e4 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
23:59:56.0310 0x246e4 ksthunk - ok
23:59:56.0343 0x246e4 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
23:59:56.0380 0x246e4 KtmRm - ok
23:59:56.0429 0x246e4 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
23:59:56.0460 0x246e4 LanmanServer - ok
23:59:56.0517 0x246e4 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:59:56.0546 0x246e4 LanmanWorkstation - ok
23:59:56.0637 0x246e4 [ C34411A244029F1C08687F7C752C4563, 4FC1D6156D760AE8138547262B33677118BD9369F4930F5C5F9BAA2FE6E78EA3 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
23:59:56.0642 0x246e4 LightScribeService - detected UnsignedFile.Multi.Generic ( 1 )
23:59:56.0642 0x246e4 Detect skipped due to KSN trusted
23:59:56.0642 0x246e4 LightScribeService - ok
23:59:56.0652 0x246e4 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
23:59:56.0679 0x246e4 lltdio - ok
23:59:56.0705 0x246e4 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
23:59:56.0738 0x246e4 lltdsvc - ok
23:59:56.0758 0x246e4 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
23:59:56.0784 0x246e4 lmhosts - ok
23:59:56.0816 0x246e4 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
23:59:56.0825 0x246e4 LSI_FC - ok
23:59:56.0847 0x246e4 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
23:59:56.0858 0x246e4 LSI_SAS - ok
23:59:56.0926 0x246e4 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
23:59:56.0934 0x246e4 LSI_SAS2 - ok
23:59:56.0974 0x246e4 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
23:59:56.0983 0x246e4 LSI_SCSI - ok
23:59:57.0002 0x246e4 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
23:59:57.0030 0x246e4 luafv - ok
23:59:57.0061 0x246e4 [ 23488767CB18FC3FF39E3AF1DB3FB02C, F526B80EDA5309162239741CF1C77957E2F9EDEB223AB3DB6FF0DEA3D473590B ] massfilter C:\Windows\system32\drivers\massfilter.sys
23:59:57.0069 0x246e4 massfilter - ok
23:59:57.0117 0x246e4 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
23:59:57.0127 0x246e4 Mcx2Svc - ok
23:59:57.0141 0x246e4 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
23:59:57.0149 0x246e4 megasas - ok
23:59:57.0166 0x246e4 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
23:59:57.0179 0x246e4 MegaSR - ok
23:59:57.0220 0x246e4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
23:59:57.0248 0x246e4 MMCSS - ok
23:59:57.0275 0x246e4 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
23:59:57.0300 0x246e4 Modem - ok
23:59:57.0320 0x246e4 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
23:59:57.0331 0x246e4 monitor - ok
23:59:57.0337 0x246e4 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
23:59:57.0346 0x246e4 mouclass - ok
23:59:57.0360 0x246e4 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
23:59:57.0369 0x246e4 mouhid - ok
23:59:57.0420 0x246e4 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
23:59:57.0429 0x246e4 mountmgr - ok
23:59:57.0462 0x246e4 [ 3B9398E0146855B1DC0E3D9769C80F01, DF69DB5CA30A5577648635C27DD468AF98515D07DF379B3FFDCC6B40744EDE66 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
23:59:57.0473 0x246e4 MozillaMaintenance - ok
23:59:57.0519 0x246e4 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
23:59:57.0531 0x246e4 mpio - ok
23:59:57.0557 0x246e4 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
23:59:57.0583 0x246e4 mpsdrv - ok
23:59:57.0653 0x246e4 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
23:59:57.0698 0x246e4 MpsSvc - ok
23:59:57.0741 0x246e4 [ DC722758B8261E1ABAFD31A3C0A66380, 88BBE073E2CCD1DAB4656DDC53D5161E8A91D035ADAC1465D0CEBA86F1BB6D9A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
23:59:57.0756 0x246e4 MRxDAV - ok
23:59:57.0802 0x246e4 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
23:59:57.0813 0x246e4 mrxsmb - ok
23:59:57.0866 0x246e4 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:59:57.0879 0x246e4 mrxsmb10 - ok
23:59:57.0900 0x246e4 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:59:57.0911 0x246e4 mrxsmb20 - ok
23:59:57.0963 0x246e4 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
23:59:57.0972 0x246e4 msahci - ok
23:59:57.0990 0x246e4 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
23:59:58.0001 0x246e4 msdsm - ok
23:59:58.0027 0x246e4 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
23:59:58.0039 0x246e4 MSDTC - ok
23:59:58.0055 0x246e4 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
23:59:58.0083 0x246e4 Msfs - ok
23:59:58.0090 0x246e4 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
23:59:58.0117 0x246e4 mshidkmdf - ok
23:59:58.0160 0x246e4 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
23:59:58.0169 0x246e4 msisadrv - ok
23:59:58.0200 0x246e4 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
23:59:58.0230 0x246e4 MSiSCSI - ok
23:59:58.0233 0x246e4 msiserver - ok
23:59:58.0249 0x246e4 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
23:59:58.0276 0x246e4 MSKSSRV - ok
23:59:58.0301 0x246e4 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
23:59:58.0328 0x246e4 MSPCLOCK - ok
23:59:58.0331 0x246e4 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
23:59:58.0359 0x246e4 MSPQM - ok
23:59:58.0418 0x246e4 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
23:59:58.0436 0x246e4 MsRPC - ok
23:59:58.0453 0x246e4 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
23:59:58.0462 0x246e4 mssmbios - ok
23:59:58.0477 0x246e4 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
23:59:58.0503 0x246e4 MSTEE - ok
23:59:58.0518 0x246e4 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
23:59:58.0527 0x246e4 MTConfig - ok
23:59:58.0541 0x246e4 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
23:59:58.0550 0x246e4 Mup - ok
23:59:58.0609 0x246e4 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
23:59:58.0646 0x246e4 napagent - ok
23:59:58.0672 0x246e4 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
23:59:58.0691 0x246e4 NativeWifiP - ok
23:59:58.0741 0x246e4 [ DACA803A8D732FE5EEAA024EC342F81D, 2DDEA48CD417EDD657D487BADA7C31C05F35DA328AAC5AA63A99FDFD44F2BF02 ] NBVol C:\Windows\system32\DRIVERS\NBVol.sys
23:59:58.0750 0x246e4 NBVol - ok
23:59:58.0765 0x246e4 [ 6208F622E9E35860DFB0753DFF56F0C0, AF7730B4AB642E0E45C05AE1429C7B3D90B0889CF94B21AC7869790D4DB6FDBE ] NBVolUp C:\Windows\system32\DRIVERS\NBVolUp.sys
23:59:58.0772 0x246e4 NBVolUp - ok
23:59:58.0842 0x246e4 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
23:59:58.0877 0x246e4 NDIS - ok
23:59:58.0894 0x246e4 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
23:59:58.0921 0x246e4 NdisCap - ok
23:59:58.0933 0x246e4 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
23:59:58.0961 0x246e4 NdisTapi - ok
23:59:59.0013 0x246e4 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
23:59:59.0039 0x246e4 Ndisuio - ok
23:59:59.0091 0x246e4 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
23:59:59.0125 0x246e4 NdisWan - ok
23:59:59.0182 0x246e4 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
23:59:59.0209 0x246e4 NDProxy - ok
23:59:59.0253 0x246e4 [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
23:59:59.0258 0x246e4 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
23:59:59.0258 0x246e4 Detect skipped due to KSN trusted
23:59:59.0258 0x246e4 Net Driver HPZ12 - ok
23:59:59.0269 0x246e4 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
23:59:59.0296 0x246e4 NetBIOS - ok
23:59:59.0358 0x246e4 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
23:59:59.0389 0x246e4 NetBT - ok
23:59:59.0404 0x246e4 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] Netlogon C:\Windows\system32\lsass.exe
23:59:59.0413 0x246e4 Netlogon - ok
23:59:59.0452 0x246e4 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
23:59:59.0487 0x246e4 Netman - ok
23:59:59.0558 0x246e4 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:59:59.0571 0x246e4 NetMsmqActivator - ok
23:59:59.0578 0x246e4 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:59:59.0590 0x246e4 NetPipeActivator - ok
23:59:59.0604 0x246e4 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
23:59:59.0641 0x246e4 netprofm - ok
23:59:59.0654 0x246e4 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:59:59.0667 0x246e4 NetTcpActivator - ok
23:59:59.0672 0x246e4 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:59:59.0686 0x246e4 NetTcpPortSharing - ok
23:59:59.0700 0x246e4 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
23:59:59.0709 0x246e4 nfrd960 - ok
23:59:59.0751 0x246e4 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
23:59:59.0768 0x246e4 NlaSvc - ok
23:59:59.0780 0x246e4 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
23:59:59.0813 0x246e4 Npfs - ok
23:59:59.0817 0x246e4 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
23:59:59.0845 0x246e4 nsi - ok
23:59:59.0852 0x246e4 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
23:59:59.0878 0x246e4 nsiproxy - ok
23:59:59.0975 0x246e4 [ E453ACF4E7D44E5530B5D5F2B9CA8563, 85EEBCBB3187A21282619A0264C10E9E52EFE4387F3425D3D279EF460DA3AD06 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
00:00:00.0021 0x246e4 Ntfs - ok
00:00:00.0045 0x246e4 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
00:00:00.0073 0x246e4 Null - ok
00:00:00.0094 0x246e4 [ 785298579B5F9B4032152DFBB992FDB6, 873346A9B2C71C4F3F8B9C6B6AF34AD3675D029DAEA93876350ACBCEE19145D5 ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
00:00:00.0104 0x246e4 nusb3hub - ok
00:00:00.0134 0x246e4 [ DF2750481B4964814467C974F2B0EEF1, 573FE5B5867C207355F0D6BBAE744EC5D2539F02DDC25E1470AE2D1E00954C3C ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
00:00:00.0145 0x246e4 nusb3xhc - ok
00:00:00.0175 0x246e4 [ ED9380F201C8126425C09BED96DBE1E5, 84DA862FA505BF6C58F13A5E8913E9D95890C8C3D00C503A8ABFCA9BC1B080A0 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
00:00:00.0184 0x246e4 NVHDA - ok
00:00:00.0610 0x246e4 [ 5104BAC2DA2A5BDD86AC6B0708B00F06, A02501514F8517CB5A6CFE4352A3D0F864153470015589428A6B14477E791514 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
00:00:00.0915 0x246e4 nvlddmkm - ok
00:00:00.0987 0x246e4 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
00:00:00.0998 0x246e4 nvraid - ok
00:00:01.0066 0x246e4 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
00:00:01.0077 0x246e4 nvstor - ok
00:00:01.0144 0x246e4 [ DDFAFCE89A5C93D04712B86F94E9FCBA, 377303D4CAC9E3AD5B58894CF7AECDA4FCD3D721568BE8BACC0A897A0956919A ] NVSvc C:\Windows\system32\nvvsvc.exe
00:00:01.0173 0x246e4 NVSvc - ok
00:00:01.0266 0x246e4 [ 84E035225474E48CD3A6A3CE52332095, C90E1BC112EDED3035F2D440DDA6FC838D5D9B5F0D7CBE5E4672FEB1CC49F449 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
00:00:01.0301 0x246e4 nvUpdatusService - ok
00:00:01.0349 0x246e4 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
00:00:01.0359 0x246e4 nv_agp - ok
00:00:01.0430 0x246e4 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
00:00:01.0439 0x246e4 ohci1394 - ok
00:00:01.0485 0x246e4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
00:00:01.0501 0x246e4 p2pimsvc - ok
00:00:01.0614 0x246e4 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
00:00:01.0633 0x246e4 p2psvc - ok
00:00:01.0647 0x246e4 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
00:00:01.0657 0x246e4 Parport - ok
00:00:01.0704 0x246e4 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
00:00:01.0713 0x246e4 partmgr - ok
00:00:01.0738 0x246e4 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
00:00:01.0754 0x246e4 PcaSvc - ok
00:00:01.0805 0x246e4 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
00:00:01.0816 0x246e4 pci - ok
00:00:01.0879 0x246e4 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
00:00:01.0887 0x246e4 pciide - ok
00:00:01.0908 0x246e4 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
00:00:01.0921 0x246e4 pcmcia - ok
00:00:01.0944 0x246e4 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
00:00:01.0953 0x246e4 pcw - ok
00:00:01.0979 0x246e4 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
00:00:02.0023 0x246e4 PEAUTH - ok
00:00:02.0091 0x246e4 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
00:00:02.0133 0x246e4 PeerDistSvc - ok
00:00:02.0173 0x246e4 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
00:00:02.0182 0x246e4 PerfHost - ok
00:00:02.0266 0x246e4 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
00:00:02.0326 0x246e4 pla - ok
00:00:02.0369 0x246e4 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
00:00:02.0386 0x246e4 PlugPlay - ok
00:00:02.0398 0x246e4 [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
00:00:02.0403 0x246e4 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
00:00:02.0403 0x246e4 Detect skipped due to KSN trusted
00:00:02.0403 0x246e4 Pml Driver HPZ12 - ok
00:00:02.0408 0x246e4 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
00:00:02.0417 0x246e4 PNRPAutoReg - ok
00:00:02.0433 0x246e4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
00:00:02.0450 0x246e4 PNRPsvc - ok
00:00:02.0513 0x246e4 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
00:00:02.0553 0x246e4 PolicyAgent - ok
00:00:02.0598 0x246e4 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
00:00:02.0629 0x246e4 Power - ok
00:00:02.0667 0x246e4 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
00:00:02.0694 0x246e4 PptpMiniport - ok
00:00:02.0710 0x246e4 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
00:00:02.0720 0x246e4 Processor - ok
00:00:02.0779 0x246e4 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
00:00:02.0793 0x246e4 ProfSvc - ok
00:00:02.0801 0x246e4 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] ProtectedStorage C:\Windows\system32\lsass.exe
00:00:02.0811 0x246e4 ProtectedStorage - ok
00:00:02.0860 0x246e4 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
00:00:02.0888 0x246e4 Psched - ok
00:00:02.0956 0x246e4 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
00:00:03.0000 0x246e4 ql2300 - ok
00:00:03.0024 0x246e4 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
00:00:03.0034 0x246e4 ql40xx - ok
00:00:03.0077 0x246e4 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
00:00:03.0094 0x246e4 QWAVE - ok
00:00:03.0104 0x246e4 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
00:00:03.0117 0x246e4 QWAVEdrv - ok
00:00:03.0131 0x246e4 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
00:00:03.0157 0x246e4 RasAcd - ok
00:00:03.0183 0x246e4 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
00:00:03.0211 0x246e4 RasAgileVpn - ok
00:00:03.0230 0x246e4 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
00:00:03.0259 0x246e4 RasAuto - ok
00:00:03.0315 0x246e4 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
00:00:03.0343 0x246e4 Rasl2tp - ok
00:00:03.0403 0x246e4 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
00:00:03.0437 0x246e4 RasMan - ok
00:00:03.0457 0x246e4 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
00:00:03.0491 0x246e4 RasPppoe - ok
00:00:03.0497 0x246e4 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
00:00:03.0524 0x246e4 RasSstp - ok
00:00:03.0569 0x246e4 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
00:00:03.0601 0x246e4 rdbss - ok
00:00:03.0614 0x246e4 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
00:00:03.0624 0x246e4 rdpbus - ok
00:00:03.0640 0x246e4 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
00:00:03.0667 0x246e4 RDPCDD - ok
00:00:03.0720 0x246e4 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
00:00:03.0731 0x246e4 RDPDR - ok
00:00:03.0735 0x246e4 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
00:00:03.0760 0x246e4 RDPENCDD - ok
00:00:03.0765 0x246e4 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
00:00:03.0792 0x246e4 RDPREFMP - ok
00:00:03.0849 0x246e4 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
00:00:03.0857 0x246e4 RdpVideoMiniport - ok
00:00:03.0901 0x246e4 [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
00:00:03.0918 0x246e4 RDPWD - ok
00:00:03.0968 0x246e4 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
00:00:03.0980 0x246e4 rdyboost - ok
00:00:04.0017 0x246e4 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
00:00:04.0046 0x246e4 RemoteAccess - ok
00:00:04.0082 0x246e4 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
00:00:04.0113 0x246e4 RemoteRegistry - ok
00:00:04.0129 0x246e4 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
00:00:04.0159 0x246e4 RpcEptMapper - ok
00:00:04.0191 0x246e4 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
00:00:04.0200 0x246e4 RpcLocator - ok
00:00:04.0253 0x246e4 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
00:00:04.0291 0x246e4 RpcSs - ok
00:00:04.0311 0x246e4 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
00:00:04.0340 0x246e4 rspndr - ok
00:00:04.0370 0x246e4 [ 4FBDA07EF0A3097CE14C5CABF723B278, 6F1E21362F0057E9C6A180D9189AEB51761F4C019A6835E50E4AD19ED1F58FE6 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
00:00:04.0384 0x246e4 RTL8167 - ok
00:00:04.0428 0x246e4 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
00:00:04.0436 0x246e4 s3cap - ok
00:00:04.0618 0x246e4 [ DB4721B0BA9D705AADA438B1AB50E53C, 5FB18A9BB7F68701C32123C1209FBB8EC4E5A20EFF7E8A2FED01C93C02BD84D9 ] SafetyNutManager C:\Program Files (x86)\Movies Toolbar\SafetyNut\SafetyNutManager.exe
00:00:04.0696 0x246e4 SafetyNutManager - ok
00:00:04.0721 0x246e4 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] SamSs C:\Windows\system32\lsass.exe
00:00:04.0730 0x246e4 SamSs - ok
00:00:04.0779 0x246e4 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
00:00:04.0789 0x246e4 sbp2port - ok
00:00:04.0816 0x246e4 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
00:00:04.0850 0x246e4 SCardSvr - ok
00:00:04.0900 0x246e4 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
00:00:04.0925 0x246e4 scfilter - ok
00:00:04.0999 0x246e4 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
00:00:05.0054 0x246e4 Schedule - ok
00:00:05.0109 0x246e4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
00:00:05.0136 0x246e4 SCPolicySvc - ok
00:00:05.0185 0x246e4 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
00:00:05.0198 0x246e4 SDRSVC - ok
00:00:05.0207 0x246e4 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
00:00:05.0234 0x246e4 secdrv - ok
00:00:05.0275 0x246e4 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
00:00:05.0303 0x246e4 seclogon - ok
00:00:05.0321 0x246e4 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
00:00:05.0349 0x246e4 SENS - ok
00:00:05.0354 0x246e4 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
00:00:05.0363 0x246e4 SensrSvc - ok
00:00:05.0370 0x246e4 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
00:00:05.0379 0x246e4 Serenum - ok
00:00:05.0394 0x246e4 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
00:00:05.0404 0x246e4 Serial - ok
00:00:05.0445 0x246e4 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
00:00:05.0454 0x246e4 sermouse - ok
00:00:05.0503 0x246e4 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
00:00:05.0532 0x246e4 SessionEnv - ok
00:00:05.0576 0x246e4 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
00:00:05.0584 0x246e4 sffdisk - ok
00:00:05.0614 0x246e4 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
00:00:05.0622 0x246e4 sffp_mmc - ok
00:00:05.0638 0x246e4 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
00:00:05.0648 0x246e4 sffp_sd - ok
00:00:05.0664 0x246e4 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
00:00:05.0673 0x246e4 sfloppy - ok
00:00:05.0730 0x246e4 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
00:00:05.0764 0x246e4 ShellHWDetection - ok
00:00:05.0781 0x246e4 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
00:00:05.0790 0x246e4 SiSRaid2 - ok
00:00:05.0810 0x246e4 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
00:00:05.0819 0x246e4 SiSRaid4 - ok
00:00:05.0892 0x246e4 [ CA355B308AA537C6B9D67CD3A5485AF9, 574072A3A52AF35F6293B082D5A4748CB4465CD0406A7E2AF6B5F86D94DE67AD ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
00:00:05.0902 0x246e4 SkypeUpdate - ok
00:00:05.0923 0x246e4 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
00:00:05.0951 0x246e4 Smb - ok
00:00:06.0004 0x246e4 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
00:00:06.0014 0x246e4 SNMPTRAP - ok
00:00:06.0062 0x246e4 [ 0FFE35F0B0CD5A324BBE22F02569AE3B, F4EE803EEFDB4EAEEDB3024C3516F1F9A202C77F4870D6B74356BBDE32B3B560 ] speedfan C:\Windows\syswow64\speedfan.sys
00:00:06.0072 0x246e4 speedfan - ok
00:00:06.0083 0x246e4 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
00:00:06.0091 0x246e4 spldr - ok
00:00:06.0154 0x246e4 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
00:00:06.0175 0x246e4 Spooler - ok
00:00:06.0339 0x246e4 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
00:00:06.0451 0x246e4 sppsvc - ok
00:00:06.0473 0x246e4 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
00:00:06.0501 0x246e4 sppuinotify - ok
00:00:06.0560 0x246e4 [ D6AB7C13FCDD2E4CAC35244D2C172D9A, 64A66368F5336B7A5879D083C2FE57DFD384410ADCC18004F327A4004A4F4300 ] sptd C:\Windows\System32\Drivers\sptd.sys
00:00:06.0579 0x246e4 sptd - ok
00:00:06.0641 0x246e4 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
00:00:06.0660 0x246e4 srv - ok
00:00:06.0682 0x246e4 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
00:00:06.0700 0x246e4 srv2 - ok
00:00:06.0717 0x246e4 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
00:00:06.0728 0x246e4 srvnet - ok
00:00:06.0741 0x246e4 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
00:00:06.0773 0x246e4 SSDPSRV - ok
00:00:06.0784 0x246e4 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
00:00:06.0811 0x246e4 SstpSvc - ok
00:00:06.0918 0x246e4 [ E5C796B621F6FBA8616511063D7F0FFE, 447FA64F552D4B04AD029E01485B4438A70D9B9B98EB49A883D5B17ED4C1D52F ] StarWindServiceAE C:\Program Files (x86)\Alcohol 120\StarWind\StarWindServiceAE.exe
00:00:06.0930 0x246e4 StarWindServiceAE - detected UnsignedFile.Multi.Generic ( 1 )
00:00:06.0930 0x246e4 Detect skipped due to KSN trusted
00:00:06.0930 0x246e4 StarWindServiceAE - ok
00:00:06.0998 0x246e4 [ A87A39F9B42D82F5D60D36BB1D3CC9D3, F609CC721B898B5053FE34B24C94970453BD57441F9A2C93D4F77CB297D56169 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
00:00:07.0016 0x246e4 Steam Client Service - ok
00:00:07.0111 0x246e4 [ F0359F7CE712D69ACEF0886BDB4792ED, 0E638A3F56B1C431A472469E2F47DABD0ABE1CC043FD1673B4CA6E984FE980CF ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
00:00:07.0126 0x246e4 Stereo Service - ok
00:00:07.0170 0x246e4 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
00:00:07.0178 0x246e4 stexstor - ok
00:00:07.0284 0x246e4 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
00:00:07.0311 0x246e4 stisvc - ok
00:00:07.0365 0x246e4 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
00:00:07.0373 0x246e4 storflt - ok
00:00:07.0410 0x246e4 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
00:00:07.0419 0x246e4 storvsc - ok
00:00:07.0469 0x246e4 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
00:00:07.0478 0x246e4 swenum - ok
00:00:07.0503 0x246e4 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
00:00:07.0545 0x246e4 swprv - ok
00:00:07.0550 0x246e4 Synth3dVsc - ok
00:00:07.0641 0x246e4 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
00:00:07.0697 0x246e4 SysMain - ok
00:00:07.0749 0x246e4 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
00:00:07.0765 0x246e4 TabletInputService - ok
00:00:07.0816 0x246e4 [ 4EF44915E522F3ECD1A3FF540AA64126, 3B7ABB4B263F5DC7E12BEBD0512A13877236E0C020B7FE618EE84FAB3E3BF991 ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys
00:00:07.0824 0x246e4 tap0901 - ok
00:00:07.0871 0x246e4 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
00:00:07.0905 0x246e4 TapiSrv - ok
00:00:07.0987 0x246e4 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
00:00:08.0014 0x246e4 TBS - ok
00:00:08.0137 0x246e4 [ B62A953F2BF3922C8764A29C34A22899, 4A117FF9D1BD58C6A1787DDA7402BAE30E4BA7A70FE3A144F41DD647AA7A3901 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
00:00:08.0189 0x246e4 Tcpip - ok
00:00:08.0258 0x246e4 [ B62A953F2BF3922C8764A29C34A22899, 4A117FF9D1BD58C6A1787DDA7402BAE30E4BA7A70FE3A144F41DD647AA7A3901 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
00:00:08.0305 0x246e4 TCPIP6 - ok
00:00:08.0350 0x246e4 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
00:00:08.0358 0x246e4 tcpipreg - ok
00:00:08.0381 0x246e4 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
00:00:08.0389 0x246e4 TDPIPE - ok
00:00:08.0439 0x246e4 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
00:00:08.0447 0x246e4 TDTCP - ok
00:00:08.0492 0x246e4 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
00:00:08.0520 0x246e4 tdx - ok
00:00:08.0549 0x246e4 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
00:00:08.0558 0x246e4 TermDD - ok
00:00:08.0609 0x246e4 [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll
00:00:08.0650 0x246e4 TermService - ok
00:00:08.0664 0x246e4 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
00:00:08.0677 0x246e4 Themes - ok
00:00:08.0716 0x246e4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
00:00:08.0743 0x246e4 THREADORDER - ok
00:00:08.0764 0x246e4 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
00:00:08.0793 0x246e4 TrkWks - ok
00:00:08.0825 0x246e4 [ EA43DE1743C1BA0D2D17B8DB90C91D88, 54115F3002D2C87B82DDA62E96AD8296FFC59DC83E9F3D7F22325325DB73C486 ] truecrypt C:\Windows\system32\drivers\truecrypt.sys
00:00:08.0842 0x246e4 truecrypt - ok
00:00:08.0914 0x246e4 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
00:00:08.0943 0x246e4 TrustedInstaller - ok
00:00:08.0993 0x246e4 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30, CA302C2ED6A6BF4670BAAA4F5C14C0238CF0C80316856AA0DB053F4D593033AC ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
00:00:09.0018 0x246e4 tssecsrv - ok
00:00:09.0065 0x246e4 [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
00:00:09.0075 0x246e4 TsUsbFlt - ok
00:00:09.0082 0x246e4 tsusbhub - ok
00:00:09.0137 0x246e4 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
00:00:09.0165 0x246e4 tunnel - ok
00:00:09.0193 0x246e4 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
00:00:09.0202 0x246e4 uagp35 - ok
00:00:09.0258 0x246e4 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
00:00:09.0292 0x246e4 udfs - ok
00:00:09.0310 0x246e4 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
00:00:09.0321 0x246e4 UI0Detect - ok
00:00:09.0367 0x246e4 [ 34859D3801F4BD3DACFA131DD928455A, 337A111474D28B9B1DE3280925654F941804E4B1F13759B1664C5F7953A27521 ] UimBus C:\Windows\system32\DRIVERS\uimx64.sys
00:00:09.0376 0x246e4 UimBus - ok
00:00:09.0408 0x246e4 [ D3CE4776E7FFB25E6935B1C797F4650C, CF25CB7E596D8E4778E6B4C9D04D3AB7533E20234A76984FE9A010224F4F3EF8 ] Uim_IM C:\Windows\system32\Drivers\Uim_IMx64.sys
00:00:09.0427 0x246e4 Uim_IM - ok
00:00:09.0445 0x246e4 [ 532E4BED5C7803B2EE5681818B2528B7, DF1ED9C44D8DD2AFDDCC8D1F027840DAA560D5B72EB77A64A85541040364BD15 ] Uim_VIM C:\Windows\system32\Drivers\uim_vimx64.sys
00:00:09.0459 0x246e4 Uim_VIM - ok
00:00:09.0472 0x246e4 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
00:00:09.0481 0x246e4 uliagpkx - ok
00:00:09.0531 0x246e4 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys
00:00:09.0540 0x246e4 umbus - ok
00:00:09.0544 0x246e4 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
00:00:09.0553 0x246e4 UmPass - ok
00:00:09.0606 0x246e4 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
00:00:09.0619 0x246e4 UmRdpService - ok
00:00:09.0645 0x246e4 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
00:00:09.0679 0x246e4 upnphost - ok
00:00:09.0725 0x246e4 [ 6F1A3157A1C89435352CEB543CDB359C, 325B46220779C5FE3B6F19FF794474837FAB9675D9C98ACB68CCE47B1CFE5F12 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
00:00:09.0736 0x246e4 usbccgp - ok
00:00:09.0787 0x246e4 [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir C:\Windows\system32\drivers\usbcir.sys
00:00:09.0800 0x246e4 usbcir - ok
00:00:09.0850 0x246e4 [ C025055FE7B87701EB042095DF1A2D7B, D7B34B6C2C5BD3C8141895AC21BB637EA5E3C4F7A85EEF4C4C36E6BB2045A3D9 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
00:00:09.0859 0x246e4 usbehci - ok
00:00:09.0877 0x246e4 [ 287C6C9410B111B68B52CA298F7B8C24, 98900C08FE662A00DF8B37837B2BEBF9ACB7989C387AF36B2109B05A4F462D4E ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
00:00:09.0892 0x246e4 usbhub - ok
00:00:09.0908 0x246e4 [ 9840FC418B4CBD632D3D0A667A725C31, 776D86A032DCA2842EF7AADB35473193CA80547223EFAA7F110F296C377077B0 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
00:00:09.0916 0x246e4 usbohci - ok
00:00:09.0930 0x246e4 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
00:00:09.0944 0x246e4 usbprint - ok
00:00:09.0972 0x246e4 [ AAA2513C8AED8B54B189FD0C6B1634C0, 02FEE0B756AA559C29477A19861AC16D5A3152DC3C897C7D466423438B6A5E42 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
00:00:09.0983 0x246e4 usbscan - ok
00:00:10.0026 0x246e4 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
00:00:10.0035 0x246e4 USBSTOR - ok
00:00:10.0047 0x246e4 [ 62069A34518BCF9C1FD9E74B3F6DB7CD, C58E21424718729324B285BEE1C96551540FCC3FD650B2D10895EBA48D981E25 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
00:00:10.0055 0x246e4 usbuhci - ok
00:00:10.0076 0x246e4 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
00:00:10.0104 0x246e4 UxSms - ok
00:00:10.0133 0x246e4 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] VaultSvc C:\Windows\system32\lsass.exe
00:00:10.0142 0x246e4 VaultSvc - ok
00:00:10.0185 0x246e4 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
00:00:10.0195 0x246e4 vdrvroot - ok
00:00:10.0255 0x246e4 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
00:00:10.0294 0x246e4 vds - ok
00:00:10.0307 0x246e4 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
00:00:10.0318 0x246e4 vga - ok
00:00:10.0330 0x246e4 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
00:00:10.0356 0x246e4 VgaSave - ok
00:00:10.0360 0x246e4 VGPU - ok
00:00:10.0410 0x246e4 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
00:00:10.0422 0x246e4 vhdmp - ok
00:00:10.0434 0x246e4 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
00:00:10.0442 0x246e4 viaide - ok
00:00:10.0461 0x246e4 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
00:00:10.0473 0x246e4 vmbus - ok
00:00:10.0486 0x246e4 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
00:00:10.0495 0x246e4 VMBusHID - ok
00:00:10.0522 0x246e4 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
00:00:10.0531 0x246e4 volmgr - ok
00:00:10.0586 0x246e4 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
00:00:10.0602 0x246e4 volmgrx - ok
00:00:10.0628 0x246e4 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
00:00:10.0643 0x246e4 volsnap - ok
00:00:10.0668 0x246e4 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
00:00:10.0679 0x246e4 vsmraid - ok
00:00:10.0764 0x246e4 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
00:00:10.0829 0x246e4 VSS - ok
00:00:10.0838 0x246e4 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
00:00:10.0849 0x246e4 vwifibus - ok
00:00:10.0881 0x246e4 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
00:00:10.0917 0x246e4 W32Time - ok
00:00:10.0924 0x246e4 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
00:00:10.0933 0x246e4 WacomPen - ok
00:00:10.0953 0x246e4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
00:00:10.0980 0x246e4 WANARP - ok
00:00:10.0984 0x246e4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
00:00:11.0010 0x246e4 Wanarpv6 - ok
00:00:11.0100 0x246e4 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
00:00:11.0144 0x246e4 wbengine - ok
00:00:11.0161 0x246e4 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
00:00:11.0177 0x246e4 WbioSrvc - ok
00:00:11.0240 0x246e4 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
00:00:11.0262 0x246e4 wcncsvc - ok
00:00:11.0277 0x246e4 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
00:00:11.0288 0x246e4 WcsPlugInService - ok
00:00:11.0292 0x246e4 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
00:00:11.0301 0x246e4 Wd - ok
00:00:11.0375 0x246e4 [ 442783E2CB0DA19873B7A63833FF4CB4, 09254970265476214F3187CC22A4F9C7C2769D419600E83FBE302C3A103E527F ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
00:00:11.0401 0x246e4 Wdf01000 - ok
00:00:11.0419 0x246e4 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
00:00:11.0434 0x246e4 WdiServiceHost - ok
00:00:11.0438 0x246e4 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
00:00:11.0452 0x246e4 WdiSystemHost - ok
00:00:11.0507 0x246e4 [ 3DB6D04E1C64272F8B14EB8BC4616280, 9138642B1C19F895D4ECFD930160C80FBF15813CE63BBF4C899842C300FD3026 ] WebClient C:\Windows\System32\webclnt.dll
00:00:11.0530 0x246e4 WebClient - ok
00:00:11.0554 0x246e4 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
00:00:11.0586 0x246e4 Wecsvc - ok
00:00:11.0595 0x246e4 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
00:00:11.0625 0x246e4 wercplsupport - ok
00:00:11.0636 0x246e4 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
00:00:11.0665 0x246e4 WerSvc - ok
00:00:11.0679 0x246e4 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
00:00:11.0705 0x246e4 WfpLwf - ok
00:00:11.0722 0x246e4 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
00:00:11.0730 0x246e4 WIMMount - ok
00:00:11.0735 0x246e4 WinHttpAutoProxySvc - ok
00:00:11.0802 0x246e4 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
00:00:11.0834 0x246e4 Winmgmt - ok
00:00:11.0935 0x246e4 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
00:00:12.0010 0x246e4 WinRM - ok
00:00:12.0071 0x246e4 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
00:00:12.0082 0x246e4 WinUsb - ok
00:00:12.0121 0x246e4 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
00:00:12.0155 0x246e4 Wlansvc - ok
00:00:12.0202 0x246e4 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
00:00:12.0211 0x246e4 WmiAcpi - ok
00:00:12.0225 0x246e4 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
00:00:12.0238 0x246e4 wmiApSrv - ok
00:00:12.0265 0x246e4 WMPNetworkSvc - ok
00:00:12.0275 0x246e4 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
00:00:12.0284 0x246e4 WPCSvc - ok
00:00:12.0337 0x246e4 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
00:00:12.0349 0x246e4 WPDBusEnum - ok
00:00:12.0373 0x246e4 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
00:00:12.0400 0x246e4 ws2ifsl - ok
00:00:12.0404 0x246e4 WSearch - ok
00:00:12.0506 0x246e4 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
00:00:12.0516 0x246e4 WudfPf - ok
00:00:12.0547 0x246e4 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
00:00:12.0559 0x246e4 WUDFRd - ok
00:00:12.0604 0x246e4 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
00:00:12.0615 0x246e4 wudfsvc - ok
00:00:12.0652 0x246e4 [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc C:\Windows\System32\wwansvc.dll
00:00:12.0669 0x246e4 WwanSvc - ok
00:00:12.0678 0x246e4 ================ Scan global ===============================
00:00:12.0701 0x246e4 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
00:00:12.0750 0x246e4 [ 0C27239FEA4DB8A2AAC9E502186B7264, 102AA14D7A3CCCE913D9887AF4CCE87EA649A21BEF5196DFFCAD7E8F0B6A7293 ] C:\Windows\system32\winsrv.dll
00:00:12.0761 0x246e4 [ 0C27239FEA4DB8A2AAC9E502186B7264, 102AA14D7A3CCCE913D9887AF4CCE87EA649A21BEF5196DFFCAD7E8F0B6A7293 ] C:\Windows\system32\winsrv.dll
00:00:12.0793 0x246e4 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
00:00:12.0820 0x246e4 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
00:00:12.0827 0x246e4 [ Global ] - ok
00:00:12.0827 0x246e4 ================ Scan MBR ==================================
00:00:12.0843 0x246e4 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
00:00:13.0271 0x246e4 \Device\Harddisk0\DR0 - ok
00:00:13.0271 0x246e4 ================ Scan VBR ==================================
00:00:13.0273 0x246e4 [ 40A022035C7F504984A4183EBF029AEF ] \Device\Harddisk0\DR0\Partition1
00:00:13.0274 0x246e4 \Device\Harddisk0\DR0\Partition1 - ok
00:00:13.0285 0x246e4 Win FW state via NFP2: enabled
00:00:15.0687 0x246e4 ============================================================
00:00:15.0687 0x246e4 Scan finished
00:00:15.0687 0x246e4 ============================================================
00:00:15.0695 0x24678 Detected object count: 0
00:00:15.0695 0x24678 Actual detected object count: 0
00:02:23.0805 0x239f4 Deinitialize success

aharonov 07.01.2014 00:19
Ok.


Schritt 1

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).



Schritt 2

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.




Schritt 3

Starte noch einmal FRST.
  • Ändere keine der Voreinstellungen und drücke auf Scan.
  • Wenn der Scan abgeschlossen ist, werden ein neues Logfile FRST.txt erstellt und auf dem Desktop gespeichert.
  • Poste den Inhalt dieses Logfiles bitte hier in deinen Thread.



Bitte poste in deiner nächsten Antwort:
  • Log von Adwcleaner
  • Log von Combofix
  • Log von FRST

user54321 07.01.2014 00:26
Ok danke, morgen früh aber erst alles ;)

aharonov 07.01.2014 00:42
Alles klar. :)

user54321 07.01.2014 16:53
So da AdwCleaner die S0 war richtig? R0 gabs auch!


AdwCleaner Logfile:
Code:
# AdwCleaner v3.016 - Bericht erstellt am 07/01/2014 um 16:02:01
# Aktualisiert 23/12/2013 von Xplode
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (64 bits)
# Benutzername : Munfrosch - USG
# Gestartet von : C:\Users\Munfrosch\Downloads\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****

Dienst Gelöscht : SafetyNutManager

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\BitGuard
Ordner Gelöscht : C:\ProgramData\Browser Manager
Ordner Gelöscht : C:\ProgramData\BrowserProtect
Ordner Gelöscht : C:\ProgramData\SafetyNut
Ordner Gelöscht : C:\ProgramData\Tarma Installer
Ordner Gelöscht : C:\ProgramData\wincert
[#] Ordner Gelöscht : C:\Program Files (x86)\Movies Toolbar
Ordner Gelöscht : C:\Program Files\Babylon
Ordner Gelöscht : C:\Users\Munfrosch\AppData\Local\lollipop
Ordner Gelöscht : C:\Users\MUNFRO~1\AppData\Local\Temp\OCS
Ordner Gelöscht : C:\Users\Munfrosch\AppData\LocalLow\facemoods.com
Ordner Gelöscht : C:\Users\Munfrosch\AppData\Roaming\goforfiles
Ordner Gelöscht : C:\Users\Munfrosch\AppData\Roaming\OpenCandy
Ordner Gelöscht : C:\Users\Munfrosch\Documents\optimizer pro
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\Ask.xml
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\Ask.xml
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\qone8.xml
Datei Gelöscht : C:\Users\Munfrosch\AppData\Roaming\Mozilla\Firefox\Profiles\p85aww12.default\user.js
Datei Gelöscht : C:\Windows\System32\Tasks\GoforFilesUpdate

***** [ Verknüpfungen ] *****

Verknüpfung Desinfiziert : C:\Users\Public\Desktop\Mozilla Firefox.lnk
Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Verknüpfung Desinfiziert : C:\Users\Munfrosch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
Verknüpfung Desinfiziert : C:\Users\Munfrosch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Verknüpfung Desinfiziert : C:\Users\Munfrosch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Verknüpfung Desinfiziert : C:\Users\Munfrosch\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Verknüpfung Desinfiziert : C:\Users\Munfrosch\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
Verknüpfung Desinfiziert : C:\Users\Munfrosch\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk
Verknüpfung Desinfiziert : C:\Users\Munfrosch\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Mozilla Firefox (2).lnk
Verknüpfung Desinfiziert : C:\Users\Munfrosch\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Mozilla Firefox.lnk

***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [ocr@babylon.com]
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [iLivid]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\BabylonHelper.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BabyDict
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BabyGloss
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BabyOptFile
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\driverscanner
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\MoviesToolbarHelper.DNSGuard
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\MoviesToolbarHelper.DNSGuard.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\facemoodssrv_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\facemoodssrv_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\GoforFiles_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\GoforFiles_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\optprostart_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\optprostart_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wajam_download_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wajam_download_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsemngr.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsermngr.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bundlesweetimsetup.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cltmngsvc.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta babylon.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta tb.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta2.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltainstaller.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltasetup.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb_2501-c733154b.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iminentsetup.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sweetimsetup.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tbdelta.exetoolbar783881609.exe
Wert Gelöscht : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]
Wert Gelöscht : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]
Wert Gelöscht : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x64]
Wert Gelöscht : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x86]
Schlüssel Gelöscht : HKCU\Software\a474c6d2b75d64b3ed1078b377b83c48
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_ashampoo-burning-studio_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_ashampoo-burning-studio_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_google-earth_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_google-earth_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_oront-burning-kit_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_oront-burning-kit_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{64182481-4F71-486B-A045-B233BD0DA8FC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DDE2C74F-58CC-4D71-8CE1-09DEBB8CFB78}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64182481-4F71-486B-A045-B233BD0DA8FC}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{64182481-4F71-486B-A045-B233BD0DA8FC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3444C3C5-6C56-4A16-A453-832B05BF6EA4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Daten Wiederhergestellt : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Schlüssel Gelöscht : HKCU\Software\APN PIP
Schlüssel Gelöscht : HKCU\Software\Babylon
Schlüssel Gelöscht : HKCU\Software\BI
Schlüssel Gelöscht : HKCU\Software\FLEXnet
Schlüssel Gelöscht : HKCU\Software\GoforFiles
Schlüssel Gelöscht : HKCU\Software\ilivid
Schlüssel Gelöscht : HKCU\Software\lollipop
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\Webplayer
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKCU\Software\AppDataLow\SProtector
Schlüssel Gelöscht : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\Software\GoforFiles
Schlüssel Gelöscht : HKLM\Software\PIP
Schlüssel Gelöscht : HKLM\Software\qone8Software
Schlüssel Gelöscht : HKLM\Software\SafetyNut
Schlüssel Gelöscht : HKLM\Software\SP Global
Schlüssel Gelöscht : HKLM\Software\SProtector
Schlüssel Gelöscht : HKLM\Software\Uniblue
Schlüssel Gelöscht : HKLM\Software\Vittalia
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Tarma Installer
Daten Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~3\wincert\win32c~1.dll
Daten Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\movies~1\safety~1\safety~2.dll
Daten Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~3\Wincert\WIN64C~1.DLL
Daten Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\MOVIES~1\SAFETY~1\x64\SAFETY~2.DLL

***** [ Browser ] *****

-\\ Internet Explorer v9.0.8112.16464

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Mozilla Firefox v26.0 (de)

[ Datei : C:\Users\Munfrosch\AppData\Roaming\Mozilla\Firefox\Profiles\p85aww12.default\prefs.js ]

Zeile gelöscht : user_pref("browser.search.order.1", "Ask.com");
Zeile gelöscht : user_pref("extensions.facemoods.aflt", "_#ddr");
Zeile gelöscht : user_pref("extensions.facemoods.firstRun", false);
Zeile gelöscht : user_pref("extensions.facemoods.lastActv", "6");
Zeile gelöscht : user_pref("extensions.kango.storage.m2_k1", "0");
Zeile gelöscht : user_pref("extensions.kango.storage.m2_k2", "0");
Zeile gelöscht : user_pref("extensions.kango.storage.m2_k3", "0");
Zeile gelöscht : user_pref("extensions.kango.storage.m2_k4", "1383647322626");
Zeile gelöscht : user_pref("extensions.kango.storage.m2_k5", "1383503723858");
Zeile gelöscht : user_pref("extensions.kango.storage.minibar.config", "{\"name\":\"Apps Hat\",\"description\":\"Apps Hat\",\"button\":{\"tooltip\":\"Visit AppsHat.com\",\"icon\":\"hxxp://www.bigspeedpro.com/button/%af[...]
Zeile gelöscht : user_pref("extensions.kango.storage.nero_options", "\"{\\\"m1\\\":{\\\"ads\\\":{\\\"n1\\\":{\\\"url\\\":\\\"//ulayout.com/nero/hatter/google_post_results_728x90.html?aff_slug=appshat\\\",\\\"width\\\"[...]
Zeile gelöscht : user_pref("extensions.kango.storage.ui.button.iconCache", "\"data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABMAAAATCAYAAAByUDbMAAADlElEQVQ4jb3S3U9adxwG8F/BuooQAQscXj0cOIC8nANUPYjoHDClvqAoZ04gpqsZKmrUV[...]
Zeile gelöscht : user_pref("extentions.y2layers.defaultEnableAppsList", "twittube,buzzdock,YontooNewOffers");
Zeile gelöscht : user_pref("extentions.y2layers.installId", "3957e33c-3e68-453a-8a99-db4ed98d94a5");

*************************

AdwCleaner[R0].txt - [18874 octets] - [07/01/2014 16:01:16]
AdwCleaner[S0].txt - [15493 octets] - [07/01/2014 16:02:01]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [15554 octets] ##########
--- --- ---

Combofix

Combofix Logfile:
Code:
ComboFix 14-01-04.03 - Munfrosch 07.01.2014  16:13:29.1.4 - x64
Microsoft Windows 7 Ultimate  6.1.7601.1.1252.49.1031.18.8190.6914 [GMT 1:00]
ausgeführt von:: c:\users\Munfrosch\Downloads\ComboFix.exe
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\ShoppingChip
c:\programdata\ShoppingChip
c:\users\Munfrosch\4gb
c:\users\Munfrosch\4gb\JPEG Image (1015).jpg
c:\users\Munfrosch\4gb\JPEG Image (1248).jpg
c:\users\Munfrosch\4gb\JPEG Image (1262).jpg
c:\users\Munfrosch\4gb\JPEG Image (1293).jpg
c:\users\Munfrosch\4gb\JPEG Image (1314).jpg
c:\users\Munfrosch\4gb\JPEG Image (1415).jpg
c:\users\Munfrosch\4gb\JPEG Image (1725).jpg
c:\users\Munfrosch\4gb\JPEG Image (1745).jpg
c:\users\Munfrosch\4gb\JPEG Image (2033).jpg
c:\users\Munfrosch\4gb\JPEG Image (2491).jpg
c:\users\Munfrosch\4gb\JPEG Image (2597).jpg
c:\users\Munfrosch\4gb\JPEG Image (2982).jpg
c:\users\Munfrosch\4gb\JPEG Image (3).jpg
c:\users\Munfrosch\4gb\JPEG Image (3306).jpg
c:\users\Munfrosch\4gb\JPEG Image (3518).jpg
c:\users\Munfrosch\4gb\JPEG Image (3629).jpg
c:\users\Munfrosch\4gb\JPEG Image (3951).jpg
c:\users\Munfrosch\4gb\JPEG Image (4240).jpg
c:\users\Munfrosch\4gb\JPEG Image (5461).jpg
c:\users\Munfrosch\4gb\JPEG Image (589).jpg
c:\users\Munfrosch\4gb\JPEG Image (634).jpg
c:\users\Munfrosch\4gb\JPEG Image (648).jpg
c:\users\Munfrosch\4gb\JPEG Image (666).jpg
c:\users\Munfrosch\4gb\JPEG Image (736).jpg
c:\users\Munfrosch\4gb\JPEG Image (86).jpg
c:\users\Munfrosch\4gb\JPEG Image (892).jpg
c:\users\Munfrosch\4gb\JPEG Image (9290).jpg
c:\users\Munfrosch\4gb\JPEG Image (9715).jpg
c:\users\Munfrosch\8gb
c:\users\Munfrosch\8gb\JPEG Image (101).jpg
c:\users\Munfrosch\8gb\JPEG Image (1029).jpg
c:\users\Munfrosch\8gb\JPEG Image (106).jpg
c:\users\Munfrosch\8gb\JPEG Image (1071).jpg
c:\users\Munfrosch\8gb\JPEG Image (1136).jpg
c:\users\Munfrosch\8gb\JPEG Image (114).jpg
c:\users\Munfrosch\8gb\JPEG Image (117).jpg
c:\users\Munfrosch\8gb\JPEG Image (119).jpg
c:\users\Munfrosch\8gb\JPEG Image (124).jpg
c:\users\Munfrosch\8gb\JPEG Image (130).jpg
c:\users\Munfrosch\8gb\JPEG Image (133).jpg
c:\users\Munfrosch\8gb\JPEG Image (137).jpg
c:\users\Munfrosch\8gb\JPEG Image (139).jpg
c:\users\Munfrosch\8gb\JPEG Image (141213).jpg
c:\users\Munfrosch\8gb\JPEG Image (144).jpg
c:\users\Munfrosch\8gb\JPEG Image (158).jpg
c:\users\Munfrosch\8gb\JPEG Image (162).jpg
c:\users\Munfrosch\8gb\JPEG Image (168).jpg
c:\users\Munfrosch\8gb\JPEG Image (190).jpg
c:\users\Munfrosch\8gb\JPEG Image (192).jpg
c:\users\Munfrosch\8gb\JPEG Image (202).jpg
c:\users\Munfrosch\8gb\JPEG Image (204).jpg
c:\users\Munfrosch\8gb\JPEG Image (207).jpg
c:\users\Munfrosch\8gb\JPEG Image (210).jpg
c:\users\Munfrosch\8gb\JPEG Image (217).jpg
c:\users\Munfrosch\8gb\JPEG Image (220).jpg
c:\users\Munfrosch\8gb\JPEG Image (224).jpg
c:\users\Munfrosch\8gb\JPEG Image (53).jpg
c:\users\Munfrosch\8gb\JPEG Image (55).jpg
c:\users\Munfrosch\8gb\JPEG Image (575).jpg
c:\users\Munfrosch\8gb\JPEG Image (58).jpg
c:\users\Munfrosch\8gb\JPEG Image (580).jpg
c:\users\Munfrosch\8gb\JPEG Image (585).jpg
c:\users\Munfrosch\8gb\JPEG Image (598).jpg
c:\users\Munfrosch\8gb\JPEG Image (60).jpg
c:\users\Munfrosch\8gb\JPEG Image (602).jpg
c:\users\Munfrosch\8gb\JPEG Image (610).jpg
c:\users\Munfrosch\8gb\JPEG Image (614).jpg
c:\users\Munfrosch\8gb\JPEG Image (625).jpg
c:\users\Munfrosch\8gb\JPEG Image (635).jpg
c:\users\Munfrosch\8gb\JPEG Image (64).jpg
c:\users\Munfrosch\8gb\JPEG Image (646).jpg
c:\users\Munfrosch\8gb\JPEG Image (648).jpg
c:\users\Munfrosch\8gb\JPEG Image (656).jpg
c:\users\Munfrosch\8gb\JPEG Image (67).jpg
c:\users\Munfrosch\8gb\JPEG Image (72).jpg
c:\users\Munfrosch\8gb\JPEG Image (76).jpg
c:\users\Munfrosch\8gb\JPEG Image (773).jpg
c:\users\Munfrosch\8gb\JPEG Image (786).jpg
c:\users\Munfrosch\8gb\JPEG Image (789).jpg
c:\users\Munfrosch\8gb\JPEG Image (792).jpg
c:\users\Munfrosch\8gb\JPEG Image (795).jpg
c:\users\Munfrosch\8gb\JPEG Image (80).jpg
c:\users\Munfrosch\8gb\JPEG Image (810).jpg
c:\users\Munfrosch\8gb\JPEG Image (835).jpg
c:\users\Munfrosch\8gb\JPEG Image (86).jpg
c:\users\Munfrosch\8gb\JPEG Image (866).jpg
c:\users\Munfrosch\8gb\JPEG Image (90).jpg
c:\users\Munfrosch\8gb\JPEG Image (905).jpg
c:\users\Munfrosch\8gb\JPEG Image (93).jpg
c:\users\Munfrosch\8gb\JPEG Image (938).jpg
c:\users\Munfrosch\8gb\JPEG Image (940).jpg
c:\users\Munfrosch\8gb\JPEG Image (943).jpg
c:\users\Munfrosch\8gb\JPEG Image (945).jpg
c:\users\Munfrosch\8gb\JPEG Image (949).jpg
c:\users\Munfrosch\8gb\JPEG Image (954).jpg
c:\users\Munfrosch\8gb\JPEG Image (963).jpg
c:\users\Munfrosch\8gb\JPEG Image (966).jpg
c:\users\Munfrosch\8gb\JPEG Image (969).jpg
c:\users\Munfrosch\8gb\JPEG Image (97).jpg
c:\users\Munfrosch\8gb\JPEG Image (972).jpg
c:\users\Munfrosch\8gb\JPEG Image (975).jpg
c:\users\Munfrosch\8gb\JPEG Image (99).jpg
c:\users\Munfrosch\AppData\Roaming\logs.dat
c:\users\Munfrosch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\a474c6d2b75d64b3ed1078b377b83c48.exe
c:\windows\Installer\{87215ddf-c91c-20ea-4c50-d3f0e9ab0906}
c:\windows\Installer\{87215ddf-c91c-20ea-4c50-d3f0e9ab0906}\L\00000004.@
c:\windows\Installer\{87215ddf-c91c-20ea-4c50-d3f0e9ab0906}\L\201d3dde
c:\windows\Installer\{87215ddf-c91c-20ea-4c50-d3f0e9ab0906}\L\76603ac3
c:\windows\Installer\{87215ddf-c91c-20ea-4c50-d3f0e9ab0906}\U\00000008.@
c:\windows\IsUn0407.exe
c:\windows\svchost.exe
c:\windows\svchost.exe.tmp
c:\windows\SysWow64\DEBUG.log
C:\Windows6.1-KB947821-v26-x64.msu
.
.
(((((((((((((((((((((((  Dateien erstellt von 2013-12-07 bis 2014-01-07  ))))))))))))))))))))))))))))))
.
.
2014-01-07 15:01 . 2014-01-07 15:02        --------        d-----w-        C:\AdwCleaner
2014-01-06 22:15 . 2014-01-06 22:15        --------        d-----w-        C:\FRST
2013-12-17 15:44 . 2013-12-17 15:44        --------        d-----w-        c:\program files (x86)\PC Inspector File Recovery
2013-12-17 15:41 . 2013-12-17 18:14        --------        d-----w-        C:\rescuee
2013-12-15 16:34 . 2013-12-15 16:34        --------        d-----w-        c:\program files (x86)\Common Files\Java
2013-12-15 16:33 . 2013-12-15 16:33        --------        d-----w-        c:\programdata\Oracle
2013-12-15 16:33 . 2013-12-15 16:33        --------        d-----w-        c:\users\Munfrosch\AppData\Roaming\ChemTable Software
2013-12-15 16:33 . 2013-12-15 16:33        96168        ----a-w-        c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-12-15 16:33 . 2013-12-15 16:33        --------        d-----w-        c:\users\Munfrosch\AppData\Local\ChemTable Software
2013-12-15 16:33 . 2013-12-15 16:33        --------        d-----w-        c:\program files (x86)\Reg Organizer
2013-12-15 16:33 . 2013-12-15 16:33        --------        d-----w-        c:\program files (x86)\Java
2013-12-15 16:16 . 2013-12-15 16:38        --------        d-----w-        c:\users\Munfrosch\AppData\Local\AnVir
2013-12-15 16:16 . 2013-12-15 16:16        --------        d-----w-        c:\program files (x86)\AnVir Task Manager
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-07 15:24 . 2011-01-23 15:13        25640        ----a-w-        c:\windows\gdrv.sys
2013-12-15 16:28 . 2012-12-19 06:49        692616        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-15 16:28 . 2011-06-07 17:09        71048        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"="c:\progra~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2005-02-17 221184]
"AlcoholAutomount"="c:\program files (x86)\Alcohol 120\AxAutoMntSrv.exe" [2010-08-20 33120]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-03-14 3672640]
"icq"="c:\users\Munfrosch\AppData\Roaming\ICQM\icq.exe" [2013-05-23 28773224]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2013-12-11 1823656]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"="c:\program files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2009-11-20 106496]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2010-01-19 43632]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
"CloneCDTray"="c:\program files (x86)\SlySoft\CloneCD\CloneCDTray.exe" [2009-01-29 57344]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-05-11 958576]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer4"=wdmaud.drv
.
R1 Uim_VIM;UIM Virtual Image Plugin;c:\windows\system32\Drivers\uim_vimx64.sys;c:\windows\SYSNATIVE\Drivers\uim_vimx64.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 ALSysIO;ALSysIO;c:\users\MUNFRO~1\AppData\Local\Temp\ALSysIO64.sys;c:\users\MUNFRO~1\AppData\Local\Temp\ALSysIO64.sys [x]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe;c:\windows\SYSNATIVE\AppleChargerSrv.exe [x]
R3 CGVPNCliSrvc;CyberGhost VPN Client;c:\program files\CyberGhost VPN\CGVPNCliService.exe;c:\program files\CyberGhost VPN\CGVPNCliService.exe [x]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbnet.sys [x]
R3 GVTDrv64;GVTDrv64;c:\windows\GVTDrv64.sys;c:\windows\GVTDrv64.sys [x]
R3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\DRIVERS\ewusbfake.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbfake.sys [x]
R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys;c:\windows\SYSNATIVE\drivers\massfilter.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
S0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\DRIVERS\NBVol.sys;c:\windows\SYSNATIVE\DRIVERS\NBVol.sys [x]
S0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\DRIVERS\NBVolUp.sys;c:\windows\SYSNATIVE\DRIVERS\NBVolUp.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AppleCharger.sys [x]
S2 ES lite Service;ES lite Service for program management.;c:\program files (x86)\Gigabyte\EasySaver\ESSVR.EXE;c:\program files (x86)\Gigabyte\EasySaver\ESSVR.EXE [x]
S2 JMB36X;JMB36X;c:\windows\SysWOW64\XSrvSetup.exe;c:\windows\SysWOW64\XSrvSetup.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt        REG_MULTI_SZ          hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2011-03-04 10:29        451872        ----a-w-        c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-01-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-27 07:02]
.
2014-01-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-27 07:02]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-04-06 10144288]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mDefault_Search_URL = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.google.com
mSearchAssistant = hxxp://www.google.com
IE: {{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - c:\program files (x86)\ICQ7.4\ICQ.exe
Trusted Zone: microsoft.com
Trusted Zone: microsoft.com\*.update
Trusted Zone: microsoft.com\*.windowsupdate
Trusted Zone: windowsupdate.com
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Munfrosch\AppData\Roaming\Mozilla\Firefox\Profiles\p85aww12.default\
FF - ExtSQL: !HIDDEN! 2012-11-29 21:14; smartwebprinting@hp.com; c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-10 - (no file)
Wow6432Node-HKCU-Run-a474c6d2b75d64b3ed1078b377b83c48 - c:\windows\svchost.exe
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Wow6432Node-HKLM-Run-HDD Regenerator - c:\program files (x86)\HDD Regenerator\HDD Regenerator.exe
Toolbar-10 - (no file)
HKLM-Run-a474c6d2b75d64b3ed1078b377b83c48 - c:\windows\svchost.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:4e,e1,00,4d,c7,f1,40,eb,1e,d6,36,87,8b,9c,4f,2c,3d,cc,ee,c1,0a,96,d5,
  ac,c6,27,33,89,09,14,1c,d3,e6,cc,26,74,95,cd,9f,51,be,29,7d,89,b8,f1,77,72,\
"??"=hex:2f,71,e8,43,a1,29,dc,52,f5,e8,a9,0e,97,c0,25,c5
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.0_03"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.0_04"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.0_05"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_01"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_01"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_02"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_02"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_03"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_03"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_04"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_04"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_05"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_05"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_06"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_06"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_07"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_07"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_08"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_08"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_09"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_09"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_10"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_10"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_11"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_11"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_12"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_12"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_13"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_13"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_14"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_14"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_15"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_15"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_16"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_16"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_17"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_17"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_18"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_18"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_19"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_19"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_20"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_20"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_21"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_21"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_01"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_01"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_02"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_02"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_03"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_03"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_04"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_04"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_01"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_01"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_02"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_02"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_03"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_03"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_04"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_04"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_05"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_05"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_06"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_06"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_07"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_07"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_01"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_01"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_02"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_02"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_03"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_03"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_04"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_04"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_05"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_05"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_06"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_06"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_07"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_07"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_08"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_08"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_09"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_09"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_10"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_10"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_11"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_11"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_12"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_12"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_13"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_13"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_14"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_14"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_15"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_15"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_16"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_16"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_17"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_17"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_18"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_18"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_19"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_19"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_20"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_20"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_21"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_21"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_22"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_22"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_23"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_23"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_24"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_24"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_25"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_25"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_26"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_26"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_27"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_27"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_28"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_28"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_29"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_29"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_30"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_30"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_31"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_31"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0032-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_32"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0032-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_32"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0033-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_33"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0033-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_33"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_34"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_34"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0035-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_35"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0035-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_35"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0036-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_36"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0036-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_36"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0037-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_37"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0037-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_37"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0038-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_38"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0038-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_38"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0039-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_39"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0039-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_39"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0040-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_40"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0040-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_40"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0041-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_41"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0041-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_41"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0042-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_42"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0042-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_42"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0043-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_43"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0043-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_43"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0014-0002-FFFF-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_01"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_01"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_01"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_02"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_02"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_02"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_03"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_03"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_03"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_04"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_04"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_04"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_05"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_05"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_05"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_06"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_06"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_06"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_07"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_07"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_07"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_08"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_08"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_08"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_09"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_09"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_09"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_10"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_10"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_10"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_11"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_11"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_11"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_12"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_12"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_12"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_13"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_13"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_13"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_14"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_14"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_14"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_15"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_15"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_15"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_16"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_16"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_16"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_17"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_17"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_17"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_18"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_18"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_18"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_19"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_19"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_19"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_20"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_20"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_20"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_21"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_21"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_21"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_22"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_22"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_22"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_23"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_23"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_23"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_24"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_24"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_24"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_25"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_25"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_25"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_26"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_26"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_26"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_27"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_27"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_27"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_28"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_28"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_28"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_29"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_29"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_29"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_30"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_30"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_30"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_31"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_31"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_31"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_32"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_32"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_32"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_33"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_33"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_33"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_34"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_34"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_34"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_35"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_35"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_35"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_36"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_36"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_36"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_37"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_37"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_37"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_38"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_38"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_38"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_39"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_39"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_39"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_40"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_40"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_40"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_41"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_41"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_41"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0042-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_42"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0042-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_42"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0042-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_42"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0043-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_43"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0043-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_43"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0043-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_43"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0044-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_44"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0044-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_44"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0044-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_44"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0045-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_45"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0045-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_45"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0045-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_45"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0015-0000-FFFF-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_01"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_01"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_01"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_02"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_02"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_02"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_03"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_03"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_03"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_04"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_04"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_04"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_05"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_05"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_05"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_06"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_06"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_06"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_07"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_07"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_07"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_08"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_08"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_08"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_09"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_09"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_09"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_10"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_10"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_10"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_11"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_11"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_11"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_12"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_12"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_12"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_13"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_13"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_13"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_14"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_14"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_14"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_15"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_15"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_15"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_16"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_16"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_16"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_17"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_17"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_17"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_18"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_18"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_18"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_19"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_19"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_19"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_20"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_20"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_20"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_21"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_21"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_21"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_22"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_22"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_22"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_23"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_23"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_23"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_24"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_24"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_24"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_25"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_25"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_25"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_26"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_26"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_26"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_27"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_27"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_27"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_28"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_28"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_28"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_29"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_29"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_29"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_30"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_30"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_30"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_31"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_31"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_31"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_32"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_32"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_32"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_33"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_33"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_33"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_34"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_34"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_34"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_35"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_35"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_35"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_36"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_36"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_36"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_37"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_37"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_37"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_38"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_38"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_38"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_39"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_39"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_39"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_40"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_40"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_40"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_41"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_41"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_41"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_42"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_42"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_42"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_43"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_43"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_43"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0044-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_44"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0044-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_44"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0044-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_44"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_45"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_45"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_45"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0016-0000-FFFF-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_01"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_01"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_01"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_02"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_02"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_02"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_03"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_03"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_03"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_04"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_04"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_04"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_05"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_05"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_05"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_06"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_06"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_06"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_07"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_07"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_07"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_08"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_08"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_08"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_09"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_09"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_09"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_10"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_10"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_10"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_11"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_11"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_11"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_12"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_12"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_12"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_13"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_13"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_13"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_14"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_14"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_14"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_15"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_15"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_15"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_16"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_16"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_16"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_17"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_17"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_17"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0018-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_18"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0018-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_18"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0018-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_18"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0019-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_19"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0019-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_19"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0019-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_19"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0020-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_20"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0020-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_20"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0020-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_20"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_21"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_21"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_21"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0022-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_22"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0022-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_22"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0022-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_22"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0023-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_23"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0023-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_23"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0023-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_23"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0024-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_24"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0024-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_24"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0024-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_24"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_25"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_25"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_25"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{CAFEEFAC-0017-0000-FFFF-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0"
.
[HKEY_USERS\S-1-5-21-434874503-2144557703-4265496468-1000_Classes\CLSID\{E19F9331-3110-11D4-991C-005004D3B3DB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.0_02"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_171_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_171_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_171_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_171_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\Alcohol 120\StarWind\StarWindServiceAE.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-01-07  16:29:44 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2014-01-07 15:29
.
Vor Suchlauf: 73 Verzeichnis(se), 64.398.761.984 Bytes frei
Nach Suchlauf: 78 Verzeichnis(se), 79.145.734.144 Bytes frei
.
- - End Of File - - F7776FAF998CFFFC3B463D23033B1EFD
--- --- ---
A36C5E4F47E84449FF07ED3517B43A31

user54321 07.01.2014 16:55
FRST
FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-01-2014
Ran by Munfrosch (administrator) on USG on 07-01-2014 16:30:38
Running from C:\Users\Munfrosch\Downloads
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
() C:\Program Files (x86)\Gigabyte\EasySaver\essvr.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\Windows\SysWOW64\XSrvSetup.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(StarWind Software) C:\Program Files (x86)\Alcohol 120\StarWind\StarWindServiceAE.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10144288 2010-04-06] (Realtek Semiconductor)
HKLM\...\Run: [a474c6d2b75d64b3ed1078b377b83c48] - "C:\Windows\svchost.exe" ..
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496 2009-11-20] (NEC Electronics Corporation)
HKLM-x32\...\Run: [JMB36X IDE Setup] - C:\Windows\RaidTool\xInsIDE.exe [43632 2010-01-19] ()
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [CloneCDTray] - C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe [57344 2009-01-29] (SlySoft, Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKCU\...\Run: [ISUSPM Startup] - C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2005-02-17] (InstallShield Software Corporation)
HKCU\...\Run: [AlcoholAutomount] - C:\Program Files (x86)\Alcohol 120\AxAutoMntSrv.exe [33120 2010-08-20] (Alcohol Soft Development Team)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKCU\...\Run: [icq] - C:\Users\Munfrosch\AppData\Roaming\ICQM\icq.exe [28773224 2013-05-23] (ICQ)
HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1823656 2013-12-11] (Valve Corporation)
HKCU\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x95000000
HKU\UpdatusUser\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\UpdatusUser\...\Run: [Steam] - "C:\Program Files (x86)\SPIELE\Steam.exe" -silent
HKU\UpdatusUser\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10v_Plugin.exe -update plugin

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x01A970B010BBCB01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
DPF: HKLM-x32 {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 01 %SystemRoot%\System32\mswsock.dll [326144] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Munfrosch\AppData\Roaming\Mozilla\Firefox\Profiles\p85aww12.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrchddr.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: German Dictionary - C:\Users\Munfrosch\AppData\Roaming\Mozilla\Firefox\Profiles\p85aww12.default\Extensions\de-DE@dictionaries.addons.mozilla.org
FF Extension: Adblock Plus - C:\Users\Munfrosch\AppData\Roaming\Mozilla\Firefox\Profiles\p85aww12.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

==================== Services (Whitelisted) =================

S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
S3 CGVPNCliSrvc; C:\Program Files\CyberGhost VPN\CGVPNCliService.exe [2438696 2012-04-26] (mobile concepts GmbH)
R2 ES lite Service; C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE [68136 2009-08-24] ()
S2 HDDlife HDD Access service; C:\Program Files (x86)\Common Files\BinarySense\hldasvc.exe [1836912 2012-11-27] (BinarySense, Inc.)
R2 JMB36X; C:\Windows\SysWOW64\XSrvSetup.exe [72304 2010-01-19] ()
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software)

==================== Drivers (Whitelisted) ====================

R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [138400 2012-08-26] (SlySoft, Inc.)
R3 AnyDVD; C:\Windows\SysWow64\Drivers\AnyDVD.sys [138400 2012-08-26] (SlySoft, Inc.)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21544 2010-04-27] ()
R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
R3 ElbyCDFL; C:\Windows\SysWow64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [132608 2009-06-29] (Huawei Technologies Co., Ltd.)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2011-01-28] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2012-11-30] (Duplex Secure Ltd.)
S1 UimBus; C:\Windows\System32\DRIVERS\uimx64.sys [59184 2011-11-17] (Windows (R) 2000 DDK provider)
S1 Uim_IM; C:\Windows\System32\Drivers\Uim_IMx64.sys [572336 2011-11-17] (Paragon)
S1 Uim_VIM; C:\Windows\System32\Drivers\uim_vimx64.sys [352816 2011-11-17] (Paragon)
U3 ac7wnjjy; C:\Windows\System32\Drivers\ac7wnjjy.sys [0 ] (Advanced Micro Devices)
S3 ALSysIO; \??\C:\Users\MUNFRO~1\AppData\Local\Temp\ALSysIO64.sys [x]
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-07 16:29 - 2014-01-07 16:29 - 00104352 _____ C:\ComboFix.txt
2014-01-07 16:10 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2014-01-07 16:10 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2014-01-07 16:10 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-01-07 16:10 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-01-07 16:10 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-01-07 16:10 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2014-01-07 16:10 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2014-01-07 16:10 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2014-01-07 16:08 - 2014-01-07 16:29 - 00000000 ____D C:\Qoobox
2014-01-07 16:07 - 2014-01-07 16:28 - 00000000 ____D C:\Windows\erdnt
2014-01-07 16:01 - 2014-01-07 16:02 - 00000000 ____D C:\AdwCleaner
2014-01-07 15:58 - 2014-01-07 15:59 - 05160001 ____R (Swearware) C:\Users\Munfrosch\Downloads\ComboFix.exe
2014-01-07 15:58 - 2014-01-07 15:58 - 01233962 _____ C:\Users\Munfrosch\Downloads\adwcleaner.exe
2014-01-06 23:33 - 2014-01-06 23:33 - 04101441 _____ C:\Users\Munfrosch\Downloads\tdsskiller.zip
2014-01-06 23:33 - 2014-01-06 23:33 - 00000000 ____D C:\Users\Munfrosch\Downloads\tdsskiller
2014-01-06 23:32 - 2014-01-06 23:32 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Munfrosch\Downloads\tdsskiller.exe
2014-01-06 23:16 - 2014-01-06 23:17 - 00032069 _____ C:\Users\Munfrosch\Downloads\Addition.txt
2014-01-06 23:15 - 2014-01-07 16:30 - 00011078 _____ C:\Users\Munfrosch\Downloads\FRST.txt
2014-01-06 23:15 - 2014-01-06 23:15 - 01931762 _____ (Farbar) C:\Users\Munfrosch\Downloads\FRST64.exe
2014-01-06 23:15 - 2014-01-06 23:15 - 00000000 ____D C:\FRST
2014-01-04 13:20 - 2014-01-07 09:27 - 00000096 ____H C:\Users\Munfrosch\Documents\.~lock.grepo.ods#
2014-01-01 14:16 - 2014-01-01 14:26 - 3268147200 _____ C:\Users\Munfrosch\Downloads\X17-59885.iso
2014-01-01 03:19 - 2014-01-01 03:19 - 01283094 _____ C:\Users\Munfrosch\Documents\Geiles We.bmp
2014-01-01 03:18 - 2014-01-01 03:19 - 02084934 _____ C:\Users\Munfrosch\Documents\Hübsche Maus.bmp
2014-01-01 03:18 - 2014-01-01 03:19 - 01066038 _____ C:\Users\Munfrosch\Documents\Sex Spass.bmp
2014-01-01 03:18 - 2014-01-01 03:18 - 00532950 _____ C:\Users\Munfrosch\Documents\Rauch Spass.bmp
2013-12-29 21:07 - 2014-01-04 19:08 - 00018944 _____ C:\Users\Munfrosch\Documents\panzermodelle.xls
2013-12-20 13:49 - 2013-12-20 13:49 - 00002324 _____ C:\Users\Munfrosch\Documents\karten.rar
2013-12-17 21:45 - 2013-12-17 21:45 - 00013824 _____ C:\Users\Munfrosch\Documents\modellliste.xls
2013-12-17 19:15 - 2013-12-17 21:14 - 00012376 _____ C:\Users\Munfrosch\Documents\modellliste.ods
2013-12-17 16:44 - 2013-12-17 16:44 - 03462033 _____ C:\Users\Munfrosch\Downloads\pci_filerecovery.exe
2013-12-17 16:44 - 2013-12-17 16:44 - 00001207 _____ C:\Users\Munfrosch\Desktop\PC Inspector File Recovery.lnk
2013-12-17 16:44 - 2013-12-17 16:44 - 00000000 ____D C:\Users\Munfrosch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Convar
2013-12-17 16:44 - 2013-12-17 16:44 - 00000000 ____D C:\Program Files (x86)\PC Inspector File Recovery
2013-12-17 16:41 - 2013-12-17 19:14 - 00000000 ____D C:\rescuee
2013-12-17 16:17 - 2013-12-17 16:17 - 00614784 _____ C:\Users\Munfrosch\Downloads\Recuva - CHIP-Downloader.exe
2013-12-16 14:15 - 2013-12-16 14:15 - 00002062 _____ C:\Users\Munfrosch\Downloads\install.xpi
2013-12-15 17:33 - 2013-12-15 17:33 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-12-15 17:33 - 2013-12-15 17:33 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-12-15 17:33 - 2013-12-15 17:33 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-12-15 17:33 - 2013-12-15 17:33 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-12-15 17:33 - 2013-12-15 17:33 - 00003088 _____ C:\Windows\System32\Tasks\RegOrganizerQuickLaunch
2013-12-15 17:33 - 2013-12-15 17:33 - 00001584 _____ C:\Windows\system32\rrr.lnk
2013-12-15 17:33 - 2013-12-15 17:33 - 00001170 _____ C:\Users\Munfrosch\Desktop\Reg Organizer - a PC performance improvement utility.lnk
2013-12-15 17:33 - 2013-12-15 17:33 - 00000000 ____D C:\Users\Munfrosch\AppData\Roaming\ChemTable Software
2013-12-15 17:33 - 2013-12-15 17:33 - 00000000 ____D C:\Users\Munfrosch\AppData\Local\ChemTable Software
2013-12-15 17:33 - 2013-12-15 17:33 - 00000000 ____D C:\ProgramData\Oracle
2013-12-15 17:33 - 2013-12-15 17:33 - 00000000 ____D C:\Program Files (x86)\Reg Organizer
2013-12-15 17:33 - 2013-12-15 17:33 - 00000000 ____D C:\Program Files (x86)\Java
2013-12-15 17:27 - 2013-12-15 17:28 - 24097311 _____ C:\Users\Munfrosch\Downloads\vlc-2.1.2-win32.exe
2013-12-15 17:26 - 2013-12-15 17:27 - 29040552 _____ (Oracle Corporation) C:\Users\Munfrosch\Downloads\jre-7u45-windows-i586.exe
2013-12-15 17:16 - 2013-12-15 17:38 - 00000000 ____D C:\Users\Munfrosch\AppData\Local\AnVir
2013-12-15 17:16 - 2013-12-15 17:16 - 09062640 _____ C:\Users\Munfrosch\Downloads\AnVirTaskManager.exe
2013-12-15 17:16 - 2013-12-15 17:16 - 00001082 _____ C:\Users\Munfrosch\AppData\Roaming\Microsoft\Windows\Start Menu\AnVir Task Manager.lnk
2013-12-15 17:16 - 2013-12-15 17:16 - 00001058 _____ C:\Users\UpdatusUser\Desktop\AnVir Task Manager.lnk
2013-12-15 17:16 - 2013-12-15 17:16 - 00001058 _____ C:\Users\Munfrosch\Desktop\AnVir Task Manager.lnk
2013-12-15 17:16 - 2013-12-15 17:16 - 00000000 ____D C:\Users\Munfrosch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnVir Task Manager
2013-12-15 17:16 - 2013-12-15 17:16 - 00000000 ____D C:\Program Files (x86)\AnVir Task Manager

==================== One Month Modified Files and Folders =======

2014-01-07 16:31 - 2014-01-06 23:15 - 00011078 _____ C:\Users\Munfrosch\Downloads\FRST.txt
2014-01-07 16:29 - 2014-01-07 16:29 - 00104352 _____ C:\ComboFix.txt
2014-01-07 16:29 - 2014-01-07 16:08 - 00000000 ____D C:\Qoobox
2014-01-07 16:29 - 2009-07-14 18:58 - 12320938 _____ C:\Windows\system32\perfh007.dat
2014-01-07 16:29 - 2009-07-14 18:58 - 03791974 _____ C:\Windows\system32\perfc007.dat
2014-01-07 16:29 - 2009-07-14 06:13 - 00006118 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-07 16:29 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Default
2014-01-07 16:28 - 2014-01-07 16:07 - 00000000 ____D C:\Windows\erdnt
2014-01-07 16:25 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2014-01-07 16:24 - 2011-06-26 17:16 - 00139030 _____ C:\Windows\PFRO.log
2014-01-07 16:24 - 2011-05-27 08:02 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-07 16:24 - 2011-01-28 13:25 - 00000000 ____D C:\ProgramData\NVIDIA
2014-01-07 16:24 - 2011-01-23 16:13 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2014-01-07 16:24 - 2011-01-23 16:01 - 00000144 _____ C:\service.log
2014-01-07 16:24 - 2011-01-23 15:53 - 00000000 ___RD C:\Users\Munfrosch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-07 16:24 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-07 16:24 - 2009-07-14 05:51 - 00091779 _____ C:\Windows\setupact.log
2014-01-07 16:21 - 2011-01-23 15:53 - 00000000 ____D C:\Users\Munfrosch
2014-01-07 16:11 - 2009-07-14 05:45 - 00017136 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-07 16:11 - 2009-07-14 05:45 - 00017136 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-07 16:08 - 2011-05-27 08:02 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-07 16:08 - 2009-07-14 06:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2014-01-07 16:07 - 2013-07-30 13:50 - 00000000 ____D C:\Program Files (x86)\Steam
2014-01-07 16:02 - 2014-01-07 16:01 - 00000000 ____D C:\AdwCleaner
2014-01-07 16:02 - 2011-01-23 16:19 - 00001049 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-01-07 16:02 - 2011-01-23 15:54 - 00000991 _____ C:\Users\Munfrosch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-01-07 16:02 - 2011-01-23 15:53 - 00001174 _____ C:\Users\Munfrosch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-07 15:59 - 2014-01-07 15:58 - 05160001 ____R (Swearware) C:\Users\Munfrosch\Downloads\ComboFix.exe
2014-01-07 15:58 - 2014-01-07 15:58 - 01233962 _____ C:\Users\Munfrosch\Downloads\adwcleaner.exe
2014-01-07 15:51 - 2011-03-29 20:13 - 00000000 ____D C:\Users\Munfrosch\AppData\Roaming\Skype
2014-01-07 09:27 - 2014-01-04 13:20 - 00000096 ____H C:\Users\Munfrosch\Documents\.~lock.grepo.ods#
2014-01-07 09:27 - 2013-11-30 08:30 - 00012036 _____ C:\Users\Munfrosch\Documents\grepo.ods
2014-01-06 23:33 - 2014-01-06 23:33 - 04101441 _____ C:\Users\Munfrosch\Downloads\tdsskiller.zip
2014-01-06 23:33 - 2014-01-06 23:33 - 00000000 ____D C:\Users\Munfrosch\Downloads\tdsskiller
2014-01-06 23:32 - 2014-01-06 23:32 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Munfrosch\Downloads\tdsskiller.exe
2014-01-06 23:17 - 2014-01-06 23:16 - 00032069 _____ C:\Users\Munfrosch\Downloads\Addition.txt
2014-01-06 23:15 - 2014-01-06 23:15 - 01931762 _____ (Farbar) C:\Users\Munfrosch\Downloads\FRST64.exe
2014-01-06 23:15 - 2014-01-06 23:15 - 00000000 ____D C:\FRST
2014-01-06 17:12 - 2011-02-19 23:40 - 00000000 ____D C:\Users\Munfrosch\AppData\Roaming\vlc
2014-01-04 19:08 - 2013-12-29 21:07 - 00018944 _____ C:\Users\Munfrosch\Documents\panzermodelle.xls
2014-01-02 18:54 - 2012-09-08 10:13 - 00000000 ____D C:\EBAY
2014-01-01 23:24 - 2013-02-05 15:16 - 00000000 ____D C:\Users\Munfrosch\Downloads\FILME
2014-01-01 14:26 - 2014-01-01 14:16 - 3268147200 _____ C:\Users\Munfrosch\Downloads\X17-59885.iso
2014-01-01 03:19 - 2014-01-01 03:19 - 01283094 _____ C:\Users\Munfrosch\Documents\Geiles We.bmp
2014-01-01 03:19 - 2014-01-01 03:18 - 02084934 _____ C:\Users\Munfrosch\Documents\Hübsche Maus.bmp
2014-01-01 03:19 - 2014-01-01 03:18 - 01066038 _____ C:\Users\Munfrosch\Documents\Sex Spass.bmp
2014-01-01 03:18 - 2014-01-01 03:18 - 00532950 _____ C:\Users\Munfrosch\Documents\Rauch Spass.bmp
2014-01-01 03:08 - 2012-11-04 13:07 - 00000000 ____D C:\DCIM
2013-12-29 17:04 - 2013-11-17 06:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-29 17:04 - 2012-11-03 12:31 - 00000000 ____D C:\Program Files\Recuva
2013-12-29 17:04 - 2012-10-02 15:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-20 13:49 - 2013-12-20 13:49 - 00002324 _____ C:\Users\Munfrosch\Documents\karten.rar
2013-12-17 21:45 - 2013-12-17 21:45 - 00013824 _____ C:\Users\Munfrosch\Documents\modellliste.xls
2013-12-17 21:14 - 2013-12-17 19:15 - 00012376 _____ C:\Users\Munfrosch\Documents\modellliste.ods
2013-12-17 19:14 - 2013-12-17 16:41 - 00000000 ____D C:\rescuee
2013-12-17 16:45 - 2013-04-15 16:52 - 00000000 ____D C:\Users\Munfrosch\Desktop\DESKTOP PICS
2013-12-17 16:44 - 2013-12-17 16:44 - 03462033 _____ C:\Users\Munfrosch\Downloads\pci_filerecovery.exe
2013-12-17 16:44 - 2013-12-17 16:44 - 00001207 _____ C:\Users\Munfrosch\Desktop\PC Inspector File Recovery.lnk
2013-12-17 16:44 - 2013-12-17 16:44 - 00000000 ____D C:\Users\Munfrosch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Convar
2013-12-17 16:44 - 2013-12-17 16:44 - 00000000 ____D C:\Program Files (x86)\PC Inspector File Recovery
2013-12-17 16:18 - 2012-11-03 12:31 - 00001658 _____ C:\Users\Public\Desktop\Recuva.lnk
2013-12-17 16:17 - 2013-12-17 16:17 - 00614784 _____ C:\Users\Munfrosch\Downloads\Recuva - CHIP-Downloader.exe
2013-12-16 14:15 - 2013-12-16 14:15 - 00002062 _____ C:\Users\Munfrosch\Downloads\install.xpi
2013-12-15 17:38 - 2013-12-15 17:16 - 00000000 ____D C:\Users\Munfrosch\AppData\Local\AnVir
2013-12-15 17:33 - 2013-12-15 17:33 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-12-15 17:33 - 2013-12-15 17:33 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-12-15 17:33 - 2013-12-15 17:33 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-12-15 17:33 - 2013-12-15 17:33 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-12-15 17:33 - 2013-12-15 17:33 - 00003088 _____ C:\Windows\System32\Tasks\RegOrganizerQuickLaunch
2013-12-15 17:33 - 2013-12-15 17:33 - 00001584 _____ C:\Windows\system32\rrr.lnk
2013-12-15 17:33 - 2013-12-15 17:33 - 00001170 _____ C:\Users\Munfrosch\Desktop\Reg Organizer - a PC performance improvement utility.lnk
2013-12-15 17:33 - 2013-12-15 17:33 - 00000000 ____D C:\Users\Munfrosch\AppData\Roaming\ChemTable Software
2013-12-15 17:33 - 2013-12-15 17:33 - 00000000 ____D C:\Users\Munfrosch\AppData\Local\ChemTable Software
2013-12-15 17:33 - 2013-12-15 17:33 - 00000000 ____D C:\ProgramData\Oracle
2013-12-15 17:33 - 2013-12-15 17:33 - 00000000 ____D C:\Program Files (x86)\Reg Organizer
2013-12-15 17:33 - 2013-12-15 17:33 - 00000000 ____D C:\Program Files (x86)\Java
2013-12-15 17:29 - 2013-09-21 12:31 - 00000935 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-12-15 17:28 - 2013-12-15 17:27 - 24097311 _____ C:\Users\Munfrosch\Downloads\vlc-2.1.2-win32.exe
2013-12-15 17:28 - 2012-12-19 07:49 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-15 17:28 - 2011-06-07 18:09 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-15 17:28 - 2011-05-27 08:01 - 00000000 ____D C:\Users\Munfrosch\AppData\Local\Adobe
2013-12-15 17:27 - 2013-12-15 17:26 - 29040552 _____ (Oracle Corporation) C:\Users\Munfrosch\Downloads\jre-7u45-windows-i586.exe
2013-12-15 17:16 - 2013-12-15 17:16 - 09062640 _____ C:\Users\Munfrosch\Downloads\AnVirTaskManager.exe
2013-12-15 17:16 - 2013-12-15 17:16 - 00001082 _____ C:\Users\Munfrosch\AppData\Roaming\Microsoft\Windows\Start Menu\AnVir Task Manager.lnk
2013-12-15 17:16 - 2013-12-15 17:16 - 00001058 _____ C:\Users\UpdatusUser\Desktop\AnVir Task Manager.lnk
2013-12-15 17:16 - 2013-12-15 17:16 - 00001058 _____ C:\Users\Munfrosch\Desktop\AnVir Task Manager.lnk
2013-12-15 17:16 - 2013-12-15 17:16 - 00000000 ____D C:\Users\Munfrosch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnVir Task Manager
2013-12-15 17:16 - 2013-12-15 17:16 - 00000000 ____D C:\Program Files (x86)\AnVir Task Manager
2013-12-11 03:09 - 2012-10-10 17:29 - 00002212 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-12-11 03:09 - 2011-05-27 08:02 - 00000000 ____D C:\Program Files (x86)\Google

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-11-04 05:07

==================== End Of Log ============================
--- --- ---

aharonov 07.01.2014 16:57
Hi,

Zitat:
c:\users\Munfrosch\4gb\JPEG Image (1015).jpg
c:\users\Munfrosch\4gb\JPEG Image (1248).jpg
c:\users\Munfrosch\4gb\JPEG Image (1262).jpg
Combofix hat dir da zwei Ordner mit Bildern gelöscht. Brauchst du diese noch? Dann kann ich diese problemlos wiederherstellen.

user54321 07.01.2014 17:01
wa das ist ni gut. bekomme ich die wieder? sind 3 ordner/bilder oder noch mehr?

und biste jetz schlauer oder der tab nun weg?

danke bisher ;)

aharonov 07.01.2014 17:30
Ok, dann stellen wir zuerst diese beiden Ordner mit den Bildern wieder her.
Ist nach folgendem Schritt alles wieder da?


Hinweis für Mitleser:
Folgendes ComboFix Skript ist ausschliesslich für diesen User in dieser Situtation erstellt worden.
Auf keinen Fall auf anderen Rechnern anwenden, das kann andere Systeme nachhaltig schädigen!
  • Lösche die vorhandene Combofix.exe von deinem Desktop und lade das Programm von folgenden Download-Spiegel neu herunter: Link.
  • Speichere es erneut auf den Desktop (wichtig!).
  • Drücke die {Windows} + R Taste, schreibe notepad in das Ausführen Fenster und drücke OK.
  • Kopiere nun den Text aus der folgenden Codebox komplett in das leere Textdokument.
    Code:
    DeQuarantine::
    C:\Qoobox\Quarantine\C\users\Munfrosch\4gb
    C:\Qoobox\Quarantine\C\users\Munfrosch\8gb
    Quit::
  • Speichere dies als CFScript.txt auf deinen Desktop.
  • Wichtig: Stelle deine Antiviren-Software temporär ab. Diese kann ComboFix bei der Arbeit behindern.
    Danach wieder anstellen nicht vergessen!
  • Schliesse alle anderen laufenden Programme, damit ComboFix ungehindert arbeiten kann.
  • Ziehe CFScript.txt in die ComboFix.exe wie in diesem Bild:
    http://i266.photobucket.com/albums/i.../CFScriptB.gif
  • Mache nichts am Computer, bewege nicht die Maus über das ComboFix-Fenster oder klicke in dieses hinein. Dies kann dazu führen, dass ComboFix sich aufhängt.
  • Wenn ComboFix fertig ist, wird es ein Log erstellen (C:\DeQuarantine_log.txt).
  • Bitte füge den Inhalt dieses Logs in deine Antwort ein.

user54321 07.01.2014 18:48
Bitte

C:\Qoobox\Quarantine\C\users\Munfrosch\4gb\JPEG Image (1015).jpg -> C:\users\Munfrosch\4gb\JPEG Image (1015).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\4gb\JPEG Image (1248).jpg -> C:\users\Munfrosch\4gb\JPEG Image (1248).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\4gb\JPEG Image (1262).jpg -> C:\users\Munfrosch\4gb\JPEG Image (1262).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\4gb\JPEG Image (1293).jpg -> C:\users\Munfrosch\4gb\JPEG Image (1293).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\4gb\JPEG Image (1314).jpg -> C:\users\Munfrosch\4gb\JPEG Image (1314).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\4gb\JPEG Image (1415).jpg -> C:\users\Munfrosch\4gb\JPEG Image (1415).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\4gb\JPEG Image (1725).jpg -> C:\users\Munfrosch\4gb\JPEG Image (1725).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\4gb\JPEG Image (1745).jpg -> C:\users\Munfrosch\4gb\JPEG Image (1745).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\4gb\JPEG Image (2033).jpg -> C:\users\Munfrosch\4gb\JPEG Image (2033).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\4gb\JPEG Image (2491).jpg -> C:\users\Munfrosch\4gb\JPEG Image (2491).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\4gb\JPEG Image (2597).jpg -> C:\users\Munfrosch\4gb\JPEG Image (2597).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\4gb\JPEG Image (2982).jpg -> C:\users\Munfrosch\4gb\JPEG Image (2982).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\4gb\JPEG Image (3).jpg -> C:\users\Munfrosch\4gb\JPEG Image (3).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\4gb\JPEG Image (3306).jpg -> C:\users\Munfrosch\4gb\JPEG Image (3306).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\4gb\JPEG Image (3518).jpg -> C:\users\Munfrosch\4gb\JPEG Image (3518).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\4gb\JPEG Image (3629).jpg -> C:\users\Munfrosch\4gb\JPEG Image (3629).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\4gb\JPEG Image (3951).jpg -> C:\users\Munfrosch\4gb\JPEG Image (3951).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\4gb\JPEG Image (4240).jpg -> C:\users\Munfrosch\4gb\JPEG Image (4240).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\4gb\JPEG Image (5461).jpg -> C:\users\Munfrosch\4gb\JPEG Image (5461).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\4gb\JPEG Image (589).jpg -> C:\users\Munfrosch\4gb\JPEG Image (589).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\4gb\JPEG Image (634).jpg -> C:\users\Munfrosch\4gb\JPEG Image (634).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\4gb\JPEG Image (648).jpg -> C:\users\Munfrosch\4gb\JPEG Image (648).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\4gb\JPEG Image (666).jpg -> C:\users\Munfrosch\4gb\JPEG Image (666).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\4gb\JPEG Image (736).jpg -> C:\users\Munfrosch\4gb\JPEG Image (736).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\4gb\JPEG Image (86).jpg -> C:\users\Munfrosch\4gb\JPEG Image (86).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\4gb\JPEG Image (892).jpg -> C:\users\Munfrosch\4gb\JPEG Image (892).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\4gb\JPEG Image (9290).jpg -> C:\users\Munfrosch\4gb\JPEG Image (9290).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\4gb\JPEG Image (9715).jpg -> C:\users\Munfrosch\4gb\JPEG Image (9715).jpg
28 Datei(en) kopiert
C:\Qoobox\Quarantine\C\users\Munfrosch\8gb\JPEG Image (101).jpg -> C:\users\Munfrosch\8gb\JPEG Image (101).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\8gb\JPEG Image (1029).jpg -> C:\users\Munfrosch\8gb\JPEG Image (1029).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\8gb\JPEG Image (106).jpg -> C:\users\Munfrosch\8gb\JPEG Image (106).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\8gb\JPEG Image (1071).jpg -> C:\users\Munfrosch\8gb\JPEG Image (1071).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\8gb\JPEG Image (1136).jpg -> C:\users\Munfrosch\8gb\JPEG Image (1136).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\8gb\JPEG Image (114).jpg -> C:\users\Munfrosch\8gb\JPEG Image (114).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\8gb\JPEG Image (117).jpg -> C:\users\Munfrosch\8gb\JPEG Image (117).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\8gb\JPEG Image (119).jpg -> C:\users\Munfrosch\8gb\JPEG Image (119).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\8gb\JPEG Image (124).jpg -> C:\users\Munfrosch\8gb\JPEG Image (124).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\8gb\JPEG Image (130).jpg -> C:\users\Munfrosch\8gb\JPEG Image (130).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\8gb\JPEG Image (133).jpg -> C:\users\Munfrosch\8gb\JPEG Image (133).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\8gb\JPEG Image (137).jpg -> C:\users\Munfrosch\8gb\JPEG Image (137).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\8gb\JPEG Image (139).jpg -> C:\users\Munfrosch\8gb\JPEG Image (139).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\8gb\JPEG Image (141213).jpg -> C:\users\Munfrosch\8gb\JPEG Image (141213).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\8gb\JPEG Image (144).jpg -> C:\users\Munfrosch\8gb\JPEG Image (144).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\8gb\JPEG Image (158).jpg -> C:\users\Munfrosch\8gb\JPEG Image (158).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\8gb\JPEG Image (162).jpg -> C:\users\Munfrosch\8gb\JPEG Image (162).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\8gb\JPEG Image (168).jpg -> C:\users\Munfrosch\8gb\JPEG Image (168).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\8gb\JPEG Image (190).jpg -> C:\users\Munfrosch\8gb\JPEG Image (190).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\8gb\JPEG Image (192).jpg -> C:\users\Munfrosch\8gb\JPEG Image (192).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\8gb\JPEG Image (202).jpg -> C:\users\Munfrosch\8gb\JPEG Image (202).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\8gb\JPEG Image (204).jpg -> C:\users\Munfrosch\8gb\JPEG Image (204).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\8gb\JPEG Image (207).jpg -> C:\users\Munfrosch\8gb\JPEG Image (207).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\8gb\JPEG Image (210).jpg -> C:\users\Munfrosch\8gb\JPEG Image (210).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\8gb\JPEG Image (217).jpg -> C:\users\Munfrosch\8gb\JPEG Image (217).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\8gb\JPEG Image (220).jpg -> C:\users\Munfrosch\8gb\JPEG Image (220).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\8gb\JPEG Image (224).jpg -> C:\users\Munfrosch\8gb\JPEG Image (224).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\8gb\JPEG Image (53).jpg -> C:\users\Munfrosch\8gb\JPEG Image (53).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\8gb\JPEG Image (55).jpg -> C:\users\Munfrosch\8gb\JPEG Image (55).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\8gb\JPEG Image (575).jpg -> C:\users\Munfrosch\8gb\JPEG Image (575).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\8gb\JPEG Image (58).jpg -> C:\users\Munfrosch\8gb\JPEG Image (58).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\8gb\JPEG Image (580).jpg -> C:\users\Munfrosch\8gb\JPEG Image (580).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\8gb\JPEG Image (585).jpg -> C:\users\Munfrosch\8gb\JPEG Image (585).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\8gb\JPEG Image (598).jpg -> C:\users\Munfrosch\8gb\JPEG Image (598).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\8gb\JPEG Image (60).jpg -> C:\users\Munfrosch\8gb\JPEG Image (60).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\8gb\JPEG Image (602).jpg -> C:\users\Munfrosch\8gb\JPEG Image (602).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\8gb\JPEG Image (610).jpg -> C:\users\Munfrosch\8gb\JPEG Image (610).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\8gb\JPEG Image (614).jpg -> C:\users\Munfrosch\8gb\JPEG Image (614).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\8gb\JPEG Image (625).jpg -> C:\users\Munfrosch\8gb\JPEG Image (625).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\8gb\JPEG Image (635).jpg -> C:\users\Munfrosch\8gb\JPEG Image (635).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\8gb\JPEG Image (64).jpg -> C:\users\Munfrosch\8gb\JPEG Image (64).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\8gb\JPEG Image (646).jpg -> C:\users\Munfrosch\8gb\JPEG Image (646).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\8gb\JPEG Image (648).jpg -> C:\users\Munfrosch\8gb\JPEG Image (648).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\8gb\JPEG Image (656).jpg -> C:\users\Munfrosch\8gb\JPEG Image (656).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\8gb\JPEG Image (67).jpg -> C:\users\Munfrosch\8gb\JPEG Image (67).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\8gb\JPEG Image (72).jpg -> C:\users\Munfrosch\8gb\JPEG Image (72).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\8gb\JPEG Image (76).jpg -> C:\users\Munfrosch\8gb\JPEG Image (76).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\8gb\JPEG Image (773).jpg -> C:\users\Munfrosch\8gb\JPEG Image (773).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\8gb\JPEG Image (786).jpg -> C:\users\Munfrosch\8gb\JPEG Image (786).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\8gb\JPEG Image (789).jpg -> C:\users\Munfrosch\8gb\JPEG Image (789).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\8gb\JPEG Image (792).jpg -> C:\users\Munfrosch\8gb\JPEG Image (792).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\8gb\JPEG Image (795).jpg -> C:\users\Munfrosch\8gb\JPEG Image (795).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\8gb\JPEG Image (80).jpg -> C:\users\Munfrosch\8gb\JPEG Image (80).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\8gb\JPEG Image (810).jpg -> C:\users\Munfrosch\8gb\JPEG Image (810).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\8gb\JPEG Image (835).jpg -> C:\users\Munfrosch\8gb\JPEG Image (835).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\8gb\JPEG Image (86).jpg -> C:\users\Munfrosch\8gb\JPEG Image (86).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\8gb\JPEG Image (866).jpg -> C:\users\Munfrosch\8gb\JPEG Image (866).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\8gb\JPEG Image (90).jpg -> C:\users\Munfrosch\8gb\JPEG Image (90).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\8gb\JPEG Image (905).jpg -> C:\users\Munfrosch\8gb\JPEG Image (905).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\8gb\JPEG Image (93).jpg -> C:\users\Munfrosch\8gb\JPEG Image (93).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\8gb\JPEG Image (938).jpg -> C:\users\Munfrosch\8gb\JPEG Image (938).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\8gb\JPEG Image (940).jpg -> C:\users\Munfrosch\8gb\JPEG Image (940).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\8gb\JPEG Image (943).jpg -> C:\users\Munfrosch\8gb\JPEG Image (943).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\8gb\JPEG Image (945).jpg -> C:\users\Munfrosch\8gb\JPEG Image (945).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\8gb\JPEG Image (949).jpg -> C:\users\Munfrosch\8gb\JPEG Image (949).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\8gb\JPEG Image (954).jpg -> C:\users\Munfrosch\8gb\JPEG Image (954).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\8gb\JPEG Image (963).jpg -> C:\users\Munfrosch\8gb\JPEG Image (963).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\8gb\JPEG Image (966).jpg -> C:\users\Munfrosch\8gb\JPEG Image (966).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\8gb\JPEG Image (969).jpg -> C:\users\Munfrosch\8gb\JPEG Image (969).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\8gb\JPEG Image (97).jpg -> C:\users\Munfrosch\8gb\JPEG Image (97).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\8gb\JPEG Image (972).jpg -> C:\users\Munfrosch\8gb\JPEG Image (972).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\8gb\JPEG Image (975).jpg -> C:\users\Munfrosch\8gb\JPEG Image (975).jpg
C:\Qoobox\Quarantine\C\users\Munfrosch\8gb\JPEG Image (99).jpg -> C:\users\Munfrosch\8gb\JPEG Image (99).jpg
73 Datei(en) kopiert

aharonov 07.01.2014 20:17
Ok, dann weiter. Wie läuft der Rechner? Welche Probleme bestehen noch?


Schritt 1

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
HKLM\...\Run: [a474c6d2b75d64b3ed1078b377b83c48] - "C:\Windows\svchost.exe" ..
C:\Windows\svchost.exe
Winsock: Catalog5 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 01 %SystemRoot%\System32\mswsock.dll [326144] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.




Schritt 2

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.




Schritt 3


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset




Schritt 4

Starte noch einmal FRST.
  • Ändere keine der Voreinstellungen und drücke auf Scan.
  • Wenn der Scan abgeschlossen ist, werden ein neues Logfile FRST.txt erstellt und auf dem Desktop gespeichert.
  • Poste den Inhalt dieses Logfiles bitte hier in deinen Thread.



Bitte poste in deiner nächsten Antwort:
  • Fixlog von FRST
  • Log von MBAM
  • Log von ESET
  • Log von FRST

user54321 07.01.2014 20:32
Zitat:
Zitat von aharonov (Beitrag 1227244)
Ok, dann weiter. Wie läuft der Rechner? Welche Probleme bestehen noch?

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Läuft wie vorher, Tab kam bisher noch nicht wieder.
Einfach ins FRST Haupverzeichnis oder muss das in nen speziellen Unterordner?

aharonov 07.01.2014 20:34
Zitat:
Einfach ins FRST Haupverzeichnis oder muss das in nen speziellen Unterordner?
Ins gleiche Verzeichnis, in welchem die frst64.exe liegt.
Bei dir wäre das C:\Users\Munfrosch\Downloads.

user54321 09.01.2014 17:51
FIXlog

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 08-01-2014
Ran by Munfrosch at 2014-01-08 17:29:58 Run:1
Running from C:\Users\Munfrosch\Downloads
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKLM\...\Run: [a474c6d2b75d64b3ed1078b377b83c48] - "C:\Windows\svchost.exe" ..
C:\Windows\svchost.exe
Winsock: Catalog5 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 01 %SystemRoot%\System32\mswsock.dll [326144] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\a474c6d2b75d64b3ed1078b377b83c48 => Value deleted successfully.
"C:\Windows\svchost.exe" => File/Directory not found.
Winsock: Catalog5 entry 000000000001\\LibraryPath was set successfully to %SystemRoot%\system32\NLAapi.dll
Winsock: Catalog5-x64 entry 000000000001\\LibraryPath was set successfully to %SystemRoot%\system32\NLAapi.dll

==== End of Fixlog ====

Malware AM habe beide Logs genommen

Malwarebytes Anti-Malware (Test) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.01.08.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Munfrosch :: USG [Administrator]

Schutz: Deaktiviert

08.01.2014 17:34:28
mbam-log-2014-01-08 (17-34-28).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 243823
Laufzeit: 5 Minute(n), 59 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1D2ABF6A-2B19-3E94-0991-5B5BDB7134DA} (PUP.Optional.ShoppingChip) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 9
C:\Users\Munfrosch\AppData\Roaming\eRObqcvcmht7.exe (Trojan.MSIL.Gen) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Munfrosch\Downloads\Babylon10_setup.exe (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Munfrosch\Downloads\Facebook Account Hacker v3 Setup.exe (Spyware.Password) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Munfrosch\Downloads\Facebook Hacker v1.8 Pro + Key.rar (Spyware.Password) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Munfrosch\Downloads\Facebook Password Hacker V4.0.exe (Spyware.Password) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Munfrosch\Downloads\freevideocallrecorder.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Munfrosch\Downloads\SoftonicDownloader_fuer_ashampoo-burning-studio.exe (PUP.Optional.Softonic) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Munfrosch\Downloads\SoftonicDownloader_fuer_oront-burning-kit.exe (PUP.Optional.Softonic) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Munfrosch\Downloads\Ultimate-Facebook-Hack-4.201.exe (Trojan.Facebook) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)


2014/01/08 17:31:09 +0100 USG Munfrosch MESSAGE Starting protection
2014/01/08 17:31:09 +0100 USG Munfrosch MESSAGE Protection started successfully
2014/01/08 17:31:09 +0100 USG Munfrosch MESSAGE Starting IP protection
2014/01/08 17:31:26 +0100 USG Munfrosch MESSAGE IP Protection started successfully
2014/01/08 17:31:31 +0100 USG Munfrosch MESSAGE Starting database refresh
2014/01/08 17:31:31 +0100 USG Munfrosch MESSAGE Stopping IP protection
2014/01/08 17:31:34 +0100 USG Munfrosch MESSAGE IP Protection stopped successfully
2014/01/08 17:31:37 +0100 USG Munfrosch MESSAGE Database refreshed successfully
2014/01/08 17:31:37 +0100 USG Munfrosch MESSAGE Starting IP protection
2014/01/08 17:31:39 +0100 USG Munfrosch MESSAGE IP Protection started successfully
2014/01/08 17:31:54 +0100 USG Munfrosch MESSAGE Stopping protection
2014/01/08 17:31:54 +0100 USG Munfrosch MESSAGE Protection stopped successfully
2014/01/08 17:31:54 +0100 USG Munfrosch MESSAGE Stopping IP protection
2014/01/08 17:31:54 +0100 USG Munfrosch MESSAGE IP Protection stopped successfully
2014/01/08 17:31:54 +0100 USG Munfrosch MESSAGE Protection stopped
2014/01/08 17:47:02 +0100 USG (null) MESSAGE Starting protection
2014/01/08 17:47:02 +0100 USG (null) MESSAGE Protection started successfully
2014/01/08 17:47:02 +0100 USG (null) MESSAGE Starting IP protection
2014/01/08 17:47:05 +0100 USG (null) MESSAGE IP Protection started successfully
2014/01/08 17:53:50 +0100 USG Munfrosch MESSAGE Executing scheduled update: Daily
2014/01/08 17:53:52 +0100 USG Munfrosch MESSAGE Database already up-to-date
2014/01/08 18:06:39 +0100 USG Munfrosch DETECTION C:\AdwCleaner\Quarantine\C\Program Files (x86)\Movies Toolbar\SafetyNut\safetynut.dll.vir PUP.Optional.SafetyNut.A QUARANTINE
2014/01/08 18:06:39 +0100 USG Munfrosch DETECTION C:\AdwCleaner\Quarantine\C\Program Files (x86)\Movies Toolbar\SafetyNut\safetynut.exe.vir PUP.Optional.SafetyNut.A QUARANTINE
2014/01/08 18:06:40 +0100 USG Munfrosch DETECTION C:\AdwCleaner\Quarantine\C\Program Files (x86)\Movies Toolbar\SafetyNut\SafetyNutManager.exe.vir PUP.Optional.SafetyNut.A QUARANTINE
2014/01/08 18:06:40 +0100 USG Munfrosch DETECTION C:\AdwCleaner\Quarantine\C\Program Files (x86)\Movies Toolbar\SafetyNut\safetynut_ie.dll.vir PUP.Optional.SafetyNut.A QUARANTINE
2014/01/08 18:06:40 +0100 USG Munfrosch DETECTION C:\AdwCleaner\Quarantine\C\Program Files (x86)\Movies Toolbar\SafetyNut\x64\safetynut.dll.vir PUP.Optional.SafetyNut.A QUARANTINE
2014/01/08 18:06:40 +0100 USG Munfrosch DETECTION C:\AdwCleaner\Quarantine\C\Program Files (x86)\Movies Toolbar\SafetyNut\x64\safetynut_ie.dll.vir PUP.Optional.SafetyNut.A QUARANTINE
2014/01/08 18:07:32 +0100 USG Munfrosch MESSAGE Stopping protection
2014/01/08 18:07:32 +0100 USG Munfrosch MESSAGE Protection stopped successfully
2014/01/08 18:07:32 +0100 USG Munfrosch MESSAGE Stopping IP protection
2014/01/08 18:07:32 +0100 USG Munfrosch MESSAGE IP Protection stopped successfully
2014/01/08 18:07:32 +0100 USG Munfrosch MESSAGE Protection stopped

ESET

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=14aca2f16006dd4c9fe6df265674953c
# engine=16562
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-01-08 08:27:38
# local_time=2014-01-08 09:27:38 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776573 100 94 17082 140842708 0 0
# scanned=386259
# found=5
# cleaned=0
# scan_time=12488
sh=3AEF532A0211CE7869F0EB51E940D9E0C7CAE321 ft=1 fh=c7560653d3ee2314 vn="a variant of Win32/Adware.Yontoo.B application" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll.vir"
sh=5B498370198DBA6708D5718827A04FC4DF44EF6E ft=1 fh=6642299480f65a60 vn="probably a variant of Win32/KeyLogger.Refog.B application" ac=I fn="C:\Lokaler Datenträger\Programme\KGB\MPKView.exe"
sh=06F4792D1C27FC9CC6CAC78E2F0AFAF234BBF780 ft=1 fh=b8978c1f52bab1d5 vn="a variant of MSIL/Injector.CBD trojan" ac=I fn="C:\Qoobox\Quarantine\C\Users\Munfrosch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\a474c6d2b75d64b3ed1078b377b83c48.exe.vir"
sh=06F4792D1C27FC9CC6CAC78E2F0AFAF234BBF780 ft=1 fh=b8978c1f52bab1d5 vn="a variant of MSIL/Injector.CBD trojan" ac=I fn="C:\Qoobox\Quarantine\C\Windows\svchost.exe.vir"
sh=675F7CFBE0D96F10D8ADCC4FF390C5F2AA58ABB5 ft=1 fh=62f13d4db626b490 vn="multiple threats" ac=I fn="C:\Users\Munfrosch\Downloads\Facebook Hacker v1.8 Pro + Key\Facebook Hacker v1.8 Pro\Facebook Hacker v1.8 Pro By Anonymous.exe"

FRST
FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-01-2014 01
Ran by Munfrosch (administrator) on USG on 09-01-2014 17:44:12
Running from C:\Users\Munfrosch\Downloads
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
() C:\Program Files (x86)\Gigabyte\EasySaver\essvr.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\Windows\SysWOW64\XSrvSetup.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(StarWind Software) C:\Program Files (x86)\Alcohol 120\StarWind\StarWindServiceAE.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NEC Electronics Corporation) C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\scalc.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(VideoLAN) C:\Program Files (x86)\VLC\vlc.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10144288 2010-04-06] (Realtek Semiconductor)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496 2009-11-20] (NEC Electronics Corporation)
HKLM-x32\...\Run: [JMB36X IDE Setup] - C:\Windows\RaidTool\xInsIDE.exe [43632 2010-01-19] ()
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [CloneCDTray] - C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe [57344 2009-01-29] (SlySoft, Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKCU\...\Run: [ISUSPM Startup] - C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2005-02-17] (InstallShield Software Corporation)
HKCU\...\Run: [AlcoholAutomount] - C:\Program Files (x86)\Alcohol 120\AxAutoMntSrv.exe [33120 2010-08-20] (Alcohol Soft Development Team)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKCU\...\Run: [icq] - C:\Users\Munfrosch\AppData\Roaming\ICQM\icq.exe [28773224 2013-05-23] (ICQ)
HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1815464 2014-01-07] (Valve Corporation)
HKCU\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x95000000

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x01A970B010BBCB01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
DPF: HKLM-x32 {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Munfrosch\AppData\Roaming\Mozilla\Firefox\Profiles\p85aww12.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrchddr.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: German Dictionary - C:\Users\Munfrosch\AppData\Roaming\Mozilla\Firefox\Profiles\p85aww12.default\Extensions\de-DE@dictionaries.addons.mozilla.org
FF Extension: Adblock Plus - C:\Users\Munfrosch\AppData\Roaming\Mozilla\Firefox\Profiles\p85aww12.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

==================== Services (Whitelisted) =================

S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
S3 CGVPNCliSrvc; C:\Program Files\CyberGhost VPN\CGVPNCliService.exe [2438696 2012-04-26] (mobile concepts GmbH)
R2 ES lite Service; C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE [68136 2009-08-24] ()
S2 HDDlife HDD Access service; C:\Program Files (x86)\Common Files\BinarySense\hldasvc.exe [1836912 2012-11-27] (BinarySense, Inc.)
R2 JMB36X; C:\Windows\SysWOW64\XSrvSetup.exe [72304 2010-01-19] ()
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software)

==================== Drivers (Whitelisted) ====================

R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [138400 2012-08-26] (SlySoft, Inc.)
R3 AnyDVD; C:\Windows\SysWow64\Drivers\AnyDVD.sys [138400 2012-08-26] (SlySoft, Inc.)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21544 2010-04-27] ()
R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
R3 ElbyCDFL; C:\Windows\SysWow64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [132608 2009-06-29] (Huawei Technologies Co., Ltd.)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2011-01-28] ()
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2012-11-30] (Duplex Secure Ltd.)
S1 UimBus; C:\Windows\System32\DRIVERS\uimx64.sys [59184 2011-11-17] (Windows (R) 2000 DDK provider)
S1 Uim_IM; C:\Windows\System32\Drivers\Uim_IMx64.sys [572336 2011-11-17] (Paragon)
S1 Uim_VIM; C:\Windows\System32\Drivers\uim_vimx64.sys [352816 2011-11-17] (Paragon)
U3 alt08szi; C:\Windows\System32\Drivers\alt08szi.sys [0 ] (Advanced Micro Devices)
S3 ALSysIO; \??\C:\Users\MUNFRO~1\AppData\Local\Temp\ALSysIO64.sys [x]
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-09 17:44 - 2014-01-09 17:44 - 00012358 _____ C:\Users\Munfrosch\Downloads\FRST.txt
2014-01-09 17:43 - 2014-01-09 17:43 - 00000679 _____ C:\Users\Munfrosch\Downloads\eset.txt
2014-01-08 18:13 - 2014-01-09 17:07 - 00000096 ____H C:\Users\Munfrosch\Documents\.~lock.grepo.ods#
2014-01-08 17:57 - 2014-01-08 17:57 - 00000000 ____D C:\Program Files (x86)\ESET
2014-01-08 17:30 - 2014-01-08 17:30 - 00001109 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-01-08 17:30 - 2014-01-08 17:30 - 00000000 ____D C:\Users\Munfrosch\AppData\Roaming\Malwarebytes
2014-01-08 17:30 - 2014-01-08 17:30 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-08 17:30 - 2014-01-08 17:30 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-08 17:30 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-08 17:29 - 2014-01-09 17:44 - 00000000 ____D C:\Users\Munfrosch\Downloads\FRST-OlderVersion
2014-01-08 17:26 - 2014-01-08 17:26 - 02347384 _____ (ESET) C:\Users\Munfrosch\Downloads\esetsmartinstaller_enu.exe
2014-01-08 17:25 - 2014-01-08 17:25 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Munfrosch\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-07 23:53 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-01-07 23:53 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-01-07 23:53 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-01-07 23:53 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 19271168 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 14356992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 13761536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-01-07 23:28 - 2014-01-07 23:28 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-01-07 23:28 - 2014-01-07 23:28 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-01-07 23:28 - 2014-01-07 23:28 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-01-07 23:28 - 2014-01-07 23:28 - 01400416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-01-07 23:28 - 2014-01-07 23:28 - 01400416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-01-07 23:28 - 2014-01-07 23:28 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 01054720 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-01-07 23:28 - 2014-01-07 23:28 - 00905728 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00719360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00629248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00599552 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00523264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-01-07 23:28 - 2014-01-07 23:28 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-01-07 23:28 - 2014-01-07 23:28 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00270848 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00247296 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00242200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00232960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00185344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-01-07 23:28 - 2014-01-07 23:28 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-01-07 23:28 - 2014-01-07 23:28 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-01-07 23:28 - 2014-01-07 23:28 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-01-07 23:28 - 2014-01-07 23:28 - 00138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-01-07 23:28 - 2014-01-07 23:28 - 00137216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-01-07 23:28 - 2014-01-07 23:28 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-01-07 23:28 - 2014-01-07 23:28 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-01-07 23:28 - 2014-01-07 23:28 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-01-07 23:28 - 2014-01-07 23:28 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-01-07 23:28 - 2014-01-07 23:28 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-01-07 23:28 - 2014-01-07 23:28 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-01-07 23:28 - 2014-01-07 23:28 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-01-07 23:28 - 2014-01-07 23:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-01-07 23:28 - 2014-01-07 23:28 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-01-07 23:28 - 2014-01-07 23:28 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-01-07 23:28 - 2014-01-07 23:28 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-01-07 23:26 - 2014-01-07 23:33 - 00009963 _____ C:\Windows\IE10_main.log
2014-01-07 23:10 - 2014-01-07 23:10 - 00000000 ____D C:\Windows\system32\MRT
2014-01-07 23:08 - 2013-01-13 22:17 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-01-07 23:08 - 2013-01-13 22:17 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-01-07 23:08 - 2013-01-13 22:16 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-01-07 23:08 - 2013-01-13 22:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-01-07 23:08 - 2013-01-13 22:11 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-01-07 23:08 - 2013-01-13 22:11 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-01-07 23:08 - 2013-01-13 22:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-01-07 23:08 - 2013-01-13 22:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2014-01-07 23:08 - 2013-01-13 22:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-01-07 23:08 - 2013-01-13 21:35 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-01-07 23:08 - 2013-01-13 21:35 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-01-07 23:08 - 2013-01-13 21:35 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-01-07 23:08 - 2013-01-13 21:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-01-07 23:08 - 2013-01-13 21:31 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-01-07 23:08 - 2013-01-13 21:31 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-01-07 23:08 - 2013-01-13 21:31 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-01-07 23:08 - 2013-01-13 21:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-01-07 23:08 - 2013-01-13 21:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-01-07 23:08 - 2013-01-13 21:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-01-07 23:08 - 2013-01-13 21:22 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-01-07 23:08 - 2013-01-13 21:20 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-01-07 23:08 - 2013-01-13 21:09 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2014-01-07 23:08 - 2013-01-13 21:08 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2014-01-07 23:08 - 2013-01-13 20:59 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-01-07 23:08 - 2013-01-13 20:58 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-01-07 23:08 - 2013-01-13 20:54 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2014-01-07 23:08 - 2013-01-13 20:53 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2014-01-07 23:08 - 2013-01-13 20:53 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2014-01-07 23:08 - 2013-01-13 20:51 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-01-07 23:08 - 2013-01-13 20:49 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-01-07 23:08 - 2013-01-13 20:48 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2014-01-07 23:08 - 2013-01-13 20:46 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2014-01-07 23:08 - 2013-01-13 20:43 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-01-07 23:08 - 2013-01-13 20:38 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-01-07 23:08 - 2013-01-13 20:38 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2014-01-07 23:08 - 2013-01-13 20:37 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-01-07 23:08 - 2013-01-13 20:25 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2014-01-07 23:08 - 2013-01-13 20:24 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-01-07 23:08 - 2013-01-13 20:24 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2014-01-07 23:08 - 2013-01-13 20:20 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2014-01-07 23:08 - 2013-01-13 20:20 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-01-07 23:08 - 2013-01-13 20:15 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-01-07 23:08 - 2013-01-13 20:10 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-01-07 23:08 - 2013-01-13 20:02 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-01-07 23:08 - 2013-01-13 19:34 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-01-07 23:08 - 2013-01-13 19:32 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-01-07 23:08 - 2013-01-13 19:09 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-01-07 23:08 - 2013-01-13 18:26 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-01-07 23:08 - 2013-01-13 18:05 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-01-07 23:08 - 2013-01-04 07:11 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-01-07 23:08 - 2013-01-04 07:11 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-01-07 23:03 - 2013-08-02 03:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-01-07 23:03 - 2013-08-02 03:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-01-07 23:03 - 2013-08-02 03:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-01-07 23:03 - 2013-08-02 03:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2014-01-07 23:03 - 2013-08-02 03:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2014-01-07 23:03 - 2013-08-02 03:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-01-07 23:03 - 2013-08-02 03:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-01-07 23:03 - 2013-08-02 03:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-01-07 23:03 - 2013-08-02 03:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-01-07 23:03 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-01-07 23:03 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-01-07 23:03 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-01-07 23:03 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-01-07 23:03 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-01-07 23:03 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-01-07 23:03 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-01-07 23:03 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-01-07 23:03 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-01-07 23:03 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-01-07 23:03 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-01-07 23:03 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-01-07 23:03 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-01-07 23:03 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-01-07 23:03 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-01-07 23:03 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-01-07 23:03 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-01-07 23:03 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-01-07 23:03 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-01-07 23:03 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-01-07 23:03 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-01-07 23:03 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-01-07 23:03 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-01-07 23:03 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-01-07 23:03 - 2013-08-02 02:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-01-07 23:03 - 2013-08-02 02:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-01-07 23:03 - 2013-08-02 02:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2014-01-07 23:03 - 2013-08-02 02:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2014-01-07 23:03 - 2013-08-02 02:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2014-01-07 23:03 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2014-01-07 23:03 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2014-01-07 23:03 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2014-01-07 23:03 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2014-01-07 23:03 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2014-01-07 23:03 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2014-01-07 23:03 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2014-01-07 23:03 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2014-01-07 23:03 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2014-01-07 23:03 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2014-01-07 23:03 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2014-01-07 23:03 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2014-01-07 23:03 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-01-07 23:03 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2014-01-07 23:03 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2014-01-07 23:03 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2014-01-07 23:03 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2014-01-07 23:03 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2014-01-07 23:03 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2014-01-07 23:03 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2014-01-07 23:03 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2014-01-07 23:03 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2014-01-07 23:03 - 2013-08-02 02:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-01-07 23:03 - 2013-08-02 01:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-01-07 23:03 - 2013-08-02 01:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2014-01-07 23:03 - 2013-08-02 01:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2014-01-07 23:03 - 2013-08-02 01:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2014-01-07 23:03 - 2013-08-02 01:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2014-01-07 23:02 - 2013-09-08 03:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-01-07 23:02 - 2013-09-08 03:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2014-01-07 23:02 - 2013-09-08 03:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2014-01-07 23:02 - 2013-08-29 03:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-01-07 23:02 - 2013-08-29 03:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-01-07 23:02 - 2013-08-29 03:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2014-01-07 23:02 - 2013-08-29 03:16 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-01-07 23:02 - 2013-08-29 03:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2014-01-07 23:02 - 2013-08-29 02:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-01-07 23:02 - 2013-08-29 02:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-01-07 23:02 - 2013-08-29 02:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-01-07 23:02 - 2013-08-29 02:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2014-01-07 23:02 - 2013-08-29 02:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-01-07 23:02 - 2013-08-29 02:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2014-01-07 23:02 - 2013-08-29 01:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-01-07 23:02 - 2013-08-29 01:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-01-07 23:02 - 2013-08-29 01:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-01-07 23:02 - 2013-08-29 01:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-01-07 23:02 - 2013-07-09 06:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-01-07 23:02 - 2013-07-09 05:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-01-07 23:02 - 2013-04-26 00:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2014-01-07 23:02 - 2013-03-31 23:52 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-01-07 23:02 - 2013-02-27 07:02 - 00111448 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-01-07 23:02 - 2013-02-27 06:47 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-01-07 23:01 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-01-07 23:01 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-01-07 23:01 - 2013-10-30 02:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-07 23:01 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-01-07 23:01 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-01-07 23:01 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2014-01-07 23:01 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2014-01-07 23:01 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-01-07 23:01 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2014-01-07 23:01 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-01-07 23:01 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2014-01-07 23:01 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-01-07 23:01 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-01-07 23:01 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-01-07 23:01 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-01-07 23:01 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-01-07 23:01 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-01-07 23:01 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-01-07 23:01 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-01-07 23:01 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-01-07 23:01 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-01-07 23:01 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-01-07 23:01 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-01-07 23:01 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-01-07 23:01 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-01-07 23:01 - 2013-07-26 03:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-01-07 23:01 - 2013-07-26 03:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2014-01-07 23:01 - 2013-07-26 02:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-01-07 23:01 - 2013-07-26 02:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2014-01-07 23:01 - 2013-07-25 10:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-01-07 23:01 - 2013-07-25 09:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2014-01-07 23:01 - 2013-07-12 11:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2014-01-07 23:01 - 2013-07-09 06:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-01-07 23:01 - 2013-07-09 06:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-01-07 23:01 - 2013-07-09 06:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2014-01-07 23:01 - 2013-07-09 05:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-01-07 23:01 - 2013-07-09 05:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-01-07 23:01 - 2013-07-09 05:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2014-01-07 23:01 - 2013-07-04 13:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-01-07 23:01 - 2013-07-04 13:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2014-01-07 23:01 - 2013-07-04 13:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-01-07 23:01 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-01-07 23:01 - 2013-07-04 12:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-01-07 23:01 - 2013-07-04 12:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2014-01-07 23:01 - 2013-07-04 12:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2014-01-07 23:01 - 2013-07-04 11:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2014-01-07 23:01 - 2013-07-03 05:40 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys
2014-01-07 23:01 - 2013-07-03 05:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2014-01-07 23:01 - 2013-07-03 05:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2014-01-07 23:01 - 2013-06-25 23:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2014-01-07 23:01 - 2013-06-15 05:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-01-07 23:01 - 2013-06-06 06:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2014-01-07 23:01 - 2013-06-06 06:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2014-01-07 23:01 - 2013-06-06 06:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2014-01-07 23:01 - 2013-06-06 06:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2014-01-07 23:01 - 2013-06-06 05:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2014-01-07 23:01 - 2013-06-06 05:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2014-01-07 23:01 - 2013-06-06 05:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2014-01-07 23:01 - 2013-06-06 04:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2014-01-07 23:01 - 2013-06-06 04:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2014-01-07 23:01 - 2013-06-06 04:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2014-01-07 23:01 - 2013-04-12 15:45 - 01656680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-01-07 23:01 - 2013-03-19 06:53 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-01-07 23:01 - 2013-03-19 06:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2014-01-07 23:01 - 2013-02-12 05:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2014-01-07 23:00 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2014-01-07 23:00 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2014-01-07 23:00 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-01-07 23:00 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2014-01-07 23:00 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2014-01-07 23:00 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-01-07 23:00 - 2013-08-05 03:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2014-01-07 23:00 - 2013-06-04 07:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-01-07 23:00 - 2013-06-04 05:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-01-07 23:00 - 2013-05-13 06:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2014-01-07 23:00 - 2013-05-13 04:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2014-01-07 23:00 - 2013-05-13 04:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2014-01-07 23:00 - 2013-05-13 04:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2014-01-07 23:00 - 2013-05-10 06:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2014-01-07 23:00 - 2013-05-10 04:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2014-01-07 23:00 - 2013-04-26 06:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-01-07 23:00 - 2013-04-26 05:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2014-01-07 22:54 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-01-07 22:54 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-01-07 22:54 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2014-01-07 22:54 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-01-07 22:54 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-01-07 22:54 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-01-07 22:54 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2014-01-07 22:54 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2014-01-07 22:54 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-01-07 22:54 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-01-07 22:54 - 2013-08-28 02:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2014-01-07 22:53 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2014-01-07 22:53 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-01-07 22:53 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-01-07 22:53 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2014-01-07 22:53 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2014-01-07 22:53 - 2013-08-01 13:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-01-07 22:53 - 2013-07-20 11:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-01-07 22:53 - 2013-07-20 11:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-01-07 22:53 - 2013-04-10 07:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-01-07 22:53 - 2013-01-24 07:01 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-01-07 22:53 - 2011-02-03 12:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-01-07 18:22 - 2014-01-07 18:22 - 00011374 _____ C:\DeQuarantine.txt
2014-01-07 18:22 - 2014-01-07 18:22 - 00000000 ____D C:\Users\Munfrosch\8gb
2014-01-07 18:22 - 2014-01-07 18:22 - 00000000 ____D C:\Users\Munfrosch\4gb
2014-01-07 18:21 - 2014-01-07 18:22 - 00000000 ___SD C:\ComboFix
2014-01-07 16:10 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2014-01-07 16:10 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2014-01-07 16:10 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-01-07 16:10 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-01-07 16:10 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2014-01-07 16:10 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2014-01-07 16:10 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2014-01-07 16:08 - 2014-01-07 18:22 - 00000000 ____D C:\Qoobox
2014-01-07 16:07 - 2014-01-07 16:28 - 00000000 ____D C:\Windows\erdnt
2014-01-07 16:01 - 2014-01-07 16:02 - 00000000 ____D C:\AdwCleaner
2014-01-07 15:58 - 2014-01-07 18:01 - 05160001 ____R (Swearware) C:\Users\Munfrosch\Desktop\ComboFix.exe
2014-01-07 15:58 - 2014-01-07 15:58 - 01233962 _____ C:\Users\Munfrosch\Downloads\adwcleaner.exe
2014-01-06 23:33 - 2014-01-06 23:33 - 04101441 _____ C:\Users\Munfrosch\Downloads\tdsskiller.zip
2014-01-06 23:33 - 2014-01-06 23:33 - 00000000 ____D C:\Users\Munfrosch\Downloads\tdsskiller
2014-01-06 23:32 - 2014-01-06 23:32 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Munfrosch\Downloads\tdsskiller.exe
2014-01-06 23:15 - 2014-01-09 17:44 - 01931770 _____ (Farbar) C:\Users\Munfrosch\Downloads\FRST64.exe
2014-01-06 23:15 - 2014-01-09 17:44 - 00000000 ____D C:\FRST
2014-01-01 14:16 - 2014-01-01 14:26 - 3268147200 _____ C:\Users\Munfrosch\Downloads\X17-59885.iso
2014-01-01 03:19 - 2014-01-01 03:19 - 01283094 _____ C:\Users\Munfrosch\Documents\Geiles We.bmp
2014-01-01 03:18 - 2014-01-01 03:19 - 02084934 _____ C:\Users\Munfrosch\Documents\Hübsche Maus.bmp
2014-01-01 03:18 - 2014-01-01 03:19 - 01066038 _____ C:\Users\Munfrosch\Documents\Sex Spass.bmp
2014-01-01 03:18 - 2014-01-01 03:18 - 00532950 _____ C:\Users\Munfrosch\Documents\Rauch Spass.bmp
2013-12-29 21:07 - 2014-01-04 19:08 - 00018944 _____ C:\Users\Munfrosch\Documents\panzermodelle.xls
2013-12-20 13:49 - 2013-12-20 13:49 - 00002324 _____ C:\Users\Munfrosch\Documents\karten.rar
2013-12-17 21:45 - 2013-12-17 21:45 - 00013824 _____ C:\Users\Munfrosch\Documents\modellliste.xls
2013-12-17 19:15 - 2013-12-17 21:14 - 00012376 _____ C:\Users\Munfrosch\Documents\modellliste.ods
2013-12-17 16:44 - 2013-12-17 16:44 - 03462033 _____ C:\Users\Munfrosch\Downloads\pci_filerecovery.exe
2013-12-17 16:44 - 2013-12-17 16:44 - 00001207 _____ C:\Users\Munfrosch\Desktop\PC Inspector File Recovery.lnk
2013-12-17 16:44 - 2013-12-17 16:44 - 00000000 ____D C:\Users\Munfrosch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Convar
2013-12-17 16:44 - 2013-12-17 16:44 - 00000000 ____D C:\Program Files (x86)\PC Inspector File Recovery
2013-12-17 16:41 - 2013-12-17 19:14 - 00000000 ____D C:\rescuee
2013-12-17 16:17 - 2013-12-17 16:17 - 00614784 _____ C:\Users\Munfrosch\Downloads\Recuva - CHIP-Downloader.exe
2013-12-16 14:15 - 2013-12-16 14:15 - 00002062 _____ C:\Users\Munfrosch\Downloads\install.xpi
2013-12-15 17:33 - 2013-12-15 17:33 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-12-15 17:33 - 2013-12-15 17:33 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-12-15 17:33 - 2013-12-15 17:33 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-12-15 17:33 - 2013-12-15 17:33 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-12-15 17:33 - 2013-12-15 17:33 - 00003088 _____ C:\Windows\System32\Tasks\RegOrganizerQuickLaunch
2013-12-15 17:33 - 2013-12-15 17:33 - 00001584 _____ C:\Windows\system32\rrr.lnk
2013-12-15 17:33 - 2013-12-15 17:33 - 00001170 _____ C:\Users\Munfrosch\Desktop\Reg Organizer - a PC performance improvement utility.lnk
2013-12-15 17:33 - 2013-12-15 17:33 - 00000000 ____D C:\Users\Munfrosch\AppData\Roaming\ChemTable Software
2013-12-15 17:33 - 2013-12-15 17:33 - 00000000 ____D C:\Users\Munfrosch\AppData\Local\ChemTable Software
2013-12-15 17:33 - 2013-12-15 17:33 - 00000000 ____D C:\ProgramData\Oracle
2013-12-15 17:33 - 2013-12-15 17:33 - 00000000 ____D C:\Program Files (x86)\Reg Organizer
2013-12-15 17:33 - 2013-12-15 17:33 - 00000000 ____D C:\Program Files (x86)\Java
2013-12-15 17:27 - 2013-12-15 17:28 - 24097311 _____ C:\Users\Munfrosch\Downloads\vlc-2.1.2-win32.exe
2013-12-15 17:26 - 2013-12-15 17:27 - 29040552 _____ (Oracle Corporation) C:\Users\Munfrosch\Downloads\jre-7u45-windows-i586.exe
2013-12-15 17:16 - 2013-12-15 17:38 - 00000000 ____D C:\Users\Munfrosch\AppData\Local\AnVir
2013-12-15 17:16 - 2013-12-15 17:16 - 09062640 _____ C:\Users\Munfrosch\Downloads\AnVirTaskManager.exe
2013-12-15 17:16 - 2013-12-15 17:16 - 00001082 _____ C:\Users\Munfrosch\AppData\Roaming\Microsoft\Windows\Start Menu\AnVir Task Manager.lnk
2013-12-15 17:16 - 2013-12-15 17:16 - 00001058 _____ C:\Users\UpdatusUser\Desktop\AnVir Task Manager.lnk
2013-12-15 17:16 - 2013-12-15 17:16 - 00001058 _____ C:\Users\Munfrosch\Desktop\AnVir Task Manager.lnk
2013-12-15 17:16 - 2013-12-15 17:16 - 00000000 ____D C:\Users\Munfrosch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnVir Task Manager
2013-12-15 17:16 - 2013-12-15 17:16 - 00000000 ____D C:\Program Files (x86)\AnVir Task Manager

==================== One Month Modified Files and Folders =======

2014-01-09 17:44 - 2014-01-09 17:44 - 00012358 _____ C:\Users\Munfrosch\Downloads\FRST.txt
2014-01-09 17:44 - 2014-01-08 17:29 - 00000000 ____D C:\Users\Munfrosch\Downloads\FRST-OlderVersion
2014-01-09 17:44 - 2014-01-06 23:15 - 01931770 _____ (Farbar) C:\Users\Munfrosch\Downloads\FRST64.exe
2014-01-09 17:44 - 2014-01-06 23:15 - 00000000 ____D C:\FRST
2014-01-09 17:43 - 2014-01-09 17:43 - 00000679 _____ C:\Users\Munfrosch\Downloads\eset.txt
2014-01-09 17:39 - 2011-03-29 20:13 - 00000000 ____D C:\Users\Munfrosch\AppData\Roaming\Skype
2014-01-09 17:08 - 2011-05-27 08:02 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-09 17:07 - 2014-01-08 18:13 - 00000096 ____H C:\Users\Munfrosch\Documents\.~lock.grepo.ods#
2014-01-09 17:07 - 2013-11-30 08:30 - 00011475 _____ C:\Users\Munfrosch\Documents\grepo.ods
2014-01-09 09:10 - 2011-02-19 23:40 - 00000000 ____D C:\Users\Munfrosch\AppData\Roaming\vlc
2014-01-09 07:08 - 2011-05-27 08:02 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-08 18:01 - 2011-01-23 15:48 - 01564009 _____ C:\Windows\WindowsUpdate.log
2014-01-08 17:57 - 2014-01-08 17:57 - 00000000 ____D C:\Program Files (x86)\ESET
2014-01-08 17:54 - 2009-07-14 18:58 - 12365068 _____ C:\Windows\system32\perfh007.dat
2014-01-08 17:54 - 2009-07-14 18:58 - 03806032 _____ C:\Windows\system32\perfc007.dat
2014-01-08 17:54 - 2009-07-14 06:13 - 00006118 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-08 17:53 - 2009-07-14 05:45 - 00017136 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-08 17:53 - 2009-07-14 05:45 - 00017136 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-08 17:52 - 2013-07-30 13:50 - 00000000 ____D C:\Program Files (x86)\Steam
2014-01-08 17:51 - 2011-01-23 15:53 - 00000000 ___RD C:\Users\Munfrosch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-08 17:51 - 2011-01-23 15:53 - 00000000 ___RD C:\Users\Munfrosch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-01-08 17:50 - 2011-01-23 15:53 - 00001309 _____ C:\Users\Munfrosch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-08 17:49 - 2011-01-28 13:25 - 00000000 ____D C:\ProgramData\NVIDIA
2014-01-08 17:47 - 2011-01-23 16:01 - 00000144 _____ C:\service.log
2014-01-08 17:46 - 2011-06-26 17:16 - 00142502 _____ C:\Windows\PFRO.log
2014-01-08 17:46 - 2011-01-23 16:13 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2014-01-08 17:46 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-08 17:46 - 2009-07-14 05:51 - 00092303 _____ C:\Windows\setupact.log
2014-01-08 17:46 - 2009-07-14 05:45 - 00307072 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-08 17:42 - 2009-07-14 19:18 - 00000000 ____D C:\Program Files\Windows Journal
2014-01-08 17:42 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Windows Defender
2014-01-08 17:42 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2014-01-08 17:42 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK
2014-01-08 17:42 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR
2014-01-08 17:42 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\zh-HK
2014-01-08 17:42 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\tr-TR
2014-01-08 17:42 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2014-01-08 17:30 - 2014-01-08 17:30 - 00001109 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-01-08 17:30 - 2014-01-08 17:30 - 00000000 ____D C:\Users\Munfrosch\AppData\Roaming\Malwarebytes
2014-01-08 17:30 - 2014-01-08 17:30 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-08 17:30 - 2014-01-08 17:30 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-08 17:26 - 2014-01-08 17:26 - 02347384 _____ (ESET) C:\Users\Munfrosch\Downloads\esetsmartinstaller_enu.exe
2014-01-08 17:25 - 2014-01-08 17:25 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Munfrosch\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-07 23:41 - 2011-01-28 13:25 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2014-01-07 23:41 - 2011-01-28 13:24 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2014-01-07 23:39 - 2011-01-28 13:22 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2014-01-07 23:33 - 2014-01-07 23:26 - 00009963 _____ C:\Windows\IE10_main.log
2014-01-07 23:28 - 2014-01-07 23:28 - 19271168 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 14356992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 13761536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-01-07 23:28 - 2014-01-07 23:28 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-01-07 23:28 - 2014-01-07 23:28 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-01-07 23:28 - 2014-01-07 23:28 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-01-07 23:28 - 2014-01-07 23:28 - 01400416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-01-07 23:28 - 2014-01-07 23:28 - 01400416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-01-07 23:28 - 2014-01-07 23:28 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 01054720 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-01-07 23:28 - 2014-01-07 23:28 - 00905728 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00719360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00629248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00599552 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00523264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-01-07 23:28 - 2014-01-07 23:28 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-01-07 23:28 - 2014-01-07 23:28 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00270848 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00247296 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00242200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00232960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00185344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-01-07 23:28 - 2014-01-07 23:28 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-01-07 23:28 - 2014-01-07 23:28 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-01-07 23:28 - 2014-01-07 23:28 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-01-07 23:28 - 2014-01-07 23:28 - 00138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-01-07 23:28 - 2014-01-07 23:28 - 00137216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-01-07 23:28 - 2014-01-07 23:28 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-01-07 23:28 - 2014-01-07 23:28 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-01-07 23:28 - 2014-01-07 23:28 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-01-07 23:28 - 2014-01-07 23:28 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-01-07 23:28 - 2014-01-07 23:28 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-01-07 23:28 - 2014-01-07 23:28 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-01-07 23:28 - 2014-01-07 23:28 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-01-07 23:28 - 2014-01-07 23:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-01-07 23:28 - 2014-01-07 23:28 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-01-07 23:28 - 2014-01-07 23:28 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-01-07 23:28 - 2014-01-07 23:28 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-01-07 23:28 - 2014-01-07 23:28 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-01-07 23:12 - 2014-01-07 23:10 - 00000000 ____D C:\Windows\system32\MRT
2014-01-07 18:22 - 2014-01-07 18:22 - 00011374 _____ C:\DeQuarantine.txt
2014-01-07 18:22 - 2014-01-07 18:22 - 00000000 ____D C:\Users\Munfrosch\8gb
2014-01-07 18:22 - 2014-01-07 18:22 - 00000000 ____D C:\Users\Munfrosch\4gb
2014-01-07 18:22 - 2014-01-07 18:21 - 00000000 ___SD C:\ComboFix
2014-01-07 18:22 - 2014-01-07 16:08 - 00000000 ____D C:\Qoobox
2014-01-07 18:22 - 2011-01-23 15:53 - 00000000 ____D C:\Users\Munfrosch
2014-01-07 18:09 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2014-01-07 18:01 - 2014-01-07 15:58 - 05160001 ____R (Swearware) C:\Users\Munfrosch\Desktop\ComboFix.exe
2014-01-07 16:29 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Default
2014-01-07 16:28 - 2014-01-07 16:07 - 00000000 ____D C:\Windows\erdnt
2014-01-07 16:08 - 2009-07-14 06:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2014-01-07 16:02 - 2014-01-07 16:01 - 00000000 ____D C:\AdwCleaner
2014-01-07 16:02 - 2011-01-23 16:19 - 00001049 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-01-07 15:58 - 2014-01-07 15:58 - 01233962 _____ C:\Users\Munfrosch\Downloads\adwcleaner.exe
2014-01-06 23:33 - 2014-01-06 23:33 - 04101441 _____ C:\Users\Munfrosch\Downloads\tdsskiller.zip
2014-01-06 23:33 - 2014-01-06 23:33 - 00000000 ____D C:\Users\Munfrosch\Downloads\tdsskiller
2014-01-06 23:32 - 2014-01-06 23:32 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Munfrosch\Downloads\tdsskiller.exe
2014-01-04 19:08 - 2013-12-29 21:07 - 00018944 _____ C:\Users\Munfrosch\Documents\panzermodelle.xls
2014-01-02 18:54 - 2012-09-08 10:13 - 00000000 ____D C:\EBAY
2014-01-01 23:24 - 2013-02-05 15:16 - 00000000 ____D C:\Users\Munfrosch\Downloads\FILME
2014-01-01 14:26 - 2014-01-01 14:16 - 3268147200 _____ C:\Users\Munfrosch\Downloads\X17-59885.iso
2014-01-01 03:19 - 2014-01-01 03:19 - 01283094 _____ C:\Users\Munfrosch\Documents\Geiles We.bmp
2014-01-01 03:19 - 2014-01-01 03:18 - 02084934 _____ C:\Users\Munfrosch\Documents\Hübsche Maus.bmp
2014-01-01 03:19 - 2014-01-01 03:18 - 01066038 _____ C:\Users\Munfrosch\Documents\Sex Spass.bmp
2014-01-01 03:18 - 2014-01-01 03:18 - 00532950 _____ C:\Users\Munfrosch\Documents\Rauch Spass.bmp
2014-01-01 03:08 - 2012-11-04 13:07 - 00000000 ____D C:\DCIM
2013-12-29 17:04 - 2013-11-17 06:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-29 17:04 - 2012-11-03 12:31 - 00000000 ____D C:\Program Files\Recuva
2013-12-29 17:04 - 2012-10-02 15:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-20 13:49 - 2013-12-20 13:49 - 00002324 _____ C:\Users\Munfrosch\Documents\karten.rar
2013-12-17 21:45 - 2013-12-17 21:45 - 00013824 _____ C:\Users\Munfrosch\Documents\modellliste.xls
2013-12-17 21:14 - 2013-12-17 19:15 - 00012376 _____ C:\Users\Munfrosch\Documents\modellliste.ods
2013-12-17 19:14 - 2013-12-17 16:41 - 00000000 ____D C:\rescuee
2013-12-17 16:45 - 2013-04-15 16:52 - 00000000 ____D C:\Users\Munfrosch\Desktop\DESKTOP PICS
2013-12-17 16:44 - 2013-12-17 16:44 - 03462033 _____ C:\Users\Munfrosch\Downloads\pci_filerecovery.exe
2013-12-17 16:44 - 2013-12-17 16:44 - 00001207 _____ C:\Users\Munfrosch\Desktop\PC Inspector File Recovery.lnk
2013-12-17 16:44 - 2013-12-17 16:44 - 00000000 ____D C:\Users\Munfrosch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Convar
2013-12-17 16:44 - 2013-12-17 16:44 - 00000000 ____D C:\Program Files (x86)\PC Inspector File Recovery
2013-12-17 16:18 - 2012-11-03 12:31 - 00001658 _____ C:\Users\Public\Desktop\Recuva.lnk
2013-12-17 16:17 - 2013-12-17 16:17 - 00614784 _____ C:\Users\Munfrosch\Downloads\Recuva - CHIP-Downloader.exe
2013-12-16 14:15 - 2013-12-16 14:15 - 00002062 _____ C:\Users\Munfrosch\Downloads\install.xpi
2013-12-15 17:38 - 2013-12-15 17:16 - 00000000 ____D C:\Users\Munfrosch\AppData\Local\AnVir
2013-12-15 17:33 - 2013-12-15 17:33 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-12-15 17:33 - 2013-12-15 17:33 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-12-15 17:33 - 2013-12-15 17:33 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-12-15 17:33 - 2013-12-15 17:33 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-12-15 17:33 - 2013-12-15 17:33 - 00003088 _____ C:\Windows\System32\Tasks\RegOrganizerQuickLaunch
2013-12-15 17:33 - 2013-12-15 17:33 - 00001584 _____ C:\Windows\system32\rrr.lnk
2013-12-15 17:33 - 2013-12-15 17:33 - 00001170 _____ C:\Users\Munfrosch\Desktop\Reg Organizer - a PC performance improvement utility.lnk
2013-12-15 17:33 - 2013-12-15 17:33 - 00000000 ____D C:\Users\Munfrosch\AppData\Roaming\ChemTable Software
2013-12-15 17:33 - 2013-12-15 17:33 - 00000000 ____D C:\Users\Munfrosch\AppData\Local\ChemTable Software
2013-12-15 17:33 - 2013-12-15 17:33 - 00000000 ____D C:\ProgramData\Oracle
2013-12-15 17:33 - 2013-12-15 17:33 - 00000000 ____D C:\Program Files (x86)\Reg Organizer
2013-12-15 17:33 - 2013-12-15 17:33 - 00000000 ____D C:\Program Files (x86)\Java
2013-12-15 17:29 - 2013-09-21 12:31 - 00000935 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-12-15 17:28 - 2013-12-15 17:27 - 24097311 _____ C:\Users\Munfrosch\Downloads\vlc-2.1.2-win32.exe
2013-12-15 17:28 - 2012-12-19 07:49 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-15 17:28 - 2011-06-07 18:09 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-15 17:28 - 2011-05-27 08:01 - 00000000 ____D C:\Users\Munfrosch\AppData\Local\Adobe
2013-12-15 17:27 - 2013-12-15 17:26 - 29040552 _____ (Oracle Corporation) C:\Users\Munfrosch\Downloads\jre-7u45-windows-i586.exe
2013-12-15 17:16 - 2013-12-15 17:16 - 09062640 _____ C:\Users\Munfrosch\Downloads\AnVirTaskManager.exe
2013-12-15 17:16 - 2013-12-15 17:16 - 00001082 _____ C:\Users\Munfrosch\AppData\Roaming\Microsoft\Windows\Start Menu\AnVir Task Manager.lnk
2013-12-15 17:16 - 2013-12-15 17:16 - 00001058 _____ C:\Users\UpdatusUser\Desktop\AnVir Task Manager.lnk
2013-12-15 17:16 - 2013-12-15 17:16 - 00001058 _____ C:\Users\Munfrosch\Desktop\AnVir Task Manager.lnk
2013-12-15 17:16 - 2013-12-15 17:16 - 00000000 ____D C:\Users\Munfrosch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnVir Task Manager
2013-12-15 17:16 - 2013-12-15 17:16 - 00000000 ____D C:\Program Files (x86)\AnVir Task Manager
2013-12-11 03:09 - 2012-10-10 17:29 - 00002212 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-12-11 03:09 - 2011-05-27 08:02 - 00000000 ____D C:\Program Files (x86)\Google

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-11-04 05:07

==================== End Of Log ============================
--- --- ---

--- --- ---


DANKE SOWEIT SCHON VIELMALS!!!!!!!! :daumenhoc

aharonov 09.01.2014 19:17
Hallo,

Zitat:
vn="probably a variant of Win32/KeyLogger.Refog.B application" ac=I fn="C:\Lokaler Datenträger\Programme\KGB\MPKView.exe"
C:\Users\Munfrosch\Downloads\Facebook Account Hacker v3 Setup.exe (Spyware.Password) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Munfrosch\Downloads\Facebook Hacker v1.8 Pro + Key.rar (Spyware.Password) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Munfrosch\Downloads\Facebook Password Hacker V4.0.exe (Spyware.Password) -> Erfolgreich gelöscht und in Quarantäne gestellt.
Du hast da einige dieser Facebook-Hack-Tools drauf und auch einen konventionellen Keylogger.. Wird das bewusst von dir verwendet?

Wie läuft der Rechner jetzt? Welche Probleme bestehen noch?

user54321 09.01.2014 19:21
Das FB Zeug kann wech, KGB war testweise -> auch weg!
Bisher läufts, aber des Tab kam schon 2x blieb aber weiß

aharonov 09.01.2014 19:31
Zitat:
Das FB Zeug kann wech, KGB war testweise -> auch weg!
Alles klar, wollte nur sichergehen, dass du das bewusst nutzt und nicht untergeschoben bekommen hast.

Setz den Firefox zurück: https://support.mozilla.org/de/kb/fi...einfach-loesen
Ist danach alles in Ordnung?

user54321 09.01.2014 20:20
Ist der FB und KGB Mist weg oder noch da?
Ja habe zurück gesetzt, jetzt beobachten. Hoffe es ist nix weg dadurch

aharonov 09.01.2014 21:10
Ok, behalt das mal im Auge und melde dich dann wieder, ob es definitv weg ist oder wieder kommt.


Dann noch die Funde löschen:


Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
C:\Users\Munfrosch\Downloads\Facebook Hacker v1.8 Pro + Key
C:\Lokaler Datenträger\Programme\KGB

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.


user54321 10.01.2014 20:50
Naja dafür ist im Firefox die letzten Sitzung nun weg und bekomme die Tabs wohl nicht mehr wieder oder?

Das andere mach ich dann ;)

Bitte

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 10-01-2014
Ran by Munfrosch at 2014-01-10 20:49:18 Run:2
Running from C:\Users\Munfrosch\Downloads
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
C:\Users\Munfrosch\Downloads\Facebook Hacker v1.8 Pro + Key
C:\Lokaler Datenträger\Programme\KGB
*****************

"C:\Users\Munfrosch\Downloads\Facebook Hacker v1.8 Pro + Key" => File/Directory not found.
C:\Lokaler Datenträger\Programme\KGB => Moved successfully.

==== End of Fixlog ====

aharonov 10.01.2014 20:51
Zitat:
Naja dafür ist im Firefox die letzten Sitzung nun weg und bekomme die Tabs wohl nicht mehr wieder oder?
Ja die ist wohl weg. Aber Lesezeichen und dergleichen sollten noch vorhanden sein.

Bestehen jetzt noch irgendwelche Probleme?

user54321 10.01.2014 20:59
Bisher passt alles. Werd des erstmal 2,3 tage beobachten ok?
Diese ganzen Proggis kann ich wieder deinstallen?

aharonov 10.01.2014 21:05
Zitat:
Werd des erstmal 2,3 tage beobachten ok?
Genau, melde dich dann einfach nochmals in ein paar Tagen.

Zitat:
Diese ganzen Proggis kann ich wieder deinstallen?
Das kommt jetzt noch:


Hinweis: Kein Antivirenprogramm

Ich sehe in deinen Logfiles kein laufendes Antivirenprogramm mit Hintergrundwächter.

Das ist gefährlich. Auch wenn so ein Wächter niemals alle Bedrohungen abwehren kann, ist er doch ein wichtiger Bestandteil, um den Rechner sauber zu halten.
Downloade und installiere bitte ein Antivirenprogramm mit Hintergrundwächter.

Wenn du ein kommerzielles Produkt kaufen möchtest, kann ich dir Emsisoft empfehlen:Die Freeware-Version davon reicht aber nicht, denn die hat keinen Echtzeitschutz.

Bevorzugst du ein kostenloses Programm, dann sind das zwei mögliche Vorschläge:



Cleanup

Zum Schluss werden wir jetzt noch unsere Tools (inklusive der Quarantäne-Ordner) wegräumen, die verseuchten Systemwiederherstellungspunkte löschen und alle Einstellungen wieder herrichten. Auch diese Schritte sind noch wichtig und sollten in der angegebenen Reihenfolge ausgeführt werden.
  1. Deaktiviere jetzt temporär das Antivirenprogramm, benenne bei der auf dem Desktop vorhandenen Combofix.exe das "Combofix" im Dateinamen um in Uninstall und führe sie mit Doppelklick aus.
  2. Bei MBAM würd ich dir unbedingt empfehlen, es zu behalten und wöchentlich einen Quick-Scan durchzuführen. Wenn du es nicht weiter verwenden möchtest, kannst du es jetzt normal über die Systemsteuerung deinstallieren.
  3. Auch den ESET Online Scanner kannst du behalten, um ab und zu (monatlich) für eine Zweitmeinung dein System damit zu scannen. Falls du ESET deinstallieren möchtest, dann kannst du das ebenfalls über die Systemsteuerung tun.
  4. Downloade dir bitte auf jeden Fall DelFix auf deinen Desktop.
    • Schliesse alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • DelFix entfernt u.a. alle von uns verwendeten Programme und löscht sich anschliessend selbst.
  5. Wenn jetzt noch etwas übriggeblieben ist, dann kannst du es einfach manuell löschen.




>> OK <<
Wir sind durch, deine Logs sehen für mich im Moment sauber aus. :daumenhoc

Ich habe dir nachfolgend ein paar Hinweise und Tipps zusammengestellt, die dazu beitragen sollen, dass du in Zukunft unsere Hilfe nicht mehr brauchen wirst.

Bitte gib mir danach noch eine kurze Rückmeldung, wenn auch von deiner Seite keine Probleme oder Fragen mehr offen sind, damit ich dieses Thema als erledigt betrachten kann.




Epilog: Tipps, Dos & Don'ts

Aktualität von System und Software

Das Betriebsystem Windows muss zwingend immer auf dem neusten Stand sein. Stelle sicher, dass die automatischen Updates aktiviert sind:
  • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
  • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren

Auch die installierte Software sollte immer in der aktuellsten Version vorliegen.
Speziell gilt das für den Browser, Java, Flash-Player und PDF-Reader, denn bekannte Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim blossen Besuch einer präparierten Website per Drive-by Download Malware zu installieren. Das kann sogar auf normalerweise legitimen Websites geschehen, wenn es einem Angreifer gelungen ist, seinen Code in die Seite einzuschleusen, und ist deshalb relativ unberechenbar.
  • Mit diesem kleinen Plugin-Check kannst du regelmässig diese Komponenten auf deren Aktualität überprüfen.
  • Achte auch darauf, dass alte, nicht mehr verwendete Versionen deinstalliert sind.
  • Optional: Das Programm Secunia Personal Software Inspector kann dich dabei unterstützen, stets die aktuellen Versionen sämtlicher installierter Software zu nutzen.

Sicherheits-Software

Eine Bemerkung vorneweg: Jede Softwarelösung hat ihre Schwächen. Die gesamte Verantwortung für die Sicherheit auf Software zu übertragen und einen Rundum-Schutz zu erwarten, wäre eine gefährliche Illusion. Bei unbedachtem oder bewusst risikoreichem Verhalten wird auch das beste Programm früher oder später seinen Dienst versagen (z.B. ein Virenscanner, der eine verseuchte Datei nicht erkennt).
Trotzdem ist entsprechende Software natürlich wichtig und hilft dir in Kombination mit einem gut gewarteten (up-to-date) System und durchdachtem Verhalten, deinen Rechner sauber zu halten.
  • Nutze einen Virenscanner mit Hintergrundwächter mit stets aktueller Datenbank. Welches Produkt gewählt wird, spielt keine so entscheidende Rolle. Wenn du ein kommerzielles Programm kaufen möchtest, kann ich dir Emsisoft Anti-Malware empfehlen (die Freeware-Version davon reicht aber nicht, denn die hat keinen Hintergrundwächter). Bevorzugst du ein kostenloses Produkt, dann ist Avast! Free Antivirus eine gute Alternative.
    Betreibe aber keinesfalls zwei Wächter parallel, die würden sich gegenseitig behindern.
  • Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.
  • Zusätzlich zum Virenscanner kannst du dein System regelmässig mit einem On-Demand Antimalwareprogramm scannen. Empfehlenswert ist die Free-Version von Malwarebytes Anti-Malware. Vor jedem Scan die Datenbank updaten.
  • Optional: Das Programm Sandboxie führt Anwendungen in einer isolierten Umgebung ("Sandkasten") aus, so dass keine Änderungen am System vorgenommen werden können. Wenn du deinen Browser darin startest, vermindert sich die Chance, dass beim Surfen eingefangene Malware sich dauerhaft im System festsetzen kann.
  • Optional: Das Addon WOT (web of trust) warnt dich vor einer als schädlich gemeldeten Website, bevor sie geladen wird. Für verschiedene Browser erhältlich.

Es liegt in der Natur der Sache, dass die am weitesten verbreitete Anwendungs-Software auch am häufigsten von Malware-Autoren attackiert wird. Es kann daher bereits einen kleinen Sicherheitsgewinn darstellen, wenn man alternative Software (z.B. einen alternativen PDF Reader) benutzt.
Anstelle des Internet Explorers kann man beispielsweise den Mozilla Firefox einsetzen, für welchen es zwei nützliche Addons zur Empfehlung gibt:
  • NoScript verhindert standardmässig das Ausführen von aktiven Inhalten (Java, JavaScript, Flash, ..) für sämtliche Websites. Du kannst selber nach dem Prinzip einer Whitelist festlegen, welchen Seiten du vertrauen und Scripts erlauben willst, auch temporär.
  • Adblock Plus blockt die meisten Werbebanner weg. Solche Banner können nebst ihrer störenden Erscheinung auch als Infektionsherde fungieren.

(Un-)Sicheres Verhalten im Internet

Nebst unbemerkten Drive-by Installationen wird Malware aber auch oft mehr oder weniger aktiv vom Benutzer selbst installiert.

Der Besuch zwielichtiger Websites kann bereits Risiken bergen. Und Downloads aus dubiosen Quellen sind immer russisches Roulette. Auch wenn der Virenscanner im Moment darin keine Bedrohung erkennt, muss das nichts bedeuten.
  • Illegale Cracks, Keygens und Serials sind ein ausgesprochen einfacher (und ein beliebter) Weg, um Malware zu verbreiten.
  • Bei Dateien aus Peer-to-Peer- und Filesharingprogrammen oder von Filehostern kannst du dir nie sicher sein, ob auch wirklich drin ist, was drauf steht.

Oft wird auch versucht, den Benutzer mit mehr oder weniger trickreichen Methoden dazu zu bringen, eine für ihn verhängnisvolle Handlung selbst auszuführen (Überbegriff Social Engineering).
  • Surfe mit Vorsicht und lass dich nicht von irgendwie interessant erscheinenden Elementen zu einem vorschnellen Klick verleiten. Lass dich nicht von Popups täuschen, die aussehen wie System- oder Virenmeldungen.
  • Sei skeptisch bei unerwarteten E-Mails, insbesondere wenn sie Anhänge enthalten. Auch wenn sie auf den ersten Blick authentisch wirken, persönliche Daten von dir enthalten oder vermeintlich von einem bekannten Absender stammen: Lieber nochmals in Ruhe überdenken oder nachfragen, anstatt einfach mal Links oder ausführbare Anhänge öffnen oder irgendwo deine Daten eingeben.
  • Auch in sozialen Netzwerken oder über Instant Messaging Systeme können schädliche Links oder Dateien die Runde machen. Erhältst du von einem deiner Freunde eine Nachricht, die merkwürdig ist oder so sensationell interessant oder skandalös tönt, dass man einfach draufklicken muss, dann hat bei ihm/ihr wahrscheinlich Neugier über Verstand gesiegt und du solltest nicht denselben Fehler machen.
  • Lass die Dateiendungen anzeigen, so dass du dich nicht täuschen lässt, wenn eine ausführbare Datei über ein doppelte Dateiendung kaschiert wird, z.B. Nacktfoto.jpg.exe.

Nervige Adware (Werbung) und unnötige Toolbars werden auch meist durch den Benutzer selbst mitinstalliert.
  • Lade Software in erster Priorität immer direkt vom Hersteller herunter. Viele Softwareportale (z.B. Softonic) packen noch unnützes Zeug mit in die Installation. Alternativ dazu wähle ein sauberes Portal wie Filepony oder heise.
  • Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen fürs Programm irrelevanten Ergänzungen.

Allgemeine Hinweise

Abschliessend noch ein paar grundsätzliche Bemerkungen:
  • Dein Benutzerkonto für den alltäglichen Gebrauch sollte nicht über Administratorenrechte verfügen. Nutze ein Konto mit eingeschränkten Rechten (Windows XP) bzw. aktiviere die Benutzerkontensteuerung (UAC) auf der höchsten Stufe (Windows Vista / 7).
  • Erstelle regelmässig Backups deiner Daten und Dokumente auf externen Datenträgern, bei wichtigen Dateien mindestens zweifach. Nicht nur ein Malwarebefall kann schmerzhaften Datenverlust nach sich ziehen sondern auch ein gewöhnlicher Festplattendefekt.
  • Die Autorun/Autoplay-Funktion stellt ein Risiko dar, denn sie ermöglicht es, dass beispielsweise beim Einstecken eines entsprechend infizierten USB-Sticks der Befall auf den Rechner überspringt. Überlege dir, ob du diese Funktion nicht besser deaktivieren möchtest.
  • Wähle deine Passwörter gemäss den gängigen Regeln, um besser gegen Brute-Force- und Wörterbuchattacken gewappnet zu sein. Benutze jedes deiner Passwörter nur einmal und ändere sie regelmässig.
  • Der Nutzen von Registry-Cleanern zur Performancesteigerung ist umstritten. Auf jeden Fall lässt sich damit grosser Schaden anrichten, wenn man nicht weiss, was man tut. Wir empfehlen deshalb, die Finger von der Registry zu lassen. Um von Zeit zu Zeit die temporären Dateien zu löschen, genügt TFC.

Wenn du möchtest, kannst du das Forum mit einer kleinen Spende unterstützen.
Es bleibt mir nur noch, dir unbeschwertes und sicheres Surfen zu wünschen und dass wir uns hier so bald nicht wiedersehen. ;)

user54321 10.01.2014 22:36
Avast hatte ich aber hat es zerschossen, jetzt wieder drauf!

MBAM mag aber immer frech einige nette Programme einfach so einsacken bzw in nen Modul packen was zu Freezes und Restarts führte :( Oder ich hols wieder lasse es aber nicht mehr mit Windows gemeinsam starten und aktiviere es nur bei Bedarf

Firefox nutzen wir eh, IE mag ich nicht. AdB Plus ham wir längst aber Noscript ist cool danke!

Ich gebe in paar Tagen Feedback und danke vielmals!!!

A little Obolus is sendet ;)

user54321 27.01.2014 13:32
So irgendwie ist Avast seit gestern verschwunden bzw wird nicht mehr unten in der Leiste angezeigt, drücken auf die Verknüpfung ändert auch nix.

Also noch mal alles checken? Dabei war ich außer Sparkasse, GMX und ebay nirgends da ich im KH bin...

user54321 14.02.2014 18:01
Nochmal Komplettcheck bitte und Hilfe, danke bin zurück

aharonov 14.02.2014 18:14
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


...

user54321 14.02.2014 18:27
So da alter Bekannter ;-)

FRST
FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-02-2014 01
Ran by Munfrosch (administrator) on USG on 14-02-2014 18:24:45
Running from C:\Users\Munfrosch\Downloads
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
(AVAST Software) C:\Program Files\AVAST\AvastSvc.exe
() C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\Windows\SysWOW64\XSrvSetup.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(StarWind Software) C:\Program Files (x86)\Alcohol 120\StarWind\StarWindServiceAE.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(NEC Electronics Corporation) C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\Avast\AvastUI.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\system32\taskmgr.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10144288 2010-04-06] (Realtek Semiconductor)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496 2009-11-20] (NEC Electronics Corporation)
HKLM-x32\...\Run: [JMB36X IDE Setup] - C:\Windows\RaidTool\xInsIDE.exe [43632 2010-01-19] ()
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [CloneCDTray] - C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe [57344 2009-01-29] (SlySoft, Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST\AvastUI.exe [3568312 2014-01-10] (AVAST Software)
HKU\S-1-5-21-434874503-2144557703-4265496468-1000\...\Run: [ISUSPM Startup] - C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2005-02-17] (InstallShield Software Corporation)
HKU\S-1-5-21-434874503-2144557703-4265496468-1000\...\Run: [AlcoholAutomount] - C:\Program Files (x86)\Alcohol 120\AxAutoMntSrv.exe [33120 2010-08-20] (Alcohol Soft Development Team)
HKU\S-1-5-21-434874503-2144557703-4265496468-1000\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-434874503-2144557703-4265496468-1000\...\Run: [icq] - C:\Users\Munfrosch\AppData\Roaming\ICQM\icq.exe [28773224 2013-05-23] (ICQ)
HKU\S-1-5-21-434874503-2144557703-4265496468-1000\...\Run: [Steam] - C:\Program Files (x86)\Steam\steam.exe [1824000 2014-02-11] (Valve Corporation)
HKU\S-1-5-21-434874503-2144557703-4265496468-1000\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x95000000
HKU\S-1-5-21-434874503-2144557703-4265496468-1001\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-434874503-2144557703-4265496468-1001\...\Run: [Steam] - "C:\Program Files (x86)\SPIELE\Steam.exe" -silent
HKU\S-1-5-21-434874503-2144557703-4265496468-1001\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10v_Plugin.exe -update plugin
HKU\S-1-5-21-434874503-2144557703-4265496468-1001\...\MountPoints2: {067a24d7-2ada-11e0-844f-1c6f65845c1c} - H:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-434874503-2144557703-4265496468-1001\...\MountPoints2: {33c3550f-b934-11e0-ae42-1c6f65845c1c} - F:\SETUP.EXE
HKU\S-1-5-21-434874503-2144557703-4265496468-1001\...\MountPoints2: {3bdf744c-2703-11e0-8885-806e6f6e6963} - E:\Autorun.exe
HKU\S-1-5-21-434874503-2144557703-4265496468-1001\...\MountPoints2: {3bdf7460-2703-11e0-8885-1c6f65845c1c} - E:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-434874503-2144557703-4265496468-1001\...\MountPoints2: {3bdf7470-2703-11e0-8885-1c6f65845c1c} - E:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-434874503-2144557703-4265496468-1001\...\MountPoints2: {7acab6e4-26ff-11e0-b70a-806e6f6e6963} - D:\Run.exe
HKU\S-1-5-21-434874503-2144557703-4265496468-1001\...\MountPoints2: {93c08df3-beb9-11e0-9378-806e6f6e6963} - D:\Autorun.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x01A970B010BBCB01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST\aswWebRepIE.dll (AVAST Software)
DPF: HKLM-x32 {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Munfrosch\AppData\Roaming\Mozilla\Firefox\Profiles\shqitlhv.default-1389294486642
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: NoScript - C:\Users\Munfrosch\AppData\Roaming\Mozilla\Firefox\Profiles\shqitlhv.default-1389294486642\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-01-10]
FF Extension: Adblock Plus - C:\Users\Munfrosch\AppData\Roaming\Mozilla\Firefox\Profiles\shqitlhv.default-1389294486642\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-01-09]
FF Extension: Greasemonkey - C:\Users\Munfrosch\AppData\Roaming\Mozilla\Firefox\Profiles\shqitlhv.default-1389294486642\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2014-01-12]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2014-02-14]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-02-14]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-11-29]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST\WebRep\FF [2014-01-10]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-11-29]

==================== Services (Whitelisted) =================

S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 avast! Antivirus; C:\Program Files\AVAST\AvastSvc.exe [50344 2014-01-10] (AVAST Software)
S3 CGVPNCliSrvc; C:\Program Files\CyberGhost VPN\CGVPNCliService.exe [2438696 2012-04-26] (mobile concepts GmbH)
R2 ES lite Service; C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE [68136 2009-08-24] ()
S2 HDDlife HDD Access service; C:\Program Files (x86)\Common Files\BinarySense\hldasvc.exe [1836912 2012-11-27] (BinarySense, Inc.)
R2 JMB36X; C:\Windows\SysWOW64\XSrvSetup.exe [72304 2010-01-19] ()
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software)

==================== Drivers (Whitelisted) ====================

R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [138400 2012-08-26] (SlySoft, Inc.)
R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [138400 2012-08-26] (SlySoft, Inc.)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21544 2010-04-27] ()
R2 aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [38984 2014-01-10] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [84328 2014-01-10] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2014-01-10] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-01-10] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1032416 2014-01-10] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [409832 2014-01-10] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65264 2014-01-10] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [205320 2014-01-10] ()
R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [132608 2009-06-29] (Huawei Technologies Co., Ltd.)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2011-01-28] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2012-11-30] (Duplex Secure Ltd.)
S1 UimBus; C:\Windows\System32\DRIVERS\uimx64.sys [59184 2011-11-17] (Windows (R) 2000 DDK provider)
S1 Uim_IM; C:\Windows\System32\Drivers\Uim_IMx64.sys [572336 2011-11-17] (Paragon)
S1 Uim_VIM; C:\Windows\System32\Drivers\uim_vimx64.sys [352816 2011-11-17] (Paragon)
U3 a8xromi5; C:\Windows\System32\Drivers\a8xromi5.sys [0 ] (Advanced Micro Devices)
S3 ALSysIO; \??\C:\Users\MUNFRO~1\AppData\Local\Temp\ALSysIO64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-14 18:24 - 2014-02-14 18:24 - 02152960 _____ (Farbar) C:\Users\Munfrosch\Downloads\FRST64.exe
2014-02-14 18:24 - 2014-02-14 18:24 - 00015743 _____ () C:\Users\Munfrosch\Downloads\FRST.txt
2014-02-14 18:24 - 2014-02-14 18:24 - 00000000 ____D () C:\FRST
2014-02-14 18:10 - 2013-10-02 03:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-02-14 18:10 - 2013-10-02 03:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-02-14 18:10 - 2013-10-02 03:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-02-14 18:10 - 2013-10-02 02:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-02-14 18:10 - 2013-10-02 02:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-02-14 18:10 - 2013-10-02 02:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-02-14 18:10 - 2013-10-02 02:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-02-14 18:10 - 2013-10-02 01:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-02-14 18:10 - 2013-10-02 01:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-02-14 18:10 - 2013-10-02 01:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-02-14 18:10 - 2013-10-02 01:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-02-14 18:10 - 2013-10-02 01:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-02-14 18:10 - 2013-10-02 00:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-02-14 18:10 - 2013-10-02 00:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-02-14 18:10 - 2013-10-02 00:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-02-14 18:10 - 2013-10-01 23:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-02-14 18:10 - 2013-10-01 21:57 - 06578176 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-02-14 18:10 - 2013-10-01 21:55 - 05698048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-02-14 18:05 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-14 18:05 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-14 18:04 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-14 18:04 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-14 18:04 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-14 18:04 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-14 18:04 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-14 18:04 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-14 18:04 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-14 18:04 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-14 18:04 - 2014-02-06 11:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-14 18:04 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-14 18:04 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-14 18:04 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-14 18:04 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-14 18:04 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-14 18:04 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-14 18:04 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-14 18:04 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-14 18:04 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-14 18:04 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-14 18:04 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-14 18:04 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-14 18:04 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-14 18:04 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-14 18:04 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-14 18:04 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-14 18:04 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-14 18:04 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-14 18:04 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-14 18:04 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-14 18:04 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-14 18:04 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-14 18:04 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-14 18:04 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-14 18:04 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-14 18:04 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-14 18:04 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-14 18:04 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-14 18:04 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-14 18:04 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-14 18:03 - 2014-02-14 18:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-14 18:03 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-14 18:03 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-14 18:03 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-14 18:03 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-14 18:03 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-14 18:03 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-14 18:03 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-14 18:03 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-14 18:03 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-14 18:03 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-14 18:03 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-14 18:03 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-14 18:03 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-14 18:03 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-14 18:03 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-14 18:03 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-14 18:03 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-14 18:03 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-14 18:02 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-14 18:02 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-14 18:02 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-14 18:02 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-14 18:02 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-14 18:02 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-14 18:02 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-14 18:02 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-14 18:02 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-14 18:02 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-14 18:02 - 2013-09-25 03:23 - 01030144 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-02-14 18:02 - 2013-09-25 02:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-01-27 13:04 - 2014-01-27 13:04 - 00002281 _____ () C:\Users\Munfrosch\Desktop\SAVE SESSIONSTORE - Verknüpfung.lnk
2014-01-27 03:34 - 2014-01-27 03:35 - 01180448 _____ () C:\Windows\Minidump\012714-81916-01.dmp
2014-01-27 03:34 - 2014-01-27 03:34 - 628922317 _____ () C:\Windows\MEMORY.DMP
2014-01-27 02:56 - 2014-01-27 03:01 - 106954752 _____ () C:\Users\Munfrosch\Downloads\tribute720-pate.part30.rar
2014-01-27 01:56 - 2014-01-27 02:01 - 106954752 _____ () C:\Users\Munfrosch\Downloads\tribute720-pate.part29.rar
2014-01-27 00:55 - 2014-01-27 01:01 - 106954752 _____ () C:\Users\Munfrosch\Downloads\tribute720-pate.part28.rar
2014-01-26 23:55 - 2014-01-27 00:01 - 106954752 _____ () C:\Users\Munfrosch\Downloads\tribute720-pate.part27.rar
2014-01-26 22:55 - 2014-01-26 23:01 - 106954752 _____ () C:\Users\Munfrosch\Downloads\tribute720-pate.part26.rar
2014-01-26 21:55 - 2014-01-26 22:01 - 106954752 _____ () C:\Users\Munfrosch\Downloads\tribute720-pate.part25.rar
2014-01-26 20:55 - 2014-01-26 21:01 - 106954752 _____ () C:\Users\Munfrosch\Downloads\tribute720-pate.part24.rar
2014-01-26 19:55 - 2014-01-26 20:01 - 106954752 _____ () C:\Users\Munfrosch\Downloads\tribute720-pate.part23.rar
2014-01-26 18:55 - 2014-01-26 19:25 - 106954752 _____ () C:\Users\Munfrosch\Downloads\tribute720-pate.part22.rar
2014-01-26 17:55 - 2014-01-26 18:03 - 106954752 _____ () C:\Users\Munfrosch\Downloads\tribute720-pate.part21.rar
2014-01-26 15:55 - 2014-01-26 17:01 - 106954752 _____ () C:\Users\Munfrosch\Downloads\tribute720-pate.part20.rar
2014-01-26 14:55 - 2014-01-26 15:01 - 106954752 _____ () C:\Users\Munfrosch\Downloads\tribute720-pate.part19.rar
2014-01-26 13:55 - 2014-01-26 14:01 - 106954752 _____ () C:\Users\Munfrosch\Downloads\tribute720-pate.part18.rar
2014-01-26 12:55 - 2014-01-26 13:00 - 106954752 _____ () C:\Users\Munfrosch\Downloads\tribute720-pate.part17.rar
2014-01-26 11:55 - 2014-01-26 12:00 - 106954752 _____ () C:\Users\Munfrosch\Downloads\tribute720-pate.part16.rar
2014-01-26 10:55 - 2014-01-26 11:00 - 106954752 _____ () C:\Users\Munfrosch\Downloads\tribute720-pate.part15.rar
2014-01-26 09:54 - 2014-01-26 10:00 - 106954752 _____ () C:\Users\Munfrosch\Downloads\tribute720-pate.part14.rar
2014-01-26 08:54 - 2014-01-26 09:00 - 106954752 _____ () C:\Users\Munfrosch\Downloads\tribute720-pate.part13.rar
2014-01-26 07:54 - 2014-01-26 08:04 - 106954752 _____ () C:\Users\Munfrosch\Downloads\tribute720-pate.part12.rar
2014-01-26 06:54 - 2014-01-26 07:00 - 106954752 _____ () C:\Users\Munfrosch\Downloads\tribute720-pate.part11.rar
2014-01-26 05:54 - 2014-01-26 06:00 - 106954752 _____ () C:\Users\Munfrosch\Downloads\tribute720-pate.part10.rar
2014-01-26 04:54 - 2014-01-26 05:00 - 106954752 _____ () C:\Users\Munfrosch\Downloads\tribute720-pate.part09.rar
2014-01-26 03:54 - 2014-01-26 04:00 - 106954752 _____ () C:\Users\Munfrosch\Downloads\tribute720-pate.part08.rar
2014-01-26 02:54 - 2014-01-26 03:00 - 106954752 _____ () C:\Users\Munfrosch\Downloads\tribute720-pate.part07.rar
2014-01-26 01:54 - 2014-01-26 02:00 - 106954752 _____ () C:\Users\Munfrosch\Downloads\tribute720-pate.part06.rar
2014-01-26 00:54 - 2014-01-26 01:00 - 106954752 _____ () C:\Users\Munfrosch\Downloads\tribute720-pate.part05.rar
2014-01-25 23:54 - 2014-01-26 00:00 - 106954752 _____ () C:\Users\Munfrosch\Downloads\tribute720-pate.part04.rar
2014-01-25 22:54 - 2014-01-25 23:00 - 106954752 _____ () C:\Users\Munfrosch\Downloads\tribute720-pate.part03.rar
2014-01-25 21:54 - 2014-01-25 21:59 - 106954752 _____ () C:\Users\Munfrosch\Downloads\tribute720-pate.part02.rar
2014-01-25 20:54 - 2014-01-25 21:12 - 106954752 _____ () C:\Users\Munfrosch\Downloads\tribute720-pate.part01.rar
2014-01-25 20:46 - 2014-01-25 20:46 - 00020376 _____ () C:\Users\Munfrosch\Downloads\aeec71366c9aa8b2c019bb377c6896aa.dlc
2014-01-25 20:44 - 2014-01-25 20:44 - 00017392 _____ () C:\Users\Munfrosch\Downloads\7ce99c53ba6ce21fffcc449b452204b9.dlc
2014-01-25 20:29 - 2014-01-25 20:29 - 31419822 _____ () C:\Users\Munfrosch\Downloads\JDownloader.zip
2014-01-25 20:29 - 2014-01-25 20:29 - 00000000 ____D () C:\Users\Munfrosch\Downloads\JDownloader
2014-01-25 20:23 - 2014-01-25 20:23 - 00014512 _____ () C:\Users\Munfrosch\Downloads\124c157cd90ab5aa37108876fbe88827.dlc
2014-01-24 14:56 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-24 14:56 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-24 14:56 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-24 14:56 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-24 14:56 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-24 14:56 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-24 14:56 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-24 14:56 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-24 14:56 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-23 18:07 - 2014-01-23 18:07 - 00457030 _____ () C:\Users\Munfrosch\Downloads\DSC02660.bmp
2014-01-23 18:07 - 2014-01-23 18:07 - 00457030 _____ () C:\Users\Munfrosch\Downloads\DSC02653.bmp
2014-01-17 18:33 - 2014-01-17 18:33 - 00000000 ____D () C:\archiv

==================== One Month Modified Files and Folders =======

2014-02-14 18:24 - 2014-02-14 18:24 - 02152960 _____ (Farbar) C:\Users\Munfrosch\Downloads\FRST64.exe
2014-02-14 18:24 - 2014-02-14 18:24 - 00015743 _____ () C:\Users\Munfrosch\Downloads\FRST.txt
2014-02-14 18:24 - 2014-02-14 18:24 - 00000000 ____D () C:\FRST
2014-02-14 18:23 - 2011-01-23 15:48 - 01267409 _____ () C:\Windows\WindowsUpdate.log
2014-02-14 18:23 - 2009-07-14 05:45 - 00017136 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-14 18:23 - 2009-07-14 05:45 - 00017136 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-14 18:20 - 2013-07-30 13:50 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-02-14 18:18 - 2011-05-27 08:02 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-14 18:17 - 2011-01-23 16:01 - 00000144 _____ () C:\service.log
2014-02-14 18:16 - 2011-01-23 16:13 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2014-02-14 18:16 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-14 18:16 - 2009-07-14 05:51 - 00095943 _____ () C:\Windows\setupact.log
2014-02-14 18:15 - 2012-10-02 15:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-14 18:13 - 2014-01-07 23:10 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-14 18:11 - 2011-01-23 17:15 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-14 18:10 - 2011-03-29 20:13 - 00000000 ____D () C:\Users\Munfrosch\AppData\Roaming\Skype
2014-02-14 18:08 - 2011-05-27 08:02 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-14 18:03 - 2014-02-14 18:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-14 16:24 - 2014-01-11 01:22 - 00004152 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-02-06 13:16 - 2014-02-14 18:04 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 12:30 - 2014-02-14 18:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 12:30 - 2014-02-14 18:04 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 12:12 - 2014-02-14 18:04 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 12:07 - 2014-02-14 18:04 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 12:06 - 2014-02-14 18:04 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 11:57 - 2014-02-14 18:04 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 11:56 - 2014-02-14 18:04 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 11:52 - 2014-02-14 18:04 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 11:49 - 2014-02-14 18:04 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 11:48 - 2014-02-14 18:04 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 11:48 - 2014-02-14 18:04 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 11:38 - 2014-02-14 18:04 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-06 11:32 - 2014-02-14 18:04 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 11:20 - 2014-02-14 18:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-06 11:17 - 2014-02-14 18:04 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 11:11 - 2014-02-14 18:04 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 11:01 - 2014-02-14 18:04 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-06 11:00 - 2014-02-14 18:04 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-14 18:04 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-06 10:57 - 2014-02-14 18:04 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 10:52 - 2014-02-14 18:04 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-06 10:52 - 2014-02-14 18:04 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-06 10:50 - 2014-02-14 18:04 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 10:49 - 2014-02-14 18:04 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-06 10:47 - 2014-02-14 18:04 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-06 10:46 - 2014-02-14 18:04 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-06 10:25 - 2014-02-14 18:04 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-06 10:25 - 2014-02-14 18:04 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-06 10:24 - 2014-02-14 18:04 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 10:22 - 2014-02-14 18:04 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 10:13 - 2014-02-14 18:04 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-06 10:09 - 2014-02-14 18:04 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-06 10:03 - 2014-02-14 18:04 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-06 09:55 - 2014-02-14 18:04 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 09:41 - 2014-02-14 18:04 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-06 09:40 - 2014-02-14 18:04 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-06 09:36 - 2014-02-14 18:04 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-06 09:34 - 2014-02-14 18:04 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-01-27 13:55 - 2011-02-19 23:40 - 00000000 ____D () C:\Users\Munfrosch\AppData\Roaming\vlc
2014-01-27 13:45 - 2009-07-14 18:58 - 12776948 _____ () C:\Windows\system32\perfh007.dat
2014-01-27 13:45 - 2009-07-14 18:58 - 03937240 _____ () C:\Windows\system32\perfc007.dat
2014-01-27 13:45 - 2009-07-14 06:13 - 00006118 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-01-27 13:04 - 2014-01-27 13:04 - 00002281 _____ () C:\Users\Munfrosch\Desktop\SAVE SESSIONSTORE - Verknüpfung.lnk
2014-01-27 03:35 - 2014-01-27 03:34 - 01180448 _____ () C:\Windows\Minidump\012714-81916-01.dmp
2014-01-27 03:35 - 2009-07-14 05:45 - 00307072 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-01-27 03:34 - 2014-01-27 03:34 - 628922317 _____ () C:\Windows\MEMORY.DMP
2014-01-27 03:34 - 2011-06-10 14:36 - 00000000 ____D () C:\Windows\Minidump
2014-01-27 03:33 - 2011-06-26 17:16 - 00143048 _____ () C:\Windows\PFRO.log
2014-01-27 03:33 - 2011-05-27 23:07 - 00000000 ____D () C:\Program Files\WinRAR
2014-01-27 03:01 - 2014-01-27 02:56 - 106954752 _____ () C:\Users\Munfrosch\Downloads\tribute720-pate.part30.rar
2014-01-27 02:01 - 2014-01-27 01:56 - 106954752 _____ () C:\Users\Munfrosch\Downloads\tribute720-pate.part29.rar
2014-01-27 01:01 - 2014-01-27 00:55 - 106954752 _____ () C:\Users\Munfrosch\Downloads\tribute720-pate.part28.rar
2014-01-27 00:01 - 2014-01-26 23:55 - 106954752 _____ () C:\Users\Munfrosch\Downloads\tribute720-pate.part27.rar
2014-01-26 23:01 - 2014-01-26 22:55 - 106954752 _____ () C:\Users\Munfrosch\Downloads\tribute720-pate.part26.rar
2014-01-26 22:01 - 2014-01-26 21:55 - 106954752 _____ () C:\Users\Munfrosch\Downloads\tribute720-pate.part25.rar
2014-01-26 21:01 - 2014-01-26 20:55 - 106954752 _____ () C:\Users\Munfrosch\Downloads\tribute720-pate.part24.rar
2014-01-26 20:01 - 2014-01-26 19:55 - 106954752 _____ () C:\Users\Munfrosch\Downloads\tribute720-pate.part23.rar
2014-01-26 19:25 - 2014-01-26 18:55 - 106954752 _____ () C:\Users\Munfrosch\Downloads\tribute720-pate.part22.rar
2014-01-26 18:03 - 2014-01-26 17:55 - 106954752 _____ () C:\Users\Munfrosch\Downloads\tribute720-pate.part21.rar
2014-01-26 17:01 - 2014-01-26 15:55 - 106954752 _____ () C:\Users\Munfrosch\Downloads\tribute720-pate.part20.rar
2014-01-26 15:01 - 2014-01-26 14:55 - 106954752 _____ () C:\Users\Munfrosch\Downloads\tribute720-pate.part19.rar
2014-01-26 14:01 - 2014-01-26 13:55 - 106954752 _____ () C:\Users\Munfrosch\Downloads\tribute720-pate.part18.rar
2014-01-26 13:00 - 2014-01-26 12:55 - 106954752 _____ () C:\Users\Munfrosch\Downloads\tribute720-pate.part17.rar
2014-01-26 12:00 - 2014-01-26 11:55 - 106954752 _____ () C:\Users\Munfrosch\Downloads\tribute720-pate.part16.rar
2014-01-26 11:00 - 2014-01-26 10:55 - 106954752 _____ () C:\Users\Munfrosch\Downloads\tribute720-pate.part15.rar
2014-01-26 10:00 - 2014-01-26 09:54 - 106954752 _____ () C:\Users\Munfrosch\Downloads\tribute720-pate.part14.rar
2014-01-26 09:00 - 2014-01-26 08:54 - 106954752 _____ () C:\Users\Munfrosch\Downloads\tribute720-pate.part13.rar
2014-01-26 08:04 - 2014-01-26 07:54 - 106954752 _____ () C:\Users\Munfrosch\Downloads\tribute720-pate.part12.rar
2014-01-26 07:00 - 2014-01-26 06:54 - 106954752 _____ () C:\Users\Munfrosch\Downloads\tribute720-pate.part11.rar
2014-01-26 06:00 - 2014-01-26 05:54 - 106954752 _____ () C:\Users\Munfrosch\Downloads\tribute720-pate.part10.rar
2014-01-26 05:00 - 2014-01-26 04:54 - 106954752 _____ () C:\Users\Munfrosch\Downloads\tribute720-pate.part09.rar
2014-01-26 04:00 - 2014-01-26 03:54 - 106954752 _____ () C:\Users\Munfrosch\Downloads\tribute720-pate.part08.rar
2014-01-26 03:00 - 2014-01-26 02:54 - 106954752 _____ () C:\Users\Munfrosch\Downloads\tribute720-pate.part07.rar
2014-01-26 02:00 - 2014-01-26 01:54 - 106954752 _____ () C:\Users\Munfrosch\Downloads\tribute720-pate.part06.rar
2014-01-26 01:00 - 2014-01-26 00:54 - 106954752 _____ () C:\Users\Munfrosch\Downloads\tribute720-pate.part05.rar
2014-01-26 00:00 - 2014-01-25 23:54 - 106954752 _____ () C:\Users\Munfrosch\Downloads\tribute720-pate.part04.rar
2014-01-25 23:00 - 2014-01-25 22:54 - 106954752 _____ () C:\Users\Munfrosch\Downloads\tribute720-pate.part03.rar
2014-01-25 21:59 - 2014-01-25 21:54 - 106954752 _____ () C:\Users\Munfrosch\Downloads\tribute720-pate.part02.rar
2014-01-25 21:12 - 2014-01-25 20:54 - 106954752 _____ () C:\Users\Munfrosch\Downloads\tribute720-pate.part01.rar
2014-01-25 20:46 - 2014-01-25 20:46 - 00020376 _____ () C:\Users\Munfrosch\Downloads\aeec71366c9aa8b2c019bb377c6896aa.dlc
2014-01-25 20:44 - 2014-01-25 20:44 - 00017392 _____ () C:\Users\Munfrosch\Downloads\7ce99c53ba6ce21fffcc449b452204b9.dlc
2014-01-25 20:35 - 2011-02-19 22:37 - 00000000 ____D () C:\Program Files (x86)\JDownloader
2014-01-25 20:29 - 2014-01-25 20:29 - 31419822 _____ () C:\Users\Munfrosch\Downloads\JDownloader.zip
2014-01-25 20:29 - 2014-01-25 20:29 - 00000000 ____D () C:\Users\Munfrosch\Downloads\JDownloader
2014-01-25 20:23 - 2014-01-25 20:23 - 00014512 _____ () C:\Users\Munfrosch\Downloads\124c157cd90ab5aa37108876fbe88827.dlc
2014-01-23 20:57 - 2012-09-08 10:13 - 00000000 ____D () C:\EBAY
2014-01-23 18:07 - 2014-01-23 18:07 - 00457030 _____ () C:\Users\Munfrosch\Downloads\DSC02660.bmp
2014-01-23 18:07 - 2014-01-23 18:07 - 00457030 _____ () C:\Users\Munfrosch\Downloads\DSC02653.bmp
2014-01-20 00:01 - 2011-06-06 07:02 - 00000000 ____D () C:\Users\Munfrosch\AppData\Roaming\dvdcss
2014-01-19 18:47 - 2013-12-29 21:07 - 00018944 _____ () C:\Users\Munfrosch\Documents\panzermodelle.xls
2014-01-19 14:36 - 2012-11-14 11:43 - 00000000 ____D () C:\c c maps
2014-01-17 18:33 - 2014-01-17 18:33 - 00000000 ____D () C:\archiv
2014-01-17 10:57 - 2013-11-30 08:30 - 00011601 _____ () C:\Users\Munfrosch\Documents\grepo.ods

Some content of TEMP:
====================
C:\Users\Munfrosch\AppData\Local\Temp\nvStInst.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-14 16:41

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---


AdditionFRST Additions Logfile:
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-02-2014 01
Ran by Munfrosch at 2014-02-14 18:25:37
Running from C:\Users\Munfrosch\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

"Sudden Strike - Release 1.0" (x32 Version:  - )
@BIOS (x32 Version: 2.08 - GIGABYTE)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Flash Player 11 ActiveX (x32 Version: 11.6.602.171 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (x32 Version: 11.0.06 - Adobe Systems Incorporated)
AIO_CDA_ProductContext (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_CDA_Software (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_Scan (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AnyDVD (x32 Version: 7.1.2.0 - SlySoft)
Arnhem (HKCU Version:  - )
AutoGreen B10.0517.1 (x32 Version: 1.00.0000 - GIGABYTE)
AutoGreen B10.0517.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
avast! Free Antivirus (x32 Version: 9.0.2006 - Avast Software)
AVStoDVD 2.7.0 (x32 Version: 2.7.0 - MrC)
Battle of the Bulge (x32 Version: 3.5.0.0 - Halftrack)
Blitzkrieg Mod (x32 Version: 4.7.0.0 - Blitzkrieg Mod Team)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
C5100 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
c5100_Help (x32 Version: 82.0.256.000 - Hewlett-Packard) Hidden
CloneCD (x32 Version:  - SlySoft)
Command & Conquer Die ersten 10 Jahre (x32 Version: 1.00.0000 - Electronic Arts)
Company of Heroes - FAKEMSI (x32 Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes (New Steam Version) (x32 Version:  - )
Company of Heroes (x32 Version: 2.0.0.1 - THQ Inc.)
Company of Heroes: Opposing Fronts (x32 Version:  - Relic Entertainment)
Company of Heroes: Tales of Valor (x32 Version:  - Relic Entertainment)
Copy (x32 Version: 130.0.428.000 - Hewlett-Packard) Hidden
Core Temp version 0.99.8 (Version: 0.99.8 - Arthur Liberman)
CPUID CPU-Z 1.63.0 (Version:  - )
CPUID HWMonitor 1.23 (Version:  - )
CrystalDiskInfo 5.6.2 (x32 Version: 5.6.2 - Crystal Dew World)
CyberGhost VPN (Version:  - CyberGhost S.R.L.)
DAEMON Tools Lite (x32 Version: 4.47.1.0333 - Disc Soft Ltd)
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
DHTML Editing Component (x32 Version: 6.02.0001 - Microsoft Corporation)
Diablo II (x32 Version:  - )
DVD Identifier (x32 Version: 5.2.0 - Kris Schoofs)
DVD Shrink 3.1.3 (x32 Version:  - DVD Shrink)
DVD2one V2.4.2 (x32 Version: 2.4.2 - Eximius B.V.)
DVD-Cover Printmaster 1.4 (x32 Version: 1.4 - biu software)
Eastern Front (x32 Version: 2.2.1.0 - )
Easy Tune 6 B10.0516.1 (x32 Version: 1.00.0000 - GIGABYTE)
Easy Tune 6 B10.0516.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
EasySaver B9.1214.1  (x32 Version: 1.00.0000 - Gigabyte)
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
ffdshow v1.2.4422 [2012-04-09] (x32 Version: 1.2.4422.0 - )
Free Disc Burner version 3.0.19.628 (x32 Version: 3.0.19.628 - DVDVideoSoft Ltd.)
Free Video Call Recorder for Skype version 1.2.2.812 (x32 Version: 1.2.2.812 - DVDVideoSoft Ltd.)
Gigabyte Raid Configurer (x32 Version: 1.00.0001 - GIGABYTE Technologies, Inc.)
Google Earth (x32 Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Haali Media Splitter (x32 Version:  - )
Hard Disk Low Level Format Tool 4.30 (x32 Version:  - HDDGURU)
HD Tune 2.55 (x32 Version:  - EFD Software)
HDDlife Pro 4.0 (x32 Version: 4.0.190 - BinarySense Inc.)
HP Customer Participation Program 13.0 (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (Version: 13.0 - HP)
HP Photosmart All-In-One Driver Software 13.0 Rel. A (Version: 13.0 - HP)
HP Solution Center 13.0 (Version: 13.0 - HP)
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
ICQ 8.1 (build 6252) (HKCU Version: 8.1.6252.0 - Mail.Ru)
ICQ7.4 (x32 Version: 7.4 - ICQ)
Image Resizer Powertoy Clone for Windows (64 bit) (Version: 2.1.1 - Brice Lambson)
ImageConverter Plus 8.0 (x32 Version:  - fCoder Group, Inc.)
ImgBurn (x32 Version: 2.5.8.0 - LIGHTNING UK!)
IrfanView (remove only) (x32 Version: 4.35 - Irfan Skiljan)
Java 7 Update 25 (64-bit) (Version: 7.0.250 - Oracle)
Java 7 Update 45 (x32 Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JDownloader (x32 Version:  - AppWork UG (haftungsbeschränkt))
LightScribe System Software (x32 Version: 1.18.22.2 - LightScribe)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Age of Empires II (x32 Version:  - )
Microsoft Age of Empires II: The Conquerors Expansion (x32 Version:  - )
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 27.0.1 (x86 de) (x32 Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (x32 Version: 27.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
NEC Electronics USB 3.0 Host Controller Driver (x32 Version: 1.0.18.0 - NEC Electronics Corporation)
NEC Electronics USB 3.0 Host Controller Driver (x32 Version: 1.0.18.0 - NEC Electronics Corporation) Hidden
Nero 11 DiscSpeed (x32 Version: 11.0.00400 - Nero AG)
Nero Backup Drivers (Version: 1.0.11100.8.0 - Nero AG)
Nero Core Components 11 (x32 Version: 11.0.15401.1.15 - Nero AG) Hidden
Nero DiscSpeed 11 (x32 Version: 7.0.10400.2.100 - Nero AG) Hidden
Nero DiscSpeed 11 Help (CHM) (x32 Version: 11.0.10000 - Nero AG) Hidden
nero.prerequisites.msi (x32 Version: 11.0.20008 - Nero AG) Hidden
Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
NVIDIA Grafiktreiber 331.65 (Version: 331.65 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.10.0514 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.10.0514 (Version: 9.10.0514 - NVIDIA Corporation)
NVIDIA Systemsteuerung 331.65 (Version: 331.65 - NVIDIA Corporation) Hidden
NVIDIA Update 1.15.2 (Version: 1.15.2 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.15.2 - NVIDIA Corporation) Hidden
ON_OFF Charge B10.0427.1 (x32 Version: 1.00.0001 - GIGABYTE)
OpenOffice.org 3.4.1 (x32 Version: 3.41.9593 - Apache Software Foundation)
Photobucket Backup (x32 Version: 1.0.5.2168 - Photobucket)
Realtek Ethernet Controller Driver For Windows 7 (x32 Version: 7.18.322.2010 - Realtek)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6083 - Realtek Semiconductor Corp.)
Recuva (Version: 1.49 - Piriform)
S.T.A.L.K.E.R. - Call of Pripyat [v1.6.02] (x32 Version: 1.6.02 - bitComposer Games)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
SeaTools for Windows (x32 Version: 1.2.0.7 - Seagate Technology)
Skype™ 6.3 (x32 Version: 6.3.107 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
SpeedFan (remove only) (x32 Version:  - )
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
Steam (x32 Version: 1.0.0.0 - Valve Corporation)
System Requirements Lab (x32 Version:  - )
TechPowerUp GPU-Z (x32 Version:  - TechPowerUp)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
TrueCrypt (x32 Version: 7.0a - TrueCrypt Foundation)
Turbo Lister 2 (x32 Version: 2.00.0000 - eBay Inc.)
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
VLC media player 2.0.7 (Version: 2.0.7 - VideoLAN)
VLC media player 2.1.2 (x32 Version: 2.1.2 - VideoLAN)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
WinDFT (x32 Version: 1.0.0 - HGST)
WinRAR 5.01 (64-bit) (Version: 5.01.0 - win.rar GmbH)

==================== Restore Points  =========================

10-01-2014 20:15:56 avast! antivirus system restore point
18-01-2014 14:32:12 Geplanter Prüfpunkt
24-01-2014 13:56:29 Windows Update
14-02-2014 15:49:02 Geplanter Prüfpunkt
14-02-2014 17:03:26 Windows Update

==================== Hosts content: ==========================

2009-07-14 03:34 - 2014-01-07 16:24 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1      localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {045C4C12-8D04-4BD5-8530-810BFCA55749} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST\AvastEmUpdate.exe [2014-01-10] (AVAST Software)
Task: {25B43C48-1A6C-4B7C-846A-328480773536} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-05-27] (Google Inc.)
Task: {66D3AC0D-D07E-487B-9BA5-095451CD980F} - \GoforFilesUpdate No Task File
Task: {CAAA56BF-8F76-4C13-9E66-093FC776B8CD} - System32\Tasks\{8FA4ECA9-C683-4277-B515-B23A5BA51D56} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2013-04-19] (Skype Technologies S.A.)
Task: {DF01B471-929E-4DD6-888D-EB791DE04700} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-05-27] (Google Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-02-14 16:26 - 2014-02-14 11:26 - 02180096 _____ () C:\Program Files\AVAST\defs\14021401\algo.dll
2011-01-23 16:01 - 2009-08-24 14:38 - 00068136 _____ () C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE
2011-01-23 16:01 - 2009-03-13 11:30 - 00109096 _____ () C:\Program Files (x86)\Gigabyte\EasySaver\YCC.DLL
2011-01-23 16:05 - 2010-01-19 03:31 - 00072304 ____R () C:\Windows\SysWOW64\XSrvSetup.exe
2014-01-10 21:16 - 2014-01-10 21:16 - 19336120 _____ () C:\Program Files\Avast\libcef.dll
2014-01-08 17:51 - 2013-12-12 23:19 - 00142848 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll
2014-01-08 17:51 - 2013-11-05 02:12 - 00890592 _____ () C:\Program Files (x86)\Steam\libavutil-52.dll
2013-07-01 07:20 - 2014-01-11 00:33 - 00717312 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2013-07-26 13:46 - 2014-01-27 20:02 - 01138088 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2013-07-15 13:32 - 2014-01-11 00:33 - 20625832 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2013-06-14 14:49 - 2013-06-15 00:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll
2013-06-14 14:49 - 2013-06-15 00:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll
2013-06-14 14:49 - 2013-06-15 00:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll
2014-02-14 18:03 - 2014-02-14 18:03 - 03578992 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-12-15 17:28 - 2013-12-15 17:28 - 16242056 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:55B41E6A

==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/14/2014 06:06:59 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "ASP.NET" (ASP.NET). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (02/14/2014 06:06:59 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (02/14/2014 06:06:59 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (02/14/2014 06:06:56 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "ASP.NET" (ASP.NET). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (02/14/2014 06:06:56 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (02/14/2014 06:06:56 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (02/14/2014 06:06:55 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "aspnet_state" (ASP.NET-Zustandsdienst). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (02/14/2014 06:06:55 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (02/14/2014 06:06:55 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (01/27/2014 01:45:52 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.


System errors:
=============
Error: (02/14/2014 06:20:52 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (02/14/2014 06:20:52 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.

Error: (02/14/2014 06:17:28 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
UimBus
Uim_IM
Uim_VIM

Error: (02/14/2014 06:16:41 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "HDDlife HDD Access service" wurde mit folgendem Fehler beendet:
%%-2147417831

Error: (02/14/2014 05:50:48 PM) (Source: nvlddmkm) (User: )
Description: \Device\Video5!051d(2528)

Error: (02/14/2014 05:18:03 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
UimBus
Uim_IM
Uim_VIM

Error: (02/14/2014 05:17:24 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "HDDlife HDD Access service" wurde mit folgendem Fehler beendet:
%%-2147417831

Error: (02/14/2014 05:16:44 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎14.‎02.‎2014 um 17:13:01 unerwartet heruntergefahren.

Error: (02/14/2014 04:23:23 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
UimBus
Uim_IM
Uim_VIM

Error: (02/14/2014 04:23:08 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "HDDlife HDD Access service" wurde mit folgendem Fehler beendet:
%%-2147417831


Microsoft Office Sessions:
=========================
Error: (02/14/2014 06:06:59 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: ASP.NETASP.NET8F20300004D070000

Error: (02/14/2014 06:06:59 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000

Error: (02/14/2014 06:06:59 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000

Error: (02/14/2014 06:06:56 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: ASP.NETASP.NET8F20300004D070000

Error: (02/14/2014 06:06:56 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000

Error: (02/14/2014 06:06:56 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000

Error: (02/14/2014 06:06:55 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: aspnet_stateASP.NET-Zustandsdienst8F20300004D070000

Error: (02/14/2014 06:06:55 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000

Error: (02/14/2014 06:06:55 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000

Error: (01/27/2014 01:45:52 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: WmiApRplWmiApRpl8F20300004D070000


CodeIntegrity Errors:
===================================
  Date: 2014-01-07 16:21:34.670
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-01-07 16:21:34.592
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info ===========================

Percentage of memory in use: 33%
Total physical RAM: 8189.55 MB
Available physical RAM: 5458.63 MB
Total Pagefile: 16377.29 MB
Available Pagefile: 13341.45 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.76 GB) (Free:58.95 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive f: (SOLDATEN_DER_APOKALYPSE) (CDROM) (Total:7.24 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 8AFEADDC)
Partition 1: (Active) - (Size=466 GB) - (Type=07 NTFS)

==================== End Of Log ============================
--- --- ---

aharonov 14.02.2014 19:30
Also was ist jetzt genau das Problem? Das Log sieht unauffällig aus.

user54321 14.02.2014 21:08
Mittlerweile freezt er ab und zu und hängt, der Mauszeiger ist manchmal komisch farbig. War vorher nicht erst seit ich alles deinstalled hab wieder.

Irgendwas angesurft als o.G. hab ich im KH nicht

user54321 28.02.2014 16:41
Hab ich denn FF nicht auf alles supi, nutze ich ihn hängts oder freezt es nach unbestimmter Zeit. Keiner ne Idee?


Alle Zeitangaben in WEZ +1. Es ist jetzt 00:38 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19